Use build policy to determine if user can play build
This commit is contained in:
parent
55aa727eff
commit
2aa211fa69
|
@ -115,12 +115,6 @@ module Ci
|
|||
commands.present?
|
||||
end
|
||||
|
||||
def can_play?(current_user)
|
||||
::Gitlab::UserAccess
|
||||
.new(current_user, project: project)
|
||||
.can_push_to_branch?(ref)
|
||||
end
|
||||
|
||||
def play(current_user)
|
||||
Ci::PlayBuildService
|
||||
.new(project, current_user)
|
||||
|
|
|
@ -122,12 +122,6 @@ class Environment < ActiveRecord::Base
|
|||
available? && stop_action.present?
|
||||
end
|
||||
|
||||
def can_trigger_stop_action?(current_user)
|
||||
return false unless stop_action?
|
||||
|
||||
stop_action.can_play?(current_user)
|
||||
end
|
||||
|
||||
def stop_with_action!(current_user)
|
||||
return unless available?
|
||||
|
||||
|
|
|
@ -19,6 +19,6 @@ class BuildActionEntity < Grape::Entity
|
|||
alias_method :build, :object
|
||||
|
||||
def playable?
|
||||
build.playable? && build.can_play?(request.user)
|
||||
can?(request.user, :play_build, build) && build.playable?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -26,7 +26,7 @@ class BuildEntity < Grape::Entity
|
|||
alias_method :build, :object
|
||||
|
||||
def playable?
|
||||
build.playable? && build.can_play?(request.user)
|
||||
can?(request.user, :play_build, build) && build.playable?
|
||||
end
|
||||
|
||||
def detailed_status
|
||||
|
|
|
@ -9,7 +9,8 @@ module Ci
|
|||
return unless can?(current_user, :create_deployment, project)
|
||||
|
||||
environments.each do |environment|
|
||||
next unless environment.can_trigger_stop_action?(current_user)
|
||||
next unless environment.stop_action?
|
||||
next unless can?(current_user, :play_build, environment.stop_action)
|
||||
|
||||
environment.stop_with_action!(current_user)
|
||||
end
|
||||
|
|
|
@ -101,7 +101,7 @@
|
|||
= link_to cancel_namespace_project_build_path(build.project.namespace, build.project, build, return_to: request.original_url), method: :post, title: 'Cancel', class: 'btn btn-build' do
|
||||
= icon('remove', class: 'cred')
|
||||
- elsif allow_retry
|
||||
- if build.playable? && !admin && build.can_play?(current_user)
|
||||
- if build.playable? && !admin && can?(current_user, :play_build, build)
|
||||
= link_to play_namespace_project_build_path(build.project.namespace, build.project, build, return_to: request.original_url), method: :post, title: 'Play', class: 'btn btn-build' do
|
||||
= custom_icon('icon_play')
|
||||
- elsif build.retryable?
|
||||
|
|
|
@ -10,7 +10,7 @@ module Gitlab
|
|||
end
|
||||
|
||||
def has_action?
|
||||
can?(user, :update_build, subject) && subject.can_play?(user)
|
||||
can?(user, :play_build, subject)
|
||||
end
|
||||
|
||||
def action_icon
|
||||
|
|
|
@ -925,33 +925,6 @@ describe Ci::Build, :models do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#can_play?' do
|
||||
before do
|
||||
project.add_developer(user)
|
||||
end
|
||||
|
||||
let(:build) do
|
||||
create(:ci_build, ref: 'some-ref', pipeline: pipeline)
|
||||
end
|
||||
|
||||
context 'when branch build is running for is protected' do
|
||||
before do
|
||||
create(:protected_branch, :no_one_can_push,
|
||||
name: 'some-ref', project: project)
|
||||
end
|
||||
|
||||
it 'indicates that user can not trigger an action' do
|
||||
expect(build.can_play?(user)).to be_falsey
|
||||
end
|
||||
end
|
||||
|
||||
context 'when branch build is running for is not protected' do
|
||||
it 'indicates that user can trigger an action' do
|
||||
expect(build.can_play?(user)).to be_truthy
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#play' do
|
||||
let(:build) { create(:ci_build, :manual, pipeline: pipeline) }
|
||||
|
||||
|
|
|
@ -155,31 +155,6 @@ describe Environment, models: true do
|
|||
end
|
||||
end
|
||||
|
||||
describe '#can_trigger_stop_action?' do
|
||||
let(:user) { create(:user) }
|
||||
let(:project) { create(:project) }
|
||||
|
||||
let(:environment) do
|
||||
create(:environment, :with_review_app, project: project)
|
||||
end
|
||||
|
||||
context 'when user can trigger stop action' do
|
||||
before do
|
||||
project.add_developer(user)
|
||||
end
|
||||
|
||||
it 'returns value that evaluates to true' do
|
||||
expect(environment.can_trigger_stop_action?(user)).to be_truthy
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user is not allowed to trigger stop action' do
|
||||
it 'returns value that evaluates to false' do
|
||||
expect(environment.can_trigger_stop_action?(user)).to be_falsey
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe '#stop_with_action!' do
|
||||
let(:user) { create(:admin) }
|
||||
|
||||
|
|
Loading…
Reference in New Issue