summaryrefslogtreecommitdiff
path: root/app/serializers/group_child_entity.rb
blob: 20d7032c9703aff51642773040bce9ba6e4b0acb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
# frozen_string_literal: true

class GroupChildEntity < Grape::Entity
  include ActionView::Helpers::NumberHelper
  include RequestAwareEntity
  include MarkupHelper

  expose :id, :name, :description, :visibility, :full_name,
         :created_at, :updated_at, :avatar_url

  expose :type do |instance|
    type
  end

  expose :can_edit do |instance|
    can_edit?
  end

  expose :edit_path do |instance|
    # We know `type` will be one either `project` or `group`.
    # The `edit_polymorphic_path` helper would try to call the path helper
    # with a plural: `edit_groups_path(instance)` or `edit_projects_path(instance)`
    # while our methods are `edit_group_path` or `edit_group_path`
    public_send("edit_#{type}_path", instance) # rubocop:disable GitlabSecurity/PublicSend
  end

  expose :relative_path do |instance|
    polymorphic_path(instance)
  end

  expose :permission do |instance|
    membership&.human_access
  end

  # Project only attributes
  expose :star_count, :archived,
         if: lambda { |_instance, _options| project? }

  # Group only attributes
  expose :children_count, :parent_id, :project_count, :subgroup_count,
         unless: lambda { |_instance, _options| project? }

  expose :leave_path, unless: lambda { |_instance, _options| project? } do |instance|
    leave_group_members_path(instance)
  end

  expose :can_leave, unless: lambda { |_instance, _options| project? } do |instance|
    if membership
      can?(request.current_user, :destroy_group_member, membership)
    else
      false
    end
  end

  expose :number_projects_with_delimiter, unless: lambda { |_instance, _options| project? } do |instance|
    number_with_delimiter(instance.project_count)
  end

  expose :number_users_with_delimiter, unless: lambda { |_instance, _options| project? } do |instance|
    number_with_delimiter(instance.member_count)
  end

  expose :markdown_description do |instance|
    markdown_description
  end

  private

  # rubocop: disable CodeReuse/ActiveRecord
  def membership
    return unless request.current_user

    @membership ||= request.current_user.members.find_by(source: object)
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def project?
    object.is_a?(Project)
  end

  def type
    object.class.name.downcase
  end

  def markdown_description
    markdown_field(object, :description)
  end

  def can_edit?
    return false unless request.respond_to?(:current_user)

    if project?
      # Avoid checking rights for each project, as it might be expensive if the
      # user cannot read cross project.
      can?(request.current_user, :read_cross_project) &&
        can?(request.current_user, :admin_project, object)
    else
      can?(request.current_user, :admin_group, object)
    end
  end
end