Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-02 21:12:20 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-02 21:12:20 +0300
commit: 3c4d101de003ea292be5ac5baf5d73c6c2747367 (patch)
tree: 5918d12b69c4bfd84f05a585d62174586a80fd18 /app/services
parent: b2c21b99c7eb52b5fd906b1e7b4b08d4eb7a296c (diff)
6 files changed, 107 insertions, 1 deletions
diff --git a/app/services/groups/transfer_service.rb b/app/services/groups/transfer_service.rb
index 0a9705181ba..7e9fd9dad54 100644
--- a/app/services/groups/transfer_service.rb
+++ b/app/services/groups/transfer_service.rb
@@ -51,6 +51,7 @@ module Groups
       publish_event(old_root_ancestor_id)
     end
 
+    # Overridden in EE
     def ensure_allowed_transfer
       raise_transfer_error(:group_is_already_root) if group_is_already_root?
       raise_transfer_error(:same_parent_as_current) if same_parent?
@@ -208,6 +209,7 @@ module Groups
       raise TransferError, localized_error_messages[message]
     end
 
+    # Overridden in EE
     def localized_error_messages
       {
         database_not_supported: s_('TransferGroup|Database is not supported.'),
diff --git a/app/services/releases/links/base_service.rb b/app/services/releases/links/base_service.rb
new file mode 100644
index 00000000000..939de982db4
--- /dev/null
+++ b/app/services/releases/links/base_service.rb
@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Releases
+  module Links
+    class BaseService
+      attr_accessor :release, :current_user, :params
+
+      def initialize(release, current_user = nil, params = {})
+        @release = release
+        @current_user = current_user
+        @params = params.dup
+      end
+
+      private
+
+      def allowed_params
+        @allowed_params ||= params.slice(:name, :url, :link_type).tap do |hash|
+          hash[:filepath] = filepath if provided_filepath?
+        end
+      end
+
+      def provided_filepath?
+        params.key?(:direct_asset_path) || params.key?(:filepath)
+      end
+
+      def filepath
+        params[:direct_asset_path] || params[:filepath]
+      end
+    end
+  end
+end
diff --git a/app/services/releases/links/create_service.rb b/app/services/releases/links/create_service.rb
new file mode 100644
index 00000000000..c73c9f40254
--- /dev/null
+++ b/app/services/releases/links/create_service.rb
@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Releases
+  module Links
+    class CreateService < BaseService
+      def execute
+        return ServiceResponse.error(message: _('Access Denied')) unless allowed?
+
+        link = release.links.create(allowed_params)
+
+        if link.persisted?
+          ServiceResponse.success(payload: { link: link })
+        else
+          ServiceResponse.error(message: link.errors.full_messages)
+        end
+      end
+
+      private
+
+      def allowed?
+        Ability.allowed?(current_user, :create_release, release)
+      end
+    end
+  end
+end
diff --git a/app/services/releases/links/destroy_service.rb b/app/services/releases/links/destroy_service.rb
new file mode 100644
index 00000000000..9edde2f357b
--- /dev/null
+++ b/app/services/releases/links/destroy_service.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Releases
+  module Links
+    class DestroyService < BaseService
+      def execute(link)
+        return ServiceResponse.error(message: _('Access Denied')) unless allowed?
+        return ServiceResponse.error(message: _('Link does not exist')) unless link
+
+        if link.destroy
+          ServiceResponse.success(payload: { link: link })
+        else
+          ServiceResponse.error(message: link.errors.full_messages)
+        end
+      end
+
+      private
+
+      def allowed?
+        Ability.allowed?(current_user, :destroy_release, release)
+      end
+    end
+  end
+end
diff --git a/app/services/releases/links/update_service.rb b/app/services/releases/links/update_service.rb
new file mode 100644
index 00000000000..f50cde5c5a9
--- /dev/null
+++ b/app/services/releases/links/update_service.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Releases
+  module Links
+    class UpdateService < BaseService
+      def execute(link)
+        return ServiceResponse.error(message: _('Access Denied')) unless allowed?
+        return ServiceResponse.error(message: _('Link does not exist')) unless link
+
+        if link.update(allowed_params)
+          ServiceResponse.success(payload: { link: link })
+        else
+          ServiceResponse.error(message: link.errors.full_messages)
+        end
+      end
+
+      private
+
+      def allowed?
+        Ability.allowed?(current_user, :update_release, release)
+      end
+    end
+  end
+end
diff --git a/app/services/resource_access_tokens/create_service.rb b/app/services/resource_access_tokens/create_service.rb
index 86fb2cdf114..396d6a19dea 100644
--- a/app/services/resource_access_tokens/create_service.rb
+++ b/app/services/resource_access_tokens/create_service.rb
@@ -121,7 +121,7 @@ module ResourceAccessTokens
 
     def do_not_allow_owner_access_level_for_project_bot?(access_level)
       resource.is_a?(Project) &&
-        access_level == Gitlab::Access::OWNER &&
+        access_level.to_i == Gitlab::Access::OWNER &&
         !current_user.can?(:manage_owners, resource)
     end
   end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-02 21:12:20 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-02 21:12:20 +0300
commit	3c4d101de003ea292be5ac5baf5d73c6c2747367 (patch)
tree	5918d12b69c4bfd84f05a585d62174586a80fd18 /app/services
parent	b2c21b99c7eb52b5fd906b1e7b4b08d4eb7a296c (diff)