Return max group access level in the projects API

Currently if a project is inside a nested group and a user doesn't have specific permissions for that group but does have permissions on a parent group the `GET /projects/:id` API call will return the following permissions: ```json permissions: { project_access: null, group_access: null } ``` It could also happen that the group specific permissions are of lower level than the ones the user has in parent groups. This patch makes it so that the permission returned for `group_access` is the highest from amongst the hierarchy, which is (ostensibly) the information that the API user is interested in for that field.
author: Alejandro Rodríguez <alejorro70@gmail.com> 2019-01-15 20:57:17 +0300
committer: Alejandro Rodríguez <alejorro70@gmail.com> 2019-01-16 20:54:05 +0300
commit: ab94a5a53712740df3836413bf26e4856b5f7cb2 (patch)
tree: b712300e7011586c86a833232b9afed3c0332f96 /app/models/group.rb
parent: f821a53b45d4b521ffb734b3b843f48e0d1ecfcd (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/app/models/group.rb b/app/models/group.rb
index edac2444c4d..22814e35ca8 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -382,6 +382,10 @@ class Group < Namespace
     end
   end
 
+  def highest_group_member(user)
+    GroupMember.where(source_id: self_and_ancestors_ids, user_id: user.id).order(:access_level).last
+  end
+
   def hashed_storage?(_feature)
     false
   end
author	Alejandro Rodríguez <alejorro70@gmail.com>	2019-01-15 20:57:17 +0300
committer	Alejandro Rodríguez <alejorro70@gmail.com>	2019-01-16 20:54:05 +0300
commit	ab94a5a53712740df3836413bf26e4856b5f7cb2 (patch)
tree	b712300e7011586c86a833232b9afed3c0332f96 /app/models/group.rb
parent	f821a53b45d4b521ffb734b3b843f48e0d1ecfcd (diff)