Class: Ci::JobTokenScope::AddGroupService

Inherits:
BaseService
  • Object
show all
Includes:
EditScopeValidations, ScopeEventTracking
Defined in:
app/services/ci/job_token_scope/add_group_service.rb

Constant Summary

Constants included from EditScopeValidations

EditScopeValidations::NotFoundError, EditScopeValidations::TARGET_DOES_NOT_EXIST, EditScopeValidations::TARGET_GROUP_UNAUTHORIZED_OR_UNFOUND, EditScopeValidations::TARGET_PROJECT_UNAUTHORIZED_OR_UNFOUND, EditScopeValidations::ValidationError

Instance Attribute Summary

Attributes inherited from BaseService

#current_user, #params, #project

Instance Method Summary collapse

Methods included from ScopeEventTracking

#track_event

Methods included from EditScopeValidations

#validate_group_remove!, #validate_source_project_and_target_group_access!, #validate_source_project_and_target_project_access!, #validate_target_exists!

Methods inherited from BaseService

#initialize

Methods included from BaseServiceUtility

#deny_visibility_level, #event_service, #log_error, #log_info, #notification_service, #system_hook_service, #todo_service, #visibility_level

Methods included from Gitlab::Allowable

#can?, #can_all?, #can_any?

Constructor Details

This class inherits a constructor from BaseService

Instance Method Details

#execute(target_group, default_permissions: true, policies: []) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'app/services/ci/job_token_scope/add_group_service.rb', line 9

def execute(target_group, default_permissions: true, policies: [])
  validate_source_project_and_target_group_access!(project, target_group, current_user)

  link = allowlist
    .add_group!(target_group, default_permissions: default_permissions, policies: policies, user: current_user)

  track_event(link)

  ServiceResponse.success(payload: { group_link: link })

rescue ActiveRecord::RecordNotUnique
  ServiceResponse.error(message: 'This group is already in the job token allowlist.')
rescue ActiveRecord::RecordInvalid => e
  ServiceResponse.error(message: e.message)
rescue EditScopeValidations::ValidationError => e
  ServiceResponse.error(message: e.message, reason: :insufficient_permissions)
end