summaryrefslogtreecommitdiff
path: root/app/finders/group_members_finder.rb
blob: ffa1552627a578bab9aa63ab778f51542cbb0e66 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# frozen_string_literal: true

class GroupMembersFinder < UnionFinder
  # Params can be any of the following:
  #   two_factor: string. 'enabled' or 'disabled' are returning different set of data, other values are not effective.
  #   sort:       string
  #   search:     string

  def initialize(group, user = nil)
    @group = group
    @user = user
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def execute(include_relations: [:inherited, :direct], params: {})
    group_members = group.members
    relations = []

    return group_members if include_relations == [:direct]

    relations << group_members if include_relations.include?(:direct)

    if include_relations.include?(:inherited) && group.parent
      parents_members = GroupMember.non_request
        .where(source_id: group.ancestors.select(:id))
        .where.not(user_id: group.users.select(:id))

      relations << parents_members
    end

    if include_relations.include?(:descendants)
      descendant_members = GroupMember.non_request
        .where(source_id: group.descendants.select(:id))
        .where.not(user_id: group.users.select(:id))

      relations << descendant_members
    end

    return GroupMember.none if relations.empty?

    members = find_union(relations, GroupMember)
    filter_members(members, params)
  end
  # rubocop: enable CodeReuse/ActiveRecord

  private

  attr_reader :user, :group

  def filter_members(members, params)
    members = members.search(params[:search]) if params[:search].present?
    members = members.sort_by_attribute(params[:sort]) if params[:sort].present?

    if can_manage_members && params[:two_factor].present?
      members = members.filter_by_2fa(params[:two_factor])
    end

    members
  end

  def can_manage_members
    Ability.allowed?(user, :admin_group_member, group)
  end
end

GroupMembersFinder.prepend_if_ee('EE::GroupMembersFinder')