blob: 19431ac76dcf7d0a5fdece9c61d7cb51b33116da (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
module Members
class ApproveAccessRequestService < Members::BaseService
# opts - A hash of options
# :ldap - The call is from a LDAP sync: current_user can be nil in that case
def execute(access_requester, opts = {})
raise Gitlab::Access::AccessDeniedError unless can_update_access_requester?(access_requester, opts[:ldap])
access_requester.access_level = params[:access_level] if params[:access_level]
access_requester.accept_request
after_execute(member: access_requester, **opts)
access_requester
end
private
def can_update_access_requester?(access_requester, ldap)
access_requester && (
ldap ||
can?(current_user, update_member_permission(access_requester), access_requester)
)
end
end
end
|