1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
# frozen_string_literal: true
module Clusters
module AgentTokens
class CreateService
ALLOWED_PARAMS = %i[agent_id description name].freeze
ACTIVE_TOKENS_LIMIT = 2
attr_reader :agent, :current_user, :params
def initialize(agent:, current_user:, params:)
@agent = agent
@current_user = current_user
@params = params
end
def execute
return error_no_permissions unless current_user.can?(:create_cluster, agent.project)
return error_active_tokens_limit_reached if active_tokens_limit_reached?
token = ::Clusters::AgentToken.new(filtered_params.merge(agent_id: agent.id, created_by_user: current_user))
if token.save
log_activity_event(token)
ServiceResponse.success(payload: { secret: token.token, token: token })
else
ServiceResponse.error(message: token.errors.full_messages)
end
end
private
def error_no_permissions
ServiceResponse.error(message: s_('ClusterAgent|User has insufficient permissions to create a token for this project'))
end
def error_active_tokens_limit_reached
ServiceResponse.error(message: s_('ClusterAgent|An agent can have only two active tokens at a time'))
end
def active_tokens_limit_reached?
::Clusters::AgentTokensFinder.new(agent, current_user, status: :active).execute.count >= ACTIVE_TOKENS_LIMIT
end
def filtered_params
params.slice(*ALLOWED_PARAMS)
end
def log_activity_event(token)
Clusters::Agents::CreateActivityEventService.new(
token.agent,
kind: :token_created,
level: :info,
recorded_at: token.created_at,
user: current_user,
agent_token: token
).execute
end
end
end
end
Clusters::AgentTokens::CreateService.prepend_mod
|