Refactor complicated API group finding rules into GroupsFinder

2adff699 · Nick Thomas · 06147286 · 2adff699 · 2adff699
Commit 2adff699 authored Aug 24, 2017 by Nick Thomas
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 16 deletions

app/finders/groups_finder.rb app/finders/groups_finder.rb +30 -6

lib/api/groups.rb lib/api/groups.rb +2 -10

No files found.
--- a/app/finders/groups_finder.rb
+++ b/app/finders/groups_finder.rb
+# GroupsFinder
+#
+# Used to filter Groups by a set of params
+#
+# Arguments:
+#   current_user - which user is requesting groups
+#   params:
+#     owned: boolean
+#     parent: Group
+#     all_available: boolean (defaults to true)
+#
+# Users with full private access can see all groups. The `owned` and `parent`
+# params can be used to restrict the groups that are returned.
+#
+# Anonymous users will never return any `owned` groups. They will return all
+# public groups instead, even if `all_available` is set to false.
 class GroupsFinder < UnionFinder
  def initialize(current_user = nil, params = {})
    @current_user = current_user
@@ -16,13 +32,13 @@ class GroupsFinder < UnionFinder
  attr_reader :current_user, :params

  def all_groups
-    groups = []
-
-    if current_user
-      groups << Gitlab::GroupHierarchy.new(groups_for_ancestors, groups_for_descendants).all_groups
-    end
-    groups << Group.unscoped.public_to_user(current_user)
+    return [owned_groups] if params[:owned]
+    return [Group.all] if current_user&.full_private_access?

+    groups = []
+    groups << Gitlab::GroupHierarchy.new(groups_for_ancestors, groups_for_descendants).all_groups if current_user
+    groups << Group.unscoped.public_to_user(current_user) if include_public_groups?
+    groups << Group.none if groups.empty?
    groups
  end

@@ -39,4 +55,12 @@ class GroupsFinder < UnionFinder

    groups.where(parent: params[:parent])
  end
+
+  def owned_groups
+    current_user&.groups || Group.none
+  end
+
+  def include_public_groups?
+    current_user.nil? || params.fetch(:all_available, true)
+  end
 end
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -47,16 +47,8 @@ module API
        use :pagination
      end
      get do
-        groups = if params[:owned]
-                   current_user ? current_user.owned_groups : Group.none
-                 elsif current_user&.admin?
-                   Group.all
-                 elsif params[:all_available] || current_user.nil?
-                   GroupsFinder.new(current_user).execute
-                 else
-                   current_user.groups
-                 end
-
+        find_params = { all_available: params[:all_available], owned: params[:owned] }
+        groups = GroupsFinder.new(current_user, find_params).execute
        groups = groups.search(params[:search]) if params[:search].present?
        groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
        groups = groups.reorder(params[:order_by] => params[:sort])