Removed pagination from AutocompleteUsersFinder

The frontend code doesn't use this so there's no practical point in supporting this. We also hardcode the limit to 20 so users can no longer request their own limit, which could overload the database (depending on any upper bounds perhaps enforced by Kaminari).

Removed pagination from AutocompleteUsersFinder
The frontend code doesn't use this so there's no practical point in supporting this. We also hardcode the limit to 20 so users can no longer request their own limit, which could overload the database (depending on any upper bounds perhaps enforced by Kaminari).
37e681ac · Yorick Peterse · ce1f0ad2 · 37e681ac · 37e681ac · 37e681ac
Commit 37e681ac authored Feb 15, 2018 by Yorick Peterse
4 changed files
--- a/app/assets/javascripts/filtered_search/dropdown_user.js
+++ b/app/assets/javascripts/filtered_search/dropdown_user.js
@@ -14,7 +14,6 @@ export default class DropdownUser extends FilteredSearchDropdown {
        endpoint: `${gon.relative_url_root || ''}/autocomplete/users.json`,
        searchKey: 'search',
        params: {
-          per_page: 20,
          active: true,
          group_id: this.getGroupId(),
          project_id: this.getProjectId(),

--- a/app/assets/javascripts/users_select.js
+++ b/app/assets/javascripts/users_select.js
@@ -39,7 +39,6 @@ function UsersSelect(currentUser, els, options = {}) {
      options.showCurrentUser = $dropdown.data('currentUser');
      options.todoFilter = $dropdown.data('todoFilter');
      options.todoStateFilter = $dropdown.data('todoStateFilter');
-      options.perPage = $dropdown.data('perPage');
      showNullUser = $dropdown.data('nullUser');
      defaultNullUser = $dropdown.data('nullUserDefault');
      showMenuAbove = $dropdown.data('showMenuAbove');
@@ -669,7 +668,6 @@ UsersSelect.prototype.users = function(query, options, callback) {
  const url = this.buildUrl(this.usersPath);
  const params = {
    search: query,
-    per_page: options.perPage || 20,
    active: true,
    project_id: options.projectId || null,
    group_id: options.groupId || null,

--- a/app/finders/autocomplete_users_finder.rb
+++ b/app/finders/autocomplete_users_finder.rb
 class AutocompleteUsersFinder
+  # The number of users to display in the results is hardcoded to 20, and
+  # pagination is not supported. This ensures that performance remains
+  # consistent and removes the need for implementing keyset pagination to ensure
+  # good performance.
+  LIMIT = 20
+
  attr_reader :current_user, :project, :group, :search, :skip_users,
-              :page, :per_page, :author_id, :params
+              :author_id, :params

  # EE
  attr_reader :skip_ldap
@@ -11,8 +17,6 @@ class AutocompleteUsersFinder
    @group = group
    @search = params[:search]
    @skip_users = params[:skip_users]
-    @page = params[:page]
-    @per_page = params[:per_page]
    @author_id = params[:author_id]
    @params = params

@@ -30,9 +34,10 @@ class AutocompleteUsersFinder
    items = items.reorder(:name)
    items = items.search(search) if search.present?
    items = items.where.not(id: skip_users) if skip_users.present?
+    items = items.limit(LIMIT)

    # EE
-    items = load_users_by_push_ability(items) || items.page(page).per(per_page)
+    items = load_users_by_push_ability(items)

    if params[:todo_filter].present? && current_user
      items = items.todo_authors(current_user.id, params[:todo_state_filter])
@@ -66,7 +71,7 @@ class AutocompleteUsersFinder
  def users_from_project
    if author_id.present?
      union = Gitlab::SQL::Union
-        .new([project.team.users, User.where(id: author_id)])
+        .new([project.authorized_users, User.where(id: author_id)])

      User.from("(#{union.to_sql}) #{User.table_name}")
    else
@@ -76,14 +81,13 @@ class AutocompleteUsersFinder

  # EE
  def load_users_by_push_ability(items)
-    return unless project
+    return items unless project

    ability = push_ability
-    return if ability.blank?
+    return items if ability.blank?

    items.to_a
      .select { |user| user.can?(ability, project) }
-      .take(per_page&.to_i || Kaminari.config.default_per_page)
  end

  def push_ability

--- a/spec/controllers/autocomplete_controller_spec.rb
+++ b/spec/controllers/autocomplete_controller_spec.rb
@@ -109,15 +109,17 @@ describe AutocompleteController do
    end

    context 'limited users per page' do
-      let(:per_page) { 2 }
-
      before do
+        25.times do
+          create(:user)
+        end
+
        sign_in(user)
-        get(:users, per_page: per_page)
+        get(:users)
      end

      it { expect(json_response).to be_kind_of(Array) }
-      it { expect(json_response.size).to eq(per_page) }
+      it { expect(json_response.size).to eq(20) }
    end

    context 'unauthenticated user' do