Module: Ci::JobTokenScope::EditScopeValidations

Included in:
AddProjectService, RemoveProjectService
Defined in:
app/services/concerns/ci/job_token_scope/edit_scope_validations.rb

Constant Summary collapse

ValidationError =
Class.new(StandardError)
TARGET_PROJECT_UNAUTHORIZED_OR_UNFOUND =
"The target_project that you are attempting to access does " \
"not exist or you don't have permission to perform this action"

Instance Method Summary collapse

Instance Method Details

#validate_edit!(source_project, target_project, current_user) ⇒ Object


11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'app/services/concerns/ci/job_token_scope/edit_scope_validations.rb', line 11

def validate_edit!(source_project, target_project, current_user)
  unless source_project.ci_job_token_scope_enabled?
    raise ValidationError, "Job token scope is disabled for this project"
  end

  unless can?(current_user, :admin_project, source_project)
    raise ValidationError, "Insufficient permissions to modify the job token scope"
  end

  unless can?(current_user, :read_project, target_project)
    raise ValidationError, TARGET_PROJECT_UNAUTHORIZED_OR_UNFOUND
  end
end