summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/models/error_tracking/project_error_tracking_setting.rb8
-rw-r--r--app/models/grafana_integration.rb8
-rw-r--r--app/models/todo.rb1
-rw-r--r--app/services/groups/destroy_service.rb15
-rw-r--r--app/services/todos/destroy/entity_leave_service.rb9
5 files changed, 41 insertions, 0 deletions
diff --git a/app/models/error_tracking/project_error_tracking_setting.rb b/app/models/error_tracking/project_error_tracking_setting.rb
index 30382a1c205..4953f24755c 100644
--- a/app/models/error_tracking/project_error_tracking_setting.rb
+++ b/app/models/error_tracking/project_error_tracking_setting.rb
@@ -44,6 +44,8 @@ module ErrorTracking
key: Settings.attr_encrypted_db_key_base_32,
algorithm: 'aes-256-gcm'
+ before_validation :reset_token
+
after_save :clear_reactive_cache!
# When a user enables the integrated error tracking
@@ -182,6 +184,12 @@ module ErrorTracking
private
+ def reset_token
+ if api_url_changed? && !encrypted_token_changed?
+ self.token = nil
+ end
+ end
+
def ensure_issue_belongs_to_project!(project_id_from_api)
raise 'The Sentry issue appers to be outside of the configured Sentry project' if Integer(project_id_from_api) != ensure_sentry_project_id!
end
diff --git a/app/models/grafana_integration.rb b/app/models/grafana_integration.rb
index 00213732fee..0358e37c58b 100644
--- a/app/models/grafana_integration.rb
+++ b/app/models/grafana_integration.rb
@@ -18,6 +18,8 @@ class GrafanaIntegration < ApplicationRecord
validates :enabled, inclusion: { in: [true, false] }
+ before_validation :reset_token
+
scope :enabled, -> { where(enabled: true) }
def client
@@ -36,6 +38,12 @@ class GrafanaIntegration < ApplicationRecord
private
+ def reset_token
+ if grafana_url_changed? && !encrypted_token_changed?
+ self.token = nil
+ end
+ end
+
def token
decrypt(:token, encrypted_token)
end
diff --git a/app/models/todo.rb b/app/models/todo.rb
index cff7a93f72f..c698783d750 100644
--- a/app/models/todo.rb
+++ b/app/models/todo.rb
@@ -74,6 +74,7 @@ class Todo < ApplicationRecord
scope :for_commit, -> (id) { where(commit_id: id) }
scope :with_entity_associations, -> { preload(:target, :author, :note, group: :route, project: [:route, { namespace: [:route, :owner] }]) }
scope :joins_issue_and_assignees, -> { left_joins(issue: :assignees) }
+ scope :for_internal_notes, -> { joins(:note).where(note: { confidential: true }) }
enum resolved_by_action: { system_done: 0, api_all_done: 1, api_done: 2, mark_all_done: 3, mark_done: 4 }, _prefix: :resolved_by
diff --git a/app/services/groups/destroy_service.rb b/app/services/groups/destroy_service.rb
index c88c139a22e..bcf3110ca21 100644
--- a/app/services/groups/destroy_service.rb
+++ b/app/services/groups/destroy_service.rb
@@ -35,6 +35,8 @@ module Groups
user_ids_for_project_authorizations_refresh = obtain_user_ids_for_project_authorizations_refresh
+ destroy_group_bots
+
group.destroy
if user_ids_for_project_authorizations_refresh.present?
@@ -76,6 +78,19 @@ module Groups
group.users_ids_of_direct_members
end
+
+ # rubocop:disable CodeReuse/ActiveRecord
+ def destroy_group_bots
+ bot_ids = group.members_and_requesters.joins(:user).merge(User.project_bot).pluck(:user_id)
+ current_user_id = current_user.id
+
+ group.run_after_commit do
+ bot_ids.each do |user_id|
+ DeleteUserWorker.perform_async(current_user_id, user_id, skip_authorization: true)
+ end
+ end
+ end
+ # rubocop:enable CodeReuse/ActiveRecord
end
end
diff --git a/app/services/todos/destroy/entity_leave_service.rb b/app/services/todos/destroy/entity_leave_service.rb
index 1fe397d24e7..5b04d2fd3af 100644
--- a/app/services/todos/destroy/entity_leave_service.rb
+++ b/app/services/todos/destroy/entity_leave_service.rb
@@ -41,11 +41,20 @@ module Todos
end
def remove_confidential_resource_todos
+ # Deletes todos for confidential issues
Todo
.for_target(confidential_issues.select(:id))
.for_type(Issue.name)
.for_user(user)
.delete_all
+
+ # Deletes todos for internal notes on unauthorized projects
+ Todo
+ .for_type(Issue.name)
+ .for_internal_notes
+ .for_project(non_authorized_reporter_projects) # Only Reporter+ can read internal notes
+ .for_user(user)
+ .delete_all
end
def remove_project_todos
View Lorry Controller Status