Class: AuthorizedProjectUpdate::ProjectGroupLinkCreateService

Inherits:

BaseService

• Object
• BaseService
• AuthorizedProjectUpdate::ProjectGroupLinkCreateService

Includes:

Gitlab::Utils::StrongMemoize

Defined in:

app/services/authorized_project_update/project_group_link_create_service.rb

Constant Summary

BATCH_SIZE =

1000

Instance Attribute Summary

Attributes inherited from BaseService

#current_user, #params

Instance Method Summary

• #execute ⇒ Object
• #initialize(project, group, group_access = nil) ⇒ ProjectGroupLinkCreateService constructor

  A new instance of ProjectGroupLinkCreateService.

Methods included from Gitlab::Utils::StrongMemoize

#clear_memoization, #strong_memoize, #strong_memoized?

Methods included from BaseServiceUtility

#deny_visibility_level, #event_service, #log_error, #log_info, #notification_service, #system_hook_service, #todo_service, #visibility_level

Methods included from Gitlab::Allowable

#can?

Constructor Details

#initialize(project, group, group_access = nil) ⇒ ProjectGroupLinkCreateService

Returns a new instance of ProjectGroupLinkCreateService.

# File 'app/services/authorized_project_update/project_group_link_create_service.rb', line 9

def initialize(project, group, group_access = nil)
  @project = project
  @group = group
  @group_access = group_access
end

Instance Method Details

#execute ⇒ Object

# File 'app/services/authorized_project_update/project_group_link_create_service.rb', line 15

def execute
  group.members_from_self_and_ancestors_with_effective_access_level
       .each_batch(of: BATCH_SIZE, column: :user_id) do |members|
    existing_authorizations = existing_project_authorizations(members)
    authorizations_to_create = []
    user_ids_to_delete = []

    members.each do |member|
      new_access_level = access_level(member.access_level)
      existing_access_level = existing_authorizations[member.user_id]

      if existing_access_level
        # User might already have access to the project unrelated to the
        # current project share
        next if existing_access_level >= new_access_level

        user_ids_to_delete << member.user_id
      end

      authorizations_to_create << { user_id: member.user_id,
                                    project_id: project.id,
                                    access_level: new_access_level }
    end

    update_authorizations(user_ids_to_delete, authorizations_to_create)
  end

  ServiceResponse.success
end