Module: Ci::JobTokenScope::EditScopeValidations

Included in:

AddGroupOrProjectService, AddGroupService, AddProjectService, RemoveGroupService, RemoveProjectService, UpdatePoliciesService

Defined in:

app/services/concerns/ci/job_token_scope/edit_scope_validations.rb

Constant Summary

ValidationError =

Class.new(StandardError)

NotFoundError =

Class.new(StandardError)

TARGET_PROJECT_UNAUTHORIZED_OR_UNFOUND =

"The target_project that you are attempting to access does " \
"not exist or you don't have permission to perform this action"

TARGET_GROUP_UNAUTHORIZED_OR_UNFOUND =

"The target_group that you are attempting to access does " \
"not exist or you don't have permission to perform this action"

TARGET_DOES_NOT_EXIST =

'The group or project does not exist.'

Instance Method Summary

• #validate_group_remove!(source_project, current_user) ⇒ Object
• #validate_source_project_and_target_group_access!(source_project, target_group, current_user) ⇒ Object
• #validate_source_project_and_target_project_access!(source_project, target_project, current_user) ⇒ Object
• #validate_target_exists!(target) ⇒ Object

Instance Method Details

#validate_group_remove!(source_project, current_user) ⇒ Object

# File 'app/services/concerns/ci/job_token_scope/edit_scope_validations.rb', line 36

def validate_group_remove!(source_project, current_user)
  unless can?(current_user, :admin_project, source_project)
    raise ValidationError, "Insufficient permissions to modify the job token scope"
  end
end

#validate_source_project_and_target_group_access!(source_project, target_group, current_user) ⇒ Object

Raises:

• (ValidationError)

# File 'app/services/concerns/ci/job_token_scope/edit_scope_validations.rb', line 27

def validate_source_project_and_target_group_access!(source_project, target_group, current_user)
  unless can?(current_user, :admin_project, source_project)
    raise ValidationError, "Insufficient permissions to modify the job token scope"
  end

  raise ValidationError, TARGET_GROUP_UNAUTHORIZED_OR_UNFOUND unless can?(current_user, :read_group,
    target_group)
end

#validate_source_project_and_target_project_access!(source_project, target_project, current_user) ⇒ Object

# File 'app/services/concerns/ci/job_token_scope/edit_scope_validations.rb', line 17

def validate_source_project_and_target_project_access!(source_project, target_project, current_user)
  unless can?(current_user, :admin_project, source_project)
    raise ValidationError, "Insufficient permissions to modify the job token scope"
  end

  unless can?(current_user, :read_project, target_project)
    raise ValidationError, TARGET_PROJECT_UNAUTHORIZED_OR_UNFOUND
  end
end

#validate_target_exists!(target) ⇒ Object

Raises:

• (NotFoundError)

# File 'app/services/concerns/ci/job_token_scope/edit_scope_validations.rb', line 42

def validate_target_exists!(target)
  raise NotFoundError, TARGET_DOES_NOT_EXIST if target.nil?
end