diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-17 15:09:14 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2024-01-17 15:09:14 +0300 |
commit | 14c3ebc6364f7d5eb31cbf2e66a79ec574e88b70 (patch) | |
tree | b05db97dc0a40721e3f99b70454d309197615428 /lib/gitlab/project_authorizations.rb | |
parent | db1b40c0ae61a0b647c114b22c990419de05de7a (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/project_authorizations.rb')
-rw-r--r-- | lib/gitlab/project_authorizations.rb | 68 |
1 files changed, 2 insertions, 66 deletions
diff --git a/lib/gitlab/project_authorizations.rb b/lib/gitlab/project_authorizations.rb index 0fcb8321dae..a3a14439b74 100644 --- a/lib/gitlab/project_authorizations.rb +++ b/lib/gitlab/project_authorizations.rb @@ -12,46 +12,6 @@ module Gitlab end def calculate - if Feature.enabled?(:compare_project_authorization_linear_cte, user) - linear_relation = calculate_with_linear_query - recursive_relation = calculate_with_recursive_query - recursive_set = Set.new(recursive_relation.to_a.pluck(:project_id, :access_level)) - linear_set = Set.new(linear_relation.to_a.pluck(:project_id, :access_level)) - if linear_set == recursive_set - Gitlab::AppJsonLogger.info(event: 'linear_authorized_projects_check', - user_id: user.id, - matching_results: true) - return calculate_with_linear_query - else - Gitlab::AppJsonLogger.warn(event: 'linear_authorized_projects_check', - user_id: user.id, - matching_results: false) - end - end - - Gitlab::AppJsonLogger.info(event: 'linear_authorized_projects_check_with_flag', - feature_flag_status: Feature.enabled?(:linear_project_authorization, user)) - - if Feature.enabled?(:linear_project_authorization, user) - calculate_with_linear_query - else - calculate_with_recursive_query - end - end - - private - - def calculate_with_linear_query - cte = linear_cte - cte_alias = cte.table.alias(Group.table_name) - - ProjectAuthorization - .unscoped - .with(cte.to_arel) - .select_from_union(relations(cte_alias: cte_alias)) - end - - def calculate_with_recursive_query cte = recursive_cte cte_alias = cte.table.alias(Group.table_name) @@ -62,6 +22,8 @@ module Gitlab .select_from_union(relations(cte_alias: cte_alias)) end + private + # Builds a recursive CTE that gets all the groups the current user has # access to, including any nested groups and any shared groups. def recursive_cte @@ -97,32 +59,6 @@ module Gitlab cte end - def linear_cte - # Groups shared with user and their parent groups - shared_groups = Group - .select("namespaces.id, MAX(LEAST(members.access_level, group_group_links.group_access)) as access_level") - .joins("INNER JOIN group_group_links ON group_group_links.shared_group_id = namespaces.id - OR namespaces.traversal_ids @> ARRAY[group_group_links.shared_group_id::int]") - .joins("INNER JOIN members ON group_group_links.shared_with_group_id = members.source_id") - .merge(user.group_members) - .merge(GroupMember.active_state) - .group("namespaces.id") - - # Groups the user is a member of and their parent groups. - lateral_query = Group.as_ids.where("namespaces.traversal_ids @> ARRAY [members.source_id]") - member_groups_with_ancestors = GroupMember.select("namespaces.id, MAX(members.access_level) as access_level") - .joins("CROSS JOIN LATERAL (#{lateral_query.to_sql}) as namespaces") - .group("namespaces.id") - .merge(user.group_members) - .merge(GroupMember.active_state) - - union = Namespace - .select("namespaces.id, access_level") - .from_union([shared_groups, member_groups_with_ancestors]) - - Gitlab::SQL::CTE.new(:linear_namespaces_cte, union) - end - # Builds a LEFT JOIN to join optional memberships onto the CTE. def join_members_on_namespaces members = Member.arel_table |