Add support for mixing direct member filter with 2FA filter
requested to merge 228675-separate-filtering-users-from-sorting-users-support-multiple-filters into master
What does this MR do?
Related to #228675 (closed)
Currently you can not filter group members by "Direct only" and 2FA enabled/disabled, meaning the 2FA filter only works when also displaying inherited group members. This MR adds support for this in preparation for implementing a filtered search bar.
Raw SQL
Before
SELECT
"members".*
FROM
"members"
WHERE
"members"."type" = 'GroupMember'
AND "members"."source_id" = 9970
AND "members"."source_type" = 'Namespace'
AND "members"."requested_at" IS NULL
AND "members"."access_level" != 5
After
SELECT
"members".*
FROM
"members"
LEFT OUTER JOIN "users" ON "members"."user_id" = "users"."id"
WHERE
"members"."type" = 'GroupMember'
AND "members"."source_id" = 9970
AND "members"."source_type" = 'Namespace'
AND "members"."requested_at" IS NULL
AND "members"."access_level" != 5
AND (EXISTS (
SELECT
*
FROM
u2f_registrations AS u2f
WHERE
u2f.user_id = users.id)
OR users.otp_required_for_login = TRUE
OR EXISTS (
SELECT
*
FROM
webauthn_registrations AS webauthn
WHERE
webauthn.user_id = users.id))
Explain Plan
https://explain.depesz.com/s/8GJs
Example of what the filtered search bar will look like
Since the current filter dropdowns will be converted to a filtered search bar in #228675 (closed) this MR does not change the current dropdowns to support this change.
Screenshots (strongly suggested)
Filters | Before | After |
---|---|---|
2FA: enabled, Direct only | ||
2FA: disabled, Direct only |
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Peter Hegman