Class: Clusters::Agent

Inherits:

ApplicationRecord

• Object
• ActiveRecord::Base
• ApplicationRecord
• Clusters::Agent

Includes:

FromUnion, Gitlab::Utils::StrongMemoize

Defined in:

app/models/clusters/agent.rb

Constant Summary

INACTIVE_AFTER =

1.hour.freeze

ACTIVITY_EVENT_LIMIT =

200

Constants inherited from ApplicationRecord

ApplicationRecord::MAX_PLUCK

Constants included from HasCheckConstraints

HasCheckConstraints::NOT_NULL_CHECK_PATTERN

Constants included from ResetOnColumnErrors

ResetOnColumnErrors::MAX_RESET_PERIOD

Instance Method Summary

• #activity_event_deletion_cutoff ⇒ Object
• #ci_access_authorized_for?(user) ⇒ Boolean
• #connected? ⇒ Boolean
• #has_access_to?(requested_project) ⇒ Boolean
• #resource_management_enabled? ⇒ Boolean
• #to_ability_name ⇒ Object
• #user_access_authorizations ⇒ Object
• #user_access_authorized_for?(user) ⇒ Boolean
• #user_access_config ⇒ Object

  As of today, all config values of associated authorization rows have the same value.

Methods inherited from ApplicationRecord

===, cached_column_list, #create_or_load_association, current_transaction, declarative_enum, default_select_columns, delete_all_returning, #deleted_from_database?, id_in, id_not_in, iid_in, nullable_column?, primary_key_in, #readable_by?, safe_ensure_unique, safe_find_or_create_by, safe_find_or_create_by!, underscore, where_exists, where_not_exists, with_fast_read_statement_timeout, without_order

Methods included from Organizations::Sharding

#sharding_organization

Methods included from ResetOnColumnErrors

#reset_on_union_error, #reset_on_unknown_attribute_error

Methods included from Gitlab::SensitiveSerializableHash

#serializable_hash

Instance Method Details

#activity_event_deletion_cutoff ⇒ Object

# File 'app/models/clusters/agent.rb', line 61

def activity_event_deletion_cutoff
  # Order is defined by the association
  activity_events
    .offset(ACTIVITY_EVENT_LIMIT - 1)
    .pick(:recorded_at)
end

#ci_access_authorized_for?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 72

def ci_access_authorized_for?(user)
  return false unless user

  all_ci_access_authorized_projects_for(user).exists? ||
    all_ci_access_authorized_namespaces_for(user).exists?
end

#connected? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 57

def connected?
  agent_tokens.connected.exists?
end

#has_access_to?(requested_project) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 53

def has_access_to?(requested_project)
  requested_project == project
end

#resource_management_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 99

def resource_management_enabled?
  false # Overridden in EE
end

#to_ability_name ⇒ Object

# File 'app/models/clusters/agent.rb', line 68

def to_ability_name
  :cluster
end

#user_access_authorizations ⇒ Object

# File 'app/models/clusters/agent.rb', line 92

def user_access_authorizations
  self.class.from_union(
    user_access_project_authorizations.select('config').limit(1),
    user_access_group_authorizations.select('config').limit(1)
  ).select('config').compact.first
end

#user_access_authorized_for?(user) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/models/clusters/agent.rb', line 79

def user_access_authorized_for?(user)
  return false unless user

  Clusters::Agents::Authorizations::UserAccess::Finder
    .new(user, agent: self, preload: false, limit: 1).execute.any?
end

#user_access_config ⇒ Object

As of today, all config values of associated authorization rows have the same value. See UserAccess::RefreshService for more information.

# File 'app/models/clusters/agent.rb', line 88

def user_access_config
  user_access_authorizations&.config
end