debian-mirror-gitlab/app/policies/ci/pipeline_policy.rb

20 lines
480 B
Ruby
Raw Normal View History

2017-08-17 22:00:37 +05:30
module Ci
class PipelinePolicy < BasePolicy
2017-09-10 17:25:29 +05:30
delegate { @subject.project }
2018-03-17 18:26:18 +05:30
condition(:protected_ref) { ref_protected?(@user, @subject.project, @subject.tag?, @subject.ref) }
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
rule { protected_ref }.prevent :update_pipeline
def ref_protected?(user, project, tag, ref)
access = ::Gitlab::UserAccess.new(user, project: project)
if tag
!access.can_create_tag?(ref)
2017-09-10 17:25:29 +05:30
else
2018-03-17 18:26:18 +05:30
!access.can_update_branch?(ref)
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
end
end
end