Commit 6b02127f authored by Rémy Coutable's avatar Rémy Coutable

New Members::RequestAccessService

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 98b3d6ce
...@@ -3,7 +3,7 @@ module MembershipActions ...@@ -3,7 +3,7 @@ module MembershipActions
include MembersHelper include MembersHelper
def request_access def request_access
membershipable.request_access(current_user) Members::RequestAccessService.new(membershipable, current_user).execute
redirect_to polymorphic_path(membershipable), redirect_to polymorphic_path(membershipable),
notice: 'Your request for access has been queued for review.' notice: 'Your request for access has been queued for review.'
......
# == AccessRequestable concern
#
# Contains functionality related to objects that can receive request for access.
#
# Used by Project, and Group.
#
module AccessRequestable
extend ActiveSupport::Concern
def request_access(user)
members.create(
access_level: Gitlab::Access::DEVELOPER,
user: user,
requested_at: Time.now.utc)
end
end
...@@ -3,7 +3,6 @@ require 'carrierwave/orm/activerecord' ...@@ -3,7 +3,6 @@ require 'carrierwave/orm/activerecord'
class Group < Namespace class Group < Namespace
include Gitlab::ConfigHelper include Gitlab::ConfigHelper
include Gitlab::VisibilityLevel include Gitlab::VisibilityLevel
include AccessRequestable
include Referable include Referable
has_many :group_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'GroupMember' has_many :group_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'GroupMember'
...@@ -102,6 +101,10 @@ class Group < Namespace ...@@ -102,6 +101,10 @@ class Group < Namespace
self[:lfs_enabled] self[:lfs_enabled]
end end
def request_access(user)
Members::RequestAccessService.new(self, user).execute
end
def add_users(user_ids, access_level, current_user: nil, expires_at: nil) def add_users(user_ids, access_level, current_user: nil, expires_at: nil)
user_ids.each do |user_id| user_ids.each do |user_id|
Member.add_user( Member.add_user(
......
...@@ -5,7 +5,6 @@ class Project < ActiveRecord::Base ...@@ -5,7 +5,6 @@ class Project < ActiveRecord::Base
include Gitlab::ShellAdapter include Gitlab::ShellAdapter
include Gitlab::VisibilityLevel include Gitlab::VisibilityLevel
include Gitlab::CurrentSettings include Gitlab::CurrentSettings
include AccessRequestable
include Referable include Referable
include Sortable include Sortable
include AfterCommitQueue include AfterCommitQueue
...@@ -1012,6 +1011,10 @@ class Project < ActiveRecord::Base ...@@ -1012,6 +1011,10 @@ class Project < ActiveRecord::Base
update_all(updated_at: Time.now) update_all(updated_at: Time.now)
end end
def request_access(user)
Members::RequestAccessService.new(self, user).execute
end
def project_member(user) def project_member(user)
project_members.find_by(user_id: user) project_members.find_by(user_id: user)
end end
......
module Members
class RequestAccessService < BaseService
attr_accessor :source
def initialize(source, current_user)
@source = source
@current_user = current_user
end
def execute
raise Gitlab::Access::AccessDeniedError if cannot_request_access?(source)
source.members.create(
access_level: Gitlab::Access::DEVELOPER,
user: current_user,
requested_at: Time.now.utc)
end
private
def cannot_request_access?(source)
!source || !can?(current_user, :request_access, source)
end
end
end
...@@ -33,7 +33,7 @@ module API ...@@ -33,7 +33,7 @@ module API
# POST /projects/:id/access_requests # POST /projects/:id/access_requests
post ":id/access_requests" do post ":id/access_requests" do
source = find_source(source_type, params[:id]) source = find_source(source_type, params[:id])
access_requester = source.request_access(current_user) access_requester = ::Members::RequestAccessService.new(source, current_user).execute
if access_requester.persisted? if access_requester.persisted?
present access_requester.user, with: Entities::AccessRequester, access_requester: access_requester present access_requester.user, with: Entities::AccessRequester, access_requester: access_requester
......
require 'spec_helper'
describe AccessRequestable do
describe 'Group' do
describe '#request_access' do
let(:group) { create(:group, :public) }
let(:user) { create(:user) }
it { expect(group.request_access(user)).to be_a(GroupMember) }
it { expect(group.request_access(user).user).to eq(user) }
end
describe '#access_requested?' do
let(:group) { create(:group, :public) }
let(:user) { create(:user) }
before { group.request_access(user) }
it { expect(group.requesters.exists?(user_id: user)).to be_truthy }
end
end
describe 'Project' do
describe '#request_access' do
let(:project) { create(:empty_project, :public) }
let(:user) { create(:user) }
it { expect(project.request_access(user)).to be_a(ProjectMember) }
end
describe '#access_requested?' do
let(:project) { create(:empty_project, :public) }
let(:user) { create(:user) }
before { project.request_access(user) }
it { expect(project.requesters.exists?(user_id: user)).to be_truthy }
end
end
end
...@@ -105,6 +105,13 @@ describe Group, models: true do ...@@ -105,6 +105,13 @@ describe Group, models: true do
it { expect(group.human_name).to eq(group.name) } it { expect(group.human_name).to eq(group.name) }
end end
describe '#request_access' do
let(:user) { create(:user) }
it { expect(group.request_access(user)).to be_a(GroupMember) }
it { expect(group.request_access(user).user).to eq(user) }
end
describe '#add_user' do describe '#add_user' do
let(:user) { create(:user) } let(:user) { create(:user) }
before { group.add_user(user, GroupMember::MASTER) } before { group.add_user(user, GroupMember::MASTER) }
......
...@@ -942,6 +942,14 @@ describe Project, models: true do ...@@ -942,6 +942,14 @@ describe Project, models: true do
end end
end end
describe '#request_access' do
let(:project) { create(:empty_project, :public) }
let(:user) { create(:user) }
it { expect(project.request_access(user)).to be_a(ProjectMember) }
it { expect(project.request_access(user).user).to eq(user) }
end
describe '.search' do describe '.search' do
let(:project) { create(:project, description: 'kitten mittens') } let(:project) { create(:project, description: 'kitten mittens') }
......
...@@ -64,12 +64,12 @@ describe API::AccessRequests, api: true do ...@@ -64,12 +64,12 @@ describe API::AccessRequests, api: true do
context 'when authenticated as a member' do context 'when authenticated as a member' do
%i[developer master].each do |type| %i[developer master].each do |type|
context "as a #{type}" do context "as a #{type}" do
it 'returns 400' do it 'returns 403' do
expect do expect do
user = public_send(type) user = public_send(type)
post api("/#{source_type.pluralize}/#{source.id}/access_requests", user) post api("/#{source_type.pluralize}/#{source.id}/access_requests", user)
expect(response).to have_http_status(400) expect(response).to have_http_status(403)
end.not_to change { source.requesters.count } end.not_to change { source.requesters.count }
end end
end end
...@@ -87,6 +87,20 @@ describe API::AccessRequests, api: true do ...@@ -87,6 +87,20 @@ describe API::AccessRequests, api: true do
end end
context 'when authenticated as a stranger' do context 'when authenticated as a stranger' do
context "when access request is disabled for the #{source_type}" do
before do
source.update(request_access_enabled: false)
end
it 'returns 403' do
expect do
post api("/#{source_type.pluralize}/#{source.id}/access_requests", stranger)
expect(response).to have_http_status(403)
end.not_to change { source.requesters.count }
end
end
it 'returns 201' do it 'returns 201' do
expect do expect do
post api("/#{source_type.pluralize}/#{source.id}/access_requests", stranger) post api("/#{source_type.pluralize}/#{source.id}/access_requests", stranger)
......
require 'spec_helper'
describe Members::RequestAccessService, services: true do
let(:user) { create(:user) }
let(:project) { create(:project, :private) }
let(:group) { create(:group, :private) }
shared_examples 'a service raising Gitlab::Access::AccessDeniedError' do
it 'raises Gitlab::Access::AccessDeniedError' do
expect { described_class.new(source, user).execute }.to raise_error(Gitlab::Access::AccessDeniedError)
end
end
shared_examples 'a service creating a access request' do
it 'succeeds' do
expect { described_class.new(source, user).execute }.to change { source.requesters.count }.by(1)
end
it 'returns a <Source>Member' do
member = described_class.new(source, user).execute
expect(member).to be_a "#{source.class.to_s}Member".constantize
expect(member.requested_at).to be_present
end
end
context 'when source is nil' do
it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
let(:source) { nil }
end
end
context 'when current user cannot request access to the project' do
it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
let(:source) { project }
end
it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
let(:source) { group }
end
end
context 'when current user can request access to the project' do
before do
project.update(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
group.update(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
end
it_behaves_like 'a service creating a access request' do
let(:source) { project }
end
it_behaves_like 'a service creating a access request' do
let(:source) { group }
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment