diff options
Diffstat (limited to 'app/services/todos/destroy/entity_leave_service.rb')
-rw-r--r-- | app/services/todos/destroy/entity_leave_service.rb | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/app/services/todos/destroy/entity_leave_service.rb b/app/services/todos/destroy/entity_leave_service.rb index dfe14225ade..1fe397d24e7 100644 --- a/app/services/todos/destroy/entity_leave_service.rb +++ b/app/services/todos/destroy/entity_leave_service.rb @@ -23,10 +23,10 @@ module Todos return if user_has_reporter_access? remove_confidential_resource_todos + remove_group_todos if entity.private? remove_project_todos - remove_group_todos else enqueue_private_features_worker end @@ -68,7 +68,7 @@ module Todos return unless entity.is_a?(Namespace) Todo - .for_group(non_authorized_non_public_groups) + .for_group(unauthorized_private_groups) .for_user(user) .delete_all end @@ -104,16 +104,13 @@ module Todos GroupsFinder.new(user, min_access_level: Gitlab::Access::REPORTER).execute.select(:id) end - # since the entity is a private group, we can assume all subgroups are also - # private. We can therefore limit GroupsFinder with `all_available: false`. - # Otherwise it tries to include all public groups. This generates an expensive - # SQL queries: https://gitlab.com/gitlab-org/gitlab/-/issues/325133 # rubocop: disable CodeReuse/ActiveRecord - def non_authorized_non_public_groups + def unauthorized_private_groups return [] unless entity.is_a?(Namespace) - return [] unless entity.private? - entity.self_and_descendants.select(:id) + groups = entity.self_and_descendants.private_only + + groups.select(:id) .id_not_in(GroupsFinder.new(user, all_available: false).execute.select(:id).reorder(nil)) end # rubocop: enable CodeReuse/ActiveRecord |