diff options
author | Douwe Maan <douwe@gitlab.com> | 2018-02-08 14:26:18 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-02-08 14:26:18 +0000 |
commit | bbb3e58bc7143df31355baddc970670e1e64503d (patch) | |
tree | 712b159ad384f7c349416f7de8e8feb9afe9b43a /app | |
parent | 15eb0ab0f8ec1bef02065949cade065956c9d4d1 (diff) | |
parent | 583ef9458c5e5c32a14629f5754bc53ed0ad8a33 (diff) | |
download | gitlab-ce-bbb3e58bc7143df31355baddc970670e1e64503d.tar.gz |
Merge branch 'feature/oidc-groups-claim' into 'master'
Add groups to OpenID Connect claims
See merge request gitlab-org/gitlab-ce!16929
Diffstat (limited to 'app')
-rw-r--r-- | app/models/user.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 05c93d3cb17..4097fe2b5dc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -551,7 +551,7 @@ class User < ActiveRecord::Base gpg_keys.each(&:update_invalid_gpg_signatures) end - # Returns the groups a user has access to + # Returns the groups a user has access to, either through a membership or a project authorization def authorized_groups union = Gitlab::SQL::Union .new([groups.select(:id), authorized_projects.select(:namespace_id)]) @@ -559,6 +559,11 @@ class User < ActiveRecord::Base Group.where("namespaces.id IN (#{union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection end + # Returns the groups a user is a member of, either directly or through a parent group + def membership_groups + Gitlab::GroupHierarchy.new(groups).base_and_descendants + end + # Returns a relation of groups the user has access to, including their parent # and child groups (recursively). def all_expanded_groups |