blob: 34ec6f42b19107d1a0e838cf487a044f8e6e3eb9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
# frozen_string_literal: true
module ContainerRegistry
module Protection
class CreateRuleService < BaseService
ALLOWED_ATTRIBUTES = %i[
container_path_pattern
push_protected_up_to_access_level
delete_protected_up_to_access_level
].freeze
def execute
unless can?(current_user, :admin_container_image, project)
error_message = _('Unauthorized to create a container registry protection rule')
return service_response_error(message: error_message)
end
container_registry_protection_rule =
project.container_registry_protection_rules.create(params.slice(*ALLOWED_ATTRIBUTES))
unless container_registry_protection_rule.persisted?
return service_response_error(message: container_registry_protection_rule.errors.full_messages.to_sentence)
end
ServiceResponse.success(payload: { container_registry_protection_rule: container_registry_protection_rule })
rescue StandardError => e
service_response_error(message: e.message)
end
private
def service_response_error(message:)
ServiceResponse.error(
message: message,
payload: { container_registry_protection_rule: nil }
)
end
end
end
end
|