Skip to content

Find project_authorizations records due for refresh via a service class [RUN ALL RSPEC] [RUN AS-IF-FOSS]

Manoj M J requested to merge 292443-find-records-for-auth-refresh-via-new-service into master

What does this MR do?

This is the first step towards implementing #292443 (closed)

Currently, we have a service class named Users::RefreshAuthorizedProjectsService, which performs the dual function of

  • finding the records that should be added or removed.
  • Adding or removing these specific records in ProjectAuthorizations table.

With this MR, a new service class named AuthorizedProjectUpdate::FindRecordsDueForRefreshService is being added which performs the function of

  • finding the records that should be added or removed.

The pros of this approach is

  • Responsibilities are now split
  • Users::RefreshAuthorizedProjectsService further calls AuthorizedProjectUpdate::FindRecordsDueForRefreshService to obtain the records that needs removal or addition.
  • AuthorizedProjectUpdate::FindRecordsDueForRefreshService is now standalone, and only performs "read" queries, which means we can use this service in a standalone manner towards accomplishing #292443 (closed) (For a detailed plan on how this new class will be used in a standalone manner, please see !54836 (comment 515219453))

Screenshots (strongly suggested)

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Mayra Cabrera

Merge request reports