Commit 31044d41 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Merge branch 'ce-7000-introduce-PolicyCheckable' into 'master'

CE: Add PolicyCheckable concern for things passing to policy check

See merge request gitlab-org/gitlab-ce!20839
parents de1b64e8 b577faf7
class DeployToken < ActiveRecord::Base class DeployToken < ActiveRecord::Base
include Expirable include Expirable
include TokenAuthenticatable include TokenAuthenticatable
include PolicyActor
add_authentication_token_field :token add_authentication_token_field :token
AVAILABLE_SCOPES = %i(read_repository read_registry).freeze AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
...@@ -58,10 +59,6 @@ class DeployToken < ActiveRecord::Base ...@@ -58,10 +59,6 @@ class DeployToken < ActiveRecord::Base
write_attribute(:expires_at, value.presence || Forever.date) write_attribute(:expires_at, value.presence || Forever.date)
end end
def admin?
false
end
private private
def ensure_at_least_one_scope def ensure_at_least_one_scope
......
# frozen_string_literal: true
# Include this module if we want to pass something else than the user to
# check policies. This defines several methods which the policy checker
# would call and check.
module PolicyActor
extend ActiveSupport::Concern
def blocked?
false
end
def admin?
false
end
def external?
false
end
def internal?
false
end
def access_locked?
false
end
def required_terms_not_accepted?
false
end
def can_create_group
false
end
end
...@@ -43,6 +43,7 @@ module Gitlab ...@@ -43,6 +43,7 @@ module Gitlab
#{config.root}/app/models/members #{config.root}/app/models/members
#{config.root}/app/models/project_services #{config.root}/app/models/project_services
#{config.root}/app/workers/concerns #{config.root}/app/workers/concerns
#{config.root}/app/policies/concerns
#{config.root}/app/services/concerns #{config.root}/app/services/concerns
#{config.root}/app/serializers/concerns #{config.root}/app/serializers/concerns
#{config.root}/app/finders/concerns #{config.root}/app/finders/concerns
......
# frozen_string_literal: true
require 'spec_helper'
describe PolicyActor do
it 'implements all the methods from user' do
methods = subject.instance_methods
# User.instance_methods do not return all methods until an instance is
# initialized. So here we just use an instance
expect(build(:user).methods).to include(*methods)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment