Class: Clusters::Agents::Authorizations::UserAccess::GroupAuthorization

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• Clusters::Agents::Authorizations::UserAccess::GroupAuthorization

Includes:

Scopes

Defined in:

app/models/clusters/agents/authorizations/user_access/group_authorization.rb

Constant Summary

Constants inherited from ApplicationRecord

ApplicationRecord::MAX_PLUCK

Constants included from ResetOnUnionError

ResetOnUnionError::MAX_RESET_PERIOD

Class Method Summary

• .all_groups_with_membership ⇒ Object
• .all_groups_with_membership_cte ⇒ Object
• .delete_unlisted(group_ids) ⇒ Object
• .groups_with_direct_membership_cte(user) ⇒ Object
• .groups_with_direct_membership_for(user) ⇒ Object
• .upsert_configs(configs) ⇒ Object

Instance Method Summary

• #config_project ⇒ Object

Methods inherited from ApplicationRecord

cached_column_list, #create_or_load_association, declarative_enum, default_select_columns, id_in, id_not_in, iid_in, pluck_primary_key, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, #to_ability_name, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order

Methods included from SensitiveSerializableHash

#serializable_hash

Class Method Details

.all_groups_with_membership ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 48

def all_groups_with_membership
  ::Group.joins('INNER JOIN groups_with_direct_membership ON ' \
                'namespaces.traversal_ids @> ARRAY[groups_with_direct_membership.id]')
         .select('namespaces.id AS id, ' \
                 'namespaces.traversal_ids AS traversal_ids, ' \
                 'groups_with_direct_membership.access_level AS access_level')
end

.all_groups_with_membership_cte ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 44

def all_groups_with_membership_cte
  Gitlab::SQL::CTE.new(:all_groups_with_membership, all_groups_with_membership.to_sql)
end

.delete_unlisted(group_ids) ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 40

def delete_unlisted(group_ids)
  where.not(group_id: group_ids).delete_all
end

.groups_with_direct_membership_cte(user) ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 56

def groups_with_direct_membership_cte(user)
  Gitlab::SQL::CTE.new(:groups_with_direct_membership, groups_with_direct_membership_for(user).to_sql)
end

.groups_with_direct_membership_for(user) ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 60

def groups_with_direct_membership_for(user)
  ::Group.joins("INNER JOIN members ON " \
                "members.source_id = namespaces.id AND members.source_type = 'Namespace'")
         .where(members: { user_id: user.id, access_level: Gitlab::Access::DEVELOPER.. })
         .select('namespaces.id AS id, members.access_level AS access_level')
end

.upsert_configs(configs) ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 36

def upsert_configs(configs)
  upsert_all(configs, unique_by: [:agent_id, :group_id])
end

Instance Method Details

#config_project ⇒ Object

# File 'app/models/clusters/agents/authorizations/user_access/group_authorization.rb', line 31

def config_project
  agent.project
end