diff options
Diffstat (limited to 'app/services/ci/pipeline_schedules/base_save_service.rb')
-rw-r--r-- | app/services/ci/pipeline_schedules/base_save_service.rb | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/app/services/ci/pipeline_schedules/base_save_service.rb b/app/services/ci/pipeline_schedules/base_save_service.rb new file mode 100644 index 00000000000..45d70e5a65d --- /dev/null +++ b/app/services/ci/pipeline_schedules/base_save_service.rb @@ -0,0 +1,54 @@ +# frozen_string_literal: true + +module Ci + module PipelineSchedules + class BaseSaveService + include Gitlab::Utils::StrongMemoize + + def execute + schedule.assign_attributes(params) + + return forbidden_to_save unless allowed_to_save? + return forbidden_to_save_variables unless allowed_to_save_variables? + + if schedule.save + ServiceResponse.success(payload: schedule) + else + ServiceResponse.error(payload: schedule, message: schedule.errors.full_messages) + end + end + + private + + attr_reader :project, :user, :params, :schedule + + def allowed_to_save? + user.can?(self.class::AUTHORIZE, schedule) + end + + def forbidden_to_save + # We add the error to the base object too + # because model errors are used in the API responses and the `form_errors` helper. + schedule.errors.add(:base, authorize_message) + + ServiceResponse.error(payload: schedule, message: [authorize_message], reason: :forbidden) + end + + def allowed_to_save_variables? + return true if params[:variables_attributes].blank? + + user.can?(:set_pipeline_variables, project) + end + + def forbidden_to_save_variables + message = _('The current user is not authorized to set pipeline schedule variables') + + # We add the error to the base object too + # because model errors are used in the API responses and the `form_errors` helper. + schedule.errors.add(:base, message) + + ServiceResponse.error(payload: schedule, message: [message], reason: :forbidden) + end + end + end +end |