summaryrefslogtreecommitdiff
path: root/app/services/clusters/update_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/clusters/update_service.rb')
-rw-r--r--app/services/clusters/update_service.rb41
1 files changed, 2 insertions, 39 deletions
diff --git a/app/services/clusters/update_service.rb b/app/services/clusters/update_service.rb
index 8cb77040b14..2315df612a1 100644
--- a/app/services/clusters/update_service.rb
+++ b/app/services/clusters/update_service.rb
@@ -18,46 +18,9 @@ module Clusters
private
- def can_admin_pipeline_for_project?(project)
- Ability.allowed?(current_user, :admin_pipeline, project)
- end
-
def validate_params(cluster)
- if params[:management_project_id].present?
- management_project = management_project_scope(cluster).find_by_id(params[:management_project_id])
-
- unless management_project
- cluster.errors.add(:management_project_id, _('Project does not exist or you don\'t have permission to perform this action'))
-
- return false
- end
-
- unless can_admin_pipeline_for_project?(management_project)
- # Use same message as not found to prevent enumeration
- cluster.errors.add(:management_project_id, _('Project does not exist or you don\'t have permission to perform this action'))
-
- return false
- end
- end
-
- true
- end
-
- def management_project_scope(cluster)
- return ::Project.all if cluster.instance_type?
-
- group =
- if cluster.group_type?
- cluster.first_group
- elsif cluster.project_type?
- cluster.first_project&.namespace
- end
-
- # Prevent users from selecting nested projects until
- # https://gitlab.com/gitlab-org/gitlab/issues/34650 is resolved
- include_subgroups = cluster.group_type?
-
- ::GroupProjectsFinder.new(group: group, current_user: current_user, options: { only_owned: true, include_subgroups: include_subgroups }).execute
+ ::Clusters::Management::ValidateManagementProjectPermissionsService.new(current_user)
+ .execute(cluster, params[:management_project_id])
end
end
end
View Lorry Controller Status