Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f88b2f61
Commit
f88b2f61
authored
Jul 14, 2021
by
Etienne Baqué
Committed by
Alex Kalderimis
Jul 14, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Added user_cap to setting update service
Changelog: added
parent
363d0d38
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
60 additions
and
40 deletions
+60
-40
app/models/namespace_setting.rb
app/models/namespace_setting.rb
+1
-1
app/policies/group_policy.rb
app/policies/group_policy.rb
+1
-0
app/services/namespace_settings/update_service.rb
app/services/namespace_settings/update_service.rb
+16
-8
spec/services/namespace_settings/update_service_spec.rb
spec/services/namespace_settings/update_service_spec.rb
+42
-31
No files found.
app/models/namespace_setting.rb
View file @
f88b2f61
...
@@ -15,7 +15,7 @@ class NamespaceSetting < ApplicationRecord
...
@@ -15,7 +15,7 @@ class NamespaceSetting < ApplicationRecord
NAMESPACE_SETTINGS_PARAMS
=
[
:default_branch_name
,
:delayed_project_removal
,
NAMESPACE_SETTINGS_PARAMS
=
[
:default_branch_name
,
:delayed_project_removal
,
:lock_delayed_project_removal
,
:resource_access_token_creation_allowed
,
:lock_delayed_project_removal
,
:resource_access_token_creation_allowed
,
:prevent_sharing_groups_outside_hierarchy
].
freeze
:prevent_sharing_groups_outside_hierarchy
,
:new_user_signups_cap
].
freeze
self
.
primary_key
=
:namespace_id
self
.
primary_key
=
:namespace_id
...
...
app/policies/group_policy.rb
View file @
f88b2f61
...
@@ -156,6 +156,7 @@ class GroupPolicy < BasePolicy
...
@@ -156,6 +156,7 @@ class GroupPolicy < BasePolicy
enable
:set_note_created_at
enable
:set_note_created_at
enable
:set_emails_disabled
enable
:set_emails_disabled
enable
:change_prevent_sharing_groups_outside_hierarchy
enable
:change_prevent_sharing_groups_outside_hierarchy
enable
:change_new_user_signups_cap
enable
:update_default_branch_protection
enable
:update_default_branch_protection
enable
:create_deploy_token
enable
:create_deploy_token
enable
:destroy_deploy_token
enable
:destroy_deploy_token
...
...
app/services/namespace_settings/update_service.rb
View file @
f88b2f61
...
@@ -14,7 +14,15 @@ module NamespaceSettings
...
@@ -14,7 +14,15 @@ module NamespaceSettings
def
execute
def
execute
validate_resource_access_token_creation_allowed_param
validate_resource_access_token_creation_allowed_param
validate_prevent_sharing_groups_outside_hierarchy_param
validate_settings_param_for_root_group
(
param_key: :prevent_sharing_groups_outside_hierarchy
,
user_policy: :change_prevent_sharing_groups_outside_hierarchy
)
validate_settings_param_for_root_group
(
param_key: :new_user_signups_cap
,
user_policy: :change_new_user_signups_cap
)
if
group
.
namespace_settings
if
group
.
namespace_settings
group
.
namespace_settings
.
attributes
=
settings_params
group
.
namespace_settings
.
attributes
=
settings_params
...
@@ -34,17 +42,17 @@ module NamespaceSettings
...
@@ -34,17 +42,17 @@ module NamespaceSettings
end
end
end
end
def
validate_
prevent_sharing_groups_outside_hierarchy_param
def
validate_
settings_param_for_root_group
(
param_key
:,
user_policy
:)
return
if
settings_params
[
:prevent_sharing_groups_outside_hierarch
y
].
nil?
return
if
settings_params
[
param_ke
y
].
nil?
unless
can?
(
current_user
,
:change_prevent_sharing_groups_outside_hierarch
y
,
group
)
unless
can?
(
current_user
,
user_polic
y
,
group
)
settings_params
.
delete
(
:prevent_sharing_groups_outside_hierarch
y
)
settings_params
.
delete
(
param_ke
y
)
group
.
namespace_settings
.
errors
.
add
(
:prevent_sharing_groups_outside_hierarch
y
,
_
(
'can only be changed by a group admin.'
))
group
.
namespace_settings
.
errors
.
add
(
param_ke
y
,
_
(
'can only be changed by a group admin.'
))
end
end
unless
group
.
root?
unless
group
.
root?
settings_params
.
delete
(
:prevent_sharing_groups_outside_hierarch
y
)
settings_params
.
delete
(
param_ke
y
)
group
.
namespace_settings
.
errors
.
add
(
:prevent_sharing_groups_outside_hierarch
y
,
_
(
'only available on top-level groups.'
))
group
.
namespace_settings
.
errors
.
add
(
param_ke
y
,
_
(
'only available on top-level groups.'
))
end
end
end
end
end
end
...
...
spec/services/namespace_settings/update_service_spec.rb
View file @
f88b2f61
...
@@ -76,50 +76,61 @@ RSpec.describe NamespaceSettings::UpdateService do
...
@@ -76,50 +76,61 @@ RSpec.describe NamespaceSettings::UpdateService do
end
end
end
end
context
"updating :prevent_sharing_groups_outside_hierarchy"
do
describe
'validating settings param for root group'
do
let
(
:settings
)
{
{
prevent_sharing_groups_outside_hierarchy:
true
}
}
using
RSpec
::
Parameterized
::
TableSyntax
context
'when user is a group owner'
do
where
(
:setting_key
,
:setting_changes_from
,
:setting_changes_to
)
do
before
do
:prevent_sharing_groups_outside_hierarchy
|
false
|
true
group
.
add_owner
(
user
)
:new_user_signups_cap
|
nil
|
100
end
it
'changes settings'
do
expect
{
service
.
execute
}
.
to
change
{
group
.
namespace_settings
.
prevent_sharing_groups_outside_hierarchy
}
.
from
(
false
).
to
(
true
)
end
end
end
context
'when user is not a group owner'
do
with_them
do
before
do
let
(
:settings
)
do
group
.
add_maintainer
(
user
)
{
setting_key
=>
setting_changes_to
}
end
end
it
'does not change settings'
do
context
'when user is not a group owner'
do
expect
{
service
.
execute
}.
not_to
change
{
group
.
namespace_settings
.
prevent_sharing_groups_outside_hierarchy
}
before
do
end
group
.
add_maintainer
(
user
)
end
it
'returns the group owner error'
do
it
'does not change settings'
do
service
.
execute
expect
{
service
.
execute
}.
not_to
change
{
group
.
namespace_settings
.
public_send
(
setting_key
)
}
end
it
'returns the group owner error'
do
service
.
execute
expect
(
group
.
namespace_settings
.
errors
.
messages
[
:prevent_sharing_groups_outside_hierarchy
]).
to
include
(
'can only be changed by a group admin.'
)
expect
(
group
.
namespace_settings
.
errors
.
messages
[
setting_key
]).
to
include
(
'can only be changed by a group admin.'
)
end
end
end
end
context
'with a subgroup'
do
context
'with a subgroup'
do
let
(
:subgroup
)
{
create
(
:group
,
parent:
group
)
}
let
(
:subgroup
)
{
create
(
:group
,
parent:
group
)
}
before
do
before
do
group
.
add_owner
(
user
)
group
.
add_owner
(
user
)
end
end
it
'does not change settings'
do
service
=
described_class
.
new
(
user
,
subgroup
,
settings
)
it
'does not change settings'
do
expect
{
service
.
execute
}.
not_to
change
{
group
.
namespace_settings
.
public_send
(
setting_key
)
}
service
=
described_class
.
new
(
user
,
subgroup
,
settings
)
expect
(
subgroup
.
namespace_settings
.
errors
.
messages
[
setting_key
]).
to
include
(
'only available on top-level groups.'
)
end
end
expect
{
service
.
execute
}.
not_to
change
{
group
.
namespace_settings
.
prevent_sharing_groups_outside_hierarchy
}
context
'when user is a group owner'
do
before
do
group
.
add_owner
(
user
)
end
expect
(
subgroup
.
namespace_settings
.
errors
.
messages
[
:prevent_sharing_groups_outside_hierarchy
]).
to
include
(
'only available on top-level groups.'
)
it
'changes settings'
do
expect
{
service
.
execute
}
.
to
change
{
group
.
namespace_settings
.
public_send
(
setting_key
)
}
.
from
(
setting_changes_from
).
to
(
setting_changes_to
)
end
end
end
end
end
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment