diff options
author | Rémy Coutable <remy@rymai.me> | 2016-07-28 20:31:17 +0300 |
---|---|---|
committer | Rémy Coutable <remy@rymai.me> | 2016-10-03 17:57:48 +0300 |
commit | 3158f57dba6dcef3e586ae8fced7deb6fdbd6dc0 (patch) | |
tree | 51c000c699b1199f3838c3c46c5ac5dbe16773bd /app/services/members | |
parent | 958815a039af68dc68b333b69b3e9e3f3bc4ee2e (diff) |
Improve Members::DestroyService
Signed-off-by: Rémy Coutable <remy@rymai.me>
Diffstat (limited to 'app/services/members')
-rw-r--r-- | app/services/members/destroy_service.rb | 38 |
1 files changed, 31 insertions, 7 deletions
diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb index 9a2bf82ef51..b3d79d577bd 100644 --- a/app/services/members/destroy_service.rb +++ b/app/services/members/destroy_service.rb @@ -1,17 +1,41 @@ module Members class DestroyService < BaseService - attr_accessor :member, :current_user + include MembersHelper - def initialize(member, current_user) - @member = member + attr_accessor :source + + ALLOWED_SCOPES = %i[members requesters all] + + def initialize(source, current_user, params = {}) + @source = source @current_user = current_user + @params = params end - def execute - unless member && can?(current_user, "destroy_#{member.type.underscore}".to_sym, member) - raise Gitlab::Access::AccessDeniedError - end + def execute(scope = :members) + raise "scope :#{scope} is not allowed!" unless ALLOWED_SCOPES.include?(scope) + + member = find_member(scope) + + raise Gitlab::Access::AccessDeniedError if cannot_destroy_member?(member) + AuthorizedDestroyService.new(member, current_user).execute end + + private + + def find_member(scope) + case scope + when :all + source.members.find_by(user_id: params[:user_id]) || + source.requesters.find_by!(user_id: params[:user_id]) + else + source.public_send(scope).find_by!(user_id: params[:user_id]) + end + end + + def cannot_destroy_member?(member) + !member || !can?(current_user, action_member_permission(:destroy, member), member) + end end end |