debian-mirror-gitlab/lib/gitlab/access.rb

180 lines
4.6 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
2014-09-02 18:07:02 +05:30
# Gitlab::Access module
#
# Define allowed roles that can be used
# in GitLab code to determine authorization level
#
module Gitlab
module Access
2017-08-17 22:00:37 +05:30
AccessDeniedError = Class.new(StandardError)
2016-08-24 12:49:21 +05:30
2020-11-24 15:15:51 +05:30
NO_ACCESS = 0
MINIMAL_ACCESS = 5
GUEST = 10
REPORTER = 20
DEVELOPER = 30
MAINTAINER = 40
OWNER = 50
2023-07-09 08:55:56 +05:30
ADMIN = 60
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
# Branch protection settings
2016-08-24 12:49:21 +05:30
PROTECTION_NONE = 0
PROTECTION_DEV_CAN_PUSH = 1
PROTECTION_FULL = 2
PROTECTION_DEV_CAN_MERGE = 3
2015-04-26 12:48:37 +05:30
2019-07-07 11:18:12 +05:30
# Default project creation level
NO_ONE_PROJECT_ACCESS = 0
MAINTAINER_PROJECT_ACCESS = 1
DEVELOPER_MAINTAINER_PROJECT_ACCESS = 2
2019-10-12 21:52:04 +05:30
# Default subgroup creation level
OWNER_SUBGROUP_ACCESS = 0
MAINTAINER_SUBGROUP_ACCESS = 1
2014-09-02 18:07:02 +05:30
class << self
2017-08-17 22:00:37 +05:30
delegate :values, to: :options
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
def all_values
options_with_owner.values
end
2014-09-02 18:07:02 +05:30
def options
{
2022-10-11 01:57:18 +05:30
"Guest" => GUEST,
"Reporter" => REPORTER,
"Developer" => DEVELOPER,
2018-11-18 11:00:15 +05:30
"Maintainer" => MAINTAINER
2014-09-02 18:07:02 +05:30
}
end
def options_with_owner
options.merge(
"Owner" => OWNER
)
end
2019-07-07 11:18:12 +05:30
def options_with_none
options_with_owner.merge(
"None" => NO_ACCESS
)
end
2014-09-02 18:07:02 +05:30
def sym_options
{
2022-10-11 01:57:18 +05:30
guest: GUEST,
reporter: REPORTER,
developer: DEVELOPER,
2018-11-18 11:00:15 +05:30
maintainer: MAINTAINER
2014-09-02 18:07:02 +05:30
}
end
2015-04-26 12:48:37 +05:30
2016-11-03 12:29:30 +05:30
def sym_options_with_owner
sym_options.merge(owner: OWNER)
end
2015-04-26 12:48:37 +05:30
def protection_options
2021-12-11 22:18:48 +05:30
[
{
label: s_('DefaultBranchProtection|Not protected'),
help_text: s_('DefaultBranchProtection|Both developers and maintainers can push new commits, force push, or delete the branch.'),
value: PROTECTION_NONE
},
{
label: s_('DefaultBranchProtection|Protected against pushes'),
help_text: s_('DefaultBranchProtection|Developers cannot push new commits, but are allowed to accept merge requests to the branch. Maintainers can push to the branch.'),
value: PROTECTION_DEV_CAN_MERGE
},
{
label: s_('DefaultBranchProtection|Partially protected'),
help_text: s_('DefaultBranchProtection|Both developers and maintainers can push new commits, but cannot force push.'),
value: PROTECTION_DEV_CAN_PUSH
},
{
label: s_('DefaultBranchProtection|Fully protected'),
help_text: s_('DefaultBranchProtection|Developers cannot push new commits, but maintainers can. No one can force push.'),
value: PROTECTION_FULL
}
]
2015-04-26 12:48:37 +05:30
end
def protection_values
2021-12-11 22:18:48 +05:30
protection_options.map { |option| option[:value] }
2015-04-26 12:48:37 +05:30
end
2018-03-17 18:26:18 +05:30
def human_access(access)
options_with_owner.key(access)
end
2019-07-07 11:18:12 +05:30
def human_access_with_none(access)
options_with_none.key(access)
end
def project_creation_options
{
s_('ProjectCreationLevel|No one') => NO_ONE_PROJECT_ACCESS,
s_('ProjectCreationLevel|Maintainers') => MAINTAINER_PROJECT_ACCESS,
s_('ProjectCreationLevel|Developers + Maintainers') => DEVELOPER_MAINTAINER_PROJECT_ACCESS
}
end
2019-12-21 20:55:43 +05:30
def project_creation_string_options
{
2022-10-11 01:57:18 +05:30
'noone' => NO_ONE_PROJECT_ACCESS,
'maintainer' => MAINTAINER_PROJECT_ACCESS,
'developer' => DEVELOPER_MAINTAINER_PROJECT_ACCESS
2019-12-21 20:55:43 +05:30
}
end
2019-07-07 11:18:12 +05:30
def project_creation_values
project_creation_options.values
end
2019-12-21 20:55:43 +05:30
def project_creation_string_values
project_creation_string_options.keys
end
2019-07-07 11:18:12 +05:30
def project_creation_level_name(name)
project_creation_options.key(name)
end
2019-10-12 21:52:04 +05:30
def subgroup_creation_options
{
s_('SubgroupCreationlevel|Owners') => OWNER_SUBGROUP_ACCESS,
s_('SubgroupCreationlevel|Maintainers') => MAINTAINER_SUBGROUP_ACCESS
}
end
2019-12-21 20:55:43 +05:30
def subgroup_creation_string_options
{
2022-10-11 01:57:18 +05:30
'owner' => OWNER_SUBGROUP_ACCESS,
2019-12-21 20:55:43 +05:30
'maintainer' => MAINTAINER_SUBGROUP_ACCESS
}
end
def subgroup_creation_values
subgroup_creation_options.values
end
def subgroup_creation_string_values
subgroup_creation_string_options.keys
end
2014-09-02 18:07:02 +05:30
end
def human_access
2018-03-17 18:26:18 +05:30
Gitlab::Access.human_access(access_field)
2014-09-02 18:07:02 +05:30
end
2019-07-07 11:18:12 +05:30
def human_access_with_none
Gitlab::Access.human_access_with_none(access_field)
end
2014-09-02 18:07:02 +05:30
def owner?
access_field == OWNER
end
end
end
2019-12-04 20:38:33 +05:30
2021-06-08 01:23:25 +05:30
Gitlab::Access.prepend_mod_with('Gitlab::Access')