Refactor some search scopes to prevent wierd behaviour and PG::Error issues

Signed-off-by: Dmitriy Zaporozhets <[email protected]>

Author: dzaporozhets

app/controllers/users_controller.rb

@@ -4,15 +4,24 @@ class UsersController < ApplicationController
 
   def show
     @user = User.find_by_username!(params[:username])
-    @projects = Project.personal(@user).accessible_to(current_user)
 
     unless current_user || @user.public_profile?
       return authenticate_user!
     end
 
-    @groups = @user.groups.accessible_to(current_user)
-    accessible_projects = @user.authorized_projects.accessible_to(current_user)
-    @events = @user.recent_events.where(project_id: accessible_projects.pluck(:id)).limit(20)
+    # Projects user can view
+    authorized_projects_ids = ProjectsFinder.new.execute(current_user).pluck(:id)
+
+    @projects = @user.personal_projects.
+      where(id: authorized_projects_ids)
+
+    # Collect only groups common for both users
+    @groups = @user.groups & GroupsFinder.new.execute(current_user)
+
+    # Get user activity feed for projects common for both users
+    @events = @user.recent_events.
+      where(project_id: authorized_projects_ids).limit(20)
+
     @title = @user.name
   end
 

app/finders/base_finder.rb

@@ -49,7 +49,7 @@ def init_collection
     elsif current_user && params[:authorized_only].presence
       klass.of_projects(current_user.authorized_projects).references(:project)
     else
-      klass.of_projects(Project.accessible_to(current_user)).references(:project)
+      klass.of_projects(ProjectsFinder.new.execute(current_user)).references(:project)
     end
   end
 

app/finders/projects_finder.rb

@@ -1,5 +1,5 @@
 class ProjectsFinder
-  def execute(current_user, options)
+  def execute(current_user, options = {})
     group = options[:group]
 
     if group
@@ -56,8 +56,36 @@ def group_projects(current_user, group)
     end
   end
 
-  def all_projects
-    # TODO: implement
-    raise 'Not implemented yet'
+  def all_projects(current_user)
+    if current_user
+      if current_user.authorized_projects.any?
+        # User has access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #   joined projects
+        #
+        Project.where(
+          "projects.id IN (?) OR projects.visibility_level IN (?)",
+          current_user.authorized_projects.pluck(:id),
+          Project.public_and_internal_levels
+        )
+      else
+        # User has no access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #
+        Project.public_and_internal_only
+      end
+    else
+      # Not authenticated
+      #
+      # Return only:
+      #   public projects
+      Project.public_only
+    end
   end
 end

app/helpers/search_helper.rb

@@ -81,7 +81,7 @@ def groups_autocomplete(term, limit = 5)
 
   # Autocomplete results for the current user's projects
   def projects_autocomplete(term, limit = 5)
-    Project.accessible_to(current_user).search_by_title(term).non_archived.limit(limit).map do |p|
+    ProjectsFinder.new.execute(current_user).search_by_title(term).non_archived.limit(limit).map do |p|
       {
         label: "project: #{search_result_sanitize(p.name_with_namespace)}",
         url: project_path(p)

app/helpers/submodule_helper.rb

@@ -51,7 +51,7 @@ def not_auth_abilities(user, subject)
                   nil
                 end
 
-        if group && group.has_projects_accessible_to?(nil)
+        if group && group.public_profile?
           [:read_group]
         else
           []

app/models/ability.rb

@@ -27,12 +27,6 @@ class Group < Namespace
 
   mount_uploader :avatar, AttachmentUploader
 
-  def self.accessible_to(user)
-    accessible_ids = Project.accessible_to(user).pluck(:namespace_id)
-    accessible_ids += user.groups.pluck(:id) if user
-    where(id: accessible_ids)
-  end
-
   def human_name
     name
   end
@@ -77,4 +71,8 @@ def avatar_type
       self.errors.add :avatar, "only images allowed"
     end
   end
+
+  def public_profile?
+    projects.public_only.any?
+  end
 end

app/models/group.rb

@@ -47,14 +47,6 @@ def self.search query
   def self.global_id
     'GLN'
   end
-  
-  def projects_accessible_to(user)
-    projects.accessible_to(user)
-  end
-  
-  def has_projects_accessible_to?(user)
-    projects_accessible_to(user).present?
-  end
 
   def to_param
     path

app/models/namespace.rb

@@ -164,12 +164,6 @@ def publicish(user)
       where(visibility_level: visibility_levels)
     end
 
-    def accessible_to(user)
-      accessible_ids = publicish(user).pluck(:id)
-      accessible_ids += user.authorized_projects.pluck(:id) if user
-      where(id: accessible_ids)
-    end
-
     def with_push
       includes(:events).where('events.action = ?', Event::PUSHED)
     end

app/models/project.rb

@@ -12,7 +12,7 @@ def execute
       return result unless query.present?
 
       group = Group.find_by(id: params[:group_id]) if params[:group_id].present?
-      projects = Project.accessible_to(current_user)
+      projects = ProjectsFinder.new.execute(current_user)
       projects = projects.where(namespace_id: group.id) if group
       project_ids = projects.pluck(:id)