diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:11:15 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-06-29 14:11:34 +0000 |
commit | 222fda90362a3be9e54323af32234d038b99908d (patch) | |
tree | 9678d10e85608009dfe340c635f979e1e2bcc3a6 /app/finders/ci | |
parent | 4279c892b46b4a9de9f0580cf011173e716ebf6c (diff) | |
download | gitlab-ce-222fda90362a3be9e54323af32234d038b99908d.tar.gz |
Add latest changes from gitlab-org/security/gitlab@15-1-stable-ee
Diffstat (limited to 'app/finders/ci')
-rw-r--r-- | app/finders/ci/runner_jobs_finder.rb | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/app/finders/ci/runner_jobs_finder.rb b/app/finders/ci/runner_jobs_finder.rb index 9dc3c2a2427..b659eda6646 100644 --- a/app/finders/ci/runner_jobs_finder.rb +++ b/app/finders/ci/runner_jobs_finder.rb @@ -6,13 +6,15 @@ module Ci ALLOWED_INDEXED_COLUMNS = %w[id].freeze - def initialize(runner, params = {}) + def initialize(runner, current_user, params = {}) @runner = runner + @user = current_user @params = params end def execute items = @runner.builds + items = by_permission(items) items = by_status(items) sort_items(items) end @@ -20,6 +22,14 @@ module Ci private # rubocop: disable CodeReuse/ActiveRecord + def by_permission(items) + return items if @user.can_read_all_resources? + + items.for_project(@user.authorized_project_mirrors(Gitlab::Access::REPORTER).select(:project_id)) + end + # rubocop: enable CodeReuse/ActiveRecord + + # rubocop: disable CodeReuse/ActiveRecord def by_status(items) return items unless Ci::HasStatus::AVAILABLE_STATUSES.include?(params[:status]) |