diff options
| -rw-r--r-- | lib/api/entities.rb | 8 | ||||
| -rw-r--r-- | lib/api/runners.rb | 6 |
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb index af030159580..a8c00542d35 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -388,7 +388,13 @@ module API expose :version, :revision, :platform, :architecture expose :contacted_at, as: :last_contact expose :token, if: lambda { |runner, options| options[:user_is_admin] || !runner.is_shared? } - expose :projects, with: Entities::RunnerProjectDetails + expose :projects, with: Entities::RunnerProjectDetails do |runner, options| + if options[:user_is_admin] + runner.projects + else + runner.projects.where(id: options[:available_projects_ids]) + end + end end class Build < Grape::Entity diff --git a/lib/api/runners.rb b/lib/api/runners.rb index c08d6729dd8..4a0e68a4ddb 100644 --- a/lib/api/runners.rb +++ b/lib/api/runners.rb @@ -33,7 +33,11 @@ module API runner = get_runner(params[:id]) authenticate_show_runner!(runner) - present runner, with: Entities::RunnerDetails, user_is_admin: current_user.is_admin? + available_projects_ids = runner.projects.select{ |p| can?(current_user, :read_project, p) } + .map(&:id) unless current_user.is_admin? + + present runner, with: Entities::RunnerDetails, user_is_admin: current_user.is_admin?, + available_projects_ids: available_projects_ids end # Update runner's details |