Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/policies/group_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/policies/group_policy.rb')
-rw-r--r--app/policies/group_policy.rb10
1 files changed, 10 insertions, 0 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 1dae2682772..abb3616c58f 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -84,6 +84,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
with_scope :subject
condition(:crm_enabled, score: 0, scope: :subject) { @subject.crm_enabled? }
+ condition(:create_runner_workflow_enabled) do
+ Feature.enabled?(:create_runner_workflow)
+ end
+
condition(:group_runner_registration_allowed, scope: :subject) do
Gitlab::CurrentSettings.valid_runner_registrars.include?('group') && @subject.runner_registration_enabled?
end
@@ -200,6 +204,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
enable :read_group_runners
enable :admin_group_runners
enable :register_group_runners
+ enable :create_group_runners
enable :set_note_created_at
enable :set_emails_disabled
@@ -308,6 +313,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
rule { ~admin & ~group_runner_registration_allowed }.policy do
prevent :register_group_runners
+ prevent :create_group_runners
end
rule { migration_bot }.policy do
@@ -319,6 +325,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
enable :read_observability
end
+ rule { ~create_runner_workflow_enabled }.policy do
+ prevent :create_group_runners
+ end
+
def access_level(for_any_session: false)
return GroupMember::NO_ACCESS if @user.nil?
return GroupMember::NO_ACCESS unless user_is_user?
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-08 21:09:21 +0300