project.rb 38.3 KB
Newer Older
1 2
require 'carrierwave/orm/activerecord'

gitlabhq's avatar
gitlabhq committed
3
class Project < ActiveRecord::Base
4
  include Gitlab::ConfigHelper
5
  include Gitlab::ShellAdapter
6
  include Gitlab::VisibilityLevel
7
  include Gitlab::CurrentSettings
8
  include AccessRequestable
9 10
  include Referable
  include Sortable
11
  include AfterCommitQueue
12
  include CaseSensitivity
13
  include TokenAuthenticatable
Robert Speicher's avatar
Robert Speicher committed
14

15
  extend Gitlab::ConfigHelper
16

Jared Szechy's avatar
Jared Szechy committed
17 18
  UNKNOWN_IMPORT_URL = 'http://unknown.git'

19
  default_value_for :archived, false
20 21 22
  default_value_for :visibility_level, gitlab_config_features.visibility_level
  default_value_for :issues_enabled, gitlab_config_features.issues
  default_value_for :merge_requests_enabled, gitlab_config_features.merge_requests
23
  default_value_for :builds_enabled, gitlab_config_features.builds
24 25
  default_value_for :wiki_enabled, gitlab_config_features.wiki
  default_value_for :snippets_enabled, gitlab_config_features.snippets
26
  default_value_for :container_registry_enabled, gitlab_config_features.container_registry
27
  default_value_for(:repository_storage) { current_application_settings.repository_storage }
28
  default_value_for(:shared_runners_enabled) { current_application_settings.shared_runners_enabled }
29

30 31 32
  after_create :ensure_dir_exist
  after_save :ensure_dir_exist, if: :namespace_id_changed?

33 34
  # set last_activity_at to the same as created_at
  after_create :set_last_activity_at
35
  def set_last_activity_at
36
    update_column(:last_activity_at, self.created_at)
37 38
  end

39
  # update visibility_level of forks
40 41 42 43 44 45 46 47 48 49 50 51
  after_update :update_forks_visibility_level
  def update_forks_visibility_level
    return unless visibility_level < visibility_level_was

    forks.each do |forked_project|
      if forked_project.visibility_level > visibility_level
        forked_project.visibility_level = visibility_level
        forked_project.save!
      end
    end
  end

52
  ActsAsTaggableOn.strict_case_match = true
53
  acts_as_taggable_on :tags
54

55
  attr_accessor :new_default_branch
56
  attr_accessor :old_path_with_namespace
57

58 59
  alias_attribute :title, :name

60
  # Relations
61
  belongs_to :creator, foreign_key: 'creator_id', class_name: 'User'
62
  belongs_to :group, -> { where(type: Group) }, foreign_key: 'namespace_id'
63
  belongs_to :namespace
64

65
  has_one :last_event, -> {order 'events.created_at DESC'}, class_name: 'Event', foreign_key: 'project_id'
66 67 68

  # Project services
  has_many :services
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
69
  has_one :campfire_service, dependent: :destroy
Kirilll Zaitsev's avatar
Kirilll Zaitsev committed
70
  has_one :drone_ci_service, dependent: :destroy
71
  has_one :emails_on_push_service, dependent: :destroy
72
  has_one :builds_email_service, dependent: :destroy
Aorimn's avatar
Aorimn committed
73
  has_one :irker_service, dependent: :destroy
74
  has_one :pivotaltracker_service, dependent: :destroy
75
  has_one :hipchat_service, dependent: :destroy
76
  has_one :flowdock_service, dependent: :destroy
Carlos Paramio's avatar
Carlos Paramio committed
77
  has_one :assembla_service, dependent: :destroy
Jeremy's avatar
Jeremy committed
78
  has_one :asana_service, dependent: :destroy
79
  has_one :gemnasium_service, dependent: :destroy
80
  has_one :slack_service, dependent: :destroy
81
  has_one :buildkite_service, dependent: :destroy
Drew Blessing's avatar
Drew Blessing committed
82
  has_one :bamboo_service, dependent: :destroy
83
  has_one :teamcity_service, dependent: :destroy
84
  has_one :pushover_service, dependent: :destroy
85 86
  has_one :jira_service, dependent: :destroy
  has_one :redmine_service, dependent: :destroy
87
  has_one :custom_issue_tracker_service, dependent: :destroy
88
  has_one :bugzilla_service, dependent: :destroy
89
  has_one :gitlab_issue_tracker_service, dependent: :destroy, inverse_of: :project
90
  has_one :external_wiki_service, dependent: :destroy
91

92 93 94 95 96
  has_one  :forked_project_link,  dependent: :destroy, foreign_key: "forked_to_project_id"
  has_one  :forked_from_project,  through:   :forked_project_link

  has_many :forked_project_links, foreign_key: "forked_from_project_id"
  has_many :forks,                through:     :forked_project_links, source: :forked_to_project
97

98
  # Merge Requests for target project should be removed with it
99
  has_many :merge_requests,     dependent: :destroy, foreign_key: 'target_project_id'
100
  # Merge requests from source project should be kept when source project was removed
101
  has_many :fork_merge_requests, foreign_key: 'source_project_id', class_name: MergeRequest
102
  has_many :issues,             dependent: :destroy
103
  has_many :labels,             dependent: :destroy
104 105
  has_many :services,           dependent: :destroy
  has_many :events,             dependent: :destroy
106 107
  has_many :milestones,         dependent: :destroy
  has_many :notes,              dependent: :destroy
108 109
  has_many :snippets,           dependent: :destroy, class_name: 'ProjectSnippet'
  has_many :hooks,              dependent: :destroy, class_name: 'ProjectHook'
110
  has_many :protected_branches, dependent: :destroy
111 112

  has_many :project_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'ProjectMember'
113
  alias_method :members, :project_members
114 115 116 117
  has_many :users, through: :project_members

  has_many :requesters, -> { where.not(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'ProjectMember'

118 119
  has_many :deploy_keys_projects, dependent: :destroy
  has_many :deploy_keys, through: :deploy_keys_projects
Ciro Santilli's avatar
Ciro Santilli committed
120 121
  has_many :users_star_projects, dependent: :destroy
  has_many :starrers, through: :users_star_projects, source: :user
122
  has_many :releases, dependent: :destroy
Marin Jankovski's avatar
Marin Jankovski committed
123 124
  has_many :lfs_objects_projects, dependent: :destroy
  has_many :lfs_objects, through: :lfs_objects_projects
125 126
  has_many :project_group_links, dependent: :destroy
  has_many :invited_groups, through: :project_group_links, source: :group
127
  has_many :todos, dependent: :destroy
128
  has_many :notification_settings, dependent: :destroy, as: :source
129

130
  has_one :import_data, dependent: :destroy, class_name: "ProjectImportData"
131

132
  has_many :commit_statuses, dependent: :destroy, class_name: 'CommitStatus', foreign_key: :gl_project_id
133
  has_many :pipelines, dependent: :destroy, class_name: 'Ci::Pipeline', foreign_key: :gl_project_id
134 135 136 137 138
  has_many :builds, class_name: 'Ci::Build', foreign_key: :gl_project_id # the builds are created from the commit_statuses
  has_many :runner_projects, dependent: :destroy, class_name: 'Ci::RunnerProject', foreign_key: :gl_project_id
  has_many :runners, through: :runner_projects, source: :runner, class_name: 'Ci::Runner'
  has_many :variables, dependent: :destroy, class_name: 'Ci::Variable', foreign_key: :gl_project_id
  has_many :triggers, dependent: :destroy, class_name: 'Ci::Trigger', foreign_key: :gl_project_id
139 140
  has_many :environments, dependent: :destroy
  has_many :deployments, dependent: :destroy
141

142
  accepts_nested_attributes_for :variables, allow_destroy: true
143

144
  delegate :name, to: :owner, allow_nil: true, prefix: true
145
  delegate :members, to: :team, prefix: true
146

Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
147
  # Validations
148
  validates :creator, presence: true, on: :create
149
  validates :description, length: { maximum: 2000 }, allow_blank: true
150 151 152 153
  validates :name,
    presence: true,
    length: { within: 0..255 },
    format: { with: Gitlab::Regex.project_name_regex,
Douwe Maan's avatar
Douwe Maan committed
154
              message: Gitlab::Regex.project_name_regex_message }
155 156 157
  validates :path,
    presence: true,
    length: { within: 0..255 },
Douwe Maan's avatar
Douwe Maan committed
158 159
    format: { with: Gitlab::Regex.project_path_regex,
              message: Gitlab::Regex.project_path_regex_message }
160
  validates :issues_enabled, :merge_requests_enabled,
Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
161
            :wiki_enabled, inclusion: { in: [true, false] }
162
  validates :namespace, presence: true
163 164
  validates_uniqueness_of :name, scope: :namespace_id
  validates_uniqueness_of :path, scope: :namespace_id
165
  validates :import_url, addressable_url: true, if: :external_import?
166
  validates :star_count, numericality: { greater_than_or_equal_to: 0 }
167
  validate :check_limit, on: :create
168
  validate :avatar_type,
169
    if: ->(project) { project.avatar.present? && project.avatar_changed? }
170
  validates :avatar, file_size: { maximum: 200.kilobytes.to_i }
171
  validate :visibility_level_allowed_by_group
Douwe Maan's avatar
Douwe Maan committed
172
  validate :visibility_level_allowed_as_fork
173
  validate :check_wiki_path_conflict
174 175 176
  validates :repository_storage,
    presence: true,
    inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } }
177

178
  add_authentication_token_field :runners_token
179
  before_save :ensure_runners_token
180

Douwe Maan's avatar
Douwe Maan committed
181
  mount_uploader :avatar, AvatarUploader
Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
182

183
  # Scopes
184 185
  default_scope { where(pending_delete: false) }

186
  scope :sorted_by_activity, -> { reorder(last_activity_at: :desc) }
187 188
  scope :sorted_by_stars, -> { reorder('projects.star_count DESC') }

189
  scope :in_namespace, ->(namespace_ids) { where(namespace_id: namespace_ids) }
190
  scope :personal, ->(user) { where(namespace_id: user.namespace_id) }
191
  scope :joined, ->(user) { where('namespace_id != ?', user.namespace_id) }
192
  scope :visible_to_user, ->(user) { where(id: user.authorized_projects.select(:id).reorder(nil)) }
193
  scope :non_archived, -> { where(archived: false) }
194
  scope :for_milestones, ->(ids) { joins(:milestones).where('milestones.id' => ids).distinct }
195 196 197 198
  scope :with_push, -> { joins(:events).where('events.action = ?', Event::PUSHED) }

  scope :active, -> { joins(:issues, :notes, :merge_requests).order('issues.created_at, notes.created_at, merge_requests.created_at DESC') }
  scope :abandoned, -> { where('projects.last_activity_at < ?', 6.months.ago) }
199

200 201
  state_machine :import_status, initial: :none do
    event :import_start do
202
      transition [:none, :finished] => :started
203 204 205
    end

    event :import_finish do
206
      transition started: :finished
207 208 209
    end

    event :import_fail do
210
      transition started: :failed
211 212 213
    end

    event :import_retry do
214
      transition failed: :started
215 216 217 218
    end

    state :started
    state :finished
219 220
    state :failed

221
    after_transition any => :finished, do: :reset_cache_and_import_attrs
222 223
  end

Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
224
  class << self
225 226 227 228 229 230 231
    # Searches for a list of projects based on the query given in `query`.
    #
    # On PostgreSQL this method uses "ILIKE" to perform a case-insensitive
    # search. On MySQL a regular "LIKE" is used as it's already
    # case-insensitive.
    #
    # query - The search query as a String.
232
    def search(query)
233
      ptable  = arel_table
234 235 236 237 238 239 240 241 242
      ntable  = Namespace.arel_table
      pattern = "%#{query}%"

      projects = select(:id).where(
        ptable[:path].matches(pattern).
          or(ptable[:name].matches(pattern)).
          or(ptable[:description].matches(pattern))
      )

243 244 245 246 247 248
      # We explicitly remove any eager loading clauses as they're:
      #
      # 1. Not needed by this query
      # 2. Combined with .joins(:namespace) lead to all columns from the
      #    projects & namespaces tables being selected, leading to a SQL error
      #    due to the columns of all UNION'd queries no longer being the same.
249
      namespaces = select(:id).
250
        except(:includes).
251 252 253 254 255 256
        joins(:namespace).
        where(ntable[:name].matches(pattern))

      union = Gitlab::SQL::Union.new([projects, namespaces])

      where("projects.id IN (#{union.to_sql})")
Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
257
    end
258

259
    def search_by_visibility(level)
Josh Frye's avatar
Josh Frye committed
260
      where(visibility_level: Gitlab::VisibilityLevel.const_get(level.upcase))
261 262
    end

263
    def search_by_title(query)
264 265 266 267
      pattern = "%#{query}%"
      table   = Project.arel_table

      non_archived.where(table[:name].matches(pattern))
268 269
    end

270 271 272 273 274 275
    # Finds a single project for the given path.
    #
    # path - The full project path (including namespace path).
    #
    # Returns a Project, or nil if no project could be found.
    def find_with_namespace(path)
276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292
      namespace_path, project_path = path.split('/', 2)

      return unless namespace_path && project_path

      namespace_path = connection.quote(namespace_path)
      project_path = connection.quote(project_path)

      # On MySQL we want to ensure the ORDER BY uses a case-sensitive match so
      # any literal matches come first, for this we have to use "BINARY".
      # Without this there's still no guarantee in what order MySQL will return
      # rows.
      binary = Gitlab::Database.mysql? ? 'BINARY' : ''

      order_sql = "(CASE WHEN #{binary} namespaces.path = #{namespace_path} " \
        "AND #{binary} projects.path = #{project_path} THEN 0 ELSE 1 END)"

      where_paths_in([path]).reorder(order_sql).take
293
    end
294

295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318
    # Builds a relation to find multiple projects by their full paths.
    #
    # Each path must be in the following format:
    #
    #     namespace_path/project_path
    #
    # For example:
    #
    #     gitlab-org/gitlab-ce
    #
    # Usage:
    #
    #     Project.where_paths_in(%w{gitlab-org/gitlab-ce gitlab-org/gitlab-ee})
    #
    # This would return the projects with the full paths matching the values
    # given.
    #
    # paths - An Array of full paths (namespace path + project path) for which
    #         to find the projects.
    #
    # Returns an ActiveRecord::Relation.
    def where_paths_in(paths)
      wheres = []
      cast_lower = Gitlab::Database.postgresql?
319

320 321
      paths.each do |path|
        namespace_path, project_path = path.split('/', 2)
322

323 324 325 326
        next unless namespace_path && project_path

        namespace_path = connection.quote(namespace_path)
        project_path = connection.quote(project_path)
327

328 329
        where = "(namespaces.path = #{namespace_path}
          AND projects.path = #{project_path})"
330

331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348
        if cast_lower
          where = "(
            #{where}
            OR (
              LOWER(namespaces.path) = LOWER(#{namespace_path})
              AND LOWER(projects.path) = LOWER(#{project_path})
            )
          )"
        end

        wheres << where
      end

      if wheres.empty?
        none
      else
        joins(:namespace).where(wheres.join(' OR '))
      end
349
    end
350

351 352 353
    def visibility_levels
      Gitlab::VisibilityLevel.options
    end
354 355

    def sort(method)
356 357 358 359
      if method == 'repository_size_desc'
        reorder(repository_size: :desc, id: :desc)
      else
        order_by(method)
360 361
      end
    end
362 363 364 365 366

    def reference_pattern
      name_pattern = Gitlab::Regex::NAMESPACE_REGEX_STR
      %r{(?<project>#{name_pattern}/#{name_pattern})}
    end
367 368 369 370 371 372 373 374 375 376 377 378 379 380

    def trending(since = 1.month.ago)
      # By counting in the JOIN we don't expose the GROUP BY to the outer query.
      # This means that calls such as "any?" and "count" just return a number of
      # the total count, instead of the counts grouped per project as a Hash.
      join_body = "INNER JOIN (
        SELECT project_id, COUNT(*) AS amount
        FROM notes
        WHERE created_at >= #{sanitize(since)}
        GROUP BY project_id
      ) join_note_counts ON projects.id = join_note_counts.project_id"

      joins(join_body).reorder('join_note_counts.amount DESC')
    end
James Lopez's avatar
James Lopez committed
381 382

    # Deletes gitlab project export files older than 24 hours
383 384
    def remove_gitlab_exports!
      Gitlab::Popen.popen(%W(find #{Gitlab::ImportExport.storage_path} -not -path #{Gitlab::ImportExport.storage_path} -mmin +1440 -delete))
James Lopez's avatar
James Lopez committed
385
    end
386 387
  end

388 389
  def repository_storage_path
    Gitlab.config.repositories.storages[repository_storage]
390 391
  end

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
392
  def team
393
    @team ||= ProjectTeam.new(self)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
394 395 396
  end

  def repository
397
    @repository ||= Repository.new(path_with_namespace, self)
398 399
  end

400 401 402 403
  def container_registry_path_with_namespace
    path_with_namespace.downcase
  end

404
  def container_registry_repository
Kamil Trzcinski's avatar
Kamil Trzcinski committed
405 406
    return unless Gitlab.config.registry.enabled

407
    @container_registry_repository ||= begin
408
      token = Auth::ContainerRegistryAuthenticationService.full_access_token(container_registry_path_with_namespace)
409
      url = Gitlab.config.registry.api_url
410 411
      host_port = Gitlab.config.registry.host_port
      registry = ContainerRegistry::Registry.new(url, token: token, path: host_port)
412
      registry.repository(container_registry_path_with_namespace)
413
    end
414 415
  end

416
  def container_registry_repository_url
Kamil Trzcinski's avatar
Kamil Trzcinski committed
417
    if Gitlab.config.registry.enabled
418
      "#{Gitlab.config.registry.host_port}/#{container_registry_path_with_namespace}"
419
    end
420 421
  end

422
  def has_container_registry_tags?
Kamil Trzcinski's avatar
Kamil Trzcinski committed
423 424 425
    return unless container_registry_repository

    container_registry_repository.tags.any?
426 427
  end

428 429
  def commit(ref = 'HEAD')
    repository.commit(ref)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
430 431
  end

432
  # ref can't be HEAD, can only be branch/tag name or SHA
433
  def latest_successful_builds_for(ref = default_branch)
434 435 436 437 438 439 440
    latest_pipeline = pipelines.latest_successful_for(ref).first

    if latest_pipeline
      latest_pipeline.builds.latest.with_artifacts
    else
      builds.none
    end
441 442
  end

443
  def merge_base_commit(first_commit_id, second_commit_id)
Douwe Maan's avatar
Douwe Maan committed
444 445
    sha = repository.merge_base(first_commit_id, second_commit_id)
    repository.commit(sha) if sha
446 447
  end

448
  def saved?
449
    id && persisted?
450 451
  end

452
  def add_import_job
453
    if forked?
454 455 456
      job_id = RepositoryForkWorker.perform_async(id, forked_from_project.repository_storage_path,
                                                  forked_from_project.path_with_namespace,
                                                  self.namespace.path)
457
    else
458 459 460 461 462 463 464
      job_id = RepositoryImportWorker.perform_async(self.id)
    end

    if job_id
      Rails.logger.info "Import job started for #{path_with_namespace} with job ID #{job_id}"
    else
      Rails.logger.error "Import job failed to start for #{path_with_namespace}"
465
    end
466 467
  end

468
  def reset_cache_and_import_attrs
469 470 471 472
    update(import_error: nil)

    ProjectCacheWorker.perform_async(self.id)

473
    self.import_data.destroy if self.import_data
474 475
  end

476
  def import_url=(value)
477 478
    return super(value) unless Gitlab::UrlSanitizer.valid?(value)

479
    import_url = Gitlab::UrlSanitizer.new(value)
James Lopez's avatar
James Lopez committed
480
    super(import_url.sanitized_url)
481
    create_or_update_import_data(credentials: import_url.credentials)
482 483 484
  end

  def import_url
485
    if import_data && super
486
      import_url = Gitlab::UrlSanitizer.new(super, credentials: import_data.credentials)
James Lopez's avatar
James Lopez committed
487 488 489
      import_url.full_url
    else
      super
490 491
    end
  end
492

James Lopez's avatar
James Lopez committed
493 494 495 496
  def valid_import_url?
    valid? || errors.messages[:import_url].nil?
  end

497
  def create_or_update_import_data(data: nil, credentials: nil)
498
    return unless import_url.present? && valid_import_url?
499

James Lopez's avatar
James Lopez committed
500
    project_import_data = import_data || build_import_data
501 502 503 504
    if data
      project_import_data.data ||= {}
      project_import_data.data = project_import_data.data.merge(data)
    end
505 506 507 508
    if credentials
      project_import_data.credentials ||= {}
      project_import_data.credentials = project_import_data.credentials.merge(credentials)
    end
509 510

    project_import_data.save
511
  end
512

513
  def import?
514
    external_import? || forked? || gitlab_project_import?
515 516
  end

517 518 519 520
  def no_import?
    import_status == 'none'
  end

521
  def external_import?
522 523 524
    import_url.present?
  end

525
  def imported?
526 527 528 529 530 531 532 533 534 535 536 537 538
    import_finished?
  end

  def import_in_progress?
    import? && import_status == 'started'
  end

  def import_failed?
    import_status == 'failed'
  end

  def import_finished?
    import_status == 'finished'
539 540
  end

541
  def safe_import_url
542
    Gitlab::UrlSanitizer.new(import_url).masked_url
543 544
  end

545 546 547 548
  def gitlab_project_import?
    import_type == 'gitlab_project'
  end

549
  def check_limit
550
    unless creator.can_create_project? or namespace.kind == 'group'
551 552 553
      projects_limit = creator.projects_limit

      if projects_limit == 0
Phil Hughes's avatar
Phil Hughes committed
554
        self.errors.add(:limit_reached, "Personal project creation is not allowed. Please contact your administrator with questions")
555
      else
Phil Hughes's avatar
Phil Hughes committed
556
        self.errors.add(:limit_reached, "Your project limit is #{projects_limit} projects! Please contact your administrator to increase it")
557
      end
558 559
    end
  rescue
560
    self.errors.add(:base, "Can't check your ability to create project")
gitlabhq's avatar
gitlabhq committed
561 562
  end

563 564 565 566 567 568 569 570 571 572 573 574 575
  def visibility_level_allowed_by_group
    return if visibility_level_allowed_by_group?

    level_name = Gitlab::VisibilityLevel.level_name(self.visibility_level).downcase
    group_level_name = Gitlab::VisibilityLevel.level_name(self.group.visibility_level).downcase
    self.errors.add(:visibility_level, "#{level_name} is not allowed in a #{group_level_name} group.")
  end

  def visibility_level_allowed_as_fork
    return if visibility_level_allowed_as_fork?

    level_name = Gitlab::VisibilityLevel.level_name(self.visibility_level).downcase
    self.errors.add(:visibility_level, "#{level_name} is not allowed since the fork source project has lower visibility.")
576 577
  end

578 579 580 581 582 583 584 585 586 587
  def check_wiki_path_conflict
    return if path.blank?

    path_to_check = path.ends_with?('.wiki') ? path.chomp('.wiki') : "#{path}.wiki"

    if Project.where(namespace_id: namespace_id, path: path_to_check).exists?
      errors.add(:name, 'has already been taken')
    end
  end

588
  def to_param
589 590 591 592 593
    if persisted? && errors.include?(:path)
      path_was
    else
      path
    end
594 595
  end

596 597 598 599
  def to_reference(_from_project = nil)
    path_with_namespace
  end

600
  def web_url
601
    Gitlab::Routing.url_helpers.namespace_project_url(self.namespace, self)
602 603
  end

604
  def web_url_without_protocol
605
    web_url.split('://')[1]
606 607
  end

608
  def new_issue_address(author)
609
    if Gitlab::IncomingEmail.enabled? && author
610 611 612
      Gitlab::IncomingEmail.reply_address(
        "#{path_with_namespace}+#{author.authentication_token}")
    end
613 614
  end

615
  def build_commit_note(commit)
616
    notes.new(commit_id: commit.id, noteable_type: 'Commit')
gitlabhq's avatar
gitlabhq committed
617
  end
Nihad Abbasov's avatar
Nihad Abbasov committed
618

619
  def last_activity
620
    last_event
gitlabhq's avatar
gitlabhq committed
621 622 623
  end

  def last_activity_date
Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
624
    last_activity_at || updated_at
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
625
  end
626

627 628 629
  def project_id
    self.id
  end
randx's avatar
randx committed
630

Robert Speicher's avatar
Robert Speicher committed
631
  def get_issue(issue_id)
632
    if default_issues_tracker?
Robert Speicher's avatar
Robert Speicher committed
633
      issues.find_by(iid: issue_id)
634
    else
Robert Speicher's avatar
Robert Speicher committed
635
      ExternalIssue.new(issue_id, self)
636 637 638
    end
  end

Robert Speicher's avatar
Robert Speicher committed
639
  def issue_exists?(issue_id)
640
    get_issue(issue_id)
Robert Speicher's avatar
Robert Speicher committed
641 642
  end

643
  def default_issue_tracker
644
    gitlab_issue_tracker_service || create_gitlab_issue_tracker_service
645 646 647 648 649 650 651 652 653 654
  end

  def issues_tracker
    if external_issue_tracker
      external_issue_tracker
    else
      default_issue_tracker
    end
  end

655
  def default_issues_tracker?
656
    !external_issue_tracker
657 658 659
  end

  def external_issue_tracker
660 661 662 663 664 665 666 667 668 669 670 671 672 673 674
    if has_external_issue_tracker.nil? # To populate existing projects
      cache_has_external_issue_tracker
    end

    if has_external_issue_tracker?
      return @external_issue_tracker if defined?(@external_issue_tracker)

      @external_issue_tracker = services.external_issue_trackers.first
    else
      nil
    end
  end

  def cache_has_external_issue_tracker
    update_column(:has_external_issue_tracker, services.external_issue_trackers.any?)
675 676
  end

677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692
  def external_wiki
    if has_external_wiki.nil?
      cache_has_external_wiki # Populate
    end

    if has_external_wiki
      @external_wiki ||= services.external_wikis.first
    else
      nil
    end
  end

  def cache_has_external_wiki
    update_column(:has_external_wiki, services.external_wikis.any?)
  end

693
  def build_missing_services
694 695
    services_templates = Service.where(template: true)

696
    Service.available_services_names.each do |service_name|
697
      service = find_service(services, service_name)
698 699

      # If service is available but missing in db
700 701 702 703 704 705
      if service.nil?
        # We should check if template for the service exists
        template = find_service(services_templates, service_name)

        if template.nil?
          # If no template, we should create an instance. Ex `create_gitlab_ci_service`
706
          self.send :"create_#{service_name}_service"
707 708 709 710
        else
          Service.create_from_template(self.id, template)
        end
      end
711 712 713
    end
  end

714 715 716 717 718 719 720 721 722
  def create_labels
    Label.templates.each do |label|
      label = label.dup
      label.template = nil
      label.project_id = self.id
      label.save
    end
  end

723 724 725
  def find_service(list, name)
    list.find { |service| service.to_param == name }
  end
726

727
  def ci_services
728
    services.where(category: :ci)
729 730 731
  end

  def ci_service
732
    @ci_service ||= ci_services.reorder(nil).find_by(active: true)
733 734
  end

Drew Blessing's avatar
Drew Blessing committed
735 736 737 738
  def jira_tracker?
    issues_tracker.to_param == 'jira'
  end

739
  def avatar_type
740 741
    unless self.avatar.image?
      self.errors.add :avatar, 'only images allowed'
742 743 744 745
    end
  end

  def avatar_in_git
746
    repository.avatar
747 748
  end

sue445's avatar
sue445 committed
749
  def avatar_url
750
    if self[:avatar].present?
sue445's avatar
sue445 committed
751 752
      [gitlab_config.url, avatar.url].join
    elsif avatar_in_git
753
      Gitlab::Routing.url_helpers.namespace_project_avatar_url(namespace, self)
sue445's avatar
sue445 committed
754 755 756
    end
  end

757 758 759 760 761
  # For compatibility with old code
  def code
    path
  end

762
  def items_for(entity)
763 764 765 766 767 768 769
    case entity
    when 'issue' then
      issues
    when 'merge_request' then
      merge_requests
    end
  end
770

771
  def send_move_instructions(old_path_with_namespace)
772 773 774
    # New project path needs to be committed to the DB or notification will
    # retrieve stale information
    run_after_commit { NotificationService.new.project_was_moved(self, old_path_with_namespace) }
775
  end
776 777

  def owner
778 779
    if group
      group
780
    else
781
      namespace.try(:owner)
782 783
    end
  end
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
784 785 786 787

  def name_with_namespace
    @name_with_namespace ||= begin
                               if namespace
788
                                 namespace.human_name + ' / ' + name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
789 790 791 792 793
                               else
                                 name
                               end
                             end
  end
794
  alias_method :human_name, :name_with_namespace
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
795 796 797 798 799 800 801 802 803

  def path_with_namespace
    if namespace
      namespace.path + '/' + path
    else
      path
    end
  end

804 805
  def execute_hooks(data, hooks_scope = :push_hooks)
    hooks.send(hooks_scope).each do |hook|
806
      hook.async_execute(data, hooks_scope.to_s)
807
    end
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
808 809
  end

810 811 812
  def execute_services(data, hooks_scope = :push_hooks)
    # Call only service hooks that are active for this scope
    services.send(hooks_scope).each do |service|
813
      service.async_execute(data)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
814 815 816 817
    end
  end

  def update_merge_requests(oldrev, newrev, ref, user)
818 819
    MergeRequests::RefreshService.new(self, user).
      execute(oldrev, newrev, ref)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
820 821 822
  end

  def valid_repo?
823
    repository.exists?
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
824
  rescue
825
    errors.add(:path, 'Invalid repository path')
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
826 827 828 829
    false
  end

  def empty_repo?
830
    !repository.exists? || !repository.has_visible_content?
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
831 832 833
  end

  def repo
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
834
    repository.raw
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
835 836 837
  end

  def url_to_repo
838
    gitlab_shell.url_to_repo(path_with_namespace)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
839 840 841 842 843 844 845
  end

  def namespace_dir
    namespace.try(:path) || ''
  end

  def repo_exists?
846
    @repo_exists ||= repository.exists?
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
847 848 849 850
  rescue
    @repo_exists = false
  end

851
  # Branches that are not _exactly_ matched by a protected branch.
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
852
  def open_branches
853 854 855 856
    exact_protected_branch_names = protected_branches.reject(&:wildcard?).map(&:name)
    branch_names = repository.branches.map(&:name)
    non_open_branch_names = Set.new(exact_protected_branch_names).intersection(Set.new(branch_names))
    repository.branches.reject { |branch| non_open_branch_names.include? branch.name }
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
857 858 859
  end

  def root_ref?(branch)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
860
    repository.root_ref == branch
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
861 862 863 864 865 866 867
  end

  def ssh_url_to_repo
    url_to_repo
  end

  def http_url_to_repo
Douwe Maan's avatar
Douwe Maan committed
868
    "#{web_url}.git"
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
869 870 871
  end

  # Check if current branch name is marked as protected in the system
872
  def protected_branch?(branch_name)
873 874
    @protected_branches ||= self.protected_branches.to_a
    ProtectedBranch.matching(branch_name, protected_branches: @protected_branches).present?
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
875
  end
876 877 878 879

  def forked?
    !(forked_project_link.nil? || forked_project_link.forked_from_project.nil?)
  end
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
880

881 882 883 884
  def personal?
    !group
  end

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
885
  def rename_repo
886
    path_was = previous_changes['path'].first
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
887 888 889
    old_path_with_namespace = File.join(namespace_dir, path_was)
    new_path_with_namespace = File.join(namespace_dir, path)

890 891
    Rails.logger.error "Attempting to rename #{old_path_with_namespace} -> #{new_path_with_namespace}"

892 893
    expire_caches_before_rename(old_path_with_namespace)

894
    if has_container_registry_tags?
895 896
      Rails.logger.error "Project #{old_path_with_namespace} cannot be renamed because container registry tags are present"

897
      # we currently doesn't support renaming repository if it contains tags in container registry
Kamil Trzcinski's avatar
Kamil Trzcinski committed
898
      raise Exception.new('Project cannot be renamed, because tags are present in its container registry')
899 900
    end

901
    if gitlab_shell.mv_repository(repository_storage_path, old_path_with_namespace, new_path_with_namespace)
902
      # If repository moved successfully we need to send update instructions to users.
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
903 904 905
      # However we cannot allow rollback since we moved repository
      # So we basically we mute exceptions in next actions
      begin
906
        gitlab_shell.mv_repository(repository_storage_path, "#{old_path_with_namespace}.wiki", "#{new_path_with_namespace}.wiki")
907
        send_move_instructions(old_path_with_namespace)
908
        reset_events_cache
909 910 911 912 913

        @old_path_with_namespace = old_path_with_namespace

        SystemHooksService.new.execute_hooks_for(self, :rename)

914
        @repository = nil
915 916
      rescue => e
        Rails.logger.error "Exception renaming #{old_path_with_namespace} -> #{new_path_with_namespace}: #{e}"
Johannes Schleifenbaum's avatar
Johannes Schleifenbaum committed
917
        # Returning false does not rollback after_* transaction but gives
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
918 919 920 921
        # us information about failing some of tasks
        false
      end
    else
922 923
      Rails.logger.error "Repository could not be renamed: #{old_path_with_namespace} -> #{new_path_with_namespace}"

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
924 925 926 927
      # if we cannot move namespace directory we should rollback
      # db changes in order to prevent out of sync between db and fs
      raise Exception.new('repository cannot be renamed')
    end
928

929 930
    Gitlab::AppLogger.info "Project was renamed: #{old_path_with_namespace} -> #{new_path_with_namespace}"

931
    Gitlab::UploadsTransfer.new.rename_project(path_was, path, namespace.path)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
932
  end
933

934 935 936 937 938 939
  # Expires various caches before a project is renamed.
  def expire_caches_before_rename(old_path)
    repo = Repository.new(old_path, self)
    wiki = Repository.new("#{old_path}.wiki", self)

    if repo.exists?
940
      repo.before_delete
941 942 943
    end

    if wiki.exists?
944
      wiki.before_delete
945 946 947
    end
  end

948 949
  def hook_attrs(backward: true)
    attrs = {
Kirill Zaitsev's avatar
Kirill Zaitsev committed
950
      name: name,
951
      description: description,
Kirilll Zaitsev's avatar
Kirilll Zaitsev committed
952
      web_url: web_url,
953 954 955
      avatar_url: avatar_url,
      git_ssh_url: ssh_url_to_repo,
      git_http_url: http_url_to_repo,
Kirill Zaitsev's avatar
Kirill Zaitsev committed
956
      namespace: namespace.name,
957 958 959
      visibility_level: visibility_level,
      path_with_namespace: path_with_namespace,
      default_branch: default_branch,
Kirill Zaitsev's avatar
Kirill Zaitsev committed
960
    }
961 962 963 964 965 966 967 968 969 970 971 972

    # Backward compatibility
    if backward
      attrs.merge!({
                    homepage: web_url,
                    url: url_to_repo,
                    ssh_url: ssh_url_to_repo,
                    http_url: http_url_to_repo
                  })
    end

    attrs
Kirill Zaitsev's avatar
Kirill Zaitsev committed
973 974
  end

975 976 977 978 979
  # Reset events cache related to this project
  #
  # Since we do cache @event we need to reset cache in special cases:
  # * when project was moved
  # * when project was renamed
980
  # * when the project avatar changes
981 982 983 984 985 986 987 988 989
  # Events cache stored like  events/23-20130109142513.
  # The cache key includes updated_at timestamp.
  # Thus it will automatically generate a new fragment
  # when the event is updated because the key changes.
  def reset_events_cache
    Event.where(project_id: self.id).
      order('id DESC').limit(100).
      update_all(updated_at: Time.now)
  end
990 991

  def project_member(user)
Gabriel Mazetto's avatar
Gabriel Mazetto committed
992
    project_members.find_by(user_id: user)
993
  end
994 995 996 997

  def default_branch
    @default_branch ||= repository.root_ref if repository.exists?
  end
998 999 1000 1001 1002

  def reload_default_branch
    @default_branch = nil
    default_branch
  end
1003

1004 1005 1006
  def visibility_level_field
    visibility_level
  end
1007 1008 1009 1010 1011 1012 1013 1014

  def archive!
    update_attribute(:archived, true)
  end

  def unarchive!
    update_attribute(:archived, false)
  end
1015

1016
  def change_head(branch)
1017
    repository.before_change_head
P.S.V.R's avatar
P.S.V.R committed
1018 1019 1020
    repository.rugged.references.create('HEAD',
                                        "refs/heads/#{branch}",
                                        force: true)
1021
    repository.copy_gitattributes(branch)
1022 1023
    reload_default_branch
  end
1024 1025 1026 1027

  def forked_from?(project)
    forked? && project == forked_from_project
  end
1028 1029 1030 1031

  def update_repository_size
    update_attribute(:repository_size, repository.size)
  end
1032

1033 1034 1035 1036
  def update_commit_count
    update_attribute(:commit_count, repository.commit_count)
  end

1037
  def forks_count
1038
    forks.count
1039
  end
1040 1041 1042 1043

  def find_label(name)
    labels.find_by(name: name)
  end
1044 1045 1046 1047

  def origin_merge_requests
    merge_requests.where(source_project_id: self.id)
  end
1048 1049

  def create_repository
1050 1051
    # Forked import is handled asynchronously
    unless forked?
1052
      if gitlab_shell.add_repository(repository_storage_path, path_with_namespace)
1053
        repository.after_create
1054 1055
        true
      else
1056
        errors.add(:base, 'Failed to create repository via gitlab-shell')
1057 1058
        false
      end
1059 1060 1061 1062 1063 1064 1065 1066 1067 1068
    end
  end

  def repository_exists?
    !!repository.exists?
  end

  def create_wiki
    ProjectWiki.new(self, self.owner).wiki
    true
1069
  rescue ProjectWiki::CouldNotCreateWikiError
1070
    errors.add(:base, 'Failed create wiki')
1071 1072
    false
  end
1073

Drew Blessing's avatar
Drew Blessing committed
1074 1075 1076 1077
  def jira_tracker_active?
    jira_tracker? && jira_service.active
  end

1078
  def allowed_to_share_with_group?
1079
    !namespace.share_with_group_lock
1080 1081
  end

1082 1083
  def pipeline(sha, ref)
    pipelines.order(id: :desc).find_by(sha: sha, ref: ref)
1084 1085
  end

1086 1087
  def ensure_pipeline(sha, ref, current_user = nil)
    pipeline(sha, ref) || pipelines.create(sha: sha, ref: ref, user: current_user)
1088
  end
1089

1090 1091 1092
  def enable_ci
    self.builds_enabled = true
  end
Marin Jankovski's avatar
Marin Jankovski committed
1093

1094
  def any_runners?(&block)
1095
    if runners.active.any?(&block)
1096 1097 1098 1099 1100 1101
      return true
    end

    shared_runners_enabled? && Ci::Runner.shared.active.any?(&block)
  end

1102
  def valid_runners_token?(token)
James Lopez's avatar
James Lopez committed
1103
    self.runners_token && ActiveSupport::SecurityUtils.variable_size_secure_compare(token, self.runners_token)
Kamil Trzcinski's avatar
Kamil Trzcinski committed
1104 1105
  end

Kamil Trzcinski's avatar
Kamil Trzcinski committed
1106 1107
  # TODO (ayufan): For now we use runners_token (backward compatibility)
  # In 8.4 every build will have its own individual token valid for time of build
1108
  def valid_build_token?(token)
James Lopez's avatar
James Lopez committed
1109
    self.builds_enabled? && self.runners_token && ActiveSupport::SecurityUtils.variable_size_secure_compare(token, self.runners_token)
1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122
  end

  def build_coverage_enabled?
    build_coverage_regex.present?
  end

  def build_timeout_in_minutes
    build_timeout / 60
  end

  def build_timeout_in_minutes=(value)
    self.build_timeout = value.to_i * 60
  end
1123

1124 1125 1126
  def open_issues_count
    issues.opened.count
  end
1127

1128
  def visibility_level_allowed_as_fork?(level = self.visibility_level)
Douwe Maan's avatar
Douwe Maan committed
1129
    return true unless forked?
1130

Douwe Maan's avatar
Douwe Maan committed
1131 1132 1133 1134 1135 1136
    # self.forked_from_project will be nil before the project is saved, so
    # we need to go through the relation
    original_project = forked_project_link.forked_from_project
    return true unless original_project

    level <= original_project.visibility_level
1137
  end
1138

1139 1140
  def visibility_level_allowed_by_group?(level = self.visibility_level)
    return true unless group
1141

1142
    level <= group.visibility_level
Marin Jankovski's avatar
Marin Jankovski committed
1143
  end
1144

1145 1146
  def visibility_level_allowed?(level = self.visibility_level)
    visibility_level_allowed_as_fork?(level) && visibility_level_allowed_by_group?(level)
Felipe Artur's avatar
Felipe Artur committed
1147 1148
  end

1149 1150 1151
  def runners_token
    ensure_runners_token!
  end
1152 1153 1154 1155

  def wiki
    @wiki ||= ProjectWiki.new(self, self.owner)
  end
1156 1157 1158

  def schedule_delete!(user_id, params)
    # Queue this task for after the commit, so once we mark pending_delete it will run
1159 1160 1161 1162
    run_after_commit do
      job_id = ProjectDestroyWorker.perform_async(id, user_id, params)
      Rails.logger.info("User #{user_id} scheduled destruction of project #{path_with_namespace} with job ID #{job_id}")
    end
1163 1164 1165

    update_attribute(:pending_delete, true)
  end
1166

Josh Frye's avatar
Josh Frye committed
1167 1168
  def running_or_pending_build_count(force: false)
    Rails.cache.fetch(['projects', id, 'running_or_pending_build_count'], force: force) do
1169 1170 1171
      builds.running_or_pending.count(:all)
    end
  end
1172 1173

  def mark_import_as_failed(error_message)
1174 1175 1176
    original_errors = errors.dup
    sanitized_message = Gitlab::UrlSanitizer.sanitize(error_message)

1177
    import_fail
1178 1179 1180 1181 1182
    update_column(:import_error, sanitized_message)
  rescue ActiveRecord::ActiveRecordError => e
    Rails.logger.error("Error setting import status to failed: #{e.message}. Original error: #{sanitized_message}")
  ensure
    @errors = original_errors
1183
  end
James Lopez's avatar
James Lopez committed
1184

1185 1186
  def add_export_job(current_user:)
    job_id = ProjectExportWorker.perform_async(current_user.id, self.id)
1187 1188 1189 1190 1191 1192 1193

    if job_id
      Rails.logger.info "Export job started for project ID #{self.id} with job ID #{job_id}"
    else
      Rails.logger.error "Export job failed to start for project ID #{self.id}"
    end
  end
James Lopez's avatar
James Lopez committed
1194 1195

  def export_path
1196
    File.join(Gitlab::ImportExport.storage_path, path_with_namespace)
James Lopez's avatar
James Lopez committed
1197
  end
1198 1199 1200 1201 1202 1203 1204 1205 1206

  def export_project_path
    Dir.glob("#{export_path}/*export.tar.gz").max_by { |f| File.ctime(f) }
  end

  def remove_exports
    _, status = Gitlab::Popen.popen(%W(find #{export_path} -not -path #{export_path} -delete))
    status.zero?
  end
1207 1208 1209 1210

  def ensure_dir_exist
    gitlab_shell.add_namespace(repository_storage_path, namespace.path)
  end
1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228

  def predefined_variables
    [
      { key: 'CI_PROJECT_ID', value: id.to_s, public: true },
      { key: 'CI_PROJECT_NAME', value: path, public: true },
      { key: 'CI_PROJECT_PATH', value: path_with_namespace, public: true },
      { key: 'CI_PROJECT_NAMESPACE', value: namespace.path, public: true },
      { key: 'CI_PROJECT_URL', value: web_url, public: true }
    ]
  end

  def container_registry_variables
    return [] unless Gitlab.config.registry.enabled

    variables = [
      { key: 'CI_REGISTRY', value: Gitlab.config.registry.host_port, public: true }
    ]

Kamil Trzcinski's avatar
Kamil Trzcinski committed
1229 1230 1231 1232
    if container_registry_enabled?
      variables << { key: 'CI_REGISTRY_IMAGE', value: container_registry_repository_url, public: true }
    end

1233 1234 1235 1236 1237 1238 1239 1240
    variables
  end

  def secret_variables
    variables.map do |variable|
      { key: variable.key, value: variable.value, public: false }
    end
  end
1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255

  # Checks if `user` is authorized for this project, with at least the
  # `min_access_level` (if given).
  #
  # If you change the logic of this method, please also update `User#authorized_projects`
  def authorized_for_user?(user, min_access_level = nil)
    return false unless user

    return true if personal? && namespace_id == user.namespace_id

    authorized_for_user_by_group?(user, min_access_level) ||
      authorized_for_user_by_members?(user, min_access_level) ||
      authorized_for_user_by_shared_projects?(user, min_access_level)
  end

1256 1257 1258 1259 1260 1261 1262 1263 1264 1265
  def append_or_update_attribute(name, value)
    old_values = public_send(name.to_s)

    if Project.reflect_on_association(name).try(:macro) == :has_many && old_values.any?
      update_attribute(name, old_values + value)
    else
      update_attribute(name, value)
    end
  end

1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290
  private

  def authorized_for_user_by_group?(user, min_access_level)
    member = user.group_members.find_by(source_id: group)

    member && (!min_access_level || member.access_level >= min_access_level)
  end

  def authorized_for_user_by_members?(user, min_access_level)
    member = members.find_by(user_id: user)

    member && (!min_access_level || member.access_level >= min_access_level)
  end

  def authorized_for_user_by_shared_projects?(user, min_access_level)
    shared_projects = user.group_members.joins(group: :shared_projects).
      where(project_group_links: { project_id: self })

    if min_access_level
      members_scope = { access_level: Gitlab::Access.values.select { |access| access >= min_access_level } }
      shared_projects = shared_projects.where(members: members_scope)
    end

    shared_projects.any?
  end
gitlabhq's avatar
gitlabhq committed
1291
end