BigW Consortium Gitlab

protected_ref.rb 1.9 KB
Newer Older
1 2 3 4 5
module ProtectedRef
  extend ActiveSupport::Concern

  included do
    belongs_to :project
6

7 8 9
    validates :name, presence: true
    validates :project, presence: true

10
    delegate :matching, :matches?, :wildcard?, to: :ref_matcher
11 12 13 14 15 16 17 18 19
  end

  def commit
    project.commit(self.name)
  end

  class_methods do
    def protected_ref_access_levels(*types)
      types.each do |type|
20 21 22 23 24 25
        # We need to set `inverse_of` to make sure the `belongs_to`-object is set
        # when creating children using `accepts_nested_attributes_for`.
        #
        # If we don't `protected_branch` or `protected_tag` would be empty and
        # `project` cannot be delegated to it, which in turn would cause validations
        # to fail.
26
        has_many :"#{type}_access_levels", inverse_of: self.model_name.singular # rubocop:disable Cop/ActiveRecordDependent
27 28

        validates :"#{type}_access_levels", length: { is: 1, message: "are restricted to a single instance per #{self.model_name.human}." }
29

30 31 32 33
        accepts_nested_attributes_for :"#{type}_access_levels", allow_destroy: true
      end
    end

34 35
    def protected_ref_accessible_to?(ref, user, action:, protected_refs: nil)
      access_levels_for_ref(ref, action: action, protected_refs: protected_refs).any? do |access_level|
36 37 38 39
        access_level.check_access(user)
      end
    end

40
    def developers_can?(action, ref)
41 42 43 44 45
      access_levels_for_ref(ref, action: action).any? do |access_level|
        access_level.access_level == Gitlab::Access::DEVELOPER
      end
    end

46 47 48
    def access_levels_for_ref(ref, action:, protected_refs: nil)
      self.matching(ref, protected_refs: protected_refs)
        .map(&:"#{action}_access_levels").flatten
49 50
    end

51
    def matching(ref_name, protected_refs: nil)
52 53 54 55 56 57 58 59 60 61
      ProtectedRefMatcher.matching(self, ref_name, protected_refs: protected_refs)
    end
  end

  private

  def ref_matcher
    @ref_matcher ||= ProtectedRefMatcher.new(self)
  end
end