Add latest changes from gitlab-org/gitlab@15-3-stable-eev15.3.0-rc42

12 files changed, 141 insertions, 17 deletions

diff --git a/app/finders/autocomplete/deploy_keys_with_write_access_finder.rb b/app/finders/autocomplete/deploy_keys_with_write_access_finder.rb
new file mode 100644
index 00000000000..a123a0dc4f0
--- /dev/null
+++ b/app/finders/autocomplete/deploy_keys_with_write_access_finder.rb
@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Autocomplete
+  # Finder for retrieving deploy keys to use for autocomplete data sources.
+  class DeployKeysWithWriteAccessFinder
+    attr_reader :current_user, :project
+
+    def initialize(current_user, project)
+      @current_user = current_user
+      @project = project
+    end
+
+    def execute
+      return DeployKey.none if project.nil?
+
+      raise Gitlab::Access::AccessDeniedError unless current_user.can?(:admin_project, project)
+
+      project.deploy_keys.merge(DeployKeysProject.with_write_access)
+    end
+  end
+end
diff --git a/app/finders/ci/daily_build_group_report_results_finder.rb b/app/finders/ci/daily_build_group_report_results_finder.rb
index 33aefe29392..b93b7dbe0c5 100644
--- a/app/finders/ci/daily_build_group_report_results_finder.rb
+++ b/app/finders/ci/daily_build_group_report_results_finder.rb
@@ -82,14 +82,20 @@ module Ci
     end
 
     def start_date
-      start_date = Date.strptime(params[:start_date], DATE_FORMAT_ALLOWED) rescue REPORT_WINDOW.ago.to_date
+      start_date = begin
+        Date.strptime(params[:start_date], DATE_FORMAT_ALLOWED)
+      rescue StandardError
+        REPORT_WINDOW.ago.to_date
+      end
 
       # The start_date cannot be older than `end_date - 90 days`
       [start_date, end_date - REPORT_WINDOW].max
     end
 
     def end_date
-      Date.strptime(params[:end_date], DATE_FORMAT_ALLOWED) rescue Date.current
+      Date.strptime(params[:end_date], DATE_FORMAT_ALLOWED)
+    rescue StandardError
+      Date.current
     end
   end
 end
diff --git a/app/finders/ci/runners_finder.rb b/app/finders/ci/runners_finder.rb
index 4f9244d9825..774947a35b7 100644
--- a/app/finders/ci/runners_finder.rb
+++ b/app/finders/ci/runners_finder.rb
@@ -69,10 +69,15 @@ module Ci
     end
 
     def filter_by_upgrade_status!
-      return unless @params.key?(:upgrade_status)
-      return unless Ci::RunnerVersion.statuses.key?(@params[:upgrade_status])
+      upgrade_status = @params[:upgrade_status]
 
-      @runners = @runners.with_upgrade_status(@params[:upgrade_status])
+      return unless upgrade_status
+
+      unless Ci::RunnerVersion.statuses.key?(upgrade_status)
+        raise ArgumentError, "Invalid upgrade status value '#{upgrade_status}'"
+      end
+
+      @runners = @runners.with_upgrade_status(upgrade_status)
     end
 
     def filter_by_runner_type!
diff --git a/app/finders/crm/contacts_finder.rb b/app/finders/crm/contacts_finder.rb
index 29f3d6f0f16..58ec4cf8a47 100644
--- a/app/finders/crm/contacts_finder.rb
+++ b/app/finders/crm/contacts_finder.rb
@@ -16,6 +16,11 @@ module Crm
 
     attr_reader :params, :current_user
 
+    def self.counts_by_state(current_user, params = {})
+      params = params.merge(sort: nil)
+      new(current_user, params).execute.counts_by_state
+    end
+
     def initialize(current_user, params = {})
       @current_user = current_user
       @params = params
@@ -28,11 +33,25 @@ module Crm
       contacts = by_ids(contacts)
       contacts = by_state(contacts)
       contacts = by_search(contacts)
-      contacts.sort_by_name
+      sort_contacts(contacts)
     end
 
     private
 
+    def sort_contacts(contacts)
+      return contacts.sort_by_name unless @params.key?(:sort)
+      return contacts if @params[:sort].nil?
+
+      field = @params[:sort][:field]
+      direction = @params[:sort][:direction]
+
+      if field == 'organization'
+        contacts.sort_by_organization(direction)
+      else
+        contacts.sort_by_field(field, direction)
+      end
+    end
+
     def root_group
       strong_memoize(:root_group) do
         group = params[:group]&.root_ancestor
diff --git a/app/finders/fork_targets_finder.rb b/app/finders/fork_targets_finder.rb
index 0b5dfb16572..e129fde3748 100644
--- a/app/finders/fork_targets_finder.rb
+++ b/app/finders/fork_targets_finder.rb
@@ -6,17 +6,39 @@ class ForkTargetsFinder
     @user = user
   end
 
-  # rubocop: disable CodeReuse/ActiveRecord
   def execute(options = {})
-    return ::Namespace.where(id: user.forkable_namespaces).sort_by_type unless options[:only_groups]
+    return previous_execute(options) unless Feature.enabled?(:searchable_fork_targets)
 
-    ::Group.where(id: user.manageable_groups(include_groups_with_developer_maintainer_access: true))
+    items = fork_targets(options)
+
+    by_search(items, options)
   end
-  # rubocop: enable CodeReuse/ActiveRecord
 
   private
 
   attr_reader :project, :user
+
+  def by_search(items, options)
+    return items if options[:search].blank?
+
+    items.search(options[:search])
+  end
+
+  def fork_targets(options)
+    if options[:only_groups]
+      user.manageable_groups(include_groups_with_developer_maintainer_access: true)
+    else
+      user.forkable_namespaces.sort_by_type
+    end
+  end
+
+  # rubocop: disable CodeReuse/ActiveRecord
+  def previous_execute(options = {})
+    return ::Namespace.where(id: user.forkable_namespaces).sort_by_type unless options[:only_groups]
+
+    ::Group.where(id: user.manageable_groups(include_groups_with_developer_maintainer_access: true))
+  end
+  # rubocop: enable CodeReuse/ActiveRecord
 end
 
 ForkTargetsFinder.prepend_mod_with('ForkTargetsFinder')
diff --git a/app/finders/groups/accepting_project_transfers_finder.rb b/app/finders/groups/accepting_project_transfers_finder.rb
new file mode 100644
index 00000000000..09d3c430641
--- /dev/null
+++ b/app/finders/groups/accepting_project_transfers_finder.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Groups
+  class AcceptingProjectTransfersFinder
+    def initialize(current_user)
+      @current_user = current_user
+    end
+
+    def execute
+      if Feature.disabled?(:include_groups_from_group_shares_in_project_transfer_locations)
+        return current_user.manageable_groups
+      end
+
+      groups_accepting_project_transfers =
+        [
+          current_user.manageable_groups,
+          managable_groups_originating_from_group_shares
+        ]
+
+      groups = ::Group.from_union(groups_accepting_project_transfers)
+
+      groups.project_creation_allowed
+    end
+
+    private
+
+    attr_reader :current_user
+
+    def managable_groups_originating_from_group_shares
+      GroupGroupLink
+        .with_owner_or_maintainer_access
+        .groups_accessible_via(
+          groups_that_user_has_owner_or_maintainer_access_via_direct_membership
+          .select(:id)
+        )
+    end
+
+    def groups_that_user_has_owner_or_maintainer_access_via_direct_membership
+      # Only maintainers or above in a group has access to transfer projects to that group
+      current_user.owned_or_maintainers_groups
+    end
+  end
+end
diff --git a/app/finders/groups/user_groups_finder.rb b/app/finders/groups/user_groups_finder.rb
index 90367638dcf..bda8b7cc1e0 100644
--- a/app/finders/groups/user_groups_finder.rb
+++ b/app/finders/groups/user_groups_finder.rb
@@ -41,14 +41,14 @@ module Groups
     def by_search(items)
       return items if params[:search].blank?
 
-      items.search(params[:search])
+      items.search(params[:search], include_parents: true)
     end
 
     def by_permission_scope
       if permission_scope_create_projects?
         target_user.manageable_groups(include_groups_with_developer_maintainer_access: true)
       elsif permission_scope_transfer_projects?
-        target_user.manageable_groups(include_groups_with_developer_maintainer_access: false)
+        Groups::AcceptingProjectTransfersFinder.new(target_user).execute # rubocop: disable CodeReuse/Finder
       else
         target_user.groups
       end
diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
index 47b2a460e6f..1088d53c9a0 100644
--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -46,7 +46,8 @@ class IssuableFinder
 
   requires_cross_project_access unless: -> { params.project? }
 
-  FULL_TEXT_SEARCH_TERM_REGEX = /\A[\p{ASCII}|\p{Latin}]+\z/.freeze
+  FULL_TEXT_SEARCH_TERM_PATTERN = '[\u0000-\u218F]*'
+  FULL_TEXT_SEARCH_TERM_REGEX = /\A#{FULL_TEXT_SEARCH_TERM_PATTERN}\z/.freeze
   NEGATABLE_PARAMS_HELPER_KEYS = %i[project_id scope status include_subgroups].freeze
 
   attr_accessor :current_user, :params
diff --git a/app/finders/projects/topics_finder.rb b/app/finders/projects/topics_finder.rb
index c26b166a786..fb0a77db548 100644
--- a/app/finders/projects/topics_finder.rb
+++ b/app/finders/projects/topics_finder.rb
@@ -13,6 +13,7 @@ module Projects
 
     def execute
       topics = Projects::Topic.order_by_non_private_projects_count
+      topics = by_without_projects(topics)
       by_search(topics)
     end
 
@@ -25,5 +26,11 @@ module Projects
 
       topics.search(params[:search]).reorder_by_similarity(params[:search])
     end
+
+    def by_without_projects(topics)
+      return topics unless params[:without_projects]
+
+      topics.without_assigned_projects
+    end
   end
 end
diff --git a/app/finders/releases/group_releases_finder.rb b/app/finders/releases/group_releases_finder.rb
index 8b1b0c552fd..08530f63ea6 100644
--- a/app/finders/releases/group_releases_finder.rb
+++ b/app/finders/releases/group_releases_finder.rb
@@ -32,7 +32,7 @@ module Releases
     def get_releases
       Gitlab::Pagination::Keyset::InOperatorOptimization::QueryBuilder.new(
         scope: releases_scope,
-        array_scope:  Project.for_group_and_its_subgroups(parent).select(:id),
+        array_scope: Project.for_group_and_its_subgroups(parent).select(:id),
         array_mapping_scope: -> (project_id_expression) { Release.where(Release.arel_table[:project_id].eq(project_id_expression)) },
         finder_query: -> (order_by, id_expression) { Release.where(Release.arel_table[:id].eq(id_expression)) }
       )
diff --git a/app/finders/repositories/changelog_tag_finder.rb b/app/finders/repositories/changelog_tag_finder.rb
index 3c110e6c65d..7dd7404730f 100644
--- a/app/finders/repositories/changelog_tag_finder.rb
+++ b/app/finders/repositories/changelog_tag_finder.rb
@@ -37,14 +37,14 @@ module Repositories
 
       begin
         regex = Gitlab::UntrustedRegexp.new(@regex)
-      rescue RegexpError => ex
+      rescue RegexpError => e
         # The error messages produced by default are not very helpful, so we
         # raise a better one here. We raise the specific error here so its
         # message is displayed in the API (where we catch this specific
         # error).
         raise(
           Gitlab::Changelog::Error,
-          "The regular expression to use for finding the previous tag for a version is invalid: #{ex.message}"
+          "The regular expression to use for finding the previous tag for a version is invalid: #{e.message}"
         )
       end
 
diff --git a/app/finders/tags_finder.rb b/app/finders/tags_finder.rb
index 16bba62f766..52b1fff4883 100644
--- a/app/finders/tags_finder.rb
+++ b/app/finders/tags_finder.rb
@@ -2,7 +2,7 @@
 
 class TagsFinder < GitRefsFinder
   def execute(gitaly_pagination: false)
-    tags = if gitaly_pagination
+    tags = if gitaly_pagination && search.blank?
              repository.tags_sorted_by(sort, pagination_params)
            else
              repository.tags_sorted_by(sort)