summaryrefslogtreecommitdiff
path: root/lib/api/members.rb
diff options
context:
space:
mode:
authorRémy Coutable <remy@rymai.me>2016-07-28 19:31:17 +0200
committerRémy Coutable <remy@rymai.me>2016-10-03 16:57:48 +0200
commit3158f57dba6dcef3e586ae8fced7deb6fdbd6dc0 (patch)
tree51c000c699b1199f3838c3c46c5ac5dbe16773bd /lib/api/members.rb
parent958815a039af68dc68b333b69b3e9e3f3bc4ee2e (diff)
downloadgitlab-ce-3158f57dba6dcef3e586ae8fced7deb6fdbd6dc0.tar.gz
Improve Members::DestroyService
Signed-off-by: Rémy Coutable <remy@rymai.me>
Diffstat (limited to 'lib/api/members.rb')
-rw-r--r--lib/api/members.rb10
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/api/members.rb b/lib/api/members.rb
index a18ce769e29..03dbf4eabb8 100644
--- a/lib/api/members.rb
+++ b/lib/api/members.rb
@@ -65,6 +65,14 @@ module API
# for both project and group members in 9.0!
conflict!('Member already exists') if source_type == 'group' && member
+ access_requester = source.requesters.find_by(user_id: params[:user_id])
+ if access_requester
+ # We delete a potential access requester before creating the new member.
+ # We pass current_user = access_requester so that the requester doesn't
+ # receive a "access denied" email.
+ ::Members::DestroyService.new(source, access_requester.user, params).execute(:requesters)
+ end
+
unless member
member = source.add_user(params[:user_id], params[:access_level], current_user: current_user, expires_at: params[:expires_at])
end
@@ -134,7 +142,7 @@ module API
if member.nil?
{ message: "Access revoked", id: params[:user_id].to_i }
else
- ::Members::DestroyService.new(member, current_user).execute
+ ::Members::DestroyService.new(source, current_user, params).execute
present member.user, with: Entities::Member, member: member
end