Skip to content
Snippets Groups Projects
Commit 3826f2a7 authored by pshutsin's avatar pshutsin Committed by GitLab Release Tools Bot
Browse files

Project import maps members' created_by_id users based on source user ID 

Merge branch 'security-597-project-import-maps-members-created_by_id-users-based-on-source-user-id-14-9' into '14-9-stable-ee'

See merge request gitlab-org/security/gitlab!2301

Changelog: security
parent 1fdefb34
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/gitlab/import_export/members_mapper.rb
+ 49
16
View file @ 3826f2a7
@@ -19,9 +19,8 @@ module Gitlab
@exported_members.inject(missing_keys_tracking_hash) do |hash, member|
if member['user']
old_user_id = member['user']['id']
old_user_email = member.dig('user', 'public_email') || member.dig('user', 'email')
existing_user = User.find_by(find_user_query(old_user_email)) if old_user_email
hash[old_user_id] = existing_user.id if existing_user && add_team_member(member, existing_user)
existing_user_id = existing_users_email_map[get_email(member)]
hash[old_user_id] = existing_user_id if existing_user_id && add_team_member(member, existing_user_id)
else
add_team_member(member)
end
@@ -72,11 +71,45 @@ module Gitlab
member&.user == @user && member.access_level >= highest_access_level
end
 
def add_team_member(member, existing_user = nil)
return true if existing_user && @importable.members.exists?(user_id: existing_user.id)
# Returns {email => user_id} hash where user_id is an ID at current instance
def existing_users_email_map
@existing_users_email_map ||= begin
emails = @exported_members.map { |member| get_email(member) }
User.by_user_email(emails).pluck(:email, :id).to_h
end
end
# Returns {user_id => email} hash where user_id is an ID at source "old" instance
def exported_members_email_map
@exported_members_email_map ||= begin
result = {}
@exported_members.each do |member|
email = get_email(member)
next unless email
result[member.dig('user', 'id')] = email
end
result
end
end
def get_email(member_data)
return unless member_data['user']
member_data.dig('user', 'public_email') || member_data.dig('user', 'email')
end
def add_team_member(member, existing_user_id = nil)
return true if existing_user_id && @importable.members.exists?(user_id: existing_user_id)
 
member['user'] = existing_user
member_hash = member_hash(member)
if existing_user_id
member_hash.delete('user')
member_hash['user_id'] = existing_user_id
end
 
member = relation_class.create(member_hash)
 
@@ -92,11 +125,19 @@ module Gitlab
end
 
def member_hash(member)
parsed_hash(member).merge(
result = parsed_hash(member).merge(
'source_id' => @importable.id,
'importing' => true,
'access_level' => [member['access_level'], highest_access_level].min
).except('user_id')
if result['created_by_id']
created_by_email = exported_members_email_map[result['created_by_id']]
result['created_by_id'] = existing_users_email_map[created_by_email]
end
result
end
 
def parsed_hash(member)
@@ -104,14 +145,6 @@ module Gitlab
relation_class: relation_class)
end
 
def find_user_query(email)
user_arel[:email].eq(email)
end
def user_arel
@user_arel ||= User.arel_table
end
def relation_class
case @importable
when ::Project
@@ -143,7 +176,7 @@ module Gitlab
 
def base_log_params(member_hash)
{
user_id: member_hash['user']&.id,
user_id: member_hash['user_id'],
access_level: member_hash['access_level'],
importable_type: @importable.class.to_s,
importable_id: @importable.id,
spec/lib/gitlab/import_export/members_mapper_spec.rb
+ 46
7
View file @ 3826f2a7
@@ -17,7 +17,7 @@ RSpec.describe Gitlab::ImportExport::MembersMapper do
"notification_level" => 3,
"created_at" => "2016-03-11T10:21:44.822Z",
"updated_at" => "2016-03-11T10:21:44.822Z",
"created_by_id" => nil,
"created_by_id" => 1,
"invite_email" => nil,
"invite_token" => nil,
"invite_accepted_at" => nil,
@@ -38,10 +38,24 @@ RSpec.describe Gitlab::ImportExport::MembersMapper do
"notification_level" => 3,
"created_at" => "2016-03-11T10:21:44.822Z",
"updated_at" => "2016-03-11T10:21:44.822Z",
"created_by_id" => 1,
"created_by_id" => 2,
"invite_email" => 'invite@test.com',
"invite_token" => 'token',
"invite_accepted_at" => nil
},
{
"id" => 3,
"access_level" => 40,
"source_id" => 14,
"source_type" => source_type,
"user_id" => nil,
"notification_level" => 3,
"created_at" => "2016-03-11T10:21:44.822Z",
"updated_at" => "2016-03-11T10:21:44.822Z",
"created_by_id" => nil,
"invite_email" => 'invite2@test.com',
"invite_token" => 'token',
"invite_accepted_at" => nil
}]
end
 
@@ -68,12 +82,37 @@ RSpec.describe Gitlab::ImportExport::MembersMapper do
expect(member_class.find_by_invite_email('invite@test.com')).not_to be_nil
end
 
it 'removes old user_id from member_hash to avoid conflict with user key' do
it 'maps created_by_id to user on new instance' do
expect(member_class)
.to receive(:create)
.once
.with(hash_including('user_id' => user2.id, 'created_by_id' => nil))
.and_call_original
expect(member_class)
.to receive(:create)
.once
.with(hash_including('invite_email' => 'invite@test.com', 'created_by_id' => nil))
.and_call_original
expect(member_class)
.to receive(:create)
.once
.with(hash_including('invite_email' => 'invite2@test.com', 'created_by_id' => nil))
.and_call_original
members_mapper.map
end
it 'replaced user_id with user_id from new instance' do
expect(member_class)
.to receive(:create)
.once
.with(hash_including('user_id' => user2.id))
.and_call_original
expect(member_class)
.to receive(:create)
.twice
.with(hash_excluding('user_id'))
.and_call_original
.twice
.with(hash_excluding('user_id'))
.and_call_original
 
members_mapper.map
end
@@ -99,7 +138,7 @@ RSpec.describe Gitlab::ImportExport::MembersMapper do
end
 
expect(logger).to receive(:info).with(hash_including(expected_log_params.call(user2.id))).once
expect(logger).to receive(:info).with(hash_including(expected_log_params.call(nil))).once
expect(logger).to receive(:info).with(hash_including(expected_log_params.call(nil))).twice
 
members_mapper.map
end
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment