diff options
Diffstat (limited to 'app/models/group.rb')
-rw-r--r-- | app/models/group.rb | 100 |
1 files changed, 35 insertions, 65 deletions
diff --git a/app/models/group.rb b/app/models/group.rb index 85971c48567..2b5a392e02c 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -510,7 +510,9 @@ class Group < Namespace members_with_parents(only_active_users: false) end - members_from_hiearchy.all_owners.left_outer_joins(:user).merge(User.without_project_bot) + members_from_hiearchy.all_owners.left_outer_joins(:user) + .merge(User.without_project_bot) + .allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417455") end def ldap_synced? @@ -663,13 +665,24 @@ class Group < Namespace # 2. They belong to a project that belongs to the group # 3. They belong to a sub-group or project in such sub-group # 4. They belong to an ancestor group - def direct_and_indirect_users + # 5. They belong to a group that is shared with this group, if share_with_groups is true + def direct_and_indirect_users(share_with_groups: false) + members = if share_with_groups + # We only need :user_id column, but + # `members_from_self_and_ancestor_group_shares` needs more + # columns to make the CTE query work. + GroupMember.from_union([ + direct_and_indirect_members.select(:user_id, :source_type, :type), + members_from_self_and_ancestor_group_shares.reselect(:user_id, :source_type, :type) + ]) + else + direct_and_indirect_members + end + User.from_union([ - User - .where(id: direct_and_indirect_members.select(:user_id)) - .reorder(nil), - project_users_with_descendants - ]) + User.where(id: members.select(:user_id)).reorder(nil), + project_users_with_descendants + ]) end # Returns all users (also inactive) that are members of the group because: @@ -683,7 +696,7 @@ class Group < Namespace .where(id: direct_and_indirect_members_with_inactive.select(:user_id)) .reorder(nil), project_users_with_descendants - ]) + ]).allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417455") # failed in spec/tasks/gitlab/user_management_rake_spec.rb end def users_count @@ -696,6 +709,7 @@ class Group < Namespace User .joins(projects: :group) .where(namespaces: { id: self_and_descendants.select(:id) }) + .allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417455") end # Return the highest access level for a user @@ -802,8 +816,11 @@ class Group < Namespace end def execute_integrations(data, hooks_scope) - # NOOP - # TODO: group hooks https://gitlab.com/gitlab-org/gitlab/-/issues/216904 + return unless Feature.enabled?(:group_mentions, self) + + integrations.public_send(hooks_scope).each do |integration| # rubocop:disable GitlabSecurity/PublicSend + integration.async_execute(data) + end end def preload_shared_group_links @@ -813,16 +830,6 @@ class Group < Namespace ).call end - def update_shared_runners_setting!(state) - raise ArgumentError unless SHARED_RUNNERS_SETTINGS.include?(state) - - case state - when SR_DISABLED_AND_UNOVERRIDABLE then disable_shared_runners! # also disallows override - when SR_DISABLED_WITH_OVERRIDE, SR_DISABLED_AND_OVERRIDABLE then disable_shared_runners_and_allow_override! - when SR_ENABLED then enable_shared_runners! # set both to true - end - end - def first_owner owners.first || parent&.first_owner || owner end @@ -969,12 +976,14 @@ class Group < Namespace end def max_member_access(user_ids) - Gitlab::SafeRequestLoader.execute( - resource_key: max_member_access_for_resource_key(User), - resource_ids: user_ids, - default_value: Gitlab::Access::NO_ACCESS - ) do |user_ids| - members_with_parents.where(user_id: user_ids).group(:user_id).maximum(:access_level) + ::Gitlab::Database.allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417455") do + Gitlab::SafeRequestLoader.execute( + resource_key: max_member_access_for_resource_key(User), + resource_ids: user_ids, + default_value: Gitlab::Access::NO_ACCESS + ) do |user_ids| + members_with_parents.where(user_id: user_ids).group(:user_id).maximum(:access_level) + end end end @@ -1057,45 +1066,6 @@ class Group < Namespace Arel::Nodes::SqlLiteral.new(column_alias)) end - def disable_shared_runners! - update!( - shared_runners_enabled: false, - allow_descendants_override_disabled_shared_runners: false) - - group_ids = descendants - unless group_ids.empty? - Group.by_id(group_ids).update_all( - shared_runners_enabled: false, - allow_descendants_override_disabled_shared_runners: false) - end - - all_projects.update_all(shared_runners_enabled: false) - end - - def disable_shared_runners_and_allow_override! - # enabled -> disabled_and_overridable - if shared_runners_enabled? - update!( - shared_runners_enabled: false, - allow_descendants_override_disabled_shared_runners: true) - - group_ids = descendants - unless group_ids.empty? - Group.by_id(group_ids).update_all(shared_runners_enabled: false) - end - - all_projects.update_all(shared_runners_enabled: false) - - # disabled_and_unoverridable -> disabled_and_overridable - else - update!(allow_descendants_override_disabled_shared_runners: true) - end - end - - def enable_shared_runners! - update!(shared_runners_enabled: true) - end - def runners_token_prefix RunnersTokenPrefixable::RUNNERS_TOKEN_PREFIX end |