Commit cf04eb76 authored by Imre Farkas's avatar Imre Farkas

Remove duplicate authorized_projects entries during refresh

parent 489520a9
...@@ -53,7 +53,13 @@ module Users ...@@ -53,7 +53,13 @@ module Users
current = current_authorizations_per_project current = current_authorizations_per_project
fresh = fresh_access_levels_per_project fresh = fresh_access_levels_per_project
remove = current.each_with_object([]) do |(project_id, row), array| # Delete projects that have more than one authorizations associated with
# the user. The correct authorization is added to the ``add`` array in the
# next stage.
remove = projects_with_duplicates
current.except!(*projects_with_duplicates)
remove |= current.each_with_object([]) do |(project_id, row), array|
# rows not in the new list or with a different access level should be # rows not in the new list or with a different access level should be
# removed. # removed.
if !fresh[project_id] || fresh[project_id] != row.access_level if !fresh[project_id] || fresh[project_id] != row.access_level
...@@ -106,7 +112,7 @@ module Users ...@@ -106,7 +112,7 @@ module Users
end end
def current_authorizations def current_authorizations
user.project_authorizations.select(:project_id, :access_level) @current_authorizations ||= user.project_authorizations.select(:project_id, :access_level)
end end
def fresh_authorizations def fresh_authorizations
...@@ -116,5 +122,12 @@ module Users ...@@ -116,5 +122,12 @@ module Users
private private
attr_reader :incorrect_auth_found_callback, :missing_auth_found_callback attr_reader :incorrect_auth_found_callback, :missing_auth_found_callback
def projects_with_duplicates
@projects_with_duplicates ||= current_authorizations
.group_by(&:project_id)
.select { |project_id, authorizations| authorizations.count > 1 }
.keys
end
end end
end end
---
title: Remove duplicate authorized_projects entries during refresh
merge_request: 38715
author:
type: fixed
...@@ -76,6 +76,26 @@ RSpec.describe Users::RefreshAuthorizedProjectsService do ...@@ -76,6 +76,26 @@ RSpec.describe Users::RefreshAuthorizedProjectsService do
service.execute_without_lease service.execute_without_lease
end end
it 'removes duplicate entries' do
[Gitlab::Access::MAINTAINER, Gitlab::Access::REPORTER].each do |access_level|
user.project_authorizations.create!(project: project, access_level: access_level)
end
expect(service).to(
receive(:update_authorizations)
.with([project.id], [[user.id, project.id, Gitlab::Access::MAINTAINER]])
.and_call_original)
service.execute_without_lease
expect(user.project_authorizations.count).to eq(1)
project_authorization = ProjectAuthorization.where(
project_id: project.id,
user_id: user.id,
access_level: Gitlab::Access::MAINTAINER)
expect(project_authorization).to exist
end
it 'sets the access level of a project to the highest available level' do it 'sets the access level of a project to the highest available level' do
user.project_authorizations.delete_all user.project_authorizations.delete_all
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment