summaryrefslogtreecommitdiff
path: root/app/services/resource_access_tokens/create_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/resource_access_tokens/create_service.rb')
-rw-r--r--app/services/resource_access_tokens/create_service.rb19
1 files changed, 16 insertions, 3 deletions
diff --git a/app/services/resource_access_tokens/create_service.rb b/app/services/resource_access_tokens/create_service.rb
index cdeb57627a8..70e09be9407 100644
--- a/app/services/resource_access_tokens/create_service.rb
+++ b/app/services/resource_access_tokens/create_service.rb
@@ -15,13 +15,20 @@ module ResourceAccessTokens
user = create_user
return error(user.errors.full_messages.to_sentence) unless user.persisted?
- return error("Failed to provide maintainer access") unless provision_access(resource, user)
+
+ member = create_membership(resource, user)
+
+ unless member.persisted?
+ delete_failed_user(user)
+ return error("Could not provision maintainer access to project access token")
+ end
token_response = create_personal_access_token(user)
if token_response.success?
success(token_response.payload[:personal_access_token])
else
+ delete_failed_user(user)
error(token_response.message)
end
end
@@ -43,6 +50,10 @@ module ResourceAccessTokens
Users::CreateService.new(current_user, default_user_params).execute(skip_authorization: true)
end
+ def delete_failed_user(user)
+ DeleteUserWorker.perform_async(current_user.id, user.id, hard_delete: true, skip_authorization: true)
+ end
+
def default_user_params
{
name: params[:name] || "#{resource.name.to_s.humanize} bot",
@@ -72,7 +83,9 @@ module ResourceAccessTokens
end
def create_personal_access_token(user)
- PersonalAccessTokens::CreateService.new(user, personal_access_token_params).execute
+ PersonalAccessTokens::CreateService.new(
+ current_user: user, target_user: user, params: personal_access_token_params
+ ).execute
end
def personal_access_token_params
@@ -88,7 +101,7 @@ module ResourceAccessTokens
Gitlab::Auth.resource_bot_scopes
end
- def provision_access(resource, user)
+ def create_membership(resource, user)
resource.add_user(user, :maintainer, expires_at: params[:expires_at])
end
View Lorry Controller Status