gitlab-org--gitlab-foss/app/policies/ci/runner_policy.rb

# frozen_string_literal: true

module Ci
  class RunnerPolicy < BasePolicy
    with_options scope: :subject, score: 0
    condition(:locked, scope: :subject) { @subject.locked? }

    # rubocop: disable CodeReuse/ActiveRecord
    condition(:owned_runner) { @user.ci_owned_runners.exists?(@subject.id) }
    # rubocop: enable CodeReuse/ActiveRecord

    rule { anonymous }.prevent_all

    rule { admin | owned_runner }.policy do
      enable :assign_runner
      enable :read_runner
      enable :update_runner
      enable :delete_runner
    end

    rule { ~admin & locked }.prevent :assign_runner
  end
end
Enable frozen string in presenters and policies Enable frozen string in: * app/presenters * app/policies Partially addresses #47424. 2018-07-24 06:00:56 -04:00			`# frozen_string_literal: true`

port runners, namespaces, group/project_members 2016-08-18 12:52:35 -04:00			`module Ci`
			`class RunnerPolicy < BasePolicy`
convert all the policies to DeclarativePolicy 2017-04-06 17:06:42 -04:00			`with_options scope: :subject, score: 0`
			`condition(:locked, scope: :subject) { @subject.locked? }`
port runners, namespaces, group/project_members 2016-08-18 12:52:35 -04:00
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: disable CodeReuse/ActiveRecord`
Rename User#ci_authorized_runners -> ci_owned_runners 2018-05-10 08:42:55 -04:00			`condition(:owned_runner) { @user.ci_owned_runners.exists?(@subject.id) }`
Disable existing offenses for the CodeReuse cops This whitelists all existing offenses for the various CodeReuse cops, of which most are triggered by the CodeReuse/ActiveRecord cop. 2018-08-27 11:31:01 -04:00			`# rubocop: enable CodeReuse/ActiveRecord`
port runners, namespaces, group/project_members 2016-08-18 12:52:35 -04:00
convert all the policies to DeclarativePolicy 2017-04-06 17:06:42 -04:00			`rule { anonymous }.prevent_all`
Refactor out duplication in runner_policy.rb 2018-05-16 03:56:28 -04:00
			`rule { admin \| owned_runner }.policy do`
			`enable :assign_runner`
			`enable :read_runner`
			`enable :update_runner`
			`enable :delete_runner`
			`end`

convert all the policies to DeclarativePolicy 2017-04-06 17:06:42 -04:00			`rule { ~admin & locked }.prevent :assign_runner`
port runners, namespaces, group/project_members 2016-08-18 12:52:35 -04:00			`end`
			`end`