Add latest changes from gitlab-org/gitlab@13-1-stable-ee

3 files changed, 38 insertions, 2 deletions

diff --git a/app/services/authorized_project_update/periodic_recalculate_service.rb b/app/services/authorized_project_update/periodic_recalculate_service.rb
new file mode 100644
index 00000000000..91c0f50e5e0
--- /dev/null
+++ b/app/services/authorized_project_update/periodic_recalculate_service.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module AuthorizedProjectUpdate
+  class PeriodicRecalculateService
+    BATCH_SIZE = 480
+    DELAY_INTERVAL = 30.seconds.to_i
+
+    def execute
+      # Using this approach (instead of eg. User.each_batch) keeps the arguments
+      # the same for AuthorizedProjectUpdate::UserRefreshOverUserRangeWorker
+      # even if the user list changes, so we can deduplicate these jobs.
+      (1..User.maximum(:id)).each_slice(BATCH_SIZE).with_index do |batch, index|
+        delay = DELAY_INTERVAL * index
+        AuthorizedProjectUpdate::UserRefreshOverUserRangeWorker.perform_in(delay, *batch.minmax)
+      end
+    end
+  end
+end
diff --git a/app/services/authorized_project_update/recalculate_for_user_range_service.rb b/app/services/authorized_project_update/recalculate_for_user_range_service.rb
new file mode 100644
index 00000000000..14b0f5d6117
--- /dev/null
+++ b/app/services/authorized_project_update/recalculate_for_user_range_service.rb
@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module AuthorizedProjectUpdate
+  class RecalculateForUserRangeService
+    def initialize(start_user_id, end_user_id)
+      @start_user_id = start_user_id
+      @end_user_id = end_user_id
+    end
+
+    def execute
+      User.where(id: start_user_id..end_user_id).select(:id).find_each do |user| # rubocop: disable CodeReuse/ActiveRecord
+        Users::RefreshAuthorizedProjectsService.new(user).execute
+      end
+    end
+
+    private
+
+    attr_reader :start_user_id, :end_user_id
+  end
+end
diff --git a/app/services/users/refresh_authorized_projects_service.rb b/app/services/users/refresh_authorized_projects_service.rb
index 0e7a4821bdf..621266f00e1 100644
--- a/app/services/users/refresh_authorized_projects_service.rb
+++ b/app/services/users/refresh_authorized_projects_service.rb
@@ -85,8 +85,6 @@ module Users
     # remove - The IDs of the authorization rows to remove.
     # add - Rows to insert in the form `[user id, project id, access level]`
     def update_authorizations(remove = [], add = [])
-      return if remove.empty? && add.empty?
-
       User.transaction do
         user.remove_project_authorizations(remove) unless remove.empty?
         ProjectAuthorization.insert_authorizations(add) unless add.empty?