160 lines
5.4 KiB
Ruby
160 lines
5.4 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module API
|
|
module Helpers
|
|
module MembersHelpers
|
|
extend Grape::API::Helpers
|
|
|
|
params :optional_filter_params_ee do
|
|
end
|
|
|
|
params :optional_state_filter_ee do
|
|
end
|
|
|
|
params :optional_put_params_ee do
|
|
end
|
|
|
|
def find_source(source_type, id)
|
|
public_send("find_#{source_type}!", id) # rubocop:disable GitlabSecurity/PublicSend
|
|
end
|
|
|
|
def authorize_read_source_member!(source_type, source)
|
|
authorize! :"read_#{source_type}_member", source
|
|
end
|
|
|
|
def authorize_admin_source_member!(source_type, source)
|
|
authorize! :"admin_#{source_type}_member", source
|
|
end
|
|
|
|
def authorize_invite_source_member!(source_type, source)
|
|
authorize! :"invite_#{source_type}_members", source
|
|
end
|
|
|
|
def authorize_update_source_member!(source_type, member)
|
|
authorize! :"update_#{source_type}_member", member
|
|
end
|
|
|
|
def authorize_admin_source!(source_type, source)
|
|
authorize! :"admin_#{source_type}", source
|
|
end
|
|
|
|
# rubocop: disable CodeReuse/ActiveRecord
|
|
def retrieve_members(source, params:, deep: false)
|
|
members = deep ? find_all_members(source) : source_members(source).connected_to_user
|
|
members = members.allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417456")
|
|
members = members.includes(:user)
|
|
members = members.references(:user).merge(User.search(params[:query], use_minimum_char_limit: false)) if params[:query].present?
|
|
members = members.where(user_id: params[:user_ids]) if params[:user_ids].present?
|
|
members
|
|
end
|
|
|
|
def retrieve_member_invitations(source, query = nil)
|
|
members = source_members(source).where.not(invite_token: nil)
|
|
members = members.includes(:user)
|
|
members = members.where(invite_email: query) if query.present?
|
|
members
|
|
end
|
|
|
|
def source_members(source)
|
|
return source.namespace_members if source.is_a?(Project)
|
|
|
|
source.members
|
|
end
|
|
# rubocop: enable CodeReuse/ActiveRecord
|
|
|
|
def find_all_members(source)
|
|
members = source.is_a?(Project) ? find_all_members_for_project(source) : find_all_members_for_group(source)
|
|
members.non_invite.non_request
|
|
end
|
|
|
|
def find_all_members_for_project(project)
|
|
include_relations = [:inherited, :direct, :invited_groups, :shared_into_ancestors]
|
|
MembersFinder.new(project, current_user).execute(include_relations: include_relations)
|
|
end
|
|
|
|
def find_all_members_for_group(group)
|
|
GroupMembersFinder.new(group, current_user).execute(include_relations: [:inherited, :direct, :shared_from_groups])
|
|
end
|
|
|
|
def present_members(members)
|
|
present members, with: Entities::Member, current_user: current_user, show_seat_info: params[:show_seat_info]
|
|
end
|
|
|
|
def present_member_invitations(invitations)
|
|
present invitations, with: Entities::Invitation, current_user: current_user
|
|
end
|
|
|
|
def present_members_with_invited_private_group_accessibility(members, source)
|
|
::Members::InvitedPrivateGroupAccessibilityAssigner
|
|
.new(members, source: source, current_user: current_user)
|
|
.execute
|
|
|
|
present_members members
|
|
end
|
|
|
|
def add_single_member(create_service_params)
|
|
check_existing_membership(create_service_params)
|
|
|
|
instance = ::Members::CreateService.new(current_user, create_service_params)
|
|
result = instance.execute
|
|
|
|
# This currently can only be reached in EE if group membership is locked
|
|
not_allowed! if instance.membership_locked
|
|
|
|
if result[:status] == :error && result[:http_status] == :unauthorized
|
|
raise Gitlab::Access::AccessDeniedError
|
|
end
|
|
|
|
# prefer responding with model validations, if present
|
|
member = instance.single_member
|
|
render_validation_error!(member) if member&.invalid?
|
|
|
|
present_add_single_member_response(result, member)
|
|
end
|
|
|
|
def present_put_membership_response(result)
|
|
updated_member = result[:members].first
|
|
|
|
if result[:status] == :success
|
|
present_members updated_member
|
|
else
|
|
render_validation_error!(updated_member)
|
|
end
|
|
end
|
|
|
|
def check_existing_membership(create_service_params)
|
|
user_id = User.get_ids_by_ids_or_usernames(create_service_params[:user_id], create_service_params[:username]).first
|
|
|
|
not_found!('User') unless user_id
|
|
conflict!('Member already exists') if member_already_exists?(create_service_params[:source], user_id)
|
|
end
|
|
|
|
def add_multiple_members?(user_id, username)
|
|
user_id&.include?(',') || username&.include?(',')
|
|
end
|
|
|
|
def self.member_access_levels
|
|
Gitlab::Access.all_values
|
|
end
|
|
|
|
private
|
|
|
|
def member_already_exists?(source, user_id)
|
|
source.members.exists?(user_id: user_id) # rubocop: disable CodeReuse/ActiveRecord
|
|
end
|
|
|
|
def present_add_single_member_response(result, member)
|
|
# if errors occurred besides model validations or authorization failures,
|
|
# render those appropriately
|
|
if result[:status] == :error
|
|
render_structured_api_error!(result, :bad_request)
|
|
else
|
|
present_members(member)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|
|
|
|
API::Helpers::MembersHelpers.prepend_mod_with('API::Helpers::MembersHelpers')
|