Commit 5e1a802b authored by Robert Speicher's avatar Robert Speicher

Merge branch 'remove_is_admin' into 'master'

Remove the `User#is_admin?` method

Closes #30584

See merge request !10520
parents 8265fe39 11aff97d
...@@ -6,6 +6,6 @@ class Admin::ApplicationController < ApplicationController ...@@ -6,6 +6,6 @@ class Admin::ApplicationController < ApplicationController
layout 'admin' layout 'admin'
def authenticate_admin! def authenticate_admin!
render_404 unless current_user.is_admin? render_404 unless current_user.admin?
end end
end end
...@@ -21,6 +21,6 @@ class Admin::ImpersonationsController < Admin::ApplicationController ...@@ -21,6 +21,6 @@ class Admin::ImpersonationsController < Admin::ApplicationController
end end
def authenticate_impersonator! def authenticate_impersonator!
render_404 unless impersonator && impersonator.is_admin? && !impersonator.blocked? render_404 unless impersonator && impersonator.admin? && !impersonator.blocked?
end end
end end
...@@ -85,7 +85,7 @@ module VisibilityLevelHelper ...@@ -85,7 +85,7 @@ module VisibilityLevelHelper
end end
def restricted_visibility_levels(show_all = false) def restricted_visibility_levels(show_all = false)
return [] if current_user.is_admin? && !show_all return [] if current_user.admin? && !show_all
current_application_settings.restricted_visibility_levels || [] current_application_settings.restricted_visibility_levels || []
end end
......
...@@ -555,10 +555,6 @@ class User < ActiveRecord::Base ...@@ -555,10 +555,6 @@ class User < ActiveRecord::Base
authorized_projects(Gitlab::Access::REPORTER).non_archived.with_issues_enabled authorized_projects(Gitlab::Access::REPORTER).non_archived.with_issues_enabled
end end
def is_admin?
admin
end
def require_ssh_key? def require_ssh_key?
keys.count == 0 && Gitlab::ProtocolAccess.allowed?('ssh') keys.count == 0 && Gitlab::ProtocolAccess.allowed?('ssh')
end end
......
...@@ -3,7 +3,7 @@ module Ci ...@@ -3,7 +3,7 @@ module Ci
def rules def rules
return unless @user return unless @user
can! :assign_runner if @user.is_admin? can! :assign_runner if @user.admin?
return if @subject.is_shared? || @subject.locked? return if @subject.is_shared? || @subject.locked?
......
...@@ -11,7 +11,7 @@ module Users ...@@ -11,7 +11,7 @@ module Users
user = User.new(build_user_params) user = User.new(build_user_params)
if current_user&.is_admin? if current_user&.admin?
if params[:reset_password] if params[:reset_password]
@reset_token = user.generate_reset_token @reset_token = user.generate_reset_token
params[:force_random_password] = true params[:force_random_password] = true
...@@ -47,7 +47,7 @@ module Users ...@@ -47,7 +47,7 @@ module Users
private private
def can_create_user? def can_create_user?
(current_user.nil? && current_application_settings.signup_enabled?) || current_user&.is_admin? (current_user.nil? && current_application_settings.signup_enabled?) || current_user&.admin?
end end
# Allowed params for creating a user (admins only) # Allowed params for creating a user (admins only)
...@@ -94,7 +94,7 @@ module Users ...@@ -94,7 +94,7 @@ module Users
end end
def build_user_params def build_user_params
if current_user&.is_admin? if current_user&.admin?
user_params = params.slice(*admin_create_params) user_params = params.slice(*admin_create_params)
user_params[:created_by_id] = current_user&.id user_params[:created_by_id] = current_user&.id
......
...@@ -31,7 +31,7 @@ ...@@ -31,7 +31,7 @@
%li.impersonation %li.impersonation
= link_to admin_impersonation_path, method: :delete, title: "Stop impersonation", aria: { label: 'Stop impersonation' }, data: { toggle: 'tooltip', placement: 'bottom', container: 'body' } do = link_to admin_impersonation_path, method: :delete, title: "Stop impersonation", aria: { label: 'Stop impersonation' }, data: { toggle: 'tooltip', placement: 'bottom', container: 'body' } do
= icon('user-secret fw') = icon('user-secret fw')
- if current_user.is_admin? - if current_user.admin?
%li %li
= link_to admin_root_path, title: 'Admin area', aria: { label: "Admin area" }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do = link_to admin_root_path, title: 'Admin area', aria: { label: "Admin area" }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
= icon('wrench fw') = icon('wrench fw')
......
---
title: Remove the User#is_admin? method
merge_request: 10520
author: blackst0ne
...@@ -14,7 +14,7 @@ module API ...@@ -14,7 +14,7 @@ module API
class User < UserBasic class User < UserBasic
expose :created_at expose :created_at
expose :is_admin?, as: :is_admin expose :admin?, as: :is_admin
expose :bio, :location, :skype, :linkedin, :twitter, :website_url, :organization expose :bio, :location, :skype, :linkedin, :twitter, :website_url, :organization
end end
...@@ -611,9 +611,9 @@ module API ...@@ -611,9 +611,9 @@ module API
expose :locked expose :locked
expose :version, :revision, :platform, :architecture expose :version, :revision, :platform, :architecture
expose :contacted_at expose :contacted_at
expose :token, if: lambda { |runner, options| options[:current_user].is_admin? || !runner.is_shared? } expose :token, if: lambda { |runner, options| options[:current_user].admin? || !runner.is_shared? }
expose :projects, with: Entities::BasicProjectDetails do |runner, options| expose :projects, with: Entities::BasicProjectDetails do |runner, options|
if options[:current_user].is_admin? if options[:current_user].admin?
runner.projects runner.projects
else else
options[:current_user].authorized_projects.where(id: runner.projects) options[:current_user].authorized_projects.where(id: runner.projects)
......
...@@ -56,7 +56,7 @@ module API ...@@ -56,7 +56,7 @@ module API
groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present? groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
groups = groups.reorder(params[:order_by] => params[:sort]) groups = groups.reorder(params[:order_by] => params[:sort])
present_groups groups, statistics: params[:statistics] && current_user.is_admin? present_groups groups, statistics: params[:statistics] && current_user.admin?
end end
desc 'Create a group. Available only for users who can create groups.' do desc 'Create a group. Available only for users who can create groups.' do
......
...@@ -118,7 +118,7 @@ module API ...@@ -118,7 +118,7 @@ module API
def authenticated_as_admin! def authenticated_as_admin!
authenticate! authenticate!
forbidden! unless current_user.is_admin? forbidden! unless current_user.admin?
end end
def authorize!(action, subject = :global) def authorize!(action, subject = :global)
...@@ -358,7 +358,7 @@ module API ...@@ -358,7 +358,7 @@ module API
return unless sudo_identifier return unless sudo_identifier
return unless initial_current_user return unless initial_current_user
unless initial_current_user.is_admin? unless initial_current_user.admin?
forbidden!('Must be admin to use sudo') forbidden!('Must be admin to use sudo')
end end
......
...@@ -78,7 +78,7 @@ module API ...@@ -78,7 +78,7 @@ module API
} }
if can?(current_user, noteable_read_ability_name(noteable), noteable) if can?(current_user, noteable_read_ability_name(noteable), noteable)
if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user) if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
opts[:created_at] = params[:created_at] opts[:created_at] = params[:created_at]
end end
......
...@@ -161,18 +161,18 @@ module API ...@@ -161,18 +161,18 @@ module API
end end
def authenticate_show_runner!(runner) def authenticate_show_runner!(runner)
return if runner.is_shared || current_user.is_admin? return if runner.is_shared || current_user.admin?
forbidden!("No access granted") unless user_can_access_runner?(runner) forbidden!("No access granted") unless user_can_access_runner?(runner)
end end
def authenticate_update_runner!(runner) def authenticate_update_runner!(runner)
return if current_user.is_admin? return if current_user.admin?
forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is shared") if runner.is_shared?
forbidden!("No access granted") unless user_can_access_runner?(runner) forbidden!("No access granted") unless user_can_access_runner?(runner)
end end
def authenticate_delete_runner!(runner) def authenticate_delete_runner!(runner)
return if current_user.is_admin? return if current_user.admin?
forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is shared") if runner.is_shared?
forbidden!("Runner associated with more than one project") if runner.projects.count > 1 forbidden!("Runner associated with more than one project") if runner.projects.count > 1
forbidden!("No access granted") unless user_can_access_runner?(runner) forbidden!("No access granted") unless user_can_access_runner?(runner)
...@@ -181,7 +181,7 @@ module API ...@@ -181,7 +181,7 @@ module API
def authenticate_enable_runner!(runner) def authenticate_enable_runner!(runner)
forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is shared") if runner.is_shared?
forbidden!("Runner is locked") if runner.locked? forbidden!("Runner is locked") if runner.locked?
return if current_user.is_admin? return if current_user.admin?
forbidden!("No access granted") unless user_can_access_runner?(runner) forbidden!("No access granted") unless user_can_access_runner?(runner)
end end
......
...@@ -642,7 +642,7 @@ module API ...@@ -642,7 +642,7 @@ module API
service_params = declared_params(include_missing: false).merge(active: true) service_params = declared_params(include_missing: false).merge(active: true)
if service.update_attributes(service_params) if service.update_attributes(service_params)
present service, with: Entities::ProjectService, include_passwords: current_user.is_admin? present service, with: Entities::ProjectService, include_passwords: current_user.admin?
else else
render_api_error!('400 Bad Request', 400) render_api_error!('400 Bad Request', 400)
end end
...@@ -673,7 +673,7 @@ module API ...@@ -673,7 +673,7 @@ module API
end end
get ":id/services/:service_slug" do get ":id/services/:service_slug" do
service = user_project.find_or_initialize_service(params[:service_slug].underscore) service = user_project.find_or_initialize_service(params[:service_slug].underscore)
present service, with: Entities::ProjectService, include_passwords: current_user.is_admin? present service, with: Entities::ProjectService, include_passwords: current_user.admin?
end end
end end
......
...@@ -56,10 +56,10 @@ module API ...@@ -56,10 +56,10 @@ module API
users = users.active if params[:active] users = users.active if params[:active]
users = users.search(params[:search]) if params[:search].present? users = users.search(params[:search]) if params[:search].present?
users = users.blocked if params[:blocked] users = users.blocked if params[:blocked]
users = users.external if params[:external] && current_user.is_admin? users = users.external if params[:external] && current_user.admin?
end end
entity = current_user.is_admin? ? Entities::UserPublic : Entities::UserBasic entity = current_user.admin? ? Entities::UserPublic : Entities::UserBasic
present paginate(users), with: entity present paginate(users), with: entity
end end
...@@ -73,7 +73,7 @@ module API ...@@ -73,7 +73,7 @@ module API
user = User.find_by(id: params[:id]) user = User.find_by(id: params[:id])
not_found!('User') unless user not_found!('User') unless user
if current_user && current_user.is_admin? if current_user && current_user.admin?
present user, with: Entities::UserPublic present user, with: Entities::UserPublic
elsif can?(current_user, :read_user, user) elsif can?(current_user, :read_user, user)
present user, with: Entities::User present user, with: Entities::User
......
...@@ -54,7 +54,7 @@ module API ...@@ -54,7 +54,7 @@ module API
groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present? groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
groups = groups.reorder(params[:order_by] => params[:sort]) groups = groups.reorder(params[:order_by] => params[:sort])
present_groups groups, statistics: params[:statistics] && current_user.is_admin? present_groups groups, statistics: params[:statistics] && current_user.admin?
end end
desc 'Get list of owned groups for authenticated user' do desc 'Get list of owned groups for authenticated user' do
......
...@@ -79,7 +79,7 @@ module API ...@@ -79,7 +79,7 @@ module API
noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id]) noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
if can?(current_user, noteable_read_ability_name(noteable), noteable) if can?(current_user, noteable_read_ability_name(noteable), noteable)
if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user) if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
opts[:created_at] = params[:created_at] opts[:created_at] = params[:created_at]
end end
......
...@@ -50,7 +50,7 @@ module API ...@@ -50,7 +50,7 @@ module API
helpers do helpers do
def authenticate_delete_runner!(runner) def authenticate_delete_runner!(runner)
return if current_user.is_admin? return if current_user.admin?
forbidden!("Runner is shared") if runner.is_shared? forbidden!("Runner is shared") if runner.is_shared?
forbidden!("Runner associated with more than one project") if runner.projects.count > 1 forbidden!("Runner associated with more than one project") if runner.projects.count > 1
forbidden!("No access granted") unless user_can_access_runner?(runner) forbidden!("No access granted") unless user_can_access_runner?(runner)
......
...@@ -602,7 +602,7 @@ module API ...@@ -602,7 +602,7 @@ module API
end end
get ":id/services/:service_slug" do get ":id/services/:service_slug" do
service = user_project.find_or_initialize_service(params[:service_slug].underscore) service = user_project.find_or_initialize_service(params[:service_slug].underscore)
present service, with: Entities::ProjectService, include_passwords: current_user.is_admin? present service, with: Entities::ProjectService, include_passwords: current_user.admin?
end end
end end
......
...@@ -186,7 +186,7 @@ module Gitlab ...@@ -186,7 +186,7 @@ module Gitlab
end end
def admin_user? def admin_user?
@user.is_admin? @user.admin?
end end
def parsed_relation_hash def parsed_relation_hash
......
...@@ -63,7 +63,7 @@ module Gitlab ...@@ -63,7 +63,7 @@ module Gitlab
end end
def allowed_for?(user, level) def allowed_for?(user, level)
user.is_admin? || allowed_level?(level.to_i) user.admin? || allowed_level?(level.to_i)
end end
# Return true if the specified level is allowed for the current user. # Return true if the specified level is allowed for the current user.
......
...@@ -223,7 +223,7 @@ describe "Admin::Users", feature: true do ...@@ -223,7 +223,7 @@ describe "Admin::Users", feature: true do
it "changes user entry" do it "changes user entry" do
user.reload user.reload
expect(user.name).to eq('Big Bang') expect(user.name).to eq('Big Bang')
expect(user.is_admin?).to be_truthy expect(user.admin?).to be_truthy
expect(user.password_expires_at).to be <= Time.now expect(user.password_expires_at).to be <= Time.now
end end
end end
......
...@@ -315,7 +315,7 @@ describe User, models: true do ...@@ -315,7 +315,7 @@ describe User, models: true do
end end
describe "Respond to" do describe "Respond to" do
it { is_expected.to respond_to(:is_admin?) } it { is_expected.to respond_to(:admin?) }
it { is_expected.to respond_to(:name) } it { is_expected.to respond_to(:name) }
it { is_expected.to respond_to(:private_token) } it { is_expected.to respond_to(:private_token) }
it { is_expected.to respond_to(:external?) } it { is_expected.to respond_to(:external?) }
...@@ -586,7 +586,7 @@ describe User, models: true do ...@@ -586,7 +586,7 @@ describe User, models: true do
describe 'normal user' do describe 'normal user' do
let(:user) { create(:user, name: 'John Smith') } let(:user) { create(:user, name: 'John Smith') }
it { expect(user.is_admin?).to be_falsey } it { expect(user.admin?).to be_falsey }
it { expect(user.require_ssh_key?).to be_truthy } it { expect(user.require_ssh_key?).to be_truthy }
it { expect(user.can_create_group?).to be_truthy } it { expect(user.can_create_group?).to be_truthy }
it { expect(user.can_create_project?).to be_truthy } it { expect(user.can_create_project?).to be_truthy }
......
...@@ -13,7 +13,7 @@ describe API::Session, api: true do ...@@ -13,7 +13,7 @@ describe API::Session, api: true do
expect(json_response['email']).to eq(user.email) expect(json_response['email']).to eq(user.email)
expect(json_response['private_token']).to eq(user.private_token) expect(json_response['private_token']).to eq(user.private_token)
expect(json_response['is_admin']).to eq(user.is_admin?) expect(json_response['is_admin']).to eq(user.admin?)
expect(json_response['can_create_project']).to eq(user.can_create_project?) expect(json_response['can_create_project']).to eq(user.can_create_project?)
expect(json_response['can_create_group']).to eq(user.can_create_group?) expect(json_response['can_create_group']).to eq(user.can_create_group?)
end end
...@@ -37,7 +37,7 @@ describe API::Session, api: true do ...@@ -37,7 +37,7 @@ describe API::Session, api: true do
expect(json_response['email']).to eq user.email expect(json_response['email']).to eq user.email
expect(json_response['private_token']).to eq user.private_token expect(json_response['private_token']).to eq user.private_token
expect(json_response['is_admin']).to eq user.is_admin? expect(json_response['is_admin']).to eq user.admin?
expect(json_response['can_create_project']).to eq user.can_create_project? expect(json_response['can_create_project']).to eq user.can_create_project?
expect(json_response['can_create_group']).to eq user.can_create_group? expect(json_response['can_create_group']).to eq user.can_create_group?
end end
...@@ -50,7 +50,7 @@ describe API::Session, api: true do ...@@ -50,7 +50,7 @@ describe API::Session, api: true do
expect(json_response['email']).to eq user.email expect(json_response['email']).to eq user.email
expect(json_response['private_token']).to eq user.private_token expect(json_response['private_token']).to eq user.private_token
expect(json_response['is_admin']).to eq user.is_admin? expect(json_response['is_admin']).to eq user.admin?
expect(json_response['can_create_project']).to eq user.can_create_project? expect(json_response['can_create_project']).to eq user.can_create_project?
expect(json_response['can_create_group']).to eq user.can_create_group? expect(json_response['can_create_group']).to eq user.can_create_group?
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment