diff options
author | Sean McGivern <sean@mcgivern.me.uk> | 2016-11-21 16:07:27 +0000 |
---|---|---|
committer | Sean McGivern <sean@mcgivern.me.uk> | 2016-11-21 16:07:27 +0000 |
commit | 80eaed1651e6a278af87e015f6b414d4f943a352 (patch) | |
tree | 1875bd34606e7d636b9f75afe741ff57bb04bf05 /lib | |
parent | a207c3d12f75644d72c7ea720949b8c58c89faa9 (diff) | |
parent | 9b691688583ad46d5608320ec64873dd2eb9a647 (diff) | |
download | gitlab-ce-80eaed1651e6a278af87e015f6b414d4f943a352.tar.gz |
Merge branch 'fix/cycle-analytics-permissions' into 'master'
Added permissions per stage to cycle analytics endpoint
See merge request !7613
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/cycle_analytics/permissions.rb | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/lib/gitlab/cycle_analytics/permissions.rb b/lib/gitlab/cycle_analytics/permissions.rb new file mode 100644 index 00000000000..bef3b95ff1b --- /dev/null +++ b/lib/gitlab/cycle_analytics/permissions.rb @@ -0,0 +1,44 @@ +module Gitlab + module CycleAnalytics + class Permissions + STAGE_PERMISSIONS = { + issue: :read_issue, + code: :read_merge_request, + test: :read_build, + review: :read_merge_request, + staging: :read_build, + production: :read_issue, + }.freeze + + def self.get(*args) + new(*args).get + end + + def initialize(user:, project:) + @user = user + @project = project + @stage_permission_hash = {} + end + + def get + ::CycleAnalytics::STAGES.each do |stage| + @stage_permission_hash[stage] = authorized_stage?(stage) + end + + @stage_permission_hash + end + + private + + def authorized_stage?(stage) + return false unless authorize_project(:read_cycle_analytics) + + STAGE_PERMISSIONS[stage] ? authorize_project(STAGE_PERMISSIONS[stage]) : true + end + + def authorize_project(permission) + Ability.allowed?(@user, permission, @project) + end + end + end +end |