8 files changed, 116 insertions, 6 deletions

diff --git a/app/finders/admin/projects_finder.rb b/app/finders/admin/projects_finder.rb
index 53dbf65c43a..fc18bb1984a 100644
--- a/app/finders/admin/projects_finder.rb
+++ b/app/finders/admin/projects_finder.rb
@@ -69,7 +69,7 @@ class Admin::ProjectsFinder
   end
 
   def sort(items)
-    sort = params.fetch(:sort) { 'latest_activity_desc' }
+    sort = params.fetch(:sort, 'latest_activity_desc')
     items.sort_by_attribute(sort)
   end
 end
diff --git a/app/finders/group_members_finder.rb b/app/finders/group_members_finder.rb
index fff17098c7b..4213a3f1965 100644
--- a/app/finders/group_members_finder.rb
+++ b/app/finders/group_members_finder.rb
@@ -60,6 +60,8 @@ class GroupMembersFinder < UnionFinder
       members = members.filter_by_2fa(params[:two_factor])
     end
 
+    members = apply_additional_filters(members)
+
     by_created_at(members)
   end
 
@@ -84,6 +86,11 @@ class GroupMembersFinder < UnionFinder
       raise ArgumentError, "#{(include_relations - RELATIONS).first} #{INVALID_RELATION_TYPE_ERROR_MSG}"
     end
   end
+
+  def apply_additional_filters(members)
+    # overridden in EE to include additional filtering conditions.
+    members
+  end
 end
 
 GroupMembersFinder.prepend_mod_with('GroupMembersFinder')
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 3e436f30971..bf7b2265ded 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -46,6 +46,7 @@ class IssuableFinder
 
   requires_cross_project_access unless: -> { params.project? }
 
+  FULL_TEXT_SEARCH_TERM_REGEX = /\A[\p{ASCII}|\p{Latin}]+\z/.freeze
   NEGATABLE_PARAMS_HELPER_KEYS = %i[project_id scope status include_subgroups].freeze
 
   attr_accessor :current_user, :params
@@ -331,6 +332,8 @@ class IssuableFinder
     return items if items.is_a?(ActiveRecord::NullRelation)
     return items if Feature.enabled?(:disable_anonymous_search, type: :ops) && current_user.nil?
 
+    return items.pg_full_text_search(search) if use_full_text_search?
+
     if use_cte_for_search?
       cte = Gitlab::SQL::CTE.new(klass.table_name, items)
 
@@ -341,6 +344,13 @@ class IssuableFinder
   end
   # rubocop: enable CodeReuse/ActiveRecord
 
+  def use_full_text_search?
+    params[:in].blank? &&
+      klass.try(:pg_full_text_searchable_columns).present? &&
+      params[:search] =~ FULL_TEXT_SEARCH_TERM_REGEX &&
+      Feature.enabled?(:issues_full_text_search, params.project || params.group, default_enabled: :yaml)
+  end
+
   # rubocop: disable CodeReuse/ActiveRecord
   def by_iids(items)
     params[:iids].present? ? items.where(iid: params[:iids]) : items
diff --git a/app/finders/pending_todos_finder.rb b/app/finders/pending_todos_finder.rb
index 509370b49a8..babff65cc37 100644
--- a/app/finders/pending_todos_finder.rb
+++ b/app/finders/pending_todos_finder.rb
@@ -27,7 +27,8 @@ class PendingTodosFinder
     todos = by_target_id(todos)
     todos = by_target_type(todos)
     todos = by_discussion(todos)
-    by_commit_id(todos)
+    todos = by_commit_id(todos)
+    by_action(todos)
   end
 
   def by_project(todos)
@@ -69,4 +70,10 @@ class PendingTodosFinder
       todos
     end
   end
+
+  def by_action(todos)
+    return todos if params[:action].blank?
+
+    todos.for_action(params[:action])
+  end
 end
diff --git a/app/finders/personal_access_tokens_finder.rb b/app/finders/personal_access_tokens_finder.rb
index 4a6eed8f5ee..be266045951 100644
--- a/app/finders/personal_access_tokens_finder.rb
+++ b/app/finders/personal_access_tokens_finder.rb
@@ -17,6 +17,7 @@ class PersonalAccessTokensFinder
     tokens = by_users(tokens)
     tokens = by_impersonation(tokens)
     tokens = by_state(tokens)
+    tokens = by_owner_type(tokens)
 
     sort(tokens)
   end
@@ -32,6 +33,15 @@ class PersonalAccessTokensFinder
     tokens
   end
 
+  def by_owner_type(tokens)
+    case @params[:owner_type]
+    when 'human'
+      tokens.owner_is_human
+    else
+      tokens
+    end
+  end
+
   def by_user(tokens)
     return tokens unless @params[:user]
 
diff --git a/app/finders/projects/members/effective_access_level_finder.rb b/app/finders/projects/members/effective_access_level_finder.rb
index 4538fc4c855..90474aba02c 100644
--- a/app/finders/projects/members/effective_access_level_finder.rb
+++ b/app/finders/projects/members/effective_access_level_finder.rb
@@ -40,7 +40,7 @@ module Projects
         avenues = [authorizable_project_members]
 
         avenues << if project.personal?
-                     project_owner_acting_as_maintainer
+                     project_owner
                    else
                      authorizable_group_members
                    end
@@ -85,9 +85,11 @@ module Projects
         Member.from_union(members)
       end
 
-      def project_owner_acting_as_maintainer
+      # workaround until we migrate Project#owners to have membership with
+      # OWNER access level
+      def project_owner
         user_id = project.namespace.owner.id
-        access_level = Gitlab::Access::MAINTAINER
+        access_level = Gitlab::Access::OWNER
 
         Member
           .from(generate_from_statement([[user_id, access_level]])) # rubocop: disable CodeReuse/ActiveRecord
diff --git a/app/finders/projects/topics_finder.rb b/app/finders/projects/topics_finder.rb
index 7c3abc27cf7..c26b166a786 100644
--- a/app/finders/projects/topics_finder.rb
+++ b/app/finders/projects/topics_finder.rb
@@ -12,7 +12,7 @@ module Projects
     end
 
     def execute
-      topics = Projects::Topic.order_by_total_projects_count
+      topics = Projects::Topic.order_by_non_private_projects_count
       by_search(topics)
     end
 
diff --git a/app/finders/releases/group_releases_finder.rb b/app/finders/releases/group_releases_finder.rb
new file mode 100644
index 00000000000..d87ba8c0b03
--- /dev/null
+++ b/app/finders/releases/group_releases_finder.rb
@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+module Releases
+  ##
+  # The GroupReleasesFinder does not support all the options of ReleasesFinder
+  # due to use of InOperatorOptimization for finding subprojects/subgroups
+  #
+  # order_by - only ordering by released_at is supported
+  # filter by tag - currently not supported
+  class GroupReleasesFinder
+    include Gitlab::Utils::StrongMemoize
+
+    attr_reader :parent, :current_user, :params
+
+    def initialize(parent, current_user = nil, params = {})
+      @parent = parent
+      @current_user = current_user
+      @params = params
+
+      params[:order_by] ||= 'released_at'
+      params[:sort] ||= 'desc'
+      params[:page] ||= 0
+      params[:per] ||= 30
+    end
+
+    def execute(preload: true)
+      return Release.none unless Ability.allowed?(current_user, :read_release, parent)
+
+      releases = get_releases(preload: preload)
+
+      paginate_releases(releases)
+    end
+
+    private
+
+    def include_subgroups?
+      params.fetch(:include_subgroups, false)
+    end
+
+    def accessible_projects_scope
+      if include_subgroups?
+        Project.for_group_and_its_subgroups(parent)
+      else
+        parent.projects
+      end
+    end
+
+    # rubocop: disable CodeReuse/ActiveRecord
+    def get_releases(preload: true)
+      Gitlab::Pagination::Keyset::InOperatorOptimization::QueryBuilder.new(
+        scope: releases_scope(preload: preload),
+        array_scope: accessible_projects_scope.select(:id),
+        array_mapping_scope: -> (project_id_expression) { Release.where(Release.arel_table[:project_id].eq(project_id_expression)) },
+        finder_query: -> (order_by, id_expression) { Release.where(Release.arel_table[:id].eq(id_expression)) }
+      )
+      .execute
+    end
+
+    def releases_scope(preload: true)
+      scope = Release.all
+      scope = order_releases(scope)
+      scope = scope.preloaded if preload
+      scope
+    end
+
+    def order_releases(scope)
+      scope.sort_by_attribute("released_at_#{params[:sort]}").order(id: params[:sort])
+    end
+
+    def paginate_releases(releases)
+      releases.page(params[:page].to_i).per(params[:per])
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+  end
+end