issues_finder.rb 4.44 KB
Newer Older
1 2
# frozen_string_literal: true

3 4 5 6 7 8 9
# Finders::Issues class
#
# Used to filter Issues collections by set of params
#
# Arguments:
#   current_user - which user use
#   params:
10
#     scope: 'created_by_me' or 'assigned_to_me' or 'all'
11 12 13
#     state: 'open' or 'closed' or 'all'
#     group_id: integer
#     project_id: integer
14
#     milestone_title: string
15 16
#     assignee_id: integer
#     search: string
Hiroyuki Sato's avatar
Hiroyuki Sato committed
17
#     in: 'title', 'description', or a string joining them with comma
18 19
#     label_name: string
#     sort: string
20
#     my_reaction_emoji: string
21
#     public_only: boolean
22
#     due_date: date or '0', '', 'overdue', 'week', or 'month'
23 24 25 26
#     created_after: datetime
#     created_before: datetime
#     updated_after: datetime
#     updated_before: datetime
27
#
28
class IssuesFinder < IssuableFinder
29 30
  CONFIDENTIAL_ACCESS_LEVEL = Gitlab::Access::REPORTER

31 32 33 34
  def self.scalar_params
    @scalar_params ||= super + [:due_date]
  end

35
  # rubocop: disable CodeReuse/ActiveRecord
36
  def klass
37
    Issue.includes(:author)
38
  end
39
  # rubocop: enable CodeReuse/ActiveRecord
40

41
  # rubocop: disable CodeReuse/ActiveRecord
42
  def with_confidentiality_access_check
43
    return Issue.all if user_can_see_all_confidential_issues?
44
    return Issue.where('issues.confidential IS NOT TRUE') if user_cannot_see_confidential_issues?
45 46 47 48 49 50 51 52 53 54

    Issue.where('
      issues.confidential IS NOT TRUE
      OR (issues.confidential = TRUE
        AND (issues.author_id = :user_id
          OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = :user_id AND issue_id = issues.id)
          OR issues.project_id IN(:project_ids)))',
      user_id: current_user.id,
      project_ids: current_user.authorized_projects(CONFIDENTIAL_ACCESS_LEVEL).select(:id))
  end
55
  # rubocop: enable CodeReuse/ActiveRecord
56

57 58 59
  private

  def init_collection
60 61 62 63 64 65 66 67 68
    if public_only?
      Issue.public_only
    else
      with_confidentiality_access_check
    end
  end

  def public_only?
    params.fetch(:public_only, false)
69 70
  end

71
  def filter_items(items)
72 73 74 75
    issues = super
    issues = by_due_date(issues)
    issues = by_confidential(issues)
    issues
76 77
  end

78
  def by_confidential(items)
79
    return items if params[:confidential].nil?
80

81
    params[:confidential] ? items.confidential_only : items.public_only
82 83
  end

84 85 86 87 88 89 90 91 92 93
  def by_due_date(items)
    if due_date?
      if filter_by_no_due_date?
        items = items.without_due_date
      elsif filter_by_overdue?
        items = items.due_before(Date.today)
      elsif filter_by_due_this_week?
        items = items.due_between(Date.today.beginning_of_week, Date.today.end_of_week)
      elsif filter_by_due_this_month?
        items = items.due_between(Date.today.beginning_of_month, Date.today.end_of_month)
94 95
      elsif filter_by_due_next_month_and_previous_two_weeks?
        items = items.due_between(Date.today - 2.weeks, (Date.today + 1.month).end_of_month)
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
      end
    end

    items
  end

  def filter_by_no_due_date?
    due_date? && params[:due_date] == Issue::NoDueDate.name
  end

  def filter_by_overdue?
    due_date? && params[:due_date] == Issue::Overdue.name
  end

  def filter_by_due_this_week?
    due_date? && params[:due_date] == Issue::DueThisWeek.name
  end

  def filter_by_due_this_month?
    due_date? && params[:due_date] == Issue::DueThisMonth.name
  end

118 119 120 121
  def filter_by_due_next_month_and_previous_two_weeks?
    due_date? && params[:due_date] == Issue::DueNextMonthAndPreviousTwoWeeks.name
  end

122 123 124 125
  def due_date?
    params[:due_date].present?
  end

126
  def user_can_see_all_confidential_issues?
127 128
    return @user_can_see_all_confidential_issues if defined?(@user_can_see_all_confidential_issues)

129 130
    return @user_can_see_all_confidential_issues = false if current_user.blank?
    return @user_can_see_all_confidential_issues = true if current_user.full_private_access?
131

132
    @user_can_see_all_confidential_issues =
133 134 135 136 137 138 139
      if project? && project
        project.team.max_member_access(current_user.id) >= CONFIDENTIAL_ACCESS_LEVEL
      elsif group
        group.max_member_access_for_user(current_user) >= CONFIDENTIAL_ACCESS_LEVEL
      else
        false
      end
140 141
  end

142
  def user_cannot_see_confidential_issues?
143 144
    return false if user_can_see_all_confidential_issues?

145
    current_user.blank?
146 147
  end

148
  def by_assignee(items)
149
    if filter_by_no_assignee?
150
      items.unassigned
151 152 153 154
    elsif filter_by_any_assignee?
      items.assigned
    elsif assignee
      items.assigned_to(assignee)
155 156 157 158 159 160
    elsif assignee_id? || assignee_username? # assignee not found
      items.none
    else
      items
    end
  end
161
end