Skip to content
Snippets Groups Projects

Add `admin_runners` custom role permission

Merged mo khan requested to merge mokhax/442851/admin_runners into master
All threads resolved!
Compare and Show latest version
1 file
+ 8
6
Compare changes
  • Side-by-side
  • Inline
@@ -11,14 +11,16 @@ module RunnerPolicy
enable :read_builds
end
condition(:read_runner_in_any_associated_projects) do
@subject
.projects
.visible_to_user_and_access_level(@user, ::Gitlab::Access::GUEST)
.find { |project| @user.can?(:read_runner, project) }
condition(:admin_runner_in_any_associated_projects) do
next unless ::Feature.enabled?(:custom_ability_admin_runners, @user)
::Preloaders::UserMemberRolesInProjectsPreloader.new(
projects: @subject.projects,
user: @user
).execute.any? { |(_project_id, abilities)| abilities.include?(:admin_runners) }
end
rule { is_project_runner & read_runner_in_any_associated_projects }.policy do
rule { is_project_runner & admin_runner_in_any_associated_projects }.policy do
enable :read_runner
end
end
Loading