Code improvements

5551ccd7 · Felipe Artur · f2a9ee25 · 5551ccd7 · 5551ccd7 · 5551ccd7
Commit 5551ccd7 authored Mar 02, 2016 by Felipe Artur
10 changed files
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -9,7 +9,7 @@ class GroupsController < Groups::ApplicationController
  before_action :group, except: [:index, :new, :create]
  # Authorize
-  before_action :authorize_read_group!, except: [:index, :show, :new, :create, :autocomplete]
+  before_action :authorize_read_group!, except: [:index, :new, :create]
  before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
  before_action :authorize_create_group!, only: [:new, :create]
@@ -105,7 +105,7 @@ class GroupsController < Groups::ApplicationController
  # Dont allow unauthorized access to group
  def authorize_read_group!
-    unless @group and (@projects.present? or can?(current_user, :read_group, @group))
+    unless can?(current_user, :read_group, @group)
      if current_user.nil?
        return authenticate_user!
      else

--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -3,6 +3,16 @@ class UsersController < ApplicationController
  before_action :set_user
  def show
+<<<<<<< HEAD
+=======
+    @contributed_projects = contributed_projects.joined(@user).reject(&:forked?)
+    @projects = PersonalProjectsFinder.new(@user).execute(current_user)
+    @projects = @projects.page(params[:page]).per(PER_PAGE)
+    @groups = @user.groups.order_id_desc
+>>>>>>> Code improvements
    respond_to do |format|
      format.html

--- a/app/finders/groups_finder.rb
+++ b/app/finders/groups_finder.rb
 class GroupsFinder
  def execute(current_user = nil)
    segments = all_groups(current_user)
    if segments.length > 1
@@ -15,17 +14,9 @@ class GroupsFinder
  def all_groups(current_user)
    if current_user
-      [current_user.authorized_groups, public_and_internal_groups]
+      [current_user.authorized_groups, Group.unscoped.public_and_internal_only]
    else
-      [Group.public_only]
+      [Group.unscoped.public_only]
    end
  end
-  def public_groups
-    Group.unscoped.public_only
-  end
-  def public_and_internal_groups
-    Group.unscoped.public_and_internal_only
-  end
 end
--- a/app/helpers/groups_helper.rb
+++ b/app/helpers/groups_helper.rb
@@ -28,7 +28,7 @@ module GroupsHelper
      group = Group.find_by(path: group)
    end
-    if group && group.avatar.present?
+    if group && can?(current_user, :read_group, group) && group.avatar.present?
      group.avatar.url
    else
      'no_group_avatar.png'

--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -83,7 +83,7 @@ class Ability
                subject.group
              end
-      if group && group.projects.public_only.any?
+      if group && group.public?
        [:read_group]
      else
        []
@@ -271,16 +271,13 @@ class Ability
    def group_abilities(user, group)
      rules = []
-      if user.admin? || group.users.include?(user) || ProjectsFinder.new.execute(user, group: group).any?
+      rules << :read_group if can_read_group?(user, group)
-        rules << :read_group
-      end
      # Only group masters and group owners can create new projects and change permission level
      if group.has_master?(user) || group.has_owner?(user) || user.admin?
        rules += [
          :create_projects,
-          :admin_milestones,
+          :admin_milestones
-          :change_visibility_level
        ]
      end
@@ -289,13 +286,20 @@ class Ability
        rules += [
          :admin_group,
          :admin_namespace,
-          :admin_group_member
+          :admin_group_member,
+          :change_visibility_level
        ]
      end
      rules.flatten
    end
+    def can_read_group?(user, group)
+      is_project_member = ProjectsFinder.new.execute(user, group: group).any?
+      internal_group_allowed = group.internal? && user.present?
+      user.admin? || group.users.include?(user) || is_project_member || group.public? || internal_group_allowed
+    end
    def namespace_abilities(user, namespace)
      rules = []

--- a/app/models/concerns/shared_scopes.rb
+++ b/app/models/concerns/shared_scopes.rb
+module SharedScopes
+  extend ActiveSupport::Concern
+  included do
+    scope :public_only, -> { where(visibility_level: Group::PUBLIC) }
+    scope :public_and_internal_only, -> { where(visibility_level: [Group::PUBLIC, Group::INTERNAL] ) }
+  end
+end
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -21,7 +21,7 @@ class Group < Namespace
  include Gitlab::ConfigHelper
  include Gitlab::VisibilityLevel
  include Referable
+  include SharedScopes
  has_many :group_members, dependent: :destroy, as: :source, class_name: 'GroupMember'
  alias_method :members, :group_members
@@ -35,10 +35,6 @@ class Group < Namespace
  after_create :post_create_hook
  after_destroy :post_destroy_hook
-  scope :public_only, -> { where(visibility_level: Group::PUBLIC) }
-  scope :public_and_internal_only, -> { where(visibility_level: [Group::PUBLIC, Group::INTERNAL] ) }
  class << self
    def search(query)
      where("LOWER(namespaces.name) LIKE :query or LOWER(namespaces.path) LIKE :query", query: "%#{query.downcase}%")
@@ -69,6 +65,10 @@ class Group < Namespace
    name
  end
+  def visibility_level_field
+    visibility_level
+  end
  def avatar_url(size = nil)
    if avatar.present?
      [gitlab_config.url, avatar.url].join

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -52,6 +52,7 @@ class Project < ActiveRecord::Base
  include AfterCommitQueue
  include CaseSensitivity
  include TokenAuthenticatable
+  include SharedScopes
  extend Gitlab::ConfigHelper
@@ -213,8 +214,6 @@ class Project < ActiveRecord::Base
  scope :in_group_namespace, -> { joins(:group) }
  scope :personal, ->(user) { where(namespace_id: user.namespace_id) }
  scope :joined, ->(user) { where('namespace_id != ?', user.namespace_id) }
-  scope :public_only, -> { where(visibility_level: Project::PUBLIC) }
-  scope :public_and_internal_only, -> { where(visibility_level: Project.public_and_internal_levels) }
  scope :non_archived, -> { where(archived: false) }
  scope :for_milestones, ->(ids) { joins(:milestones).where('milestones.id' => ids).distinct }

--- a/db/migrate/20160301124843_add_visibility_level_to_groups.rb
+++ b/db/migrate/20160301124843_add_visibility_level_to_groups.rb
 class AddVisibilityLevelToGroups < ActiveRecord::Migration
  def change
    #All groups will be private when created
-    add_column :namespaces, :visibility_level, :integer, null: false, default: 0
+    add_column :namespaces, :visibility_level, :integer, null: false, default: 20
-    #Set all existing groups to public
-    Group.update_all(visibility_level: 20)
  end
 end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20160305220806) do
+ActiveRecord::Schema.define(version: 20160301124843) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"