Module: Gitlab::VisibilityLevel

Extended by:

ActiveSupport::Concern

Included in:

Ci::Catalog::Resource, Namespace, Organizations::Organization, Project, Snippet

Defined in:

lib/gitlab/visibility_level.rb

Constant Summary

PRIVATE =

0

INTERNAL =

10

PUBLIC =

20

LEVELS_FOR_ADMINS =

[PRIVATE, INTERNAL, PUBLIC].freeze

Class Method Summary

• .allowed_for?(user, level) ⇒ Boolean
• .allowed_level?(level) ⇒ Boolean

  Level should be a numeric value, e.g.

• .allowed_levels ⇒ Object
• .allowed_levels_for_user(user, subject) ⇒ Object
• .closest_allowed_level(target_level) ⇒ Object
• .level_name(level) ⇒ Object
• .level_value(level, fallback_value: PRIVATE) ⇒ Object
• .levels_for_user(user = nil) ⇒ Object
• .non_restricted_level?(level) ⇒ Boolean
• .options ⇒ Object
• .public_visibility_restricted? ⇒ Boolean
• .restricted_level?(level) ⇒ Boolean
• .string_level(level) ⇒ Object
• .string_options ⇒ Object
• .string_values ⇒ Object
• .valid_level?(level) ⇒ Boolean

Instance Method Summary

• #internal? ⇒ Boolean
• #private? ⇒ Boolean
• #public? ⇒ Boolean
• #visibility ⇒ Object
• #visibility=(level) ⇒ Object
• #visibility_attribute_present?(attributes) ⇒ Boolean
• #visibility_attribute_value(attributes) ⇒ Object
• #visibility_level_attributes ⇒ Object
• #visibility_level_previous_changes ⇒ Object
• #visibility_level_value ⇒ Object

Class Method Details

.allowed_for?(user, level) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 78

def allowed_for?(user, level)
  return true if user.can_admin_all_resources?

  allowed_level?(level.to_i)
end

.allowed_level?(level) ⇒ Boolean

Level should be a numeric value, e.g. 20 Return true if the specified level is allowed for the current user.

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 86

def allowed_level?(level)
  valid_level?(level) && non_restricted_level?(level)
end

.allowed_levels ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 65

def allowed_levels
  restricted_levels = Gitlab::CurrentSettings.restricted_visibility_levels

  self.values - Array(restricted_levels)
end

.allowed_levels_for_user(user, subject) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 90

def allowed_levels_for_user(user, subject)
  return [] if user.nil?

  visibility_levels = if user.can_admin_all_resources?
                        # admin can create groups even with restricted visibility levels
                        self.values
                      else
                        self.allowed_levels
                      end

  # visibility_level_allowed? is not supporting root-groups, so we have to create a dummy subgroup in the same
  # organization.
  subgroup = Group.new(parent_id: subject.id, organization_id: subject.organization_id)

  # return the allowed visibility levels for the subject
  visibility_levels.select { |level| subgroup.visibility_level_allowed?(level) }
end

.closest_allowed_level(target_level) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 71

def closest_allowed_level(target_level)
  highest_allowed_level = allowed_levels.select { |level| level <= target_level }.max

  # If all levels are restricted, fall back to PRIVATE
  highest_allowed_level || PRIVATE
end

.level_name(level) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 130

def level_name(level)
  options.key(level.to_i) || s_('VisibilityLevel|Unknown')
end

.level_value(level, fallback_value: PRIVATE) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 134

def level_value(level, fallback_value: PRIVATE)
  return level.to_i if level.to_i.to_s == level.to_s && string_options.key(level.to_i)

  string_options[level] || fallback_value
end

.levels_for_user(user = nil) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 33

def levels_for_user(user = nil)
  return [PUBLIC] unless user

  if user.can_read_all_resources?
    LEVELS_FOR_ADMINS
  elsif user.external?
    [PUBLIC]
  else
    [INTERNAL, PUBLIC]
  end
end

.non_restricted_level?(level) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 108

def non_restricted_level?(level)
  !restricted_level?(level)
end

.options ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 49

def options
  {
    s_('VisibilityLevel|Private') => PRIVATE,
    s_('VisibilityLevel|Internal') => INTERNAL,
    s_('VisibilityLevel|Public') => PUBLIC
  }
end

.public_visibility_restricted? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 122

def public_visibility_restricted?
  restricted_level?(PUBLIC)
end

.restricted_level?(level) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 112

def restricted_level?(level)
  restricted_levels = Gitlab::CurrentSettings.restricted_visibility_levels

  if restricted_levels.nil?
    false
  else
    restricted_levels.include?(level)
  end
end

.string_level(level) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 140

def string_level(level)
  string_options.key(level)
end

.string_options ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 57

def string_options
  {
    'private' => PRIVATE,
    'internal' => INTERNAL,
    'public' => PUBLIC
  }
end

.string_values ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 45

def string_values
  string_options.keys
end

.valid_level?(level) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 126

def valid_level?(level)
  options.value?(level)
end

Instance Method Details

#internal? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 153

def internal?
  visibility_level_value == INTERNAL
end

#private? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 149

def private?
  visibility_level_value == PRIVATE
end

#public? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 157

def public?
  visibility_level_value == PUBLIC
end

#visibility ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 165

def visibility
  Gitlab::VisibilityLevel.string_level(visibility_level_value)
end

#visibility=(level) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 169

def visibility=(level)
  self[visibility_level_field] = Gitlab::VisibilityLevel.level_value(level)
end

#visibility_attribute_present?(attributes) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/gitlab/visibility_level.rb', line 173

def visibility_attribute_present?(attributes)
  visibility_level_attributes.each do |attr|
    return true if attributes[attr].present?
  end

  false
end

#visibility_attribute_value(attributes) ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 181

def visibility_attribute_value(attributes)
  visibility_level_attributes.each do |attr|
    return attributes[attr] if attributes.has_key?(attr)
  end

  nil
end

#visibility_level_attributes ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 189

def visibility_level_attributes
  [visibility_level_field, visibility_level_field.to_s,
    :visibility, 'visibility']
end

#visibility_level_previous_changes ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 145

def visibility_level_previous_changes
  previous_changes[:visibility_level]
end

#visibility_level_value ⇒ Object

# File 'lib/gitlab/visibility_level.rb', line 161

def visibility_level_value
  self[visibility_level_field]
end