blob: fd78a886e29181ce689a519edd2f25a87a2ede86 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# frozen_string_literal: true
module Environments
class CreateService < BaseService
ALLOWED_ATTRIBUTES = %i[name external_url tier cluster_agent kubernetes_namespace].freeze
def execute
unless can?(current_user, :create_environment, project)
return ServiceResponse.error(
message: _('Unauthorized to create an environment'),
payload: { environment: nil }
)
end
if unauthorized_cluster_agent?
return ServiceResponse.error(
message: _('Unauthorized to access the cluster agent in this project'),
payload: { environment: nil })
end
environment = project.environments.create(**params.slice(*ALLOWED_ATTRIBUTES))
if environment.persisted?
ServiceResponse.success(payload: { environment: environment })
else
ServiceResponse.error(
message: environment.errors.full_messages,
payload: { environment: nil }
)
end
end
private
def unauthorized_cluster_agent?
return false unless params[:cluster_agent]
::Clusters::Agents::Authorizations::UserAccess::Finder
.new(current_user, agent: params[:cluster_agent], project: project)
.execute
.empty?
end
end
end
|