40 lines
1.3 KiB
Ruby
40 lines
1.3 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class DeployKeyEntity < Grape::Entity
|
|
expose :id
|
|
expose :user_id
|
|
expose :title
|
|
expose :fingerprint
|
|
expose :fingerprint_sha256
|
|
expose :destroyed_when_orphaned?, as: :destroyed_when_orphaned
|
|
expose :almost_orphaned?, as: :almost_orphaned
|
|
expose :created_at
|
|
expose :updated_at
|
|
expose :deploy_keys_projects, using: DeployKeysProjectEntity do |deploy_key|
|
|
deploy_key.deploy_keys_projects.select do |deploy_key_project|
|
|
!deploy_key_project.project&.pending_delete? && (allowed_to_read_project?(deploy_key_project.project) || options[:user].admin?)
|
|
end
|
|
end
|
|
expose :can_edit
|
|
expose :user, as: :owner, using: ::API::Entities::UserBasic, if: -> (_, opts) { can_read_owner?(opts) }
|
|
|
|
private
|
|
|
|
def can_edit
|
|
Ability.allowed?(options[:user], :update_deploy_key, object) ||
|
|
Ability.allowed?(options[:user], :update_deploy_keys_project, object.deploy_keys_project_for(options[:project]))
|
|
end
|
|
|
|
def can_read_owner?(opts)
|
|
opts[:with_owner] && Ability.allowed?(options[:user], :read_user, object.user)
|
|
end
|
|
|
|
def allowed_to_read_project?(project)
|
|
if options[:readable_project_ids]
|
|
options[:readable_project_ids].include?(project.id)
|
|
else
|
|
Ability.allowed?(options[:user], :read_project, project)
|
|
end
|
|
end
|
|
end
|