Backend support for advanced search multi-select project [RUN ALL RSPEC] [RUN AS-IF-FOSS]
Compare changes
Files
4@@ -36,7 +36,7 @@ def projects
Related to Epic: &6110 and Issue: #332631
Backend support for allowing multi-select project search in Advanced Search only. Basic Search support will be handled in a separate MR. This feature is behind a disabled by default feature flag: advanced_search_multi_project_select
for groups
Added a new param project_ids
which will take the form of project_ids=1,2,3
or project_ids=1
and is only set if a group is selected and the Feature Flag is enabled for the selected group.
If any of the projects selected have Advanced Search enabled, the query will go to Elasticsearch. Once Basic Search supports multi-select projects, additional work will be done to combine results when projects results come from Postgres and Elasticsearch.
Note: You need to have Elasticsearch enabled in GDK, have Advanced Search enabled for search + indexing, and have created the index using rake commands or the Admin UI (rake gitlab:elastic:index
)
Feature.enable(:advanced_search_multi_project_select, group)
&project_ids=AA,BB
to the URL where AA and BB are the project_ids from the previous stepNote: I also did some testing by turning on Namespace limiting and trying to send the project_ids
parameter to groups and projects that only support Basic Search to make sure it didn't break anything.
There is a count query and select query for each search scope and will detail both here. Project ids used: 278964 and 7764
Explain plan: https://explain.depesz.com/s/PbPt
SELECT
“users”. *
FROM
“users”
WHERE (((“users”.“name” ILIKE ‘%test%’
OR “users”.“username” ILIKE ‘%test%’)
OR “users”.“email” = ‘test’)
OR “users”.“id” = (
SELECT
“emails”.“user_id”
FROM
“emails”
WHERE
“emails”.“email” = ‘test’
LIMIT 1))
AND “users”.“id” IN (
SELECT
“users”.“id”
FROM
“users”
INNER JOIN “project_authorizations” ON “project_authorizations”.“user_id” = “users”.“id”
WHERE
“project_authorizations”.“project_id” IN (278964, 7764))
ORDER BY
CASE WHEN users.name = ‘test’ THEN
0
WHEN users.username = ‘test’ THEN
1
WHEN users.email = ‘test’ THEN
2
ELSE
3
END,
“users”.“name” ASC
LIMIT 20 OFFSET 0
Explain plan: https://explain.depesz.com/s/HWrU
SELECT
COUNT(*)
FROM (
SELECT
1 AS one
FROM
“users”
WHERE (((“users”.“name” ILIKE ‘%test%’
OR “users”.“username” ILIKE ‘%test%’)
OR “users”.“email” = ‘test’)
OR “users”.“id” = (
SELECT
“emails”.“user_id”
FROM
“emails”
WHERE
“emails”.“email” = ‘test’
LIMIT 1))
AND “users”.“id” IN (
SELECT
“users”.“id”
FROM
“users”
INNER JOIN “project_authorizations” ON “project_authorizations”.“user_id” = “users”.“id”
WHERE
“project_authorizations”.“project_id” IN (278964, 7764))
LIMIT 100) subquery_for_count
Tested with two project ids which map to gnome-1
and Fdroidclient
projects (which you can see in the screenshots)
Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.
@gitlab-com/gl-security/appsec