diff options
Diffstat (limited to 'app/services/groups')
-rw-r--r-- | app/services/groups/create_service.rb | 2 | ||||
-rw-r--r-- | app/services/groups/group_links/create_service.rb | 34 | ||||
-rw-r--r-- | app/services/groups/participants_service.rb | 4 | ||||
-rw-r--r-- | app/services/groups/transfer_service.rb | 3 |
4 files changed, 35 insertions, 8 deletions
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb index 8e8efe7d555..f900927793a 100644 --- a/app/services/groups/create_service.rb +++ b/app/services/groups/create_service.rb @@ -28,7 +28,7 @@ module Groups @group.name ||= @group.path.dup if create_chat_team? - response = Mattermost::CreateTeamService.new(@group, current_user).execute + response = ::Mattermost::CreateTeamService.new(@group, current_user).execute return @group if @group.errors.any? @group.build_chat_team(name: response['name'], team_id: response['id']) diff --git a/app/services/groups/group_links/create_service.rb b/app/services/groups/group_links/create_service.rb index 0a60140d037..5f81e5972b0 100644 --- a/app/services/groups/group_links/create_service.rb +++ b/app/services/groups/group_links/create_service.rb @@ -3,27 +3,51 @@ module Groups module GroupLinks class CreateService < Groups::BaseService - def execute(shared_group) - unless group && shared_group && + def initialize(shared_group, shared_with_group, user, params) + @shared_group = shared_group + super(shared_with_group, user, params) + end + + def execute + unless shared_with_group && shared_group && can?(current_user, :admin_group_member, shared_group) && - can?(current_user, :read_group, group) + can?(current_user, :read_group, shared_with_group) && + sharing_allowed? return error('Not Found', 404) end link = GroupGroupLink.new( shared_group: shared_group, - shared_with_group: group, + shared_with_group: shared_with_group, group_access: params[:shared_group_access], expires_at: params[:expires_at] ) if link.save - group.refresh_members_authorized_projects(direct_members_only: true) + shared_with_group.refresh_members_authorized_projects(direct_members_only: true) success(link: link) else error(link.errors.full_messages.to_sentence, 409) end end + + private + + attr_reader :shared_group + + alias_method :shared_with_group, :group + + def sharing_allowed? + sharing_outside_hierarchy_allowed? || within_hierarchy? + end + + def sharing_outside_hierarchy_allowed? + !shared_group.root_ancestor.namespace_settings.prevent_sharing_groups_outside_hierarchy + end + + def within_hierarchy? + shared_group.root_ancestor.self_and_descendants_ids.include?(shared_with_group.id) + end end end end diff --git a/app/services/groups/participants_service.rb b/app/services/groups/participants_service.rb index 0844c98dd6a..1de2b3c5a2e 100644 --- a/app/services/groups/participants_service.rb +++ b/app/services/groups/participants_service.rb @@ -23,9 +23,9 @@ module Groups end def group_members - return [] unless noteable + return [] unless group - @group_members ||= sorted(noteable.group.direct_and_indirect_users) + @group_members ||= sorted(group.direct_and_indirect_users) end end end diff --git a/app/services/groups/transfer_service.rb b/app/services/groups/transfer_service.rb index 56ff1310def..518d061c654 100644 --- a/app/services/groups/transfer_service.rb +++ b/app/services/groups/transfer_service.rb @@ -108,10 +108,13 @@ module Groups @group.parent = @new_parent_group @group.clear_memoization(:self_and_ancestors_ids) + @group.clear_memoization(:root_ancestor) if different_root_ancestor? inherit_group_shared_runners_settings @group.save! + # #reload is called to make sure traversal_ids are reloaded + @group.reload # rubocop:disable Cop/ActiveRecordAssociationReload end # rubocop: disable CodeReuse/ActiveRecord |