diff options
Diffstat (limited to 'app/models/project_feature.rb')
-rw-r--r-- | app/models/project_feature.rb | 48 |
1 files changed, 38 insertions, 10 deletions
diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb index 7b204cfb1c0..a598bf3f60c 100644 --- a/app/models/project_feature.rb +++ b/app/models/project_feature.rb @@ -3,7 +3,23 @@ class ProjectFeature < ApplicationRecord include Featurable - FEATURES = %i(issues forking merge_requests wiki snippets builds repository pages metrics_dashboard analytics operations).freeze + FEATURES = %i[ + issues + forking + merge_requests + wiki + snippets + builds + repository + pages + metrics_dashboard + analytics + operations + security_and_compliance + container_registry + ].freeze + + EXPORTABLE_FEATURES = (FEATURES - [:security_and_compliance]).freeze set_available_features(FEATURES) @@ -27,6 +43,8 @@ class ProjectFeature < ApplicationRecord end end + before_create :set_container_registry_access_level + # Default scopes force us to unscope here since a service may need to check # permissions for a project in pending_delete # http://stackoverflow.com/questions/1540645/how-to-disable-default-scope-for-a-belongs-to @@ -37,16 +55,17 @@ class ProjectFeature < ApplicationRecord validate :repository_children_level validate :allowed_access_levels - default_value_for :builds_access_level, value: ENABLED, allows_nil: false - default_value_for :issues_access_level, value: ENABLED, allows_nil: false - default_value_for :forking_access_level, value: ENABLED, allows_nil: false - default_value_for :merge_requests_access_level, value: ENABLED, allows_nil: false - default_value_for :snippets_access_level, value: ENABLED, allows_nil: false - default_value_for :wiki_access_level, value: ENABLED, allows_nil: false - default_value_for :repository_access_level, value: ENABLED, allows_nil: false - default_value_for :analytics_access_level, value: ENABLED, allows_nil: false + default_value_for :builds_access_level, value: ENABLED, allows_nil: false + default_value_for :issues_access_level, value: ENABLED, allows_nil: false + default_value_for :forking_access_level, value: ENABLED, allows_nil: false + default_value_for :merge_requests_access_level, value: ENABLED, allows_nil: false + default_value_for :snippets_access_level, value: ENABLED, allows_nil: false + default_value_for :wiki_access_level, value: ENABLED, allows_nil: false + default_value_for :repository_access_level, value: ENABLED, allows_nil: false + default_value_for :analytics_access_level, value: ENABLED, allows_nil: false default_value_for :metrics_dashboard_access_level, value: PRIVATE, allows_nil: false - default_value_for :operations_access_level, value: ENABLED, allows_nil: false + default_value_for :operations_access_level, value: ENABLED, allows_nil: false + default_value_for :security_and_compliance_access_level, value: PRIVATE, allows_nil: false default_value_for(:pages_access_level, allows_nil: false) do |feature| if ::Gitlab::Pages.access_control_is_forced? @@ -70,6 +89,15 @@ class ProjectFeature < ApplicationRecord private + def set_container_registry_access_level + self.container_registry_access_level = + if project&.container_registry_enabled + ENABLED + else + DISABLED + end + end + # Validates builds and merge requests access level # which cannot be higher than repository access level def repository_children_level |