2018-10-22 03:00:50 -04:00
# frozen_string_literal: true
2013-08-20 08:59:26 -04:00
# Gitlab::Access module
#
# Define allowed roles that can be used
# in GitLab code to determine authorization level
#
module Gitlab
module Access
2017-03-01 06:00:37 -05:00
AccessDeniedError = Class . new ( StandardError )
2016-06-17 12:59:33 -04:00
2020-09-10 14:08:54 -04:00
NO_ACCESS = 0
MINIMAL_ACCESS = 5
GUEST = 10
REPORTER = 20
DEVELOPER = 30
MAINTAINER = 40
OWNER = 50
2013-08-20 08:59:26 -04:00
2015-01-25 10:33:54 -05:00
# Branch protection settings
2016-07-18 04:16:56 -04:00
PROTECTION_NONE = 0
PROTECTION_DEV_CAN_PUSH = 1
PROTECTION_FULL = 2
PROTECTION_DEV_CAN_MERGE = 3
2015-01-25 10:33:54 -05:00
2019-04-05 14:49:46 -04:00
# Default project creation level
NO_ONE_PROJECT_ACCESS = 0
MAINTAINER_PROJECT_ACCESS = 1
DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
2019-06-27 16:39:04 -04:00
# Default subgroup creation level
OWNER_SUBGROUP_ACCESS = 0
MAINTAINER_SUBGROUP_ACCESS = 1
2013-08-20 08:59:26 -04:00
class << self
2022-02-15 10:15:04 -05:00
delegate :values , to : :options
2013-08-20 08:59:26 -04:00
2014-09-14 12:32:51 -04:00
def all_values
options_with_owner . values
end
2013-08-20 08:59:26 -04:00
def options
{
2018-05-22 04:51:45 -04:00
" Guest " = > GUEST ,
" Reporter " = > REPORTER ,
" Developer " = > DEVELOPER ,
2018-07-11 10:36:08 -04:00
" Maintainer " = > MAINTAINER
2013-08-20 08:59:26 -04:00
}
end
def options_with_owner
options . merge (
" Owner " = > OWNER
)
end
2019-03-22 05:54:03 -04:00
def options_with_none
options_with_owner . merge (
" None " = > NO_ACCESS
)
end
2013-08-20 08:59:26 -04:00
def sym_options
{
2018-07-11 10:36:08 -04:00
guest : GUEST ,
reporter : REPORTER ,
developer : DEVELOPER ,
maintainer : MAINTAINER
2013-08-20 08:59:26 -04:00
}
end
2015-01-25 10:33:54 -05:00
2016-09-16 11:54:21 -04:00
def sym_options_with_owner
sym_options . merge ( owner : OWNER )
end
2015-01-25 10:33:54 -05:00
def protection_options
2021-10-29 17:13:01 -04:00
[
{
label : s_ ( 'DefaultBranchProtection|Not protected' ) ,
help_text : s_ ( 'DefaultBranchProtection|Both developers and maintainers can push new commits, force push, or delete the branch.' ) ,
value : PROTECTION_NONE
} ,
{
label : s_ ( 'DefaultBranchProtection|Protected against pushes' ) ,
help_text : s_ ( 'DefaultBranchProtection|Developers cannot push new commits, but are allowed to accept merge requests to the branch. Maintainers can push to the branch.' ) ,
value : PROTECTION_DEV_CAN_MERGE
} ,
{
label : s_ ( 'DefaultBranchProtection|Partially protected' ) ,
help_text : s_ ( 'DefaultBranchProtection|Both developers and maintainers can push new commits, but cannot force push.' ) ,
value : PROTECTION_DEV_CAN_PUSH
} ,
{
label : s_ ( 'DefaultBranchProtection|Fully protected' ) ,
help_text : s_ ( 'DefaultBranchProtection|Developers cannot push new commits, but maintainers can. No one can force push.' ) ,
value : PROTECTION_FULL
}
]
2015-01-25 10:33:54 -05:00
end
2015-02-03 21:12:20 -05:00
2015-01-25 10:33:54 -05:00
def protection_values
2021-10-29 17:13:01 -04:00
protection_options . map { | option | option [ :value ] }
2015-01-25 10:33:54 -05:00
end
2017-07-29 11:04:42 -04:00
def human_access ( access )
options_with_owner . key ( access )
end
2019-03-22 05:54:03 -04:00
def human_access_with_none ( access )
options_with_none . key ( access )
end
2019-04-05 14:49:46 -04:00
def project_creation_options
{
s_ ( 'ProjectCreationLevel|No one' ) = > NO_ONE_PROJECT_ACCESS ,
s_ ( 'ProjectCreationLevel|Maintainers' ) = > MAINTAINER_PROJECT_ACCESS ,
s_ ( 'ProjectCreationLevel|Developers + Maintainers' ) = > DEVELOPER_MAINTAINER_PROJECT_ACCESS
}
end
2019-10-07 11:05:59 -04:00
def project_creation_string_options
{
'noone' = > NO_ONE_PROJECT_ACCESS ,
'maintainer' = > MAINTAINER_PROJECT_ACCESS ,
'developer' = > DEVELOPER_MAINTAINER_PROJECT_ACCESS
}
end
2019-04-05 14:49:46 -04:00
def project_creation_values
project_creation_options . values
end
2019-10-07 11:05:59 -04:00
def project_creation_string_values
project_creation_string_options . keys
end
2019-04-05 14:49:46 -04:00
def project_creation_level_name ( name )
project_creation_options . key ( name )
end
2019-06-27 17:11:09 -04:00
def subgroup_creation_options
{
s_ ( 'SubgroupCreationlevel|Owners' ) = > OWNER_SUBGROUP_ACCESS ,
s_ ( 'SubgroupCreationlevel|Maintainers' ) = > MAINTAINER_SUBGROUP_ACCESS
}
end
2019-10-07 11:05:59 -04:00
def subgroup_creation_string_options
{
'owner' = > OWNER_SUBGROUP_ACCESS ,
'maintainer' = > MAINTAINER_SUBGROUP_ACCESS
}
end
def subgroup_creation_values
subgroup_creation_options . values
end
def subgroup_creation_string_values
subgroup_creation_string_options . keys
end
2013-08-20 08:59:26 -04:00
end
def human_access
2017-07-29 11:04:42 -04:00
Gitlab :: Access . human_access ( access_field )
2013-08-20 08:59:26 -04:00
end
2013-08-27 14:35:41 -04:00
2019-03-22 05:54:03 -04:00
def human_access_with_none
Gitlab :: Access . human_access_with_none ( access_field )
end
2013-08-27 14:35:41 -04:00
def owner?
access_field == OWNER
end
2013-08-20 08:59:26 -04:00
end
end
2019-09-13 09:26:31 -04:00
2021-05-11 17:10:21 -04:00
Gitlab :: Access . prepend_mod_with ( 'Gitlab::Access' )