From 0f3c3a1c57beb8269f97e408f19e76ba77aac99c Mon Sep 17 00:00:00 2001
From: Ahmad Sherif <me@ahmadsherif.com>
Date: Mon, 21 Nov 2016 15:33:58 +0200
Subject: [PATCH] Update user's authorized projects if project is allowed to
share with group
---
app/models/group.rb | 4 +++-
app/models/namespace.rb | 8 ++++++++
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/app/models/group.rb b/app/models/group.rb
index 40ba8b6a34d..4248e1162d8 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -65,7 +65,9 @@ class Group < Namespace
def select_for_project_authorization
if current_scope.joins_values.include?(:shared_projects)
- select("members.user_id, projects.id AS project_id, LEAST(project_group_links.group_access, members.access_level) AS access_level")
+ joins('INNER JOIN namespaces project_namespace ON project_namespace.id = projects.namespace_id')
+ .where('project_namespace.share_with_group_lock = ?', false)
+ .select("members.user_id, projects.id AS project_id, LEAST(project_group_links.group_access, members.access_level) AS access_level")
else
super
end
diff --git a/app/models/namespace.rb b/app/models/namespace.rb
index b67049f0f55..99da26a89fb 100644
--- a/app/models/namespace.rb
+++ b/app/models/namespace.rb
@@ -27,6 +27,7 @@ class Namespace < ActiveRecord::Base
delegate :name, to: :owner, allow_nil: true, prefix: true
after_update :move_dir, if: :path_changed?
+ after_commit :refresh_access_of_projects_invited_groups, on: :update, if: -> { previous_changes.key?('share_with_group_lock') }
# Save the storage paths before the projects are destroyed to use them on after destroy
before_destroy(prepend: true) { @old_repository_storage_paths = repository_storage_paths }
@@ -175,4 +176,11 @@ class Namespace < ActiveRecord::Base
end
end
end
+
+ def refresh_access_of_projects_invited_groups
+ Group.
+ joins(project_group_links: :project).
+ where(projects: { namespace_id: id }).
+ find_each(&:refresh_members_authorized_projects)
+ end
end
--
GitLab