diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/models/group.rb | 7 | ||||
-rw-r--r-- | app/models/namespace.rb | 4 | ||||
-rw-r--r-- | app/services/projects/transfer_service.rb | 17 |
3 files changed, 25 insertions, 3 deletions
diff --git a/app/models/group.rb b/app/models/group.rb index 4cdfd022094..a5b92283daa 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -197,7 +197,12 @@ class Group < Namespace end def refresh_members_authorized_projects - UserProjectAccessChangedService.new(users_with_parents.pluck(:id)).execute + UserProjectAccessChangedService.new(user_ids_for_project_authorizations). + execute + end + + def user_ids_for_project_authorizations + users_with_parents.pluck(:id) end def members_with_parents diff --git a/app/models/namespace.rb b/app/models/namespace.rb index 2fb2eb44aaa..c5713fb7818 100644 --- a/app/models/namespace.rb +++ b/app/models/namespace.rb @@ -213,6 +213,10 @@ class Namespace < ActiveRecord::Base self.class.joins(:route).where('routes.path LIKE ?', "#{route.path}/%").reorder('routes.path ASC') end + def user_ids_for_project_authorizations + [owner_id] + end + private def repository_storage_paths diff --git a/app/services/projects/transfer_service.rb b/app/services/projects/transfer_service.rb index 20b049b5973..484700c8c29 100644 --- a/app/services/projects/transfer_service.rb +++ b/app/services/projects/transfer_service.rb @@ -25,9 +25,10 @@ module Projects end def transfer(project, new_namespace) + old_namespace = project.namespace + Project.transaction do old_path = project.path_with_namespace - old_namespace = project.namespace old_group = project.group new_path = File.join(new_namespace.try(:path) || '', project.path) @@ -70,8 +71,11 @@ module Projects project.old_path_with_namespace = old_path SystemHooksService.new.execute_hooks_for(project, :transfer) - true end + + refresh_permissions(old_namespace, new_namespace) + + true end def allowed_transfer?(current_user, project, namespace) @@ -80,5 +84,14 @@ module Projects namespace.id != project.namespace_id && current_user.can?(:create_projects, namespace) end + + def refresh_permissions(old_namespace, new_namespace) + # This ensures we only schedule 1 job for every user that has access to + # the namespaces. + user_ids = old_namespace.user_ids_for_project_authorizations | + new_namespace.user_ids_for_project_authorizations + + UserProjectAccessChangedService.new(user_ids).execute + end end end |