50 lines
1.1 KiB
Ruby
50 lines
1.1 KiB
Ruby
|
module Gitlab
|
||
|
module CycleAnalytics
|
||
|
class Permissions
|
||
|
STAGE_PERMISSIONS = {
|
||
|
read_build: [:test, :staging],
|
||
|
read_issue: [:issue, :production],
|
||
|
read_merge_request: [:code, :review]
|
||
|
}.freeze
|
||
|
|
||
|
def self.get(*args)
|
||
|
new(*args).get
|
||
|
end
|
||
|
|
||
|
def initialize(user:, project:)
|
||
|
@user = user
|
||
|
@project = project
|
||
|
@stage_permission_hash = {}
|
||
|
end
|
||
|
|
||
|
def get
|
||
|
::CycleAnalytics::STAGES.each do |stage|
|
||
|
@stage_permission_hash[stage] = authorized_stage?(stage)
|
||
|
end
|
||
|
|
||
|
@stage_permission_hash
|
||
|
end
|
||
|
|
||
|
private
|
||
|
|
||
|
def authorized_stage?(stage)
|
||
|
return false unless authorize_project(:read_cycle_analytics)
|
||
|
|
||
|
permissions_for_stage(stage).keys.each do |permission|
|
||
|
return false unless authorize_project(permission)
|
||
|
end
|
||
|
|
||
|
true
|
||
|
end
|
||
|
|
||
|
def permissions_for_stage(stage)
|
||
|
STAGE_PERMISSIONS.select { |_permission, stages| stages.include?(stage) }
|
||
|
end
|
||
|
|
||
|
def authorize_project(permission)
|
||
|
Ability.allowed?(@user, permission, @project)
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|