Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/finders/labels_finder.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/finders/labels_finder.rb')
-rw-r--r--app/finders/labels_finder.rb80
1 files changed, 17 insertions, 63 deletions
diff --git a/app/finders/labels_finder.rb b/app/finders/labels_finder.rb
index bedd6891d02..ecd6270ed47 100644
--- a/app/finders/labels_finder.rb
+++ b/app/finders/labels_finder.rb
@@ -2,6 +2,7 @@
class LabelsFinder < UnionFinder
prepend FinderWithCrossProjectAccess
+ include FinderWithGroupHierarchy
include FinderMethods
include Gitlab::Utils::StrongMemoize
@@ -14,7 +15,7 @@ class LabelsFinder < UnionFinder
def execute(skip_authorization: false)
@skip_authorization = skip_authorization
- items = find_union(label_ids, Label) || Label.none
+ items = find_union(item_ids, Label) || Label.none
items = with_title(items)
items = by_subscription(items)
items = by_search(items)
@@ -26,8 +27,8 @@ class LabelsFinder < UnionFinder
attr_reader :current_user, :params, :skip_authorization
# rubocop: disable CodeReuse/ActiveRecord
- def label_ids
- label_ids = []
+ def item_ids
+ item_ids = []
if project?
if project
@@ -35,25 +36,25 @@ class LabelsFinder < UnionFinder
labels_table = Label.arel_table
group_ids = group_ids_for(project.group)
- label_ids << Label.where(
+ item_ids << Label.where(
labels_table[:type].eq('GroupLabel').and(labels_table[:group_id].in(group_ids)).or(
labels_table[:type].eq('ProjectLabel').and(labels_table[:project_id].eq(project.id))
)
)
else
- label_ids << project.labels
+ item_ids << project.labels
end
end
else
if group?
- label_ids << Label.where(group_id: group_ids_for(group))
+ item_ids << Label.where(group_id: group_ids_for(group))
end
- label_ids << Label.where(group_id: projects.group_ids)
- label_ids << Label.where(project_id: ids_user_can_read_labels(projects)) unless only_group_labels?
+ item_ids << Label.where(group_id: projects.group_ids)
+ item_ids << Label.where(project_id: ids_user_can_read_labels(projects)) unless only_group_labels?
end
- label_ids
+ item_ids
end
# rubocop: enable CodeReuse/ActiveRecord
@@ -94,49 +95,6 @@ class LabelsFinder < UnionFinder
params[:subscribed] == 'true'
end
- # Gets redacted array of group ids
- # which can include the ancestors and descendants of the requested group.
- def group_ids_for(group)
- strong_memoize(:group_ids) do
- groups = groups_to_include(group)
-
- # Because we are sure that all groups are in the same hierarchy tree
- # we can preset root group for all of them to optimize permission checks
- Group.preset_root_ancestor_for(groups)
-
- groups_user_can_read_labels(groups).map(&:id)
- end
- end
-
- def groups_to_include(group)
- groups = [group]
-
- groups += group.ancestors if include_ancestor_groups?
- groups += group.descendants if include_descendant_groups?
-
- groups
- end
-
- def include_ancestor_groups?
- params[:include_ancestor_groups]
- end
-
- def include_descendant_groups?
- params[:include_descendant_groups]
- end
-
- def group?
- params[:group].present? || params[:group_id].present?
- end
-
- def group
- strong_memoize(:group) { params[:group].presence || Group.find(params[:group_id]) }
- end
-
- def project?
- params[:project].present? || params[:project_id].present?
- end
-
def projects?
params[:project_ids]
end
@@ -153,12 +111,16 @@ class LabelsFinder < UnionFinder
params[:title] || params[:name]
end
+ def project?
+ params[:project].present? || params[:project_id].present?
+ end
+
def project
return @project if defined?(@project)
if project?
@project = params[:project] || Project.find(params[:project_id])
- @project = nil unless authorized_to_read_labels?(@project)
+ @project = nil unless authorized_to_read_item?(@project)
else
@project = nil
end
@@ -191,16 +153,8 @@ class LabelsFinder < UnionFinder
end
# rubocop: enable CodeReuse/ActiveRecord
- def authorized_to_read_labels?(label_parent)
- return true if skip_authorization
-
- Ability.allowed?(current_user, :read_label, label_parent)
- end
-
- def groups_user_can_read_labels(groups)
- DeclarativePolicy.user_scope do
- groups.select { |group| authorized_to_read_labels?(group) }
- end
+ def read_permission
+ :read_label
end
# rubocop: disable CodeReuse/ActiveRecord
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-31 17:54:56 +0300