Module: API::Helpers::MembersHelpers

Extended by:

Grape::API::Helpers

Included in:

BadgesHelpers, Mutations::Members::BulkUpdateBase

Defined in:

lib/api/helpers/members_helpers.rb

Class Method Summary

• .member_access_levels ⇒ Object

Instance Method Summary

• #add_multiple_members?(user_id, username) ⇒ Boolean
• #add_single_member(create_service_params) ⇒ Object
• #authorize_admin_source!(source_type, source) ⇒ Object
• #authorize_admin_source_member!(source_type, source) ⇒ Object
• #authorize_invite_source_member!(source_type, source) ⇒ Object
• #authorize_read_source_member!(source_type, source) ⇒ Object
• #authorize_update_source_member!(source_type, member) ⇒ Object
• #check_existing_membership(create_service_params) ⇒ Object
• #find_all_members(source) ⇒ Object

  rubocop: enable CodeReuse/ActiveRecord.

• #find_all_members_for_group(group) ⇒ Object
• #find_all_members_for_project(project) ⇒ Object
• #find_source(source_type, id) ⇒ Object
• #present_member_invitations(invitations) ⇒ Object
• #present_members(members) ⇒ Object
• #present_members_with_invited_private_group_accessibility(members, source) ⇒ Object
• #present_put_membership_response(result) ⇒ Object
• #retrieve_member_invitations(source, query = nil) ⇒ Object
• #retrieve_members(source, params:, deep: false) ⇒ Object

  rubocop: disable CodeReuse/ActiveRecord.

• #source_members(source) ⇒ Object

Class Method Details

.member_access_levels ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 136

def self.member_access_levels
  Gitlab::Access.all_values
end

Instance Method Details

#add_multiple_members?(user_id, username) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/api/helpers/members_helpers.rb', line 132

def add_multiple_members?(user_id, username)
  user_id&.include?(',') || username&.include?(',')
end

#add_single_member(create_service_params) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 95

def add_single_member(create_service_params)
  check_existing_membership(create_service_params)

  instance = ::Members::CreateService.new(current_user, create_service_params)
  result = instance.execute

  # This currently can only be reached in EE if group membership is locked
  not_allowed! if instance.membership_locked

  if result[:status] == :error && result[:http_status] == :unauthorized
    raise Gitlab::Access::AccessDeniedError
  end

  # prefer responding with model validations, if present
  member = instance.single_member
  render_validation_error!(member) if member&.invalid?

  present_add_single_member_response(result, member)
end

#authorize_admin_source!(source_type, source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 37

def authorize_admin_source!(source_type, source)
  authorize! :"admin_#{source_type}", source
end

#authorize_admin_source_member!(source_type, source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 25

def authorize_admin_source_member!(source_type, source)
  authorize! :"admin_#{source_type}_member", source
end

#authorize_invite_source_member!(source_type, source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 29

def authorize_invite_source_member!(source_type, source)
  authorize! :"invite_#{source_type}_members", source
end

#authorize_read_source_member!(source_type, source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 21

def authorize_read_source_member!(source_type, source)
  authorize! :"read_#{source_type}_member", source
end

#authorize_update_source_member!(source_type, member) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 33

def authorize_update_source_member!(source_type, member)
  authorize! :"update_#{source_type}_member", member
end

#check_existing_membership(create_service_params) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 125

def check_existing_membership(create_service_params)
  user_id = User.get_ids_by_ids_or_usernames(create_service_params[:user_id], create_service_params[:username]).first

  not_found!('User') unless user_id
  conflict!('Member already exists') if member_already_exists?(create_service_params[:source], user_id)
end

#find_all_members(source) ⇒ Object

rubocop: enable CodeReuse/ActiveRecord

# File 'lib/api/helpers/members_helpers.rb', line 65

def find_all_members(source)
  members = source.is_a?(Project) ? find_all_members_for_project(source) : find_all_members_for_group(source)
  members.non_invite.non_request
end

#find_all_members_for_group(group) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 75

def find_all_members_for_group(group)
  GroupMembersFinder.new(group, current_user).execute(include_relations: [:inherited, :direct, :shared_from_groups])
end

#find_all_members_for_project(project) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 70

def find_all_members_for_project(project)
  include_relations = [:inherited, :direct, :invited_groups, :shared_into_ancestors]
  MembersFinder.new(project, current_user).execute(include_relations: include_relations)
end

#find_source(source_type, id) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 17

def find_source(source_type, id)
  public_send("find_#{source_type}!", id) # rubocop:disable GitlabSecurity/PublicSend
end

#present_member_invitations(invitations) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 83

def present_member_invitations(invitations)
  present invitations, with: Entities::Invitation, current_user: current_user
end

#present_members(members) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 79

def present_members(members)
  present members, with: Entities::Member, current_user: current_user, show_seat_info: params[:show_seat_info]
end

#present_members_with_invited_private_group_accessibility(members, source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 87

def present_members_with_invited_private_group_accessibility(members, source)
  ::Members::InvitedPrivateGroupAccessibilityAssigner
    .new(members, source: source, current_user: current_user)
    .execute

  present_members members
end

#present_put_membership_response(result) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 115

def present_put_membership_response(result)
  updated_member = result[:members].first

  if result[:status] == :success
    present_members updated_member
  else
    render_validation_error!(updated_member)
  end
end

#retrieve_member_invitations(source, query = nil) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 51

def retrieve_member_invitations(source, query = nil)
  members = source_members(source).where.not(invite_token: nil)
  members = members.includes(:user)
  members = members.where(invite_email: query) if query.present?
  members
end

#retrieve_members(source, params:, deep: false) ⇒ Object

rubocop: disable CodeReuse/ActiveRecord

# File 'lib/api/helpers/members_helpers.rb', line 42

def retrieve_members(source, params:, deep: false)
  members = deep ? find_all_members(source) : source_members(source).connected_to_user
  members = members.allow_cross_joins_across_databases(url: "https://gitlab.com/gitlab-org/gitlab/-/issues/417456")
  members = members.includes(:user)
  members = members.references(:user).merge(User.search(params[:query], use_minimum_char_limit: false)) if params[:query].present?
  members = members.where(user_id: params[:user_ids]) if params[:user_ids].present?
  members
end

#source_members(source) ⇒ Object

# File 'lib/api/helpers/members_helpers.rb', line 58

def source_members(source)
  return source.namespace_members if source.is_a?(Project)

  source.members
end