From 77955dd365f7310dc71c4eea7c918ce7e3a93d08 Mon Sep 17 00:00:00 2001 From: Philipp Thun Date: Mon, 31 Oct 2022 12:02:05 +0100 Subject: [PATCH] wip --- app/access/space_quota_definition_access.rb | 2 +- app/actions/process_create.rb | 4 ++-- app/actions/service_instance_share.rb | 4 ++-- app/actions/v3/service_instance_delete.rb | 2 +- app/controllers/v3/roles_controller.rb | 2 +- .../v3/security_groups_controller.rb | 4 ++-- .../field_service_instance_broker_decorator.rb | 15 +++++++++++---- ...ield_service_instance_offering_decorator.rb | 16 ++++++++++------ app/fetchers/droplet_list_fetcher.rb | 2 +- app/fetchers/route_fetcher.rb | 5 ++++- app/fetchers/space_quota_list_fetcher.rb | 2 +- app/fetchers/task_list_fetcher.rb | 3 ++- app/models/runtime/organization.rb | 2 +- app/models/runtime/process_model.rb | 2 +- app/models/runtime/user.rb | 6 ++++-- app/models/services/service.rb | 8 ++++---- app/models/services/service_broker.rb | 7 +++---- app/presenters/v3/security_group_presenter.rb | 18 +++++++++--------- app/presenters/v3/space_quota_presenter.rb | 12 ++++++------ lib/cloud_controller/permissions.rb | 4 ++-- 20 files changed, 68 insertions(+), 52 deletions(-) diff --git a/app/access/space_quota_definition_access.rb b/app/access/space_quota_definition_access.rb index 1624d27cc48..0ef785e9825 100644 --- a/app/access/space_quota_definition_access.rb +++ b/app/access/space_quota_definition_access.rb @@ -68,7 +68,7 @@ def delete?(space_quota_definition, _params=nil) def read?(space_quota_definition, *_) context.admin_override || ( !context.user.nil? && ( - (context.user.managed_organizations.include? space_quota_definition.organization) || + context.user.managed_organizations_dataset.where(id: space_quota_definition.organization_id).any? || !(context.user.managed_spaces & space_quota_definition.spaces).empty? || !(context.user.audited_spaces & space_quota_definition.spaces).empty? || !(context.user.spaces & space_quota_definition.spaces).empty? diff --git a/app/actions/process_create.rb b/app/actions/process_create.rb index a01886a8219..8b3e1a28c02 100644 --- a/app/actions/process_create.rb +++ b/app/actions/process_create.rb @@ -25,8 +25,8 @@ def create(app, args) process = nil app.class.db.transaction do process = app.add_process(attrs) - route_mappings = process.route_mappings - process.update(ports: route_mappings.map(&:app_port)) unless route_mappings.empty? + app_ports = process.route_mappings_dataset.select_map(:app_port) + process.update(ports: app_ports) unless app_ports.empty? Repositories::ProcessEventRepository.record_create(process, @user_audit_info, manifest_triggered: @manifest_triggered) end diff --git a/app/actions/service_instance_share.rb b/app/actions/service_instance_share.rb index 8dbd432462d..9a67b5c4881 100644 --- a/app/actions/service_instance_share.rb +++ b/app/actions/service_instance_share.rb @@ -54,12 +54,12 @@ def validate_plan_visibility!(service_instance, space) end def validate_name_uniqueness!(service_instance, space) - if space.service_instances.map(&:name).include?(service_instance.name) + if space.service_instances_dataset.where(name: service_instance.name).any? error_msg = "A service instance called #{service_instance.name} already exists in #{space.name}." error!(error_msg) end - return unless space.service_instances_shared_from_other_spaces.map(&:name).include?(service_instance.name) + return unless space.service_instances_shared_from_other_spaces_dataset.where(name: service_instance.name).any? error_msg = "A service instance called #{service_instance.name} has already been shared with #{space.name}." error!(error_msg) diff --git a/app/actions/v3/service_instance_delete.rb b/app/actions/v3/service_instance_delete.rb index 0b4f839c739..4e7311f6c56 100644 --- a/app/actions/v3/service_instance_delete.rb +++ b/app/actions/v3/service_instance_delete.rb @@ -150,7 +150,7 @@ def remove_associations def unshare_all_spaces # The array from `service_instance.shared_spaces` gets updated as spaces are unshared, so we make list of guids - space_guids = service_instance.shared_spaces.map(&:guid) + space_guids = service_instance.shared_spaces_dataset.select_map(:guid) unshare_action = ServiceInstanceUnshare.new space_guids.each_with_object([]) do |space_guid, errors| diff --git a/app/controllers/v3/roles_controller.rb b/app/controllers/v3/roles_controller.rb index e3b8e9b33bf..1bb975101de 100644 --- a/app/controllers/v3/roles_controller.rb +++ b/app/controllers/v3/roles_controller.rb @@ -75,7 +75,7 @@ def destroy if role.type == VCAP::CloudController::RoleTypes::ORGANIZATION_USER org = Organization.find(id: role.organization_id) - no_space_role = Role.where(space_id: org.spaces.map(&:id), user_id: role.user_id).empty? + no_space_role = Role.where(space_id: org.spaces_dataset.select(:id), user_id: role.user_id).empty? unprocessable!('Cannot delete organization_user role while user has roles in spaces in that organization.') unless no_space_role end end diff --git a/app/controllers/v3/security_groups_controller.rb b/app/controllers/v3/security_groups_controller.rb index 995fbba30c5..78c4cd93295 100644 --- a/app/controllers/v3/security_groups_controller.rb +++ b/app/controllers/v3/security_groups_controller.rb @@ -123,7 +123,7 @@ def delete_running_spaces unprocessable_space! unless space unauthorized! unless permission_queryer.can_update_active_space?(space.id, space.organization_id) suspended! unless permission_queryer.is_space_active?(space.id) - unprocessable_space! unless security_group.spaces.include?(space) + unprocessable_space! unless security_group.spaces_dataset.where(id: space.id).any? SecurityGroupUnapply.unapply_running(security_group, space) @@ -140,7 +140,7 @@ def delete_staging_spaces unprocessable_space! unless space unauthorized! unless permission_queryer.can_update_active_space?(space.id, space.organization_id) suspended! unless permission_queryer.is_space_active?(space.id) - unprocessable_space! unless security_group.staging_spaces.include?(space) + unprocessable_space! unless security_group.staging_spaces_dataset.where(id: space.id).any? SecurityGroupUnapply.unapply_staging(security_group, space) diff --git a/app/decorators/field_service_instance_broker_decorator.rb b/app/decorators/field_service_instance_broker_decorator.rb index e39c6b20a48..f29eb88645f 100644 --- a/app/decorators/field_service_instance_broker_decorator.rb +++ b/app/decorators/field_service_instance_broker_decorator.rb @@ -16,11 +16,18 @@ def decorate(hash, service_instances) managed_service_instances = service_instances.select(&:managed_instance?) return hash if managed_service_instances.empty? - hash[:included] ||= {} - plans = managed_service_instances.map(&:service_plan).uniq - brokers = plans.map(&:service_broker).uniq + brokers = ServiceBroker. + join(:services, service_broker_id: :service_brokers__id). + join(:service_plans, service_id: :services__id). + join(:service_instances, service_plan_id: :service_plans__id). + where(service_instances__id: managed_service_instances.map(&:id)). + distinct. + order_by(:service_brokers__created_at). + select(:service_brokers__name, :service_brokers__guid). + all - hash[:included][:service_brokers] = brokers.sort_by(&:created_at).map do |broker| + hash[:included] ||= {} + hash[:included][:service_brokers] = brokers.map do |broker| broker_view = {} broker_view[:name] = broker.name if @fields.include?('name') broker_view[:guid] = broker.guid if @fields.include?('guid') diff --git a/app/decorators/field_service_instance_offering_decorator.rb b/app/decorators/field_service_instance_offering_decorator.rb index 3d299efe283..6654d4e9054 100644 --- a/app/decorators/field_service_instance_offering_decorator.rb +++ b/app/decorators/field_service_instance_offering_decorator.rb @@ -12,16 +12,21 @@ def initialize(fields) @fields = fields[:'service_plan.service_offering'].to_set.intersection(self.class.allowed) end - # rubocop:todo Metrics/CyclomaticComplexity def decorate(hash, service_instances) managed_service_instances = service_instances.select(&:managed_instance?) return hash if managed_service_instances.empty? - hash[:included] ||= {} - plans = managed_service_instances.map(&:service_plan).uniq - offerings = plans.map(&:service).uniq + offerings = Service. + join(:service_plans, service_id: :services__id). + join(:service_instances, service_plan_id: :service_plans__id). + where(service_instances__id: managed_service_instances.map(&:id)). + distinct. + order_by(:services__created_at). + select(:services__label, :services__guid, :services__description, :services__tags, :services__extra, :services__service_broker_id). + all - hash[:included][:service_offerings] = offerings.sort_by(&:created_at).map do |offering| + hash[:included] ||= {} + hash[:included][:service_offerings] = offerings.map do |offering| offering_view = {} offering_view[:name] = offering.name if @fields.include?('name') offering_view[:guid] = offering.guid if @fields.include?('guid') @@ -43,7 +48,6 @@ def decorate(hash, service_instances) hash end - # rubocop:enable Metrics/CyclomaticComplexity private diff --git a/app/fetchers/droplet_list_fetcher.rb b/app/fetchers/droplet_list_fetcher.rb index d867defcd56..1807072d805 100644 --- a/app/fetchers/droplet_list_fetcher.rb +++ b/app/fetchers/droplet_list_fetcher.rb @@ -44,7 +44,7 @@ def filter(message, app, space_guids, dataset) droplet_table_name = DropletModel.table_name if message.requested?(:organization_guids) - space_guids_from_orgs = Organization.where(guid: message.organization_guids).map(&:spaces).flatten.map(&:guid) + space_guids_from_orgs = Spaces.join(:organizations, id: :organization_id).where(organization__guid: message.organization_guids).select(:guid) dataset = dataset.select_all(droplet_table_name). join_table(:inner, AppModel.table_name, { guid: Sequel[:droplets][:app_guid], space_guid: space_guids_from_orgs }, { table_alias: :apps_orgs }) end diff --git a/app/fetchers/route_fetcher.rb b/app/fetchers/route_fetcher.rb index 7f961431fc0..0918875fd95 100644 --- a/app/fetchers/route_fetcher.rb +++ b/app/fetchers/route_fetcher.rb @@ -27,7 +27,10 @@ def filter(message, dataset) dataset = dataset.where(port: message.ports) if message.requested?(:ports) if message.requested?(:organization_guids) - space_ids = Organization.where(guid: message.organization_guids).map(&:spaces).flatten.map(&:id) + space_ids = Space. + join(:organizations, id: :organization_id). + where(organizations__guid: message.organization_guids). + select(:spaces__id) dataset = dataset.where(space_id: space_ids) end diff --git a/app/fetchers/space_quota_list_fetcher.rb b/app/fetchers/space_quota_list_fetcher.rb index 68d370558e7..d17b272072d 100644 --- a/app/fetchers/space_quota_list_fetcher.rb +++ b/app/fetchers/space_quota_list_fetcher.rb @@ -18,7 +18,7 @@ def filter(message, dataset, readable_space_quota_guids) dataset = dataset.where(name: message.names) if message.requested? :names if message.requested? :organization_guids - org_ids = Organization.where(guid: message.organization_guids).map(:id) + org_ids = Organization.where(guid: message.organization_guids).select(:id) dataset = dataset.where(organization_id: org_ids) end diff --git a/app/fetchers/task_list_fetcher.rb b/app/fetchers/task_list_fetcher.rb index 3df5339b3c9..8ec298f436d 100644 --- a/app/fetchers/task_list_fetcher.rb +++ b/app/fetchers/task_list_fetcher.rb @@ -37,7 +37,8 @@ def filter(message) def filter_app_dataset(message, app_dataset) app_dataset = app_dataset.where(space_guid: message.space_guids) if message.requested?(:space_guids) if message.requested?(:organization_guids) - app_dataset = app_dataset.where(space_guid: Organization.where(guid: message.organization_guids).map(&:spaces).flatten.map(&:guid)) + space_guids_from_orgs = Spaces.join(:organizations, id: :organization_id).where(organization__guid: message.organization_guids).select(:guid) + app_dataset = app_dataset.where(space_guid: space_guids_from_orgs) end app_dataset = app_dataset.where(guid: message.app_guids) if message.requested?(:app_guids) app_dataset diff --git a/app/models/runtime/organization.rb b/app/models/runtime/organization.rb index 1062d020e4c..7df73072a2a 100644 --- a/app/models/runtime/organization.rb +++ b/app/models/runtime/organization.rb @@ -259,7 +259,7 @@ def billing_enabled? end def isolation_segment_guids - isolation_segment_models.map(&:guid) + isolation_segment_models_dataset.select_map(:guid) end def has_user?(user) diff --git a/app/models/runtime/process_model.rb b/app/models/runtime/process_model.rb index 9c9f32ef7c5..d467ca100be 100644 --- a/app/models/runtime/process_model.rb +++ b/app/models/runtime/process_model.rb @@ -509,7 +509,7 @@ def stopped? end def uris - routes.map(&:uri) + routes_dataset.select_map(:uri) end def buildpack diff --git a/app/models/runtime/user.rb b/app/models/runtime/user.rb index 70b4f74fc27..6b491ee6f34 100644 --- a/app/models/runtime/user.rb +++ b/app/models/runtime/user.rb @@ -82,13 +82,15 @@ def validate end def validate_organization(org) - return if org && organizations.include?(org) + return if org && organizations_dataset.where(id: org.id).any? raise InvalidOrganizationRelation.new("Cannot add role, user does not belong to Organization with guid #{org.guid}") end def validate_organization_roles(org) - return unless org && (managed_organizations.include?(org) || billing_managed_organizations.include?(org) || audited_organizations.include?(org)) + return unless org && (managed_organizations_dataset.where(id: org.id).any? || + billing_managed_organizations_dataset.where(id: org.id).any? || + audited_organizations_dataset.where(id: org.id).any?) raise InvalidOrganizationRelation.new("Cannot remove user from Organization with guid #{org.guid} if the user has the OrgManager, BillingManager, or Auditor role") end diff --git a/app/models/services/service.rb b/app/models/services/service.rb index 811eab15f47..cd47c053441 100644 --- a/app/models/services/service.rb +++ b/app/models/services/service.rb @@ -29,9 +29,9 @@ class Service < Sequel::Model class << self def public_visible - public_active_plans = ServicePlan.where(active: true, public: true).all - service_ids = public_active_plans.map(&:service_id).uniq - dataset.filter(id: service_ids) + public_active_plans = ServicePlan.where(active: true, public: true) + + dataset.filter(id: public_active_plans.select(:service_id).distinct) end def user_visibility_filter(current_user, operation=nil) @@ -45,7 +45,7 @@ def user_visibility_for_read(current_user, _admin_override) end def unauthenticated_visibility_filter - { id: public_visible.map(&:id) } + { id: public_visible.select(:id) } end def space_or_org_visible_for_user(space, user) diff --git a/app/models/services/service_broker.rb b/app/models/services/service_broker.rb index fc32fe04cd8..1fb233d1eb7 100644 --- a/app/models/services/service_broker.rb +++ b/app/models/services/service_broker.rb @@ -47,10 +47,9 @@ def space_scoped? end def has_service_instances? - VCAP::CloudController::ServiceInstance. - join(:service_plans, id: :service_plan_id). - join(:services, id: :service_id). - where(services__service_broker_id: id). + services_dataset. + join(:service_plans, service_id: :services__id). + join(:service_instances, service_plan_id: :service_plans__id). any? end diff --git a/app/presenters/v3/security_group_presenter.rb b/app/presenters/v3/security_group_presenter.rb index ecb491feb15..c689a967f8e 100644 --- a/app/presenters/v3/security_group_presenter.rb +++ b/app/presenters/v3/security_group_presenter.rb @@ -27,10 +27,10 @@ def to_hash }, relationships: { running_spaces: { - data: space_guid_hash_for(security_group.spaces) + data: space_guid_hash_for(security_group.spaces_dataset) }, staging_spaces: { - data: space_guid_hash_for(security_group.staging_spaces) + data: space_guid_hash_for(security_group.staging_spaces_dataset) } }, links: build_links @@ -43,13 +43,13 @@ def security_group @resource end - def space_guid_hash_for(spaces) - visible_spaces = if @all_spaces_visible - spaces - else - spaces.select { |space| @visible_space_guids.include? space.guid } - end - visible_spaces.map { |space| { guid: space.guid } } + def space_guid_hash_for(spaces_dataset) + visible_spaces_dataset = if @all_spaces_visible + spaces_dataset + else + spaces_dataset.where(guid: @visible_space_guids) + end + visible_spaces_dataset.select_map(:guid).map { |guid| { guid: guid } } end def build_links diff --git a/app/presenters/v3/space_quota_presenter.rb b/app/presenters/v3/space_quota_presenter.rb index 2f375398f4f..ed2b5e84422 100644 --- a/app/presenters/v3/space_quota_presenter.rb +++ b/app/presenters/v3/space_quota_presenter.rb @@ -56,12 +56,12 @@ def space_quota end def filtered_visible_spaces - visible_spaces = if @all_spaces_visible - space_quota.spaces - else - space_quota.spaces.select { |space| @visible_space_guids.include? space.guid } - end - visible_spaces.map { |space| { guid: space.guid } } + visible_spaces_dataset = if @all_spaces_visible + space_quota.spaces_dataset + else + space_quota.spaces_dataset.where(guid: @visible_space_guids) + end + visible_spaces_dataset.select_map(:guid).map { |guid| { guid: guid } } end def build_links diff --git a/lib/cloud_controller/permissions.rb b/lib/cloud_controller/permissions.rb index 1b3ac2d26e9..b40f3b6a9aa 100644 --- a/lib/cloud_controller/permissions.rb +++ b/lib/cloud_controller/permissions.rb @@ -239,8 +239,8 @@ def can_read_route?(space_id) space = VCAP::CloudController::Space.where(id: space_id).first space.has_member?(@user) || space.has_supporter?(@user) || - @user.managed_organizations.map(&:id).include?(space.organization_id) || - @user.audited_organizations.map(&:id).include?(space.organization_id) + @user.managed_organizations_dataset.where(id: space.organization_id).any? || + @user.audited_organizations_dataset.where(id: space.organization_id).any? end def space_guids_with_readable_routes_query