Class: Mutations::Ci::JobTokenScope::AddGroupOrProject

Inherits:
BaseMutation
  • Object
show all
Includes:
FindsProject
Defined in:
app/graphql/mutations/ci/job_token_scope/add_group_or_project.rb

Constant Summary

Constants inherited from BaseMutation

BaseMutation::ERROR_MESSAGE

Constants included from Gitlab::Graphql::Authorize::AuthorizeResource

Gitlab::Graphql::Authorize::AuthorizeResource::ConfigurationError, Gitlab::Graphql::Authorize::AuthorizeResource::RESOURCE_ACCESS_ERROR

Instance Method Summary collapse

Methods inherited from BaseMutation

#api_user?, authorization, authorization_scopes, authorized?, authorizes_object?, #current_user, #errors_on_object, #load_application_object, #read_only?, #ready?, #unauthorized_object

Methods included from Gitlab::Graphql::Authorize::AuthorizeResource

#authorize!, #authorized_find!, #authorized_resource?, #find_object, #raise_resource_not_available_error!

Instance Method Details

#resolve(args) ⇒ Object



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# File 'app/graphql/mutations/ci/job_token_scope/add_group_or_project.rb', line 39

def resolve(args)
  project = authorized_find!(args[:project_path])

  target = find_target_path(args[:target_path])

  args.delete(:job_token_policies) unless Feature.enabled?(:add_policies_to_ci_job_token, project)

  result = ::Ci::JobTokenScope::AddGroupOrProjectService
    .new(project, current_user)
    .execute(target, policies: args[:job_token_policies])

  if result.success?
    {
      ci_job_token_scope: ::Ci::JobToken::Scope.new(project),
      ci_job_token_scope_allowlist_entry: result.payload.values[0],
      errors: []
    }
  else
    {
      ci_job_token_scope: nil,
      ci_job_token_scope_allowlist_entry: nil,
      errors: [result.message]
    }
  end
end