Commit 5328f7d1 authored by Steve Azzopardi's avatar Steve Azzopardi
parent cdc4cd09
...@@ -5,8 +5,7 @@ class RunnerEntity < Grape::Entity ...@@ -5,8 +5,7 @@ class RunnerEntity < Grape::Entity
expose :id, :description expose :id, :description
expose :edit_path, expose :edit_path, if: -> (*) { can_edit_runner? } do |runner|
if: -> (*) { can?(request.current_user, :admin_build, project) && runner.project_type? } do |runner|
edit_project_runner_path(project, runner) edit_project_runner_path(project, runner)
end end
...@@ -17,4 +16,8 @@ class RunnerEntity < Grape::Entity ...@@ -17,4 +16,8 @@ class RunnerEntity < Grape::Entity
def project def project
request.project request.project
end end
def can_edit_runner?
can?(request.current_user, :update_runner, runner) && runner.project_type?
end
end end
...@@ -229,6 +229,65 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do ...@@ -229,6 +229,65 @@ describe Projects::JobsController, :clean_gitlab_redis_shared_state do
expect(json_response['deployment_status']["environment"]).not_to be_nil expect(json_response['deployment_status']["environment"]).not_to be_nil
end end
end end
context 'when user can edit runner' do
context 'that belongs to the project' do
let(:runner) { create(:ci_runner, :project, projects: [project]) }
let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
before do
project.add_maintainer(user)
sign_in(user)
get_show(id: job.id, format: :json)
end
it 'user can edit runner' do
expect(response).to have_gitlab_http_status(:ok)
expect(response).to match_response_schema('job/job_details')
expect(json_response['runner']).to have_key('edit_path')
end
end
context 'that belongs to group' do
let(:group) { create(:group) }
let(:runner) { create(:ci_runner, :group, groups: [group]) }
let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
let(:user) { create(:user, :admin) }
before do
project.add_maintainer(user)
sign_in(user)
get_show(id: job.id, format: :json)
end
it 'user can not edit runner' do
expect(response).to have_gitlab_http_status(:ok)
expect(response).to match_response_schema('job/job_details')
expect(json_response['runner']).not_to have_key('edit_path')
end
end
context 'that belongs to instance' do
let(:runner) { create(:ci_runner, :instance) }
let(:job) { create(:ci_build, :success, pipeline: pipeline, runner: runner) }
let(:user) { create(:user, :admin) }
before do
project.add_maintainer(user)
sign_in(user)
get_show(id: job.id, format: :json)
end
it 'user can not edit runner' do
expect(response).to have_gitlab_http_status(:ok)
expect(response).to match_response_schema('job/job_details')
expect(json_response['runner']).not_to have_key('edit_path')
end
end
end
end end
context 'when requesting JSON job is triggered' do context 'when requesting JSON job is triggered' do
......
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
"artifact": { "$ref": "artifact.json" }, "artifact": { "$ref": "artifact.json" },
"terminal_path": { "type": "string" }, "terminal_path": { "type": "string" },
"trigger": { "$ref": "trigger.json" }, "trigger": { "$ref": "trigger.json" },
"deployment_status": { "$ref": "deployment_status.json" } "deployment_status": { "$ref": "deployment_status.json" },
"runner": { "$ref": "runner.json" }
} }
} }
{
"oneOf": [
{ "type": "null" },
{
"type": "object",
"required": [
"id",
"description"
],
"properties": {
"id": { "type": "integer" },
"description": { "type": "string" },
"edit_path": { "type": "string" }
}
}
]
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment