diff options
Diffstat (limited to 'app/services/clusters/agent_tokens/revoke_service.rb')
-rw-r--r-- | app/services/clusters/agent_tokens/revoke_service.rb | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/app/services/clusters/agent_tokens/revoke_service.rb b/app/services/clusters/agent_tokens/revoke_service.rb new file mode 100644 index 00000000000..5d89b405969 --- /dev/null +++ b/app/services/clusters/agent_tokens/revoke_service.rb @@ -0,0 +1,46 @@ +# frozen_string_literal: true + +module Clusters + module AgentTokens + class RevokeService + attr_reader :current_project, :current_user, :token + + def initialize(token:, current_user:) + @token = token + @current_user = current_user + end + + def execute + return error_no_permissions unless current_user.can?(:create_cluster, token.agent.project) + + if token.update(status: token.class.statuses[:revoked]) + log_activity_event(token) + + ServiceResponse.success + else + ServiceResponse.error(message: token.errors.full_messages) + end + end + + private + + def error_no_permissions + ServiceResponse.error( + message: s_('ClusterAgent|User has insufficient permissions to revoke the token for this project')) + end + + def log_activity_event(token) + Clusters::Agents::CreateActivityEventService.new( + token.agent, + kind: :token_revoked, + level: :info, + recorded_at: token.updated_at, + user: current_user, + agent_token: token + ).execute + end + end + end +end + +Clusters::AgentTokens::RevokeService.prepend_mod |