Advanced search: remove reliance on limit_project_ids in group and global search

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Background

Advanced search for global and group levels send a list of project_ids to the search service to limit the list of projects to those the user has access to. For global it's current_user.authorized_projects and for group it's current_user.authorized_projects.inside_path(group.full_path).

This is not performant and for users with large numbers of authorized projects or for groups with large numbers of descendent projects, this sends a HUGE list of projects to the search service. This is not performant and puts a load on the database and rails when loading large lists into memory.

Proposal

Remove reliance on the limit_project_ids list for Advanced search. The area of code where limit_project_ids is passed in is in the elasticsearch_results method in:

• EE:Search::GlobalService
• EE:Search::GroupService

There are some issues that need to be solved before this can be completed

• supporting custom roles for read_code ability. TBD - Needs more details
• ensuring that users have correct role for groups level access