diff options
Diffstat (limited to 'app/models/member.rb')
-rw-r--r-- | app/models/member.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/app/models/member.rb b/app/models/member.rb index dcca63b5691..0cd1e022617 100644 --- a/app/models/member.rb +++ b/app/models/member.rb @@ -28,6 +28,7 @@ class Member < ApplicationRecord belongs_to :user belongs_to :source, polymorphic: true # rubocop:disable Cop/PolymorphicAssociations belongs_to :member_namespace, inverse_of: :namespace_members, foreign_key: 'member_namespace_id', class_name: 'Namespace' + belongs_to :member_role has_one :member_task delegate :name, :username, :email, :last_activity_on, to: :user, prefix: true @@ -58,6 +59,7 @@ class Member < ApplicationRecord }, if: :project_bot? validate :access_level_inclusion + validate :validate_member_role_access_level scope :with_invited_user_state, -> do joins('LEFT JOIN users as invited_user ON invited_user.email = members.invite_email') @@ -428,6 +430,14 @@ class Member < ApplicationRecord errors.add(:access_level, "is not included in the list") end + def validate_member_role_access_level + return unless member_role_id + + if access_level != member_role.base_access_level + errors.add(:member_role_id, _("role's base access level does not match the access level of the membership")) + end + end + def send_invite # override in subclass end @@ -455,6 +465,8 @@ class Member < ApplicationRecord # transaction has been committed, resulting in the job either throwing an # error or not doing any meaningful work. # rubocop: disable CodeReuse/ServiceClass + + # This method is overridden in the test environment, see stubbed_member.rb def refresh_member_authorized_projects(blocking:) UserProjectAccessChangedService.new(user_id).execute(blocking: blocking) end |