Class: Clusters::Agent

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• Clusters::Agent

Includes:

FromUnion, Gitlab::Utils::StrongMemoize

Defined in:

app/models/clusters/agent.rb

Constant Summary

INACTIVE_AFTER =

1.hour.freeze

ACTIVITY_EVENT_LIMIT =

200

Constants inherited from ApplicationRecord

ApplicationRecord::MAX_PLUCK

Constants included from ResetOnUnionError

ResetOnUnionError::MAX_RESET_PERIOD

Instance Method Summary

• #activity_event_deletion_cutoff ⇒ Object
• #ci_access_authorized_for?(user) ⇒ Boolean
• #connected? ⇒ Boolean
• #has_access_to?(requested_project) ⇒ Boolean
• #to_ability_name ⇒ Object
• #user_access_authorized_for?(user) ⇒ Boolean
• #user_access_config ⇒ Object

  As of today, all config values of associated authorization rows have the same value.

Methods inherited from ApplicationRecord

cached_column_list, #create_or_load_association, declarative_enum, default_select_columns, id_in, id_not_in, iid_in, pluck_primary_key, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order

Methods included from SensitiveSerializableHash

#serializable_hash

Instance Method Details

#activity_event_deletion_cutoff ⇒ Object

# File 'app/models/clusters/agent.rb', line 56

def activity_event_deletion_cutoff
  # Order is defined by the association
  activity_events
    .offset(ACTIVITY_EVENT_LIMIT - 1)
    .pick(:recorded_at)
end

#ci_access_authorized_for?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 67

def ci_access_authorized_for?(user)
  return false unless user

  all_ci_access_authorized_projects_for(user).exists? ||
    all_ci_access_authorized_namespaces_for(user).exists?
end

#connected? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 52

def connected?
  agent_tokens.connected.exists?
end

#has_access_to?(requested_project) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 48

def has_access_to?(requested_project)
  requested_project == project
end

#to_ability_name ⇒ Object

# File 'app/models/clusters/agent.rb', line 63

def to_ability_name
  :cluster
end

#user_access_authorized_for?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 74

def user_access_authorized_for?(user)
  return false unless user

  Clusters::Agents::Authorizations::UserAccess::Finder
    .new(user, agent: self, preload: false, limit: 1).execute.any?
end

#user_access_config ⇒ Object

As of today, all config values of associated authorization rows have the same value. See ‘UserAccess::RefreshService` for more information.

# File 'app/models/clusters/agent.rb', line 83

def user_access_config
  self.class.from_union(
    user_access_project_authorizations.select('config').limit(1),
    user_access_group_authorizations.select('config').limit(1)
  ).compact.first&.config
end