Add latest changes from gitlab-org/gitlab@master

4 files changed, 98 insertions, 16 deletions

diff --git a/app/services/ci/runners/create_runner_service.rb b/app/services/ci/runners/create_runner_service.rb
index 5906cdce99d..fcb664500a9 100644
--- a/app/services/ci/runners/create_runner_service.rb
+++ b/app/services/ci/runners/create_runner_service.rb
@@ -5,23 +5,25 @@ module Ci
     class CreateRunnerService
       RUNNER_CLASS_MAPPING = {
         'instance_type' => Ci::Runners::RunnerCreationStrategies::InstanceRunnerStrategy,
-        nil => Ci::Runners::RunnerCreationStrategies::InstanceRunnerStrategy
+        'group_type' => Ci::Runners::RunnerCreationStrategies::GroupRunnerStrategy,
+        'project_type' => Ci::Runners::RunnerCreationStrategies::ProjectRunnerStrategy
       }.freeze
 
-      attr_accessor :user, :type, :params, :strategy
-
-      def initialize(user:, type:, params:)
+      def initialize(user:, params:)
         @user = user
-        @type = type
         @params = params
-        @strategy = RUNNER_CLASS_MAPPING[type].new(user: user, type: type, params: params)
+        @strategy = RUNNER_CLASS_MAPPING[params[:runner_type]].new(user: user, params: params)
       end
 
       def execute
         normalize_params
 
-        return ServiceResponse.error(message: 'Validation error') unless strategy.validate_params
-        return ServiceResponse.error(message: 'Insufficient permissions') unless strategy.authorized_user?
+        error = strategy.validate_params
+        return ServiceResponse.error(message: error, reason: :validation_error) if error
+
+        unless strategy.authorized_user?
+          return ServiceResponse.error(message: _('Insufficient permissions'), reason: :forbidden)
+        end
 
         runner = ::Ci::Runner.new(params)
 
@@ -32,12 +34,15 @@ module Ci
 
       def normalize_params
         params[:registration_type] = :authenticated_user
-        params[:runner_type] = type
         params[:active] = !params.delete(:paused) if params.key?(:paused)
         params[:creator] = user
 
         strategy.normalize_params
       end
+
+      private
+
+      attr_reader :user, :params, :strategy
     end
   end
 end
diff --git a/app/services/ci/runners/runner_creation_strategies/group_runner_strategy.rb b/app/services/ci/runners/runner_creation_strategies/group_runner_strategy.rb
new file mode 100644
index 00000000000..2eae5069046
--- /dev/null
+++ b/app/services/ci/runners/runner_creation_strategies/group_runner_strategy.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Ci
+  module Runners
+    module RunnerCreationStrategies
+      class GroupRunnerStrategy
+        include Gitlab::Utils::StrongMemoize
+
+        def initialize(user:, params:)
+          @user = user
+          @params = params
+        end
+
+        def normalize_params
+          params[:runner_type] = 'group_type'
+          params[:groups] = [scope]
+        end
+
+        def validate_params
+          _('Missing/invalid scope') unless scope.present?
+        end
+
+        def authorized_user?
+          user.present? && user.can?(:create_runner, scope)
+        end
+
+        private
+
+        attr_reader :user, :params
+
+        def scope
+          params.delete(:scope)
+        end
+        strong_memoize_attr :scope
+      end
+    end
+  end
+end
diff --git a/app/services/ci/runners/runner_creation_strategies/instance_runner_strategy.rb b/app/services/ci/runners/runner_creation_strategies/instance_runner_strategy.rb
index f195c3e88f9..39719ad806f 100644
--- a/app/services/ci/runners/runner_creation_strategies/instance_runner_strategy.rb
+++ b/app/services/ci/runners/runner_creation_strategies/instance_runner_strategy.rb
@@ -4,25 +4,26 @@ module Ci
   module Runners
     module RunnerCreationStrategies
       class InstanceRunnerStrategy
-        attr_accessor :user, :type, :params
-
-        def initialize(user:, type:, params:)
+        def initialize(user:, params:)
           @user = user
-          @type = type
           @params = params
         end
 
         def normalize_params
-          params[:runner_type] = :instance_type
+          params[:runner_type] = 'instance_type'
         end
 
         def validate_params
-          true
+          _('Unexpected scope') if params[:scope]
         end
 
         def authorized_user?
-          user.present? && user.can?(:create_instance_runners)
+          user.present? && user.can?(:create_instance_runner)
         end
+
+        private
+
+        attr_reader :user, :params
       end
     end
   end
diff --git a/app/services/ci/runners/runner_creation_strategies/project_runner_strategy.rb b/app/services/ci/runners/runner_creation_strategies/project_runner_strategy.rb
new file mode 100644
index 00000000000..487da996513
--- /dev/null
+++ b/app/services/ci/runners/runner_creation_strategies/project_runner_strategy.rb
@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Ci
+  module Runners
+    module RunnerCreationStrategies
+      class ProjectRunnerStrategy
+        include Gitlab::Utils::StrongMemoize
+
+        def initialize(user:, params:)
+          @user = user
+          @params = params
+        end
+
+        def normalize_params
+          params[:runner_type] = 'project_type'
+          params[:projects] = [scope]
+        end
+
+        def validate_params
+          _('Missing/invalid scope') unless scope.present?
+        end
+
+        def authorized_user?
+          user.present? && user.can?(:create_runner, scope)
+        end
+
+        private
+
+        attr_reader :user, :params
+
+        def scope
+          params.delete(:scope)
+        end
+        strong_memoize_attr :scope
+      end
+    end
+  end
+end