Class: Gitlab::BackgroundMigration::RecalculateTwoFactorEnforcementOnUsers::User

Inherits:
ApplicationRecord
  • Object
show all
Defined in:
lib/gitlab/background_migration/recalculate_two_factor_enforcement_on_users.rb

Constant Summary collapse

GUEST_ACCESS_LEVEL = 
10

Constants inherited from ApplicationRecord

ApplicationRecord::MAX_PLUCK

Constants included from HasCheckConstraints

HasCheckConstraints::NOT_NULL_CHECK_PATTERN

Constants included from ResetOnColumnErrors

ResetOnColumnErrors::MAX_RESET_PERIOD

Instance Method Summary collapse

Methods inherited from ApplicationRecord

===, cached_column_list, #create_or_load_association, current_transaction, declarative_enum, default_select_columns, delete_all_returning, #deleted_from_database?, id_in, id_not_in, iid_in, nullable_column?, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, #to_ability_name, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order

Methods included from Organizations::Sharding

#sharding_organization

Methods included from ResetOnColumnErrors

#reset_on_union_error, #reset_on_unknown_attribute_error

Methods included from SensitiveSerializableHash

#serializable_hash

Instance Method Details

#expanded_groups_requiring_two_factor_authenticationObject 



51
52
53
54
55
56
57
58
 
# File 'lib/gitlab/background_migration/recalculate_two_factor_enforcement_on_users.rb', line 51

def expanded_groups_requiring_two_factor_authentication
  return groups if groups.empty?

  Gitlab::ObjectHierarchy
    .new(groups)
    .all_objects
    .where(require_two_factor_authentication: true)
end

#update_two_factor_requirementObject 



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/gitlab/background_migration/recalculate_two_factor_enforcement_on_users.rb', line 35

def update_two_factor_requirement
  periods = expanded_groups_requiring_two_factor_authentication.pluck(:two_factor_grace_period) # rubocop:disable Database/AvoidUsingPluckWithoutLimit -- maintaining parity with model

  self.require_two_factor_authentication_from_group = periods.any?
  self.two_factor_grace_period = periods.min || User.column_defaults['two_factor_grace_period']

  return unless require_two_factor_authentication_from_group_changed?

  Gitlab::AppLogger.info({ message: 'User 2FA enforcement from group changed.',
                           user_id: id,
                           from: require_two_factor_authentication_from_group_was,
                           to: require_two_factor_authentication_from_group })

  save
end