From 3158f57dba6dcef3e586ae8fced7deb6fdbd6dc0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9my=20Coutable?= Date: Thu, 28 Jul 2016 19:31:17 +0200 Subject: Improve Members::DestroyService MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rémy Coutable --- app/services/members/destroy_service.rb | 38 +++++++++++++++++++++++++++------ 1 file changed, 31 insertions(+), 7 deletions(-) (limited to 'app/services/members') diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb index 9a2bf82ef51..b3d79d577bd 100644 --- a/app/services/members/destroy_service.rb +++ b/app/services/members/destroy_service.rb @@ -1,17 +1,41 @@ module Members class DestroyService < BaseService - attr_accessor :member, :current_user + include MembersHelper - def initialize(member, current_user) - @member = member + attr_accessor :source + + ALLOWED_SCOPES = %i[members requesters all] + + def initialize(source, current_user, params = {}) + @source = source @current_user = current_user + @params = params end - def execute - unless member && can?(current_user, "destroy_#{member.type.underscore}".to_sym, member) - raise Gitlab::Access::AccessDeniedError - end + def execute(scope = :members) + raise "scope :#{scope} is not allowed!" unless ALLOWED_SCOPES.include?(scope) + + member = find_member(scope) + + raise Gitlab::Access::AccessDeniedError if cannot_destroy_member?(member) + AuthorizedDestroyService.new(member, current_user).execute end + + private + + def find_member(scope) + case scope + when :all + source.members.find_by(user_id: params[:user_id]) || + source.requesters.find_by!(user_id: params[:user_id]) + else + source.public_send(scope).find_by!(user_id: params[:user_id]) + end + end + + def cannot_destroy_member?(member) + !member || !can?(current_user, action_member_permission(:destroy, member), member) + end end end -- cgit v1.2.3