Class: Gitlab::UserAccess

Inherits:

Object

• Object
• Gitlab::UserAccess

Extended by:

Cache::RequestCache

Defined in:

lib/gitlab/user_access.rb

Direct Known Subclasses

BuildAccess, DeployKeyAccess, UserAccessSnippet

Instance Attribute Summary

• #container ⇒ Object

  Returns the value of attribute container.

• #push_ability ⇒ Object readonly

  Returns the value of attribute push_ability.

• #user ⇒ Object readonly

  Returns the value of attribute user.

Attributes included from Cache::RequestCache

#request_cache_key_block

Instance Method Summary

• #allowed? ⇒ Boolean
• #can_do_action?(action) ⇒ Boolean
• #can_push_for_ref?(_) ⇒ Boolean
• #can_update_branch?(ref) ⇒ Boolean
• #cannot_do_action?(action) ⇒ Boolean
• #initialize(user, container: nil, push_ability: :push_code, skip_collaboration_check: false) ⇒ UserAccess constructor

  A new instance of UserAccess.

Methods included from Cache::RequestCache

extended, request_cache, request_cache_key

Constructor Details

#initialize(user, container: nil, push_ability: :push_code, skip_collaboration_check: false) ⇒ UserAccess

Returns a new instance of UserAccess.

# File 'lib/gitlab/user_access.rb', line 14

def initialize(user, container: nil, push_ability: :push_code, skip_collaboration_check: false)
  @user = user
  @container = container
  @push_ability = push_ability
  @skip_collaboration_check = skip_collaboration_check
end

Instance Attribute Details

#container ⇒ Object

Returns the value of attribute container.

# File 'lib/gitlab/user_access.rb', line 12

def container
  @container
end

#push_ability ⇒ Object (readonly)

Returns the value of attribute push_ability.

# File 'lib/gitlab/user_access.rb', line 11

def push_ability
  @push_ability
end

#user ⇒ Object (readonly)

Returns the value of attribute user.

# File 'lib/gitlab/user_access.rb', line 11

def user
  @user
end

Instance Method Details

#allowed? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/user_access.rb', line 34

def allowed?
  return false unless can_access_git?

  if user.requires_ldap_check? && user.try_obtain_ldap_lease
    return false unless Gitlab::Auth::Ldap::Access.allowed?(user)
  end

  true
end

#can_do_action?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/user_access.rb', line 21

def can_do_action?(action)
  return false unless can_access_git?

  permission_cache[action] =
    permission_cache.fetch(action) do
      user.can?(action, container)
    end
end

#can_push_for_ref?(_) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/user_access.rb', line 85

def can_push_for_ref?(_)
  can_do_action?(:push_code)
end

#can_update_branch?(ref) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/user_access.rb', line 64

def can_update_branch?(ref)
  can_push_to_branch?(ref) || can_merge_to_branch?(ref)
end

#cannot_do_action?(action) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/user_access.rb', line 30

def cannot_do_action?(action)
  !can_do_action?(action)
end