Selectable deploy keys contain master projects

37a90d5f · babatakao · baba · b9d989dc · 37a90d5f · 37a90d5f
5 changed file
--- a/app/controllers/deploy_keys_controller.rb
+++ b/app/controllers/deploy_keys_controller.rb
@@ -54,6 +54,6 @@ class DeployKeysController < ProjectResourceController
  protected
  def available_keys
-    @available_keys ||= current_user.owned_deploy_keys
+    @available_keys ||= current_user.accessible_deploy_keys
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -90,6 +90,8 @@ class User < ActiveRecord::Base
  has_many :personal_projects,        through: :namespace, source: :projects
  has_many :projects,                 through: :users_projects
+  has_many :master_projects,          through: :users_projects, source: :project,
+                                      conditions: { users_projects: { project_access: UsersProject::MASTER } }
  has_many :own_projects,             foreign_key: :creator_id, class_name: 'Project'
  has_many :owned_projects,           through: :namespaces, source: :projects
@@ -354,7 +356,7 @@ class User < ActiveRecord::Base
    extern_uid && provider == 'ldap'
  end
-  def owned_deploy_keys
+  def accessible_deploy_keys
-    DeployKey.in_projects(self.owned_projects).uniq
+    DeployKey.in_projects(self.master_projects).uniq
  end
 end
--- a/features/steps/project/deploy_keys.rb
+++ b/features/steps/project/deploy_keys.rb
@@ -35,6 +35,7 @@ class Spinach::Features::ProjectDeployKeys < Spinach::FeatureSteps
  step 'other project has deploy key' do
    @second_project = create :project, namespace: current_user.namespace
+    @second_project.team << [current_user, :master]
    create(:deploy_keys_project, project: @second_project)
  end

--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -439,7 +439,7 @@ module API
          end
          # Check for available deploy keys in other projects
-          key = current_user.owned_deploy_keys.find_by_key(attrs[:key])
+          key = current_user.accessible_deploy_keys.find_by_key(attrs[:key])
          if key
            user_project.deploy_keys << key
            present key, with: Entities::SSHKey

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -106,11 +106,33 @@ describe User do
      ActiveRecord::Base.observers.enable(:user_observer)
      @user = create :user
      @project = create :project, namespace: @user.namespace
+      @project_2 = create :project # Grant MASTER access to the user
+      @project_3 = create :project # Grant DEVELOPER access to the user
+      UsersProject.add_users_into_projects(
+        [@project_2.id], [@user.id], UsersProject::MASTER
+      )
+      UsersProject.add_users_into_projects(
+        [@project_3.id], [@user.id], UsersProject::DEVELOPER
+      )
    end
    it { @user.authorized_projects.should include(@project) }
+    it { @user.authorized_projects.should include(@project_2) }
+    it { @user.authorized_projects.should include(@project_3) }
    it { @user.owned_projects.should include(@project) }
+    it { @user.owned_projects.should_not include(@project_2) }
+    it { @user.owned_projects.should_not include(@project_3) }
    it { @user.personal_projects.should include(@project) }
+    it { @user.personal_projects.should_not include(@project_2) }
+    it { @user.personal_projects.should_not include(@project_3) }
+    # master_projects doesn't check creator/namespace.
+    # In real case the users_projects relation will certainly be assigned
+    # when the project is created.
+    it { @user.master_projects.should_not include(@project) }
+    it { @user.master_projects.should include(@project_2) }
+    it { @user.master_projects.should_not include(@project_3) }
  end
  describe 'groups' do