Module: ValidatesClassificationLabel
- Defined in:
- app/services/concerns/validates_classification_label.rb
Instance Method Summary collapse
- #classification_label_change?(record, attribute_name) ⇒ Boolean
- #rejection_reason_for_label(label) ⇒ Object
- #validate_classification_label(record, attribute_name) ⇒ Object
Instance Method Details
#classification_label_change?(record, attribute_name) ⇒ Boolean
24 25 26 |
# File 'app/services/concerns/validates_classification_label.rb', line 24 def classification_label_change?(record, attribute_name) params.key?(attribute_name) || record.new_record? end |
#rejection_reason_for_label(label) ⇒ Object
19 20 21 22 |
# File 'app/services/concerns/validates_classification_label.rb', line 19 def rejection_reason_for_label(label) reason_from_service = ::Gitlab::ExternalAuthorization.rejection_reason(current_user, label).presence reason_from_service || _("Access to '%{classification_label}' not allowed") % { classification_label: label } end |
#validate_classification_label(record, attribute_name) ⇒ Object
4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# File 'app/services/concerns/validates_classification_label.rb', line 4 def validate_classification_label(record, attribute_name) return unless ::Gitlab::ExternalAuthorization.enabled? return unless classification_label_change?(record, attribute_name) new_label = params[attribute_name].presence new_label ||= ::Gitlab::CurrentSettings.current_application_settings . unless ::Gitlab::ExternalAuthorization.access_allowed?(current_user, new_label) reason = rejection_reason_for_label(new_label) = s_('ClassificationLabelUnavailable|is unavailable: %{reason}') % { reason: reason } record.errors.add(attribute_name, ) end end |