Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
a185410f
Commit
a185410f
authored
2 years ago
by
Darby Frey
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Adding Secure File destory service
parent
a4d1bb67
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
44 additions
and
2 deletions
+44
-2
app/policies/project_policy.rb
app/policies/project_policy.rb
+1
-0
app/services/ci/destroy_secure_file_service.rb
app/services/ci/destroy_secure_file_service.rb
+11
-0
lib/api/ci/secure_files.rb
lib/api/ci/secure_files.rb
+2
-2
spec/services/ci/destroy_secure_file_service_spec.rb
spec/services/ci/destroy_secure_file_service_spec.rb
+30
-0
No files found.
app/policies/project_policy.rb
View file @
a185410f
...
...
@@ -462,6 +462,7 @@ class ProjectPolicy < BasePolicy
enable
:register_project_runners
enable
:update_runners_registration_token
enable
:admin_project_google_cloud
enable
:admin_secure_files
end
rule
{
public_project
&
metrics_dashboard_allowed
}.
policy
do
...
...
This diff is collapsed.
Click to expand it.
app/services/ci/destroy_secure_file_service.rb
0 → 100644
View file @
a185410f
# frozen_string_literal: true
module
Ci
class
DestroySecureFileService
<
BaseService
def
execute
(
secure_file
)
raise
Gitlab
::
Access
::
AccessDeniedError
unless
can?
(
current_user
,
:admin_secure_files
,
secure_file
.
project
)
secure_file
.
destroy!
end
end
end
This diff is collapsed.
Click to expand it.
lib/api/ci/secure_files.rb
View file @
a185410f
...
...
@@ -7,7 +7,7 @@ module API
before
do
authenticate!
authorize!
:admin_
build
,
user_project
authorize!
:admin_
secure_files
,
user_project
feature_flag_enabled?
end
...
...
@@ -82,7 +82,7 @@ module API
delete
':id/secure_files/:secure_file_id'
do
secure_file
=
user_project
.
secure_files
.
find
(
params
[
:secure_file_id
])
secure_file
.
destroy!
::
Ci
::
DestroySecureFileService
.
new
(
user_project
,
current_user
).
execute
(
secure_file
)
no_content!
end
...
...
This diff is collapsed.
Click to expand it.
spec/services/ci/destroy_secure_file_service_spec.rb
0 → 100644
View file @
a185410f
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
::
Ci
::
DestroySecureFileService
do
let_it_be
(
:maintainer_user
)
{
create
(
:user
)
}
let_it_be
(
:project
)
{
create
(
:project
)
}
let_it_be
(
:secure_file
)
{
create
(
:ci_secure_file
,
project:
project
)
}
let_it_be
(
:project_member
)
{
create
(
:project_member
,
:maintainer
,
user:
maintainer_user
,
project:
project
)
}
subject
{
described_class
.
new
(
project
,
user
).
execute
(
secure_file
)
}
context
'user is a maintainer'
do
let
(
:user
)
{
maintainer_user
}
it
'destroys the secure file'
do
subject
expect
{
secure_file
.
reload
}.
to
raise_error
(
ActiveRecord
::
RecordNotFound
)
end
end
context
'user is not owner'
do
let
(
:user
)
{
create
(
:user
)
}
it
'raises an exception'
do
expect
{
subject
}.
to
raise_error
(
Gitlab
::
Access
::
AccessDeniedError
)
end
end
end
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment