Introduce PolicyCheckable for checking policies

2018-07-24 22:30:09 +08:00 · 2018-07-24 22:30:09 +08:00 · e3aaa56c92
commit e3aaa56c92
parent 3f14c56bfe
3 changed files with 38 additions and 4 deletions
--- a/app/models/deploy_token.rb
+++ b/app/models/deploy_token.rb
@ -1,6 +1,7 @@
 class DeployToken < ActiveRecord::Base
  include Expirable
  include TokenAuthenticatable
+  include PolicyCheckable
  add_authentication_token_field :token

  AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
@ -58,10 +59,6 @@ class DeployToken < ActiveRecord::Base
    write_attribute(:expires_at, value.presence || Forever.date)
  end

-  def admin?
-    false
-  end
-
  private

  def ensure_at_least_one_scope
--- a/app/policies/concerns/policy_checkable.rb
+++ b/app/policies/concerns/policy_checkable.rb
@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Include this module if we want to pass something else than the user to
+# check policies. This defines several methods which the policy checker
+# would call and check.
+module PolicyCheckable
+  extend ActiveSupport::Concern
+
+  def blocked?
+    false
+  end
+
+  def admin?
+    false
+  end
+
+  def external?
+    false
+  end
+
+  def internal?
+    false
+  end
+
+  def access_locked?
+    false
+  end
+
+  def required_terms_not_accepted?
+    false
+  end
+
+  def can_create_group
+    false
+  end
+end
--- a/config/application.rb
+++ b/config/application.rb
@ -43,6 +43,7 @@ module Gitlab
                                     #{config.root}/app/models/members
                                     #{config.root}/app/models/project_services
                                     #{config.root}/app/workers/concerns
+                                     #{config.root}/app/policies/concerns
                                     #{config.root}/app/services/concerns
                                     #{config.root}/app/serializers/concerns
                                     #{config.root}/app/finders/concerns