Skip to content

G
gitlab-foss

李少辉-开发者 / gitlab-foss

通知 15
Star 0
Fork 0
G
gitlab-foss

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 25 3月, 2017 1 次提交
  3. 23 3月, 2017 1 次提交
  5. 18 3月, 2017 1 次提交
  7. 11 3月, 2017 1 次提交
  9. 10 3月, 2017 5 次提交
  11. 07 3月, 2017 2 次提交
  13. 06 3月, 2017 1 次提交
  15. 03 3月, 2017 1 次提交
  17. 01 3月, 2017 2 次提交
  19. 28 2月, 2017 1 次提交
  21. 24 2月, 2017 8 次提交
    • T
      Don't allow deleting a ghost user. · 6fdb17cb
      Timothy Andrew 提交于 
      - Add a `destroy_user` ability. This didn't exist before, and was implicit in
  other abilities (only admins could access the admin area, so only they could
  destroy all users; a user can only access their own account page, and so can
  destroy only themselves).

- Grant this ability to admins, and when the current user is trying to destroy
  themselves. Disallow destroying ghost users in all cases.

- Modify the `Users::DestroyService` to check this ability. Also check it in
  views to decide whether or not to show the "Delete User" button.

- Add a short summary of the Ghost User to the bio.
      6fdb17cb
    • T
      Implement final review comments from @DouweM and @rymai · f2ed82fa
      Timothy Andrew 提交于 
      - Have `Uniquify` take a block instead of a Proc/function. This is more
  idiomatic than passing around a function in Ruby.

- Block a user before moving their issues to the ghost user. This avoids a data
  race where an issue is created after the issues are migrated to the ghost user,
  and before the destroy takes place.

- No need to migrate issues (to the ghost user) in a transaction, because
  we're using `update_all`

- Other minor changes
      f2ed82fa
    • T
      Implement review comments from @rymai and @yorickpeterse · 8f01644f
      Timothy Andrew 提交于 
      1. Refactoring and specs in the `Uniquify` class.

2. Don't use the `AdvisoryLocking` class. Similar functionality is
provided (backed by Redis) in the `ExclusiveLease` class.
      8f01644f
    • T
      Use a `ghost` boolean to track ghost users. · 8e684809
      Timothy Andrew 提交于 
      Rather than using a separate `ghost` state. This lets us have the benefits of
both ghost and blocked users (ghost: true, state: blocked) without having to
rewrite a number of queries to include cases for `state: ghost`.
      8e684809
    • T
      Implement review comments from @DouweM and @nick.thomas. · 53c34c74
      Timothy Andrew 提交于 
      1. Use an advisory lock to guarantee the absence of concurrency in `User.ghost`,
to prevent data races from creating more than one ghost, or preventing the
creation of ghost users by causing validation errors.

2. Use `update_all` instead of updating issues one-by-one.
      53c34c74
    • T
      Extract code from `Namespace#clean_path` for ghost user generation. · ca16c373
      Timothy Andrew 提交于 
      1. Create a `Uniquify` class, which generalizes the process of generating unique
   strings, by accepting a function that defines what "uniqueness" means in a
   given context.

2. WIP: Make sure tests for `Namespace` pass, add more if necessary.

3. WIP: Add tests for `Uniquify`
      ca16c373
    • T
      Deleting a user shouldn't delete associated issues. · ff19bbd3
      Timothy Andrew 提交于 
      - "Associated" issues are issues the user has created + issues that the
  user is assigned to.

- Issues that a user owns are transferred to a "Ghost User" (just a
  regular user with `state = 'ghost'` that is created when
  `User.ghost` is called).

- Issues that a user is assigned to are moved to the "Unassigned" state.

- Fix a spec failure in `profile_spec` — a spec was asserting that when a user
  is deleted, `User.count` decreases by 1. After this change, deleting a user
  creates (potentially) a ghost user, causing `User.count` not to change. The
  spec has been updated to look for the relevant user in the assertion.
      ff19bbd3
    • D
      Use Namespace#full_path instead of #path where appropriate · ad640bc5
      Douwe Maan 提交于
      ad640bc5
  23. 23 2月, 2017 4 次提交
  25. 16 2月, 2017 1 次提交
  27. 14 2月, 2017 1 次提交
  29. 13 2月, 2017 1 次提交
  31. 11 2月, 2017 1 次提交
  33. 08 2月, 2017 1 次提交
  35. 07 2月, 2017 4 次提交
  37. 25 1月, 2017 1 次提交
  39. 24 1月, 2017 1 次提交
  41. 08 1月, 2017 1 次提交
    • Y
      Remove the project_authorizations.id column · de321fbb
      Yorick Peterse 提交于 
      This column used to be a 32 bits integer, allowing for only a maximum of
2 147 483 647 rows. Given enough users one can hit this limit pretty
quickly, as was the case for GitLab.com.

Changing this type to bigint (= 64 bits) would give us more space, but
we'd eventually hit the same limit given enough users and projects. A
much more sustainable solution is to simply drop the "id" column.

There were only 2 lines of code depending on this column being present,
and neither truly required it to be present. Instead the code now uses
the "project_id" column combined with the "user_id" column. This means
that instead of something like this:

    DELETE FROM project_authorizations
    WHERE user_id = X
    AND id = Y;

We now run the following when removing rows:

    DELETE FROM project_authorizations
    WHERE user_id = X
    AND project_id = Y;

Since both user_id and project_id are indexed this should not slow down
the DELETE query.

This commit also removes the "dependent: destroy" clause from the
"project_authorizations" relation in the User and Project models.
Keeping this prevents Rails from being able to remove data as it relies
on an "id" column being present. Since the "project_authorizations"
table has proper foreign keys set up (with cascading removals) we don't
need to depend on any Rails logic.
      de321fbb