File tree 5 files changed +80
-1
lines changed
5 files changed +80
-1
lines changed Original file line number Diff line number Diff line change @@ -382,6 +382,10 @@ def group_member(user)
382
382
end
383
383
end
384
384
385
+ def highest_group_member ( user )
386
+ GroupMember . where ( source_id : self_and_ancestors_ids , user_id : user . id ) . order ( :access_level ) . last
387
+ end
388
+
385
389
def hashed_storage? ( _feature )
386
390
false
387
391
end
Original file line number Diff line number Diff line change
1
+ ---
2
+ title : Return the maximum group access level in the projects API
3
+ merge_request : 24403
4
+ author :
5
+ type : changed
Original file line number Diff line number Diff line change @@ -961,7 +961,7 @@ class ProjectWithAccess < Project
961
961
if options [ :group_members ]
962
962
options [ :group_members ] . find { |member | member . source_id == project . namespace_id }
963
963
else
964
- project . group . group_member ( options [ :current_user ] )
964
+ project . group . highest_group_member ( options [ :current_user ] )
965
965
end
966
966
end
967
967
end
Original file line number Diff line number Diff line change @@ -722,6 +722,42 @@ def setup_group_members(group)
722
722
end
723
723
end
724
724
725
+ describe '#highest_group_member' , :nested_groups do
726
+ let ( :nested_group ) { create ( :group , parent : group ) }
727
+ let ( :nested_group_2 ) { create ( :group , parent : nested_group ) }
728
+ let ( :user ) { create ( :user ) }
729
+
730
+ subject ( :highest_group_member ) { nested_group_2 . highest_group_member ( user ) }
731
+
732
+ context 'when the user is not a member of any group in the hierarchy' do
733
+ it 'returns nil' do
734
+ expect ( highest_group_member ) . to be_nil
735
+ end
736
+ end
737
+
738
+ context 'when the user is only a member of one group in the hierarchy' do
739
+ before do
740
+ nested_group . add_developer ( user )
741
+ end
742
+
743
+ it 'returns that group member' do
744
+ expect ( highest_group_member . access_level ) . to eq ( Gitlab ::Access ::DEVELOPER )
745
+ end
746
+ end
747
+
748
+ context 'when the user is a member of several groups in the hierarchy' do
749
+ before do
750
+ group . add_owner ( user )
751
+ nested_group . add_developer ( user )
752
+ nested_group_2 . add_maintainer ( user )
753
+ end
754
+
755
+ it 'returns the group member with the highest access level' do
756
+ expect ( highest_group_member . access_level ) . to eq ( Gitlab ::Access ::OWNER )
757
+ end
758
+ end
759
+ end
760
+
725
761
describe '#has_parent?' do
726
762
context 'when the group has a parent' do
727
763
it 'should be truthy' do
Original file line number Diff line number Diff line change 1145
1145
. to eq ( Gitlab ::Access ::OWNER )
1146
1146
end
1147
1147
end
1148
+
1149
+ context 'nested group project' , :nested_groups do
1150
+ let ( :group ) { create ( :group ) }
1151
+ let ( :nested_group ) { create ( :group , parent : group ) }
1152
+ let ( :project2 ) { create ( :project , group : nested_group ) }
1153
+
1154
+ before do
1155
+ project2 . group . parent . add_owner ( user )
1156
+ end
1157
+
1158
+ it 'sets group access and return 200' do
1159
+ get api ( "/projects/#{ project2 . id } " , user )
1160
+
1161
+ expect ( response ) . to have_gitlab_http_status ( 200 )
1162
+ expect ( json_response [ 'permissions' ] [ 'project_access' ] ) . to be_nil
1163
+ expect ( json_response [ 'permissions' ] [ 'group_access' ] [ 'access_level' ] )
1164
+ . to eq ( Gitlab ::Access ::OWNER )
1165
+ end
1166
+
1167
+ context 'with various access levels across nested groups' do
1168
+ before do
1169
+ project2 . group . add_maintainer ( user )
1170
+ end
1171
+
1172
+ it 'sets the maximum group access and return 200' do
1173
+ get api ( "/projects/#{ project2 . id } " , user )
1174
+
1175
+ expect ( response ) . to have_gitlab_http_status ( 200 )
1176
+ expect ( json_response [ 'permissions' ] [ 'project_access' ] ) . to be_nil
1177
+ expect ( json_response [ 'permissions' ] [ 'group_access' ] [ 'access_level' ] )
1178
+ . to eq ( Gitlab ::Access ::OWNER )
1179
+ end
1180
+ end
1181
+ end
1148
1182
end
1149
1183
end
1150
1184
end
You can’t perform that action at this time.
0 commit comments