Commit 7657f29a authored by Jarka Košanová's avatar Jarka Košanová

Add checks to prevent cycling hierarchy

- epic can't set parent if it is higher in its structure
- epic can't set itself as a parent
parent 38950881
...@@ -272,6 +272,10 @@ module EE ...@@ -272,6 +272,10 @@ module EE
hierarchy.descendants hierarchy.descendants
end end
def has_ancestor?(epic)
ancestors.exists?(epic)
end
def hierarchy def hierarchy
::Gitlab::ObjectHierarchy.new(self.class.where(id: id)) ::Gitlab::ObjectHierarchy.new(self.class.where(id: id))
end end
......
...@@ -23,13 +23,20 @@ module EpicLinks ...@@ -23,13 +23,20 @@ module EpicLinks
return [] unless can?(current_user, :admin_epic, issuable.group) return [] unless can?(current_user, :admin_epic, issuable.group)
epics.select do |epic| epics.select do |epic|
issuable_group_descendants.include?(epic.group) && linkable_epic?(epic)
!previous_related_issuables.include?(epic) &&
!level_depth_exceeded?(epic)
end end
end end
end end
def linkable_epic?(epic)
return false if epic == issuable
return false if previous_related_issuables.include?(epic)
return false if level_depth_exceeded?(epic)
return false if issuable.has_ancestor?(epic)
issuable_group_descendants.include?(epic.group)
end
def references(extractor) def references(extractor)
extractor.epics extractor.epics
end end
......
---
title: Add checks to prevent cycling hierarchy in epics structure
merge_request: 9438
author:
type: fixed
...@@ -91,6 +91,37 @@ describe EpicLinks::CreateService, :postgresql do ...@@ -91,6 +91,37 @@ describe EpicLinks::CreateService, :postgresql do
include_examples 'returns not found error' include_examples 'returns not found error'
end end
context 'when hierarchy is cyclic' do
context 'when given child epic is the same as given parent' do
subject { add_epic([epic.to_reference(full: true)]) }
include_examples 'returns not found error'
end
context 'when given child epic is parent of the given parent' do
before do
epic.update(parent: epic_to_add)
end
subject { add_epic([valid_reference]) }
include_examples 'returns not found error'
end
context 'when new child epic is an ancestor of the given parent' do
before do
# epic_to_add -> epic1 -> epic2 -> epic
epic1 = create(:epic, group: group, parent: epic_to_add)
epic2 = create(:epic, group: group, parent: epic1)
epic.update(parent: epic2)
end
subject { add_epic([valid_reference]) }
include_examples 'returns not found error'
end
end
context 'when multiple valid epics are given' do context 'when multiple valid epics are given' do
let(:another_epic) { create(:epic, group: group) } let(:another_epic) { create(:epic, group: group) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment