Merge branch 'ce-7000-introduce-PolicyCheckable' into 'master'
CE: Add PolicyCheckable concern for things passing to policy check See merge request gitlab-org/gitlab-ce!20839
This commit is contained in:
commit
31044d41a6
|
@ -1,6 +1,7 @@
|
|||
class DeployToken < ActiveRecord::Base
|
||||
include Expirable
|
||||
include TokenAuthenticatable
|
||||
include PolicyActor
|
||||
add_authentication_token_field :token
|
||||
|
||||
AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
|
||||
|
@ -58,10 +59,6 @@ class DeployToken < ActiveRecord::Base
|
|||
write_attribute(:expires_at, value.presence || Forever.date)
|
||||
end
|
||||
|
||||
def admin?
|
||||
false
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def ensure_at_least_one_scope
|
||||
|
|
|
@ -0,0 +1,36 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# Include this module if we want to pass something else than the user to
|
||||
# check policies. This defines several methods which the policy checker
|
||||
# would call and check.
|
||||
module PolicyActor
|
||||
extend ActiveSupport::Concern
|
||||
|
||||
def blocked?
|
||||
false
|
||||
end
|
||||
|
||||
def admin?
|
||||
false
|
||||
end
|
||||
|
||||
def external?
|
||||
false
|
||||
end
|
||||
|
||||
def internal?
|
||||
false
|
||||
end
|
||||
|
||||
def access_locked?
|
||||
false
|
||||
end
|
||||
|
||||
def required_terms_not_accepted?
|
||||
false
|
||||
end
|
||||
|
||||
def can_create_group
|
||||
false
|
||||
end
|
||||
end
|
|
@ -43,6 +43,7 @@ module Gitlab
|
|||
#{config.root}/app/models/members
|
||||
#{config.root}/app/models/project_services
|
||||
#{config.root}/app/workers/concerns
|
||||
#{config.root}/app/policies/concerns
|
||||
#{config.root}/app/services/concerns
|
||||
#{config.root}/app/serializers/concerns
|
||||
#{config.root}/app/finders/concerns
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe PolicyActor do
|
||||
it 'implements all the methods from user' do
|
||||
methods = subject.instance_methods
|
||||
|
||||
# User.instance_methods do not return all methods until an instance is
|
||||
# initialized. So here we just use an instance
|
||||
expect(build(:user).methods).to include(*methods)
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue