kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/services/projects/create_service.rb
Vinnie Okada 928fc94c3d Enforce restricted visibilities for snippets 
Add new service classes to create and update project and personal
snippets.  These classes are responsible for enforcing restricted
visibility settings for non-admin users.
2015-03-08 17:57:08 -06:00

96 lines
2.6 KiB
Ruby
Raw Blame History

module Projects
class CreateService < BaseService
def initialize(user, params)
@current_user, @params = user, params.dup
end
def execute
@project = Project.new(params)
# Make sure that the user is allowed to use the specified visibility
# level
unless Gitlab::VisibilityLevel.allowed_for?(current_user,
params[:visibility_level])
deny_visibility_level(@project)
return @project
end
# Set project name from path
if @project.name.present? && @project.path.present?
# if both name and path set - everything is ok
elsif @project.path.present?
# Set project name from path
@project.name = @project.path.dup
elsif @project.name.present?
# For compatibility - set path from name
# TODO: remove this in 8.0
@project.path = @project.name.dup.parameterize
end
# get namespace id
namespace_id = params[:namespace_id]
if namespace_id
# Find matching namespace and check if it allowed
# for current user if namespace_id passed.
unless allowed_namespace?(current_user, namespace_id)
@project.namespace_id = nil
deny_namespace
return @project
end
else
# Set current user namespace if namespace_id is nil
@project.namespace_id = current_user.namespace_id
end
@project.creator = current_user
Project.transaction do
@project.save
unless @project.import?
unless @project.create_repository
raise 'Failed to create repository'
end
end
end
after_create_actions if @project.persisted?
@project
rescue => ex
@project.errors.add(:base, "Can't save project. Please try again later")
@project
end
protected
def deny_namespace
@project.errors.add(:namespace, "is not valid")
end
def allowed_namespace?(user, namespace_id)
namespace = Namespace.find_by(id: namespace_id)
current_user.can?(:create_projects, namespace)
end
def after_create_actions
log_info("#{@project.owner.name} created a new project \"#{@project.name_with_namespace}\"")
@project.create_wiki if @project.wiki_enabled?
event_service.create_project(@project, current_user)
system_hook_service.execute_hooks_for(@project, :create)
unless @project.group
@project.team << [current_user, :master]
end
@project.update_column(:last_activity_at, @project.created_at)
if @project.import?
@project.import_start
end
end
end
end
View git blame Copy permalink