diff options
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index d0e758b0055..18bf5ceaa0e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -110,6 +110,10 @@ class User < ApplicationRecord through: :group_members, source: :group alias_attribute :masters_groups, :maintainers_groups + has_many :reporter_developer_maintainer_owned_groups, + -> { where(members: { access_level: [Gitlab::Access::REPORTER, Gitlab::Access::DEVELOPER, Gitlab::Access::MAINTAINER, Gitlab::Access::OWNER] }) }, + through: :group_members, + source: :group # Projects has_many :groups_projects, through: :groups, source: :projects @@ -310,6 +314,13 @@ class User < ApplicationRecord scope :with_dashboard, -> (dashboard) { where(dashboard: dashboard) } scope :with_public_profile, -> { where(private_profile: false) } + scope :with_expiring_and_not_notified_personal_access_tokens, ->(at) do + where('EXISTS (?)', + ::PersonalAccessToken + .where('personal_access_tokens.user_id = users.id') + .expiring_and_not_notified(at).select(1)) + end + def self.with_visible_profile(user) return with_public_profile if user.nil? @@ -370,6 +381,11 @@ class User < ApplicationRecord # Class methods # class << self + # Devise method overridden to allow support for dynamic password lengths + def password_length + Gitlab::CurrentSettings.minimum_password_length..Devise.password_length.max + end + # Devise method overridden to allow sign in with email or username def find_for_database_authentication(warden_conditions) conditions = warden_conditions.dup @@ -989,8 +1005,12 @@ class User < ApplicationRecord @ldap_identity ||= identities.find_by(["provider LIKE ?", "ldap%"]) end + def matches_identity?(provider, extern_uid) + identities.where(provider: provider, extern_uid: extern_uid).exists? + end + def project_deploy_keys - DeployKey.in_projects(authorized_projects.select(:id)).distinct(:id) + @project_deploy_keys ||= DeployKey.in_projects(authorized_projects.select(:id)).distinct(:id) end def highest_role @@ -1453,9 +1473,7 @@ class User < ApplicationRecord self.admin = (new_level == 'admin') end - # Does the user have access to all private groups & projects? - # Overridden in EE to also check auditor? - def full_private_access? + def can_read_all_resources? can?(:read_all_resources) end |