Enforce restricted visibilities for snippets

Add new service classes to create and update project and personal snippets. These classes are responsible for enforcing restricted visibility settings for non-admin users.
author: Vinnie Okada <vokada@mrvinn.com> 2015-03-07 22:47:06 +0300
committer: Vinnie Okada <vokada@mrvinn.com> 2015-03-09 02:57:08 +0300
commit: 928fc94c3d900069902b097d6464acee712a886c (patch)
tree: e30cbea42055c082e76881bd36ccd94f72afac8e /app/services/base_service.rb
parent: 285c5341855f8af6cbea5e964e3104a4698fa450 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/app/services/base_service.rb b/app/services/base_service.rb
index 8b07d7a4361..6d9ed345914 100644
--- a/app/services/base_service.rb
+++ b/app/services/base_service.rb
@@ -31,6 +31,21 @@ class BaseService
     SystemHooksService.new
   end
 
+  # Add an error to the specified model for restricted visibility levels
+  def deny_visibility_level(model, denied_visibility_level = nil)
+    denied_visibility_level ||= model.visibility_level
+
+    level_name = 'Unknown'
+    Gitlab::VisibilityLevel.options.each do |name, level|
+      level_name = name if level == denied_visibility_level
+    end
+
+    model.errors.add(
+      :visibility_level,
+      "#{level_name} visibility has been restricted by your GitLab administrator"
+    )
+  end
+
   private
 
   def error(message, http_status = nil)
author	Vinnie Okada <vokada@mrvinn.com>	2015-03-07 22:47:06 +0300
committer	Vinnie Okada <vokada@mrvinn.com>	2015-03-09 02:57:08 +0300
commit	928fc94c3d900069902b097d6464acee712a886c (patch)
tree	e30cbea42055c082e76881bd36ccd94f72afac8e /app/services/base_service.rb
parent	285c5341855f8af6cbea5e964e3104a4698fa450 (diff)