diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-06 15:10:29 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-02-06 15:10:29 +0300 |
commit | 5564275a0b378298dc6281599cbfe71a937109ff (patch) | |
tree | a468e1e60046356410219c35c23a8a428c5e2c5e /app/models/deploy_token.rb | |
parent | d87918510a866a5fcbbc2f899ad65c6938ebf5f5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/models/deploy_token.rb')
-rw-r--r-- | app/models/deploy_token.rb | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/app/models/deploy_token.rb b/app/models/deploy_token.rb index 3d098406ab1..31c813edb67 100644 --- a/app/models/deploy_token.rb +++ b/app/models/deploy_token.rb @@ -15,6 +15,11 @@ class DeployToken < ApplicationRecord has_many :project_deploy_tokens, inverse_of: :deploy_token has_many :projects, through: :project_deploy_tokens + has_many :group_deploy_tokens, inverse_of: :deploy_token + has_many :groups, through: :group_deploy_tokens + + validate :no_groups, unless: :group_type? + validate :no_projects, unless: :project_type? validate :ensure_at_least_one_scope validates :username, length: { maximum: 255 }, @@ -24,6 +29,7 @@ class DeployToken < ApplicationRecord message: "can contain only letters, digits, '_', '-', '+', and '.'" } + validates :deploy_token_type, presence: true enum deploy_token_type: { group_type: 1, project_type: 2 @@ -56,18 +62,31 @@ class DeployToken < ApplicationRecord end def has_access_to?(requested_project) - active? && project == requested_project + return false unless active? + return false unless holder + + holder.has_access_to?(requested_project) end # This is temporal. Currently we limit DeployToken - # to a single project, later we're going to extend - # that to be for multiple projects and namespaces. + # to a single project or group, later we're going to + # extend that to be for multiple projects and namespaces. def project strong_memoize(:project) do projects.first end end + def holder + strong_memoize(:holder) do + if project_type? + project_deploy_tokens.first + elsif group_type? + group_deploy_tokens.first + end + end + end + def expires_at expires_at = read_attribute(:expires_at) expires_at != Forever.date ? expires_at : nil @@ -92,4 +111,12 @@ class DeployToken < ApplicationRecord def default_username "gitlab+deploy-token-#{id}" if persisted? end + + def no_groups + errors.add(:deploy_token, 'cannot have groups assigned') if group_deploy_tokens.any? + end + + def no_projects + errors.add(:deploy_token, 'cannot have projects assigned') if project_deploy_tokens.any? + end end |