summaryrefslogtreecommitdiff
path: root/app/models/group.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/models/group.rb')
-rw-r--r--app/models/group.rb62
1 files changed, 50 insertions, 12 deletions
diff --git a/app/models/group.rb b/app/models/group.rb
index 9f8a9996f31..2967c1ffc1d 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -16,6 +16,7 @@ class Group < Namespace
include Gitlab::Utils::StrongMemoize
include GroupAPICompatibility
include EachBatch
+ include HasTimelogsReport
ACCESS_REQUEST_APPROVERS_TO_BE_NOTIFIED_LIMIT = 10
@@ -70,6 +71,7 @@ class Group < Namespace
has_many :group_deploy_keys, through: :group_deploy_keys_groups
has_many :group_deploy_tokens
has_many :deploy_tokens, through: :group_deploy_tokens
+ has_many :oauth_applications, class_name: 'Doorkeeper::Application', as: :owner, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
has_one :dependency_proxy_setting, class_name: 'DependencyProxy::GroupSetting'
has_many :dependency_proxy_blobs, class_name: 'DependencyProxy::Blob'
@@ -84,7 +86,7 @@ class Group < Namespace
validate :visibility_level_allowed_by_sub_groups
validate :visibility_level_allowed_by_parent
validate :two_factor_authentication_allowed
- validates :variables, nested_attributes_duplicates: true
+ validates :variables, nested_attributes_duplicates: { scope: :environment_scope }
validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 }
@@ -178,6 +180,25 @@ class Group < Namespace
groups.drop(1).each { |group| group.root_ancestor = root }
end
+ # Returns the ids of the passed group models where the `emails_disabled`
+ # column is set to true anywhere in the ancestor hierarchy.
+ def ids_with_disabled_email(groups)
+ innner_query = Gitlab::ObjectHierarchy
+ .new(Group.where('id = namespaces_with_emails_disabled.id'))
+ .base_and_ancestors
+ .where(emails_disabled: true)
+ .select('1')
+ .limit(1)
+
+ group_ids = Namespace
+ .from('(SELECT * FROM namespaces) as namespaces_with_emails_disabled')
+ .where(namespaces_with_emails_disabled: { id: groups })
+ .where('EXISTS (?)', innner_query)
+ .pluck(:id)
+
+ Set.new(group_ids)
+ end
+
private
def public_to_user_arel(user)
@@ -325,6 +346,10 @@ class Group < Namespace
members_with_parents.owners.exists?(user_id: user)
end
+ def blocked_owners
+ members.blocked.where(access_level: Gitlab::Access::OWNER)
+ end
+
def has_maintainer?(user)
return false unless user
@@ -337,14 +362,29 @@ class Group < Namespace
# Check if user is a last owner of the group.
def last_owner?(user)
- has_owner?(user) && members_with_parents.owners.size == 1
+ has_owner?(user) && single_owner?
+ end
+
+ def member_last_owner?(member)
+ return member.last_owner unless member.last_owner.nil?
+
+ last_owner?(member.user)
+ end
+
+ def single_owner?
+ members_with_parents.owners.size == 1
end
- def last_blocked_owner?(user)
+ def single_blocked_owner?
+ blocked_owners.size == 1
+ end
+
+ def member_last_blocked_owner?(member)
+ return member.last_blocked_owner unless member.last_blocked_owner.nil?
+
return false if members_with_parents.owners.any?
- blocked_owners = members.blocked.where(access_level: Gitlab::Access::OWNER)
- blocked_owners.size == 1 && blocked_owners.exists?(user_id: user)
+ single_blocked_owner? && blocked_owners.exists?(user_id: member.user)
end
def ldap_synced?
@@ -784,13 +824,11 @@ class Group < Namespace
variables = Ci::GroupVariable.where(group: list_of_ids)
variables = variables.unprotected unless project.protected_for?(ref)
- if Feature.enabled?(:scoped_group_variables, self, default_enabled: :yaml)
- variables = if environment
- variables.on_environment(environment)
- else
- variables.where(environment_scope: '*')
- end
- end
+ variables = if environment
+ variables.on_environment(environment)
+ else
+ variables.where(environment_scope: '*')
+ end
variables = variables.group_by(&:group_id)
list_of_ids.reverse.flat_map { |group| variables[group.id] }.compact