debian-mirror-gitlab/app/policies/clusters/agent_policy.rb

# frozen_string_literal: true

module Clusters
  class AgentPolicy < BasePolicy
    alias_method :cluster_agent, :subject

    delegate { cluster_agent.project }

    # This condition is more expensive than the same permission check in ProjectPolicy,
    # so having a higher score.
    condition(:ci_access_authorized_agent, score: 10) do
      @subject.ci_access_authorized_for?(@user)
    end

    condition(:user_access_authorized_agent, score: 10) do
      @subject.user_access_authorized_for?(@user)
    end

    rule { ci_access_authorized_agent | user_access_authorized_agent }.policy do
      enable :read_cluster_agent
    end
  end
end
New upstream version 14.4.2+ds1 2021-11-18 22:05:49 +05:30			`# frozen_string_literal: true`

			`module Clusters`
			`class AgentPolicy < BasePolicy`
			`alias_method :cluster_agent, :subject`

			`delegate { cluster_agent.project }`
New upstream version 16.0.7+ds1 2023-07-09 08:55:56 +05:30
			`# This condition is more expensive than the same permission check in ProjectPolicy,`
			`# so having a higher score.`
			`condition(:ci_access_authorized_agent, score: 10) do`
			`@subject.ci_access_authorized_for?(@user)`
			`end`

			`condition(:user_access_authorized_agent, score: 10) do`
			`@subject.user_access_authorized_for?(@user)`
			`end`

			`rule { ci_access_authorized_agent \| user_access_authorized_agent }.policy do`
			`enable :read_cluster_agent`
			`end`
New upstream version 14.4.2+ds1 2021-11-18 22:05:49 +05:30			`end`
			`end`