Introduce PolicyCheckable for checking policiesce-7000-introduce-PolicyCheckable

2 files changed, 37 insertions, 4 deletions

diff --git a/app/models/deploy_token.rb b/app/models/deploy_token.rb
index 7ab647abe93..51029950dda 100644
--- a/app/models/deploy_token.rb
+++ b/app/models/deploy_token.rb
@@ -1,6 +1,7 @@
 class DeployToken < ActiveRecord::Base
   include Expirable
   include TokenAuthenticatable
+  include PolicyCheckable
   add_authentication_token_field :token
 
   AVAILABLE_SCOPES = %i(read_repository read_registry).freeze
@@ -58,10 +59,6 @@ class DeployToken < ActiveRecord::Base
     write_attribute(:expires_at, value.presence || Forever.date)
   end
 
-  def admin?
-    false
-  end
-
   private
 
   def ensure_at_least_one_scope
diff --git a/app/policies/concerns/policy_checkable.rb b/app/policies/concerns/policy_checkable.rb
new file mode 100644
index 00000000000..5aae23c18e9
--- /dev/null
+++ b/app/policies/concerns/policy_checkable.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+# Include this module if we want to pass something else than the user to
+# check policies. This defines several methods which the policy checker
+# would call and check.
+module PolicyCheckable
+  extend ActiveSupport::Concern
+
+  def blocked?
+    false
+  end
+
+  def admin?
+    false
+  end
+
+  def external?
+    false
+  end
+
+  def internal?
+    false
+  end
+
+  def access_locked?
+    false
+  end
+
+  def required_terms_not_accepted?
+    false
+  end
+
+  def can_create_group
+    false
+  end
+end