diff options
Diffstat (limited to 'app/services/groups')
-rw-r--r-- | app/services/groups/create_service.rb | 12 | ||||
-rw-r--r-- | app/services/groups/destroy_service.rb | 7 | ||||
-rw-r--r-- | app/services/groups/ssh_certificates/create_service.rb | 51 | ||||
-rw-r--r-- | app/services/groups/ssh_certificates/destroy_service.rb | 35 | ||||
-rw-r--r-- | app/services/groups/transfer_service.rb | 18 | ||||
-rw-r--r-- | app/services/groups/update_service.rb | 19 |
6 files changed, 109 insertions, 33 deletions
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb index 0f74b2d9349..21d3c6499a0 100644 --- a/app/services/groups/create_service.rb +++ b/app/services/groups/create_service.rb @@ -35,10 +35,14 @@ module Groups @group.build_chat_team(name: response['name'], team_id: response['id']) end - Group.transaction do - if @group.save - @group.add_owner(current_user) - Integration.create_from_active_default_integrations(@group, :group_id) + Gitlab::Database::QueryAnalyzers::PreventCrossDatabaseModification.temporary_ignore_tables_in_transaction( + %w[routes redirect_routes], url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/424281' + ) do + Group.transaction do + if @group.save + @group.add_owner(current_user) + Integration.create_from_active_default_integrations(@group, :group_id) + end end end diff --git a/app/services/groups/destroy_service.rb b/app/services/groups/destroy_service.rb index 45e8972213e..a896ca5cabc 100644 --- a/app/services/groups/destroy_service.rb +++ b/app/services/groups/destroy_service.rb @@ -14,8 +14,6 @@ module Groups # TODO - add a policy check here https://gitlab.com/gitlab-org/gitlab/-/issues/353082 raise DestroyError, "You can't delete this group because you're blocked." if current_user.blocked? - group.prepare_for_destroy - group.projects.includes(:project_feature).each do |project| # Execute the destruction of the models immediately to ensure atomic cleanup. success = ::Projects::DestroyService.new(project, current_user).execute @@ -83,7 +81,10 @@ module Groups # rubocop:disable CodeReuse/ActiveRecord def destroy_group_bots - bot_ids = group.members_and_requesters.joins(:user).merge(User.project_bot).pluck(:user_id) + bot_ids = group.members_and_requesters.joins(:user) + .merge(User.project_bot) + .allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/422405') + .pluck(:user_id) current_user_id = current_user.id group.run_after_commit do diff --git a/app/services/groups/ssh_certificates/create_service.rb b/app/services/groups/ssh_certificates/create_service.rb new file mode 100644 index 00000000000..6890901c306 --- /dev/null +++ b/app/services/groups/ssh_certificates/create_service.rb @@ -0,0 +1,51 @@ +# frozen_string_literal: true + +module Groups + module SshCertificates + class CreateService + def initialize(group, params) + @group = group + @params = params + end + + def execute + key = params[:key] + fingerprint = generate_fingerprint(key) + + return ServiceResponse.error(message: 'Group', reason: :forbidden) if group.has_parent? + + # return a key error instead of fingerprint error, as the user has no knowledge of fingerprint. + unless fingerprint + return ServiceResponse.error(message: 'Validation failed: Invalid key', + reason: :unprocessable_entity) + end + + result = group.ssh_certificates.create!( + key: key, + title: params[:title], + fingerprint: fingerprint + ) + + # title and key attributes are returned as [FILTERED] + # by config/application.rb#L181-233 + # make attributes unfiltered by running find + ssh_certificate = group.ssh_certificates.find(result.id) + ServiceResponse.success(payload: ssh_certificate) + + rescue ActiveRecord::RecordInvalid, ArgumentError => e + ServiceResponse.error( + message: e.message, + reason: :unprocessable_entity + ) + end + + private + + attr_reader :group, :params + + def generate_fingerprint(key) + Gitlab::SSHPublicKey.new(key).fingerprint_sha256&.delete_prefix('SHA256:') + end + end + end +end diff --git a/app/services/groups/ssh_certificates/destroy_service.rb b/app/services/groups/ssh_certificates/destroy_service.rb new file mode 100644 index 00000000000..7a450d5bee6 --- /dev/null +++ b/app/services/groups/ssh_certificates/destroy_service.rb @@ -0,0 +1,35 @@ +# frozen_string_literal: true + +module Groups + module SshCertificates + class DestroyService + def initialize(group, params) + @group = group + @params = params + end + + def execute + ssh_certificate = group.ssh_certificates.find(params[:ssh_certificates_id]) + + ssh_certificate.destroy! + ServiceResponse.success + + rescue ActiveRecord::RecordNotFound + ServiceResponse.error( + message: 'SSH Certificate not found', + reason: :not_found + ) + + rescue ActiveRecord::RecordNotDestroyed + ServiceResponse.error( + message: 'SSH Certificate could not be deleted', + reason: :method_not_allowed + ) + end + + private + + attr_reader :group, :params + end + end +end diff --git a/app/services/groups/transfer_service.rb b/app/services/groups/transfer_service.rb index 64256e43ce3..6b979308d26 100644 --- a/app/services/groups/transfer_service.rb +++ b/app/services/groups/transfer_service.rb @@ -60,13 +60,17 @@ module Groups old_root_ancestor_id = @group.root_ancestor.id was_root_group = @group.root? - Group.transaction do - update_group_attributes - ensure_ownership - update_integrations - remove_issue_contacts(old_root_ancestor_id, was_root_group) - update_crm_objects(was_root_group) - remove_namespace_commit_emails(was_root_group) + Gitlab::Database::QueryAnalyzers::PreventCrossDatabaseModification.temporary_ignore_tables_in_transaction( + %w[routes redirect_routes], url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/424280' + ) do + Group.transaction do + update_group_attributes + ensure_ownership + update_integrations + remove_issue_contacts(old_root_ancestor_id, was_root_group) + update_crm_objects(was_root_group) + remove_namespace_commit_emails(was_root_group) + end end post_update_hooks(@updated_project_ids, old_root_ancestor_id) diff --git a/app/services/groups/update_service.rb b/app/services/groups/update_service.rb index 7d0142fc067..d91e09d212a 100644 --- a/app/services/groups/update_service.rb +++ b/app/services/groups/update_service.rb @@ -47,10 +47,6 @@ module Groups private def valid_path_change? - unless Feature.enabled?(:npm_package_registry_fix_group_path_validation) - return valid_path_change_with_npm_packages? - end - return true unless group.packages_feature_enabled? return true if params[:path].blank? return true if group.has_parent? @@ -68,21 +64,6 @@ module Groups false end - # TODO: delete this function along with npm_package_registry_fix_group_path_validation - def valid_path_change_with_npm_packages? - return true unless group.packages_feature_enabled? - return true if params[:path].blank? - return true if !group.has_parent? && group.path == params[:path] - - npm_packages = ::Packages::GroupPackagesFinder.new(current_user, group, package_type: :npm).execute - if npm_packages.exists? - group.errors.add(:path, s_('GroupSettings|cannot change when group contains projects with NPM packages')) - return - end - - true - end - def before_assignment_hook(group, params) @full_path_before = group.full_path @path_before = group.path |