diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-19 12:09:06 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-19 12:09:06 +0300 |
commit | 9450a63064cd1572f030628dbf155f5c047f28c7 (patch) | |
tree | 62c938f6ceb8dd16f3af49cd86312c52bf6538fe /app | |
parent | 4a69e105ab22c23edcdabb37fbdaf2554b088a6d (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
10 files changed, 139 insertions, 7 deletions
diff --git a/app/assets/javascripts/environments/components/kubernetes_pods.vue b/app/assets/javascripts/environments/components/kubernetes_pods.vue index 1220347e440..a153331ee58 100644 --- a/app/assets/javascripts/environments/components/kubernetes_pods.vue +++ b/app/assets/javascripts/environments/components/kubernetes_pods.vue @@ -97,7 +97,7 @@ export default { <div v-else-if="podStats && !error" - class="gl-display-flex gl-flex-wrap-wrap gl-sm-flex-nowrap gl-mx-n3 gl-mt-n3" + class="gl-display-flex gl-flex-wrap gl-sm-flex-nowrap gl-mx-n3 gl-mt-n3" > <gl-single-stat v-for="(stat, index) in podStats" diff --git a/app/assets/javascripts/issuable/components/related_issuable_item.vue b/app/assets/javascripts/issuable/components/related_issuable_item.vue index c9416945318..d32336395dc 100644 --- a/app/assets/javascripts/issuable/components/related_issuable_item.vue +++ b/app/assets/javascripts/issuable/components/related_issuable_item.vue @@ -142,7 +142,7 @@ export default { <!-- If there is no room beside the path, meta attributes are put ABOVE it (flex-wrap-reverse). --> <!-- See design: https://gitlab-org.gitlab.io/gitlab-design/hosted/pedro/%2383-issue-mr-rows-cards-spec-previews/#artboard16 --> <div - class="item-meta gl-display-flex gl-md-justify-content-space-between gl-gap-3 gl-flex-wrap-wrap-reverse" + class="item-meta gl-display-flex gl-md-justify-content-space-between gl-gap-3 gl-flex-wrap-reverse" > <!-- Path area: status icon (<XL), path, issue # --> <div diff --git a/app/assets/javascripts/profile/components/overview_tab.vue b/app/assets/javascripts/profile/components/overview_tab.vue index 8eede317344..21f8a2d3500 100644 --- a/app/assets/javascripts/profile/components/overview_tab.vue +++ b/app/assets/javascripts/profile/components/overview_tab.vue @@ -27,7 +27,7 @@ export default { <template> <gl-tab :title="$options.i18n.title"> <activity-calendar /> - <div class="gl-mx-n3 gl-display-flex gl-flex-wrap-wrap"> + <div class="gl-mx-n3 gl-display-flex gl-flex-wrap"> <div class="gl-px-3 gl-w-full gl-lg-w-half"></div> <div class="gl-px-3 gl-w-full gl-lg-w-half" data-testid="personal-projects-section"> <div diff --git a/app/assets/javascripts/super_sidebar/components/pinned_section.vue b/app/assets/javascripts/super_sidebar/components/pinned_section.vue index 164ea04ab8e..3c12e193d80 100644 --- a/app/assets/javascripts/super_sidebar/components/pinned_section.vue +++ b/app/assets/javascripts/super_sidebar/components/pinned_section.vue @@ -99,6 +99,6 @@ export default { {{ $options.i18n.emptyHint }} </div> </gl-collapse> - <hr class="gl-my-2 gl-mx-4" /> + <hr aria-hidden="true" class="gl-my-2 gl-mx-4" /> </section> </template> diff --git a/app/assets/javascripts/super_sidebar/components/sidebar_menu.vue b/app/assets/javascripts/super_sidebar/components/sidebar_menu.vue index 3fdc5124111..ca165dd8602 100644 --- a/app/assets/javascripts/super_sidebar/components/sidebar_menu.vue +++ b/app/assets/javascripts/super_sidebar/components/sidebar_menu.vue @@ -134,7 +134,7 @@ export default { <ul class="gl-p-0 gl-m-0"> <nav-item v-for="item in staticItems" :key="item.id" :item="item" is-static /> </ul> - <hr class="gl-my-2 gl-mx-4" /> + <hr aria-hidden="true" class="gl-my-2 gl-mx-4" /> </section> <pinned-section diff --git a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue index b90ba0142c6..6e0ee1cb912 100644 --- a/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue +++ b/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue @@ -13,7 +13,6 @@ import { createAlert } from '~/alert'; import { STATUS_CLOSED, STATUS_MERGED } from '~/issues/constants'; import notify from '~/lib/utils/notify'; import { sprintf, s__, __ } from '~/locale'; -import Project from '~/pages/projects/project'; import SmartInterval from '~/smart_interval'; import { TYPENAME_MERGE_REQUEST } from '~/graphql_shared/constants'; import { convertToGraphQLId } from '~/graphql_shared/utils'; @@ -479,7 +478,6 @@ export default { el.innerHTML = res.data; document.body.appendChild(el); document.dispatchEvent(new CustomEvent('merged:UpdateActions')); - Project.initRefSwitcher(); } }) .catch(() => diff --git a/app/models/clusters/agent.rb b/app/models/clusters/agent.rb index 4e2de06577d..374deabfe33 100644 --- a/app/models/clusters/agent.rb +++ b/app/models/clusters/agent.rb @@ -18,6 +18,12 @@ module Clusters has_many :ci_access_project_authorizations, class_name: 'Clusters::Agents::Authorizations::CiAccess::ProjectAuthorization' has_many :ci_access_authorized_projects, class_name: '::Project', through: :ci_access_project_authorizations, source: :project + has_many :user_access_group_authorizations, class_name: 'Clusters::Agents::Authorizations::UserAccess::GroupAuthorization' + has_many :user_access_authorized_groups, class_name: '::Group', through: :user_access_group_authorizations, source: :group + + has_many :user_access_project_authorizations, class_name: 'Clusters::Agents::Authorizations::UserAccess::ProjectAuthorization' + has_many :user_access_authorized_projects, class_name: '::Project', through: :user_access_project_authorizations, source: :project + has_many :activity_events, -> { in_timeline_order }, class_name: 'Clusters::Agents::ActivityEvent', inverse_of: :agent scope :ordered_by_name, -> { order(:name) } diff --git a/app/models/clusters/agents/authorizations/user_access/group_authorization.rb b/app/models/clusters/agents/authorizations/user_access/group_authorization.rb index 088ce1c0e27..e46a52e73a6 100644 --- a/app/models/clusters/agents/authorizations/user_access/group_authorization.rb +++ b/app/models/clusters/agents/authorizations/user_access/group_authorization.rb @@ -15,6 +15,16 @@ module Clusters def config_project agent.project end + + class << self + def upsert_configs(configs) + upsert_all(configs, unique_by: [:agent_id, :group_id]) + end + + def delete_unlisted(group_ids) + where.not(group_id: group_ids).delete_all + end + end end end end diff --git a/app/models/clusters/agents/authorizations/user_access/project_authorization.rb b/app/models/clusters/agents/authorizations/user_access/project_authorization.rb index 22b2c3fea22..2b0cbd3032a 100644 --- a/app/models/clusters/agents/authorizations/user_access/project_authorization.rb +++ b/app/models/clusters/agents/authorizations/user_access/project_authorization.rb @@ -15,6 +15,16 @@ module Clusters def config_project agent.project end + + class << self + def upsert_configs(configs) + upsert_all(configs, unique_by: [:agent_id, :project_id]) + end + + def delete_unlisted(project_ids) + where.not(project_id: project_ids).delete_all + end + end end end end diff --git a/app/services/clusters/agents/authorizations/user_access/refresh_service.rb b/app/services/clusters/agents/authorizations/user_access/refresh_service.rb new file mode 100644 index 00000000000..04d6e04c54d --- /dev/null +++ b/app/services/clusters/agents/authorizations/user_access/refresh_service.rb @@ -0,0 +1,108 @@ +# frozen_string_literal: true + +module Clusters + module Agents + module Authorizations + module UserAccess + class RefreshService + include Gitlab::Utils::StrongMemoize + + AUTHORIZED_ENTITY_LIMIT = 100 + + delegate :project, to: :agent, private: true + delegate :root_ancestor, to: :project, private: true + + def initialize(agent, config:) + @agent = agent + @config = config + end + + def execute + refresh_projects! + refresh_groups! + + true + end + + private + + attr_reader :agent, :config + + def refresh_projects! + if allowed_project_configurations.present? + project_ids = allowed_project_configurations.map { |config| config.fetch(:project_id) } + + agent.with_lock do + agent.user_access_project_authorizations.upsert_configs(allowed_project_configurations) + agent.user_access_project_authorizations.delete_unlisted(project_ids) + end + else + agent.user_access_project_authorizations.delete_all(:delete_all) + end + end + + def refresh_groups! + if allowed_group_configurations.present? + group_ids = allowed_group_configurations.map { |config| config.fetch(:group_id) } + + agent.with_lock do + agent.user_access_group_authorizations.upsert_configs(allowed_group_configurations) + agent.user_access_group_authorizations.delete_unlisted(group_ids) + end + else + agent.user_access_group_authorizations.delete_all(:delete_all) + end + end + + def allowed_project_configurations + project_entries = extract_config_entries(entity: 'projects') + + return unless project_entries + + allowed_projects.where_full_path_in(project_entries.keys).map do |project| + { project_id: project.id, config: user_access_as } + end + end + strong_memoize_attr :allowed_project_configurations + + def allowed_group_configurations + group_entries = extract_config_entries(entity: 'groups') + + return unless group_entries + + allowed_groups.where_full_path_in(group_entries.keys).map do |group| + { group_id: group.id, config: user_access_as } + end + end + strong_memoize_attr :allowed_group_configurations + + def extract_config_entries(entity:) + config.dig('user_access', entity) + &.first(AUTHORIZED_ENTITY_LIMIT) + &.index_by { |config| config.delete('id').downcase } + end + + def allowed_projects + root_ancestor.all_projects + end + + def allowed_groups + if group_root_ancestor? + root_ancestor.self_and_descendants + else + ::Group.none + end + end + + def group_root_ancestor? + root_ancestor.group_namespace? + end + + def user_access_as + @user_access_as ||= config['user_access']&.slice('access_as') || {} + end + end + end + end + end +end |