summaryrefslogtreecommitdiff
path: root/app/controllers/projects/deploy_keys_controller.rb
blob: ce25f86d6928a79c2357a879fc236d7bd264f43c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
# frozen_string_literal: true

class Projects::DeployKeysController < Projects::ApplicationController
  include RepositorySettingsRedirect
  respond_to :html

  # Authorize
  before_action :authorize_admin_project!
  before_action :authorize_update_deploy_key!, only: [:edit, :update]

  layout 'project_settings'

  feature_category :continuous_delivery

  def index
    respond_to do |format|
      format.html { redirect_to_repository }
      format.json do
        render json: Projects::Settings::DeployKeysPresenter.new(@project, current_user: current_user).as_json
      end
    end
  end

  def new
    redirect_to_repository
  end

  def create
    @key = DeployKeys::CreateService.new(current_user, create_params).execute(project: @project)

    unless @key.valid?
      flash[:alert] = @key.errors.full_messages.join(', ').html_safe
    end

    redirect_to_repository
  end

  def edit
  end

  def update
    access_denied! unless deploy_key

    if deploy_key.update(update_params)
      flash[:notice] = _('Deploy key was successfully updated.')
      redirect_to_repository
    else
      render 'edit'
    end
  end

  def enable
    key = Projects::EnableDeployKeyService.new(@project, current_user, params).execute

    return render_404 unless key

    respond_to do |format|
      format.html { redirect_to_repository }
      format.json { head :ok }
    end
  end

  def disable
    deploy_key_project = Projects::DisableDeployKeyService.new(@project, current_user, params).execute

    return render_404 unless deploy_key_project

    respond_to do |format|
      format.html { redirect_to_repository }
      format.json { head :ok }
    end
  end

  protected

  def deploy_key
    @deploy_key ||= DeployKey.find(params[:id])
  end

  def deploy_keys_project
    @deploy_keys_project ||= deploy_key.deploy_keys_project_for(@project)
  end

  def create_params
    create_params = params.require(:deploy_key)
                          .permit(:key, :title, deploy_keys_projects_attributes: [:can_push])
    create_params.dig(:deploy_keys_projects_attributes, '0')&.merge!(project_id: @project.id)
    create_params
  end

  def update_params
    permitted_params = [deploy_keys_projects_attributes: [:can_push]]
    permitted_params << :title if can?(current_user, :update_deploy_key, deploy_key)

    key_update_params = params.require(:deploy_key).permit(*permitted_params)
    key_update_params.dig(:deploy_keys_projects_attributes, '0')&.merge!(id: deploy_keys_project.id)
    key_update_params
  end

  def authorize_update_deploy_key!
    if !can?(current_user, :update_deploy_key, deploy_key) &&
        !can?(current_user, :update_deploy_keys_project, deploy_keys_project)
      access_denied!
    end
  end

  private

  def redirect_to_repository
    redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings')
  end
end