diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-02 21:11:52 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-12-02 21:11:52 +0300 |
commit | d1ade10ba69cb7c232daa36625656456c32462e4 (patch) | |
tree | 70597a997a68fc63b009001480247794a60e2dd6 /app | |
parent | 3a52eefc27143af8a2b3838a159c52484ca4bc8b (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
-rw-r--r-- | app/graphql/queries/epic/epic_children.query.graphql | 2 | ||||
-rw-r--r-- | app/models/project.rb | 41 | ||||
-rw-r--r-- | app/models/project_feature.rb | 46 | ||||
-rw-r--r-- | app/views/projects/_merge_request_merge_commit_template.html.haml | 2 | ||||
-rw-r--r-- | app/views/projects/_merge_request_squash_commit_template.html.haml | 2 |
5 files changed, 53 insertions, 40 deletions
diff --git a/app/graphql/queries/epic/epic_children.query.graphql b/app/graphql/queries/epic/epic_children.query.graphql index c35abcabe44..c50a73aafb2 100644 --- a/app/graphql/queries/epic/epic_children.query.graphql +++ b/app/graphql/queries/epic/epic_children.query.graphql @@ -49,6 +49,7 @@ fragment EpicNode on Epic { __typename nodes { __typename + id color description textColor @@ -140,6 +141,7 @@ query childItems( __typename nodes { __typename + id color description textColor diff --git a/app/models/project.rb b/app/models/project.rb index d3206f691f2..a5e9b0e0a1a 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -576,18 +576,12 @@ class Project < ApplicationRecord .where('rs.path LIKE ?', "#{sanitize_sql_like(path)}/%") end - # "enabled" here means "not disabled". It includes private features! scope :with_feature_enabled, ->(feature) { - access_level_attribute = ProjectFeature.arel_table[ProjectFeature.access_level_attribute(feature)] - enabled_feature = access_level_attribute.gt(ProjectFeature::DISABLED).or(access_level_attribute.eq(nil)) - - with_project_feature.where(enabled_feature) + with_project_feature.merge(ProjectFeature.with_feature_enabled(feature)) } - # Picks a feature where the level is exactly that given. scope :with_feature_access_level, ->(feature, level) { - access_level_attribute = ProjectFeature.access_level_attribute(feature) - with_project_feature.where(project_features: { access_level_attribute => level }) + with_project_feature.merge(ProjectFeature.with_feature_access_level(feature, level)) } # Picks projects which use the given programming language @@ -688,37 +682,8 @@ class Project < ApplicationRecord end end - # project features may be "disabled", "internal", "enabled" or "public". If "internal", - # they are only available to team members. This scope returns projects where - # the feature is either public, enabled, or internal with permission for the user. - # Note: this scope doesn't enforce that the user has access to the projects, it just checks - # that the user has access to the feature. It's important to use this scope with others - # that checks project authorizations first (e.g. `filter_by_feature_visibility`). - # - # This method uses an optimised version of `with_feature_access_level` for - # logged in users to more efficiently get private projects with the given - # feature. def self.with_feature_available_for_user(feature, user) - visible = [ProjectFeature::ENABLED, ProjectFeature::PUBLIC] - - if user&.can_read_all_resources? - with_feature_enabled(feature) - elsif user - min_access_level = ProjectFeature.required_minimum_access_level(feature) - column = ProjectFeature.quoted_access_level_column(feature) - - with_project_feature - .where("#{column} IS NULL OR #{column} IN (:public_visible) OR (#{column} = :private_visible AND EXISTS (:authorizations))", - { - public_visible: visible, - private_visible: ProjectFeature::PRIVATE, - authorizations: user.authorizations_for_projects(min_access_level: min_access_level) - }) - else - # This has to be added to include features whose value is nil in the db - visible << nil - with_feature_access_level(feature, visible) - end + with_project_feature.merge(ProjectFeature.with_feature_available_for_user(feature, user)) end def self.projects_user_can(projects, user, action) diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb index 676c28d5e1b..0d3e50837ab 100644 --- a/app/models/project_feature.rb +++ b/app/models/project_feature.rb @@ -83,6 +83,52 @@ class ProjectFeature < ApplicationRecord end end + # "enabled" here means "not disabled". It includes private features! + scope :with_feature_enabled, ->(feature) { + feature_access_level_attribute = arel_table[access_level_attribute(feature)] + enabled_feature = feature_access_level_attribute.gt(DISABLED).or(feature_access_level_attribute.eq(nil)) + + where(enabled_feature) + } + + # Picks a feature where the level is exactly that given. + scope :with_feature_access_level, ->(feature, level) { + feature_access_level_attribute = access_level_attribute(feature) + where(project_features: { feature_access_level_attribute => level }) + } + + # project features may be "disabled", "internal", "enabled" or "public". If "internal", + # they are only available to team members. This scope returns features where + # the feature is either public, enabled, or internal with permission for the user. + # Note: this scope doesn't enforce that the user has access to the projects, it just checks + # that the user has access to the feature. It's important to use this scope with others + # that checks project authorizations first (e.g. `filter_by_feature_visibility`). + # + # This method uses an optimised version of `with_feature_access_level` for + # logged in users to more efficiently get private projects with the given + # feature. + def self.with_feature_available_for_user(feature, user) + visible = [ENABLED, PUBLIC] + + if user&.can_read_all_resources? + with_feature_enabled(feature) + elsif user + min_access_level = required_minimum_access_level(feature) + column = quoted_access_level_column(feature) + + where("#{column} IS NULL OR #{column} IN (:public_visible) OR (#{column} = :private_visible AND EXISTS (:authorizations))", + { + public_visible: visible, + private_visible: PRIVATE, + authorizations: user.authorizations_for_projects(min_access_level: min_access_level, related_project_column: 'project_features.project_id') + }) + else + # This has to be added to include features whose value is nil in the db + visible << nil + with_feature_access_level(feature, visible) + end + end + def public_pages? return true unless Gitlab.config.pages.access_control diff --git a/app/views/projects/_merge_request_merge_commit_template.html.haml b/app/views/projects/_merge_request_merge_commit_template.html.haml index ba170af9de5..869d2d5d9ec 100644 --- a/app/views/projects/_merge_request_merge_commit_template.html.haml +++ b/app/views/projects/_merge_request_merge_commit_template.html.haml @@ -3,7 +3,7 @@ .form-group %b= s_('ProjectSettings|Merge commit message template') %p.text-secondary - - configure_the_merge_commit_message_help_link_url = help_page_path('user/project/merge_requests/commit_templates.md', anchor: 'merge-commit-message-template') + - configure_the_merge_commit_message_help_link_url = help_page_path('user/project/merge_requests/commit_templates.md') - configure_the_merge_commit_message_help_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: configure_the_merge_commit_message_help_link_url } = s_('ProjectSettings|The commit message used when merging, if the merge method creates a merge commit. %{link_start}Learn more about syntax and variables.%{link_end}').html_safe % { link_start: configure_the_merge_commit_message_help_link_start, link_end: '</a>'.html_safe } .mb-2 diff --git a/app/views/projects/_merge_request_squash_commit_template.html.haml b/app/views/projects/_merge_request_squash_commit_template.html.haml index 51617bc027f..81e4bbed166 100644 --- a/app/views/projects/_merge_request_squash_commit_template.html.haml +++ b/app/views/projects/_merge_request_squash_commit_template.html.haml @@ -3,7 +3,7 @@ .form-group %b= s_('ProjectSettings|Squash commit message template') %p.text-secondary - - configure_the_squash_commit_message_help_link_url = help_page_path('user/project/merge_requests/commit_templates.md', anchor: 'squash-commit-message-template') + - configure_the_squash_commit_message_help_link_url = help_page_path('user/project/merge_requests/commit_templates.md') - configure_the_squash_commit_message_help_link_start = '<a href="%{url}" target="_blank" rel="noopener noreferrer">'.html_safe % { url: configure_the_squash_commit_message_help_link_url } = s_('ProjectSettings|The commit message used when squashing commits. %{link_start}Learn more about syntax and variables.%{link_end}').html_safe % { link_start: configure_the_squash_commit_message_help_link_start, link_end: '</a>'.html_safe } .mb-2 |