Commit 0806f699 authored by Jan Provaznik's avatar Jan Provaznik

Merge branch '220192-fix-pagination-pd' into 'master'

Fix pagination for resource label events

See merge request gitlab-org/gitlab!33821
parents 45b5cd9c 375d877e
# frozen_string_literal: true
class ResourceLabelEventFinder
include FinderMethods
MAX_PER_PAGE = 100
attr_reader :params, :current_user, :eventable
def initialize(current_user, eventable, params = {})
@current_user = current_user
@eventable = eventable
@params = params
end
def execute
events = eventable.resource_label_events.inc_relations
events = events.page(page).per(per_page)
events = visible_to_user(events)
Kaminari.paginate_array(events)
end
private
def visible_to_user(events)
ResourceLabelEvent.preload_label_subjects(events)
events.select do |event|
Ability.allowed?(current_user, :read_label, event)
end
end
def per_page
[params[:per_page], MAX_PER_PAGE].compact.min
end
def page
params[:page] || 1
end
end
...@@ -71,6 +71,14 @@ class ResourceLabelEvent < ResourceEvent ...@@ -71,6 +71,14 @@ class ResourceLabelEvent < ResourceEvent
end end
end end
def self.visible_to_user?(user, events)
ResourceLabelEvent.preload_label_subjects(events)
events.select do |event|
Ability.allowed?(user, :read_label, event)
end
end
private private
def label_reference def label_reference
......
---
title: Fix pagination for resource label events
merge_request: 33821
author:
type: fixed
...@@ -27,10 +27,9 @@ module API ...@@ -27,10 +27,9 @@ module API
get ":id/#{eventables_str}/:eventable_id/resource_label_events" do get ":id/#{eventables_str}/:eventable_id/resource_label_events" do
eventable = find_noteable(eventable_type, params[:eventable_id]) eventable = find_noteable(eventable_type, params[:eventable_id])
opts = { page: params[:page], per_page: params[:per_page] } events = eventable.resource_label_events.inc_relations
events = ResourceLabelEventFinder.new(current_user, eventable, opts).execute
present paginate(events), with: Entities::ResourceLabelEvent present ResourceLabelEvent.visible_to_user?(current_user, paginate(events)), with: Entities::ResourceLabelEvent
end end
desc "Get a single #{eventable_type.to_s.downcase} resource label event" do desc "Get a single #{eventable_type.to_s.downcase} resource label event" do
......
# frozen_string_literal: true
require 'spec_helper'
describe ResourceLabelEventFinder do
let_it_be(:user) { create(:user) }
let_it_be(:issue_project) { create(:project) }
let_it_be(:issue) { create(:issue, project: issue_project) }
describe '#execute' do
subject { described_class.new(user, issue).execute }
it 'returns events with labels accessible by user' do
label = create(:label, project: issue_project)
event = create_event(label)
issue_project.add_guest(user)
expect(subject).to eq [event]
end
it 'filters events with public project labels if issues and MRs are private' do
project = create(:project, :public, :issues_private, :merge_requests_private)
label = create(:label, project: project)
create_event(label)
expect(subject).to be_empty
end
it 'filters events with project labels not accessible by user' do
project = create(:project, :private)
label = create(:label, project: project)
create_event(label)
expect(subject).to be_empty
end
it 'filters events with group labels not accessible by user' do
group = create(:group, :private)
label = create(:group_label, group: group)
create_event(label)
expect(subject).to be_empty
end
it 'paginates results' do
label = create(:label, project: issue_project)
create_event(label)
create_event(label)
issue_project.add_guest(user)
paginated = described_class.new(user, issue, per_page: 1).execute
expect(subject.count).to eq 2
expect(paginated.count).to eq 1
end
def create_event(label)
create(:resource_label_event, issue: issue, label: label)
end
end
end
...@@ -96,4 +96,48 @@ RSpec.describe ResourceLabelEvent, type: :model do ...@@ -96,4 +96,48 @@ RSpec.describe ResourceLabelEvent, type: :model do
expect(subject.outdated_markdown?).to be false expect(subject.outdated_markdown?).to be false
end end
end end
describe '.visible_to_user?' do
let_it_be(:user) { create(:user) }
let_it_be(:issue_project) { create(:project) }
let_it_be(:issue) { create(:issue, project: issue_project) }
subject { described_class.visible_to_user?(user, issue.resource_label_events.inc_relations) }
it 'returns events with labels accessible by user' do
label = create(:label, project: issue_project)
event = create_event(label)
issue_project.add_guest(user)
expect(subject).to eq [event]
end
it 'filters events with public project labels if issues and MRs are private' do
project = create(:project, :public, :issues_private, :merge_requests_private)
label = create(:label, project: project)
create_event(label)
expect(subject).to be_empty
end
it 'filters events with project labels not accessible by user' do
project = create(:project, :private)
label = create(:label, project: project)
create_event(label)
expect(subject).to be_empty
end
it 'filters events with group labels not accessible by user' do
group = create(:group, :private)
label = create(:group_label, group: group)
create_event(label)
expect(subject).to be_empty
end
def create_event(label)
create(:resource_label_event, issue: issue, label: label)
end
end
end end
...@@ -93,6 +93,20 @@ RSpec.shared_examples 'resource_label_events API' do |parent_type, eventable_typ ...@@ -93,6 +93,20 @@ RSpec.shared_examples 'resource_label_events API' do |parent_type, eventable_typ
end end
end end
describe 'pagination' do
let!(:event1) { create_event(label) }
let!(:event2) { create_event(label) }
# https://gitlab.com/gitlab-org/gitlab/-/issues/220192
it "returns the second page" do
get api("/#{parent_type}/#{parent.id}/#{eventable_type}/#{eventable[id_name]}/resource_label_events?page=2&per_page=1", user)
expect(response).to have_gitlab_http_status(:ok)
expect(json_response.count).to eq(1)
expect(json_response.first['id']).to eq(event2.id)
end
end
def create_event(label) def create_event(label)
create(:resource_label_event, eventable.class.name.underscore => eventable, label: label) create(:resource_label_event, eventable.class.name.underscore => eventable, label: label)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment