From 7bcb9f25dad089706e8aaef5c87cb42ab804b827 Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 27 Sep 2023 22:36:15 +0000 Subject: Add latest changes from gitlab-org/security/gitlab@16-4-stable-ee --- app/controllers/projects/ml/candidates_controller.rb | 4 +++- app/helpers/projects/ml/experiments_helper.rb | 8 ++++---- app/presenters/ml/candidate_details_presenter.rb | 7 ++++--- app/services/groups/destroy_service.rb | 18 ++++++++++++------ app/views/projects/ml/candidates/show.html.haml | 2 +- app/views/projects/ml/experiments/show.html.haml | 2 +- 6 files changed, 25 insertions(+), 16 deletions(-) (limited to 'app') diff --git a/app/controllers/projects/ml/candidates_controller.rb b/app/controllers/projects/ml/candidates_controller.rb index 9905e454acb..12111c45fde 100644 --- a/app/controllers/projects/ml/candidates_controller.rb +++ b/app/controllers/projects/ml/candidates_controller.rb @@ -9,7 +9,9 @@ module Projects feature_category :mlops - def show; end + def show + @include_ci_info = @candidate.from_ci? && can?(current_user, :read_build, @candidate.ci_build) + end def destroy @experiment = @candidate.experiment diff --git a/app/helpers/projects/ml/experiments_helper.rb b/app/helpers/projects/ml/experiments_helper.rb index 7aef208447a..d5b2c3cd36a 100644 --- a/app/helpers/projects/ml/experiments_helper.rb +++ b/app/helpers/projects/ml/experiments_helper.rb @@ -14,12 +14,12 @@ module Projects Gitlab::Json.generate(data) end - def candidates_table_items(candidates) + def candidates_table_items(candidates, user) items = candidates.map do |candidate| { **candidate.params.to_h { |p| [p.name, p.value] }, **candidate.latest_metrics.to_h { |m| [m.name, number_with_precision(m.value, precision: 4)] }, - ci_job: job_info(candidate), + ci_job: job_info(candidate, user), artifact: link_to_artifact(candidate), details: link_to_details(candidate), name: candidate.name, @@ -72,8 +72,8 @@ module Projects project_ml_candidate_path(candidate.project, candidate.iid) end - def job_info(candidate) - return unless candidate.from_ci? + def job_info(candidate, user) + return unless candidate.from_ci? && can?(user, :read_build, candidate.ci_build) build = candidate.ci_build diff --git a/app/presenters/ml/candidate_details_presenter.rb b/app/presenters/ml/candidate_details_presenter.rb index 7f0bd9d6c11..29d4617903f 100644 --- a/app/presenters/ml/candidate_details_presenter.rb +++ b/app/presenters/ml/candidate_details_presenter.rb @@ -4,8 +4,9 @@ module Ml class CandidateDetailsPresenter include Rails.application.routes.url_helpers - def initialize(candidate) + def initialize(candidate, include_ci_job = false) @candidate = candidate + @include_ci_job = include_ci_job end def present @@ -32,10 +33,10 @@ module Ml private - attr_reader :candidate + attr_reader :candidate, :include_ci_job def job_info - return unless candidate.from_ci? + return unless include_ci_job && candidate.from_ci? build = candidate.ci_build diff --git a/app/services/groups/destroy_service.rb b/app/services/groups/destroy_service.rb index a896ca5cabc..aeab2667737 100644 --- a/app/services/groups/destroy_service.rb +++ b/app/services/groups/destroy_service.rb @@ -33,7 +33,7 @@ module Groups user_ids_for_project_authorizations_refresh = obtain_user_ids_for_project_authorizations_refresh - destroy_group_bots + destroy_associated_users group.destroy @@ -80,12 +80,9 @@ module Groups end # rubocop:disable CodeReuse/ActiveRecord - def destroy_group_bots - bot_ids = group.members_and_requesters.joins(:user) - .merge(User.project_bot) - .allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/422405') - .pluck(:user_id) + def destroy_associated_users current_user_id = current_user.id + bot_ids = users_to_destroy group.run_after_commit do bot_ids.each do |user_id| @@ -95,6 +92,15 @@ module Groups end # rubocop:enable CodeReuse/ActiveRecord + # rubocop:disable CodeReuse/ActiveRecord + def users_to_destroy + group.members_and_requesters.joins(:user) + .merge(User.project_bot) + .allow_cross_joins_across_databases(url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/422405') + .pluck(:user_id) + end + # rubocop:enable CodeReuse/ActiveRecord + def publish_event event = Groups::GroupDeletedEvent.new( data: { diff --git a/app/views/projects/ml/candidates/show.html.haml b/app/views/projects/ml/candidates/show.html.haml index 5d5059551d3..979bc107fd2 100644 --- a/app/views/projects/ml/candidates/show.html.haml +++ b/app/views/projects/ml/candidates/show.html.haml @@ -3,6 +3,6 @@ - add_to_breadcrumbs experiment.name, project_ml_experiment_path(@project, experiment.iid) - breadcrumb_title "Candidate #{@candidate.iid}" - add_page_specific_style 'page_bundles/ml_experiment_tracking' -- presenter = ::Ml::CandidateDetailsPresenter.new(@candidate) +- presenter = ::Ml::CandidateDetailsPresenter.new(@candidate, @include_ci_info) #js-show-ml-candidate{ data: { view_model: presenter.present } } diff --git a/app/views/projects/ml/experiments/show.html.haml b/app/views/projects/ml/experiments/show.html.haml index d4a05b613c9..85f3f85fd8b 100644 --- a/app/views/projects/ml/experiments/show.html.haml +++ b/app/views/projects/ml/experiments/show.html.haml @@ -4,7 +4,7 @@ - add_page_specific_style 'page_bundles/ml_experiment_tracking' - experiment = experiment_as_data(@experiment) -- items = candidates_table_items(@candidates) +- items = candidates_table_items(@candidates, current_user) - metrics = unique_logged_names(@candidates, &:latest_metrics) - params = unique_logged_names(@candidates, &:params) - page_info = formatted_page_info(@page_info) -- cgit v1.2.3