The group activity feed was limited to the first 20 projects found
in the group, which caused activity from some projects to be omitted.
A limit of 20 is applied to the query for events, so the
extra pagination does little in the way of performance.
Closes#42560
When filtering we want all to preload all the ancestors upto the specified
parent group.
- root
- subgroup
- nested-group
- project
So when searching 'project', on the 'subgroup' page we want to preload
'nested-group' but not 'subgroup' or 'root'
By preloading the count of members, projects and subgroups of a group,
we don't need to query them later.
We also preload the entire hierarchy for a search result and include
the counts so we don't need to query for them again
When a user is authorized to a group, they are also authorized to see all the
ancestor groups and descendant groups.
When a user is authorized to a project, they are authorized to see all the
ancestor groups too.
Closes#32135
See merge request !11764
In order to avoid string manipulation or modify route params (to make them unambiguous for `url_for`), we are accepting a behavior change:
When being redirected to the canonical path for a group, if you requested a group show path starting with `/groups/…` then you’ll now be redirected to the group at root `/…`.
Don’t replace a substring of the path if it is part of the top level route.
E.g. When redirecting from `/groups/ups` to `/groups/foo`, be careful not to do `/grofoo/ups`.
Projects are unaffected by this issue, but I am grouping the `#ensure_canonical_path` tests similar to the group and user tests.
There is a race condition in DestroyGroupService now that projects are deleted asynchronously:
1. User attempts to delete group
2. DestroyGroupService iterates through all projects and schedules a Sidekiq job to delete each Project
3. DestroyGroupService destroys the Group, leaving all its projects without a namespace
4. Projects::DestroyService runs later but the can?(current_user,
:remove_project) is `false` because the user no longer has permission to
destroy projects with no namespace.
5. This leaves the project in pending_delete state with no namespace/group.
Projects without a namespace or group also adds another problem: it's not possible to destroy the container
registry tags, since container_registry_path_with_namespace is the wrong value.
The fix is to destroy the group asynchronously and to run execute directly on Projects::DestroyService.
Closes#17893
The route is supposed to redirect the Groups#index request based on
whether or not a user was logged in. If they are, we redirect them to
their groups dashboard; if they're not, we redirect them to the public
Explore page.
But due to overly aggressive `before_action`s that weren't excluding the
`index` action, the request always resulted in a 404, whether a user was
logged in or not.
Closes#12660
Stan Hu
Rémy Coutable
Bob Van Landuyt
Jacopo
Ruben Davila
Robert Speicher
Toon Claes
Douwe Maan
Michael Kozono
Yorick Peterse
Robert Speicher
James Lopez
Kamil Trzcinski
Z.J. van de Weg
Douglas Barbosa Alexandre