| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| | |
|
| |
|
|
|
| |
In EE, we make use of `namespace#public?` in projects. When the project is in a
personal namespace, this breaks as the `public?` helper isn't present.
|
| |
|
|
|
|
|
|
| |
This is allowed for existing instances so we don't end up 76 offenses
right away, but for new code one should _only_ use this if they _have_
to remove non database data. Even then it's usually better to do this in
a service class as this gives you more control over how to remove the
data (e.g. in bulk).
|
| |
|
|
|
|
|
|
|
|
|
| |
Groups::DestroyService#async_execute
Group#destroy would actually hard-delete all associated projects even
though the acts_as_paranoia gem is used, preventing Projects::DestroyService
from doing any work.
We first noticed this while trying to log all projects deletion to the Geo
log.
|
| |
|
|
| |
Project search
|
| | |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
Rework project authorizations and nested groups for better performance
See merge request !10885
|
| | |
| |
| |
| |
| |
| | |
This hides/disables some UI elements and API parameters related to
nested groups when MySQL is used, since nested groups are not supported
for MySQL.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This commit introduces the usage of Common Table Expressions (CTEs) to
efficiently retrieve nested group hierarchies, without having to rely on
the "routes" table (which is an _incredibly_ inefficient way of getting
the data). This requires a patch to ActiveRecord (found in the added
initializer) to work properly as ActiveRecord doesn't support WITH
statements properly out of the box.
Unfortunately MySQL provides no efficient way of getting nested groups.
For example, the old routes setup could easily take 5-10 seconds
depending on the amount of "routes" in a database. Providing vastly
different logic for both MySQL and PostgreSQL will negatively impact the
development process. Because of this the various nested groups related
methods return empty relations when used in combination with MySQL.
For project authorizations the logic is split up into two classes:
* Gitlab::ProjectAuthorizations::WithNestedGroups
* Gitlab::ProjectAuthorizations::WithoutNestedGroups
Both classes get the fresh project authorizations (= as they should be
in the "project_authorizations" table), including nested groups if
PostgreSQL is used. The logic of these two classes is quite different
apart from their public interface. This complicates development a bit,
but unfortunately there is no way around this.
This commit also introduces Gitlab::GroupHierarchy. This class can be
used to get the ancestors and descendants of a base relation, or both by
using a UNION. This in turn is used by methods such as:
* Namespace#ancestors
* Namespace#descendants
* User#all_expanded_groups
Again this class relies on CTEs and thus only works on PostgreSQL. The
Namespace methods will return an empty relation when MySQL is used,
while User#all_expanded_groups will return only the groups a user is a
direct member of.
Performance wise the impact is quite large. For example, on GitLab.com
Namespace#descendants used to take around 580 ms to retrieve data for a
particular user. Using CTEs we are able to reduce this down to roughly 1
millisecond, returning the exact same data.
== On The Fly Refreshing
Refreshing of authorizations on the fly (= when
users.authorized_projects_populated was not set) is removed with this
commit. This simplifies the code, and ensures any queries used for
authorizations are not mutated because they are executed in a Rails
scope (e.g. Project.visible_to_user).
This commit includes a migration to schedule refreshing authorizations
for all users, ensuring all of them have their authorizations in place.
Said migration schedules users in batches of 5000, with 5 minutes
between every batch to smear the load around a bit.
== Spec Changes
This commit also introduces some changes to various specs. For example,
some specs for ProjectTeam assumed that creating a personal project
would _not_ lead to the owner having access, which is incorrect. Because
we also no longer refresh authorizations on the fly for new users some
code had to be added to the "empty_project" factory. This chunk of code
ensures that the owner's permissions are refreshed after creating the
project, something that is normally done in Projects::CreateService.
|
| |/ |
|
| |
|
|
|
|
| |
Use the EnforcedStyleForMultiline: no_comma option.
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |
|
|
| |
This reflects better that it validates paths instead of a namespace model
|
| | |
|
| |
|
|
| |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |
|
|
|
|
| |
Use full path for moving directories when changing namespace path
See merge request !2078
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- Have `Uniquify` take a block instead of a Proc/function. This is more
idiomatic than passing around a function in Ruby.
- Block a user before moving their issues to the ghost user. This avoids a data
race where an issue is created after the issues are migrated to the ghost user,
and before the destroy takes place.
- No need to migrate issues (to the ghost user) in a transaction, because
we're using `update_all`
- Other minor changes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. Create a `Uniquify` class, which generalizes the process of generating unique
strings, by accepting a function that defines what "uniqueness" means in a
given context.
2. WIP: Make sure tests for `Namespace` pass, add more if necessary.
3. WIP: Add tests for `Uniquify`
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are two problems in the current implementation:
1. If a project is marked for deletion via the `pending_delete` flag
and then the namespace was quickly deleted, it's possible that the
namespace skips over that project and leaves that project in
an orphaned state.
2. Before namespace deletion, the namespace attempts to clean up
all the relevant storage paths. However, if all projects have been
removed synchronously, then the namespace will not be able to clean anything.
To prevent this, we should load the paths to be deleted before
actually destroying projects.
The specs were missing this second case due to a permission issue
that caused project removal never to happen.
|
| |/
|
|
|
|
|
| |
Before this commit, but still on this feature branch, the creation of
mattermost teams where a background job. However, it was decided it was
better that these happened as transaction so feedback could be displayed
to the user.
|
| |\
| |
| |
| |
| | |
Store group and project full name and full path in routes table
See merge request !8979
|
| | |
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |\ \
| |/
|/|
| |
| | |
Limit level of nesting for groups
See merge request !9000
|
| | |
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |/
|
|
|
|
|
|
| |
This ensures that project authorizations are refreshed when moving a
project from one namespace to another. When doing so the permissions for
all users of both the old and new namespaces are refreshed.
See #26194 for more information.
|
| |
|
|
| |
- Move UploadsTransfer to ProjectTransfer and inherit from this to UploadsTransfer and PagesTransfer
|
| |\
| |
| |
| |
| | |
Backport changes introduced by https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1078
See merge request !8657
|
| | |\
| | |
| | |
| | | |
backport-ee-changes-for-build-minutes
|
| | | |
| | |
| | |
| | | |
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1083
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
Nested groups feature improvemetns
See merge request !8448
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| | |/
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |/
|
|
|
| |
Fix export files not removed when a user takes over a namespace
See merge request !2051
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This adds counters for build artifacts and LFS objects, and moves
the preexisting repository_size and commit_count from the projects
table into a new project_statistics table.
The counters are displayed in the administration area for projects
and groups, and also available through the API for admins (on */all)
and normal users (on */owned)
The statistics are updated through ProjectCacheWorker, which can now
do more granular updates with the new :statistics argument.
|
| | |
|
| |\
| |
| |
| |
| | |
UI improvements for nested group feature
See merge request !8062
|
| | |
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
Currently namespace name and path have uniq validaiton which does not
allow us to use same group name/path inside different groups. This
commit changes validation in next way:
* Allow same namespace name with different parent_id
* Allow same namespace path. Uniq validation should be handled by routes table
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add nested groups support on data level
## What does this MR do?
- [x] Add `parent_id` field to `Namespace`model.
- [x] Create new database table `routes` that keeps information about full path to each group or project
- [x] Remove uniq index from `namespaces.path`
- [x] Add uniq index on `routes.path`
- [x] Fill routes table with path data from namespaces and projects
- [x] Change Namespace/Project URL lookup by routes table
- [x] Rename related routes (nested groups, projects) when parent path changes
This is solely backend preparation. UI, Permissions and API support will be added in separate merge request.
## Are there points in the code the reviewer needs to double check?
migrations, Route model, Routable concern
Will require downtime. See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7121#note_19490281 discussion
## Why was this MR needed?
One step further to full nested groups support
## Screenshots (if relevant)
No UI changes in this merge request so far
## Does this MR meet the acceptance criteria?
- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added~~
- ~~[Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)~~
- ~~API support added~~
- Tests
- [x] Added for this feature/bug
- [x] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if it does - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
## What are the relevant issue numbers?
https://gitlab.com/gitlab-org/gitlab-ce/issues/2772
See merge request !7121
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* add parent_id field to namespaces table to store relation with nested groups
* create routes table to keep information about full path of every group and project
* project/group lookup by full path from routes table
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Rémy Coutable <remy@rymai.me>
|
| |\
| |
| |
| |
| |
| |
| | |
Log mv_namespace parameters
[ci skip]
See merge request !7729
|
| | | |
|
