2018-12-13 13:39:08 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2018-03-17 18:26:18 +05:30
|
|
|
module Gitlab
|
|
|
|
|
module Ci
|
|
|
|
|
module Build
|
|
|
|
|
module Policy
|
|
|
|
|
class Refs < Policy::Specification
|
|
|
|
|
def initialize(refs)
|
|
|
|
|
@patterns = Array(refs)
|
|
|
|
|
end
|
|
|
|
|
|
2019-12-26 22:10:19 +05:30
|
|
|
def satisfied_by?(pipeline, context = nil)
|
2018-03-17 18:26:18 +05:30
|
|
|
@patterns.any? do |pattern|
|
|
|
|
|
pattern, path = pattern.split('@', 2)
|
|
|
|
|
|
|
|
|
|
matches_path?(path, pipeline) &&
|
|
|
|
|
matches_pattern?(pattern, pipeline)
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def matches_path?(path, pipeline)
|
|
|
|
|
return true unless path
|
|
|
|
|
|
|
|
|
|
pipeline.project_full_path == path
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def matches_pattern?(pattern, pipeline)
|
|
|
|
|
return true if pipeline.tag? && pattern == 'tags'
|
|
|
|
|
return true if pipeline.branch? && pattern == 'branches'
|
2019-07-07 11:18:12 +05:30
|
|
|
return true if sanitized_source_name(pipeline) == pattern
|
|
|
|
|
return true if sanitized_source_name(pipeline)&.pluralize == pattern
|
2018-03-17 18:26:18 +05:30
|
|
|
|
2019-02-15 15:39:39 +05:30
|
|
|
# patterns can be matched only when branch or tag is used
|
|
|
|
|
# the pattern matching does not work for merge requests pipelines
|
|
|
|
|
if pipeline.branch? || pipeline.tag?
|
2019-07-07 11:18:12 +05:30
|
|
|
if regexp = Gitlab::UntrustedRegexp::RubySyntax.fabricate(pattern, fallback: true)
|
2019-04-03 18:18:56 +05:30
|
|
|
regexp.match?(pipeline.ref)
|
2019-02-15 15:39:39 +05:30
|
|
|
else
|
|
|
|
|
pattern == pipeline.ref
|
|
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
|
end
|
2019-07-07 11:18:12 +05:30
|
|
|
|
|
|
|
|
def sanitized_source_name(pipeline)
|
|
|
|
|
@sanitized_source_name ||= pipeline&.source&.delete_suffix('_event')
|
|
|
|
|
end
|
2018-03-17 18:26:18 +05:30
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
