From 0fdce4a52b1a9ba9e0efd98f00e558e4f07daeb5 Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Thu, 5 Jun 2014 20:37:35 +0300
Subject: Refactor some search scopes to prevent wierd behaviour and PG::Error
 issues

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
---
 app/controllers/users_controller.rb   | 17 +++++++++++++----
 app/finders/base_finder.rb            |  2 +-
 app/finders/projects_finder.rb        | 36 +++++++++++++++++++++++++++++++----
 app/helpers/search_helper.rb          |  2 +-
 app/helpers/submodule_helper.rb       |  0
 app/models/ability.rb                 |  2 +-
 app/models/group.rb                   | 10 ++++------
 app/models/namespace.rb               |  8 --------
 app/models/project.rb                 |  6 ------
 app/services/search/global_service.rb |  2 +-
 10 files changed, 53 insertions(+), 32 deletions(-)
 mode change 100755 => 100644 app/helpers/submodule_helper.rb

(limited to 'app')

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index c17c6f9694a..0b442f5383a 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -4,15 +4,24 @@ class UsersController < ApplicationController
 
   def show
     @user = User.find_by_username!(params[:username])
-    @projects = Project.personal(@user).accessible_to(current_user)
 
     unless current_user || @user.public_profile?
       return authenticate_user!
     end
 
-    @groups = @user.groups.accessible_to(current_user)
-    accessible_projects = @user.authorized_projects.accessible_to(current_user)
-    @events = @user.recent_events.where(project_id: accessible_projects.pluck(:id)).limit(20)
+    # Projects user can view
+    authorized_projects_ids = ProjectsFinder.new.execute(current_user).pluck(:id)
+
+    @projects = @user.personal_projects.
+      where(id: authorized_projects_ids)
+
+    # Collect only groups common for both users
+    @groups = @user.groups & GroupsFinder.new.execute(current_user)
+
+    # Get user activity feed for projects common for both users
+    @events = @user.recent_events.
+      where(project_id: authorized_projects_ids).limit(20)
+
     @title = @user.name
   end
 
diff --git a/app/finders/base_finder.rb b/app/finders/base_finder.rb
index 7fc5840561c..7150bb2e31b 100644
--- a/app/finders/base_finder.rb
+++ b/app/finders/base_finder.rb
@@ -49,7 +49,7 @@ class BaseFinder
     elsif current_user && params[:authorized_only].presence
       klass.of_projects(current_user.authorized_projects).references(:project)
     else
-      klass.of_projects(Project.accessible_to(current_user)).references(:project)
+      klass.of_projects(ProjectsFinder.new.execute(current_user)).references(:project)
     end
   end
 
diff --git a/app/finders/projects_finder.rb b/app/finders/projects_finder.rb
index bfaba758788..26898bad493 100644
--- a/app/finders/projects_finder.rb
+++ b/app/finders/projects_finder.rb
@@ -1,5 +1,5 @@
 class ProjectsFinder
-  def execute(current_user, options)
+  def execute(current_user, options = {})
     group = options[:group]
 
     if group
@@ -56,8 +56,36 @@ class ProjectsFinder
     end
   end
 
-  def all_projects
-    # TODO: implement
-    raise 'Not implemented yet'
+  def all_projects(current_user)
+    if current_user
+      if current_user.authorized_projects.any?
+        # User has access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #   joined projects
+        #
+        Project.where(
+          "projects.id IN (?) OR projects.visibility_level IN (?)",
+          current_user.authorized_projects.pluck(:id),
+          Project.public_and_internal_levels
+        )
+      else
+        # User has no access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #
+        Project.public_and_internal_only
+      end
+    else
+      # Not authenticated
+      #
+      # Return only:
+      #   public projects
+      Project.public_only
+    end
   end
 end
diff --git a/app/helpers/search_helper.rb b/app/helpers/search_helper.rb
index 01c31205695..a4471507da8 100644
--- a/app/helpers/search_helper.rb
+++ b/app/helpers/search_helper.rb
@@ -81,7 +81,7 @@ module SearchHelper
 
   # Autocomplete results for the current user's projects
   def projects_autocomplete(term, limit = 5)
-    Project.accessible_to(current_user).search_by_title(term).non_archived.limit(limit).map do |p|
+    ProjectsFinder.new.execute(current_user).search_by_title(term).non_archived.limit(limit).map do |p|
       {
         label: "project: #{search_result_sanitize(p.name_with_namespace)}",
         url: project_path(p)
diff --git a/app/helpers/submodule_helper.rb b/app/helpers/submodule_helper.rb
old mode 100755
new mode 100644
diff --git a/app/models/ability.rb b/app/models/ability.rb
index df9b210dfca..c60aa2d622e 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -51,7 +51,7 @@ class Ability
                   nil
                 end
 
-        if group && group.has_projects_accessible_to?(nil)
+        if group && group.public_profile?
           [:read_group]
         else
           []
diff --git a/app/models/group.rb b/app/models/group.rb
index 2e68779d367..e51e19ab60c 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -27,12 +27,6 @@ class Group < Namespace
 
   mount_uploader :avatar, AttachmentUploader
 
-  def self.accessible_to(user)
-    accessible_ids = Project.accessible_to(user).pluck(:namespace_id)
-    accessible_ids += user.groups.pluck(:id) if user
-    where(id: accessible_ids)
-  end
-
   def human_name
     name
   end
@@ -77,4 +71,8 @@ class Group < Namespace
       self.errors.add :avatar, "only images allowed"
     end
   end
+
+  def public_profile?
+    projects.public_only.any?
+  end
 end
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index 7973eef7e1c..446e5f04c63 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -47,14 +47,6 @@ class Namespace < ActiveRecord::Base
   def self.global_id
     'GLN'
   end
-  
-  def projects_accessible_to(user)
-    projects.accessible_to(user)
-  end
-  
-  def has_projects_accessible_to?(user)
-    projects_accessible_to(user).present?
-  end
 
   def to_param
     path
diff --git a/app/models/project.rb b/app/models/project.rb
index 758ef14703c..f92cc40642a 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -164,12 +164,6 @@ class Project < ActiveRecord::Base
       where(visibility_level: visibility_levels)
     end
 
-    def accessible_to(user)
-      accessible_ids = publicish(user).pluck(:id)
-      accessible_ids += user.authorized_projects.pluck(:id) if user
-      where(id: accessible_ids)
-    end
-
     def with_push
       includes(:events).where('events.action = ?', Event::PUSHED)
     end
diff --git a/app/services/search/global_service.rb b/app/services/search/global_service.rb
index 8a1fce17ce7..21214511182 100644
--- a/app/services/search/global_service.rb
+++ b/app/services/search/global_service.rb
@@ -12,7 +12,7 @@ module Search
       return result unless query.present?
 
       group = Group.find_by(id: params[:group_id]) if params[:group_id].present?
-      projects = Project.accessible_to(current_user)
+      projects = ProjectsFinder.new.execute(current_user)
       projects = projects.where(namespace_id: group.id) if group
       project_ids = projects.pluck(:id)
 
-- 
cgit v1.2.3