Commit 2f0a764d authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Fix user page performance and authorization

parent 75d2145e
...@@ -4,11 +4,8 @@ class UsersController < ApplicationController ...@@ -4,11 +4,8 @@ class UsersController < ApplicationController
layout :determine_layout layout :determine_layout
def show def show
# Projects user can view @contributed_projects = Project.
visible_projects = ProjectsFinder.new.execute(current_user) where(id: authorized_projects_ids & @user.contributed_projects_ids).
authorized_projects_ids = visible_projects.pluck(:id)
@contributed_projects = Project.where(id: authorized_projects_ids).
in_group_namespace.includes(:namespace) in_group_namespace.includes(:namespace)
@projects = @user.personal_projects. @projects = @user.personal_projects.
...@@ -32,8 +29,8 @@ class UsersController < ApplicationController ...@@ -32,8 +29,8 @@ class UsersController < ApplicationController
end end
def calendar def calendar
visible_projects = ProjectsFinder.new.execute(current_user) projects = Project.where(id: authorized_projects_ids & @user.contributed_projects_ids)
calendar = Gitlab::CommitsCalendar.new(visible_projects, @user) calendar = Gitlab::CommitsCalendar.new(projects, @user)
@timestamps = calendar.timestamps @timestamps = calendar.timestamps
@starting_year = calendar.starting_year @starting_year = calendar.starting_year
@starting_month = calendar.starting_month @starting_month = calendar.starting_month
...@@ -58,4 +55,10 @@ class UsersController < ApplicationController ...@@ -58,4 +55,10 @@ class UsersController < ApplicationController
return authenticate_user! return authenticate_user!
end end
end end
def authorized_projects_ids
# Projects user can view
@authorized_projects_ids ||=
ProjectsFinder.new.execute(current_user).pluck(:id)
end
end end
...@@ -607,4 +607,11 @@ class User < ActiveRecord::Base ...@@ -607,4 +607,11 @@ class User < ActiveRecord::Base
def oauth_authorized_tokens def oauth_authorized_tokens
Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil) Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
end end
def contributed_projects_ids
Event.where(author_id: self).
reorder(project_id: :desc).
select('DISTINCT(project_id)').
map(&:project_id)
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment