DEV: extract join_group method from groups#add_members method (#13807)

* Copy the add_members method to the new join method * Remove unneeded code from the join method * Rearrange the join method * Remove unneeded stuff from the add_members method * Extract add_user_to_group method * Implement of the client side * Tests * Doesn't inline users.uniq * Return promise from join.then() * Remove unnecessary begin and end * Revert "Return promise from join.then()" This reverts commit bda84d8d * Remove variable already_in_group
2025-02-25 18:55:32 -06:00 · 2021-07-22 11:11:23 +04:00
parent f41908ad5b
commit 3cf7a3766a
5 changed files with 86 additions and 40 deletions
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -333,19 +333,9 @@ class GroupsController < ApplicationController

  def add_members
    group = Group.find(params[:id])
-    group.public_admission ? ensure_logged_in : guardian.ensure_can_edit!(group)
+    guardian.ensure_can_edit!(group)
+
    users = users_from_params.to_a
-
-    if group.public_admission
-      if !guardian.can_log_group_changes?(group) && current_user != users.first
-        raise Discourse::InvalidAccess
-      end
-
-      unless current_user.staff?
-        RateLimiter.new(current_user, "public_group_membership", 3, 1.minute).performed!
-      end
-    end
-
    emails = []
    if params[:emails]
      params[:emails].split(",").each do |email|
@@ -376,17 +366,10 @@ class GroupsController < ApplicationController
        count: usernames_already_in_group.size
      ))
    else
+      notify = params[:notify_users]&.to_s == "true"
      uniq_users = users.uniq
      uniq_users.each do |user|
-        begin
-          group.add(user)
-          GroupActionLogger.new(current_user, group).log_add_user_to_group(user)
-          group.notify_added_to_group(user) if params[:notify_users]&.to_s == "true"
-        rescue ActiveRecord::RecordNotUnique
-          # Under concurrency, we might attempt to insert two records quickly and hit a DB
-          # constraint. In this case we can safely ignore the error and act as if the user
-          # was added to the group.
-        end
+        add_user_to_group(group, user, notify)
      end

      emails.each do |email|
@@ -408,6 +391,19 @@ class GroupsController < ApplicationController
    end
  end

+  def join
+    ensure_logged_in
+    unless current_user.staff?
+      RateLimiter.new(current_user, "public_group_membership", 3, 1.minute).performed!
+    end
+
+    group = Group.find(params[:id])
+    raise Discourse::InvalidAccess unless group.public_admission
+
+    return if group.users.exists?(id: current_user.id)
+    add_user_to_group(group, current_user)
+  end
+
  def handle_membership_request
    group = Group.find_by(id: params[:id])
    raise Discourse::InvalidParameters.new(:id) if group.blank?
@@ -650,6 +646,16 @@ class GroupsController < ApplicationController

  private

+  def add_user_to_group(group, user, notify = false)
+    group.add(user)
+    GroupActionLogger.new(current_user, group).log_add_user_to_group(user)
+    group.notify_added_to_group(user) if notify
+  rescue ActiveRecord::RecordNotUnique
+    # Under concurrency, we might attempt to insert two records quickly and hit a DB
+    # constraint. In this case we can safely ignore the error and act as if the user
+    # was added to the group.
+  end
+
  def group_params(automatic: false)
    permitted_params =
      if automatic