Class: DeployToken
Constant Summary
collapse
- AVAILABLE_SCOPES =
%i[read_repository read_registry write_registry
read_package_registry write_package_registry
read_virtual_registry].freeze
- GITLAB_DEPLOY_TOKEN_NAME =
'gitlab-deploy-token'
- DEPLOY_TOKEN_PREFIX =
'gldt-'
Constants included
from Expirable
Expirable::DAYS_TO_EXPIRE
ApplicationRecord::MAX_PLUCK
HasCheckConstraints::NOT_NULL_CHECK_PATTERN
ResetOnColumnErrors::MAX_RESET_PERIOD
Class Method Summary
collapse
Instance Method Summary
collapse
#access_locked?, #admin?, #alert_bot?, #automation_bot?, #blocked?, #can?, #can_create_group, #can_read_all_resources?, #confirmation_required_on_sign_in?, #external?, #from_ci_job_token?, #internal?, #password_expired_if_applicable?, #preferred_language, #required_terms_not_accepted?, #requires_ldap_check?, #security_bot?, #support_bot?, #try_obtain_ldap_lease
Methods included from Expirable
#expires?, #expires_soon?
===, cached_column_list, #create_or_load_association, declarative_enum, default_select_columns, id_in, id_not_in, iid_in, nullable_column?, pluck_primary_key, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, #to_ability_name, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order
#reset_on_union_error, #reset_on_unknown_attribute_error
#serializable_hash
Class Method Details
.gitlab_deploy_token ⇒ Object
54
55
56
|
# File 'app/models/deploy_token.rb', line 54
def self.gitlab_deploy_token
active.find_by(name: GITLAB_DEPLOY_TOKEN_NAME)
end
|
Instance Method Details
#accessible_projects ⇒ Object
114
115
116
117
118
119
120
|
# File 'app/models/deploy_token.rb', line 114
def accessible_projects
if project_type?
projects
elsif group_type?
group.all_projects
end
end
|
#active? ⇒ Boolean
68
69
70
|
# File 'app/models/deploy_token.rb', line 68
def active?
!revoked && !expired?
end
|
#deactivated? ⇒ Boolean
72
73
74
|
# File 'app/models/deploy_token.rb', line 72
def deactivated?
!active?
end
|
#expires_at ⇒ Object
136
137
138
139
|
# File 'app/models/deploy_token.rb', line 136
def expires_at
expires_at = read_attribute(:expires_at)
expires_at != Forever.date ? expires_at : nil
end
|
#expires_at=(value) ⇒ Object
141
142
143
|
# File 'app/models/deploy_token.rb', line 141
def expires_at=(value)
write_attribute(:expires_at, value.presence || Forever.date)
end
|
#group ⇒ Object
108
109
110
111
112
|
# File 'app/models/deploy_token.rb', line 108
def group
strong_memoize(:group) do
groups.first
end
end
|
#has_access_to?(requested_project) ⇒ Boolean
84
85
86
87
88
89
|
# File 'app/models/deploy_token.rb', line 84
def has_access_to?(requested_project)
return false unless active?
return false unless holder
holder.has_access_to?(requested_project)
end
|
#has_access_to_group?(requested_group) ⇒ Boolean
91
92
93
94
95
96
97
|
# File 'app/models/deploy_token.rb', line 91
def has_access_to_group?(requested_group)
return false unless active?
return false unless group_type?
return false unless holder
holder.has_access_to_group?(requested_group)
end
|
#holder ⇒ Object
122
123
124
125
126
127
128
129
130
|
# File 'app/models/deploy_token.rb', line 122
def holder
strong_memoize(:holder) do
if project_type?
project_deploy_tokens.first
elsif group_type?
group_deploy_tokens.first
end
end
end
|
#impersonated? ⇒ Boolean
132
133
134
|
# File 'app/models/deploy_token.rb', line 132
def impersonated?
false
end
|
#prefix_for_deploy_token ⇒ Object
145
146
147
|
# File 'app/models/deploy_token.rb', line 145
def prefix_for_deploy_token
DEPLOY_TOKEN_PREFIX
end
|
#project ⇒ Object
This is temporal. Currently we limit DeployToken to a single project or group, later we’re going to extend that to be for multiple projects and namespaces.
102
103
104
105
106
|
# File 'app/models/deploy_token.rb', line 102
def project
strong_memoize(:project) do
projects.first
end
end
|
#revoke! ⇒ Object
64
65
66
|
# File 'app/models/deploy_token.rb', line 64
def revoke!
update!(revoked: true)
end
|
#scopes ⇒ Object
76
77
78
|
# File 'app/models/deploy_token.rb', line 76
def scopes
AVAILABLE_SCOPES.select { |token_scope| read_attribute(token_scope) }
end
|
#username ⇒ Object
80
81
82
|
# File 'app/models/deploy_token.rb', line 80
def username
super || default_username
end
|
#valid_for_dependency_proxy? ⇒ Boolean