Commit 8482efbd authored by Pedro Pombeiro's avatar Pedro Pombeiro

Address MR review comments

parent c4aa70b9
...@@ -6,7 +6,7 @@ module Mutations ...@@ -6,7 +6,7 @@ module Mutations
class Reset < BaseMutation class Reset < BaseMutation
graphql_name 'RunnersRegistrationTokenReset' graphql_name 'RunnersRegistrationTokenReset'
authorize :reset_runners_registration_token authorize :update_runners_registration_token
argument :full_path, GraphQL::ID_TYPE, argument :full_path, GraphQL::ID_TYPE,
required: false, required: false,
...@@ -18,22 +18,8 @@ module Mutations ...@@ -18,22 +18,8 @@ module Mutations
description: 'The runner token after mutation.' description: 'The runner token after mutation.'
def resolve(**args) def resolve(**args)
full_path = args[:full_path]
scope = full_path.blank? ? :global : authorized_find!(full_path: full_path)
if scope == :global
authorize!(scope)
ApplicationSetting.current.reset_runners_registration_token!
token = ApplicationSetting.current.runners_registration_token
else
scope.reset_runners_token!
token = scope.runners_token
end
{ {
token: token, token: reset_token(args[:full_path]),
errors: [] errors: []
} }
end end
...@@ -45,6 +31,19 @@ module Mutations ...@@ -45,6 +31,19 @@ module Mutations
GitlabSchema.object_from_id(full_path, expected_type: [::Project, ::Group]) GitlabSchema.object_from_id(full_path, expected_type: [::Project, ::Group])
end end
def reset_token(full_path)
if full_path.blank?
authorize!(:global)
ApplicationSetting.current.reset_runners_registration_token!
ApplicationSetting.current_without_cache.runners_registration_token
else
project_or_group = authorized_find!(full_path: full_path)
project_or_group.reset_runners_token!
project_or_group.runners_token
end
end
end end
end end
end end
......
...@@ -115,7 +115,7 @@ class GlobalPolicy < BasePolicy ...@@ -115,7 +115,7 @@ class GlobalPolicy < BasePolicy
enable :approve_user enable :approve_user
enable :reject_user enable :reject_user
enable :read_usage_trends_measurement enable :read_usage_trends_measurement
enable :reset_runners_registration_token enable :update_runners_registration_token
end end
# We can't use `read_statistics` because the user may have different permissions for different projects # We can't use `read_statistics` because the user may have different permissions for different projects
......
...@@ -144,7 +144,7 @@ class GroupPolicy < BasePolicy ...@@ -144,7 +144,7 @@ class GroupPolicy < BasePolicy
enable :admin_cluster enable :admin_cluster
enable :read_deploy_token enable :read_deploy_token
enable :create_jira_connect_subscription enable :create_jira_connect_subscription
enable :reset_runners_registration_token enable :update_runners_registration_token
end end
rule { owner }.policy do rule { owner }.policy do
......
...@@ -419,7 +419,7 @@ class ProjectPolicy < BasePolicy ...@@ -419,7 +419,7 @@ class ProjectPolicy < BasePolicy
enable :update_freeze_period enable :update_freeze_period
enable :destroy_freeze_period enable :destroy_freeze_period
enable :admin_feature_flags_client enable :admin_feature_flags_client
enable :reset_runners_registration_token enable :update_runners_registration_token
end end
rule { public_project & metrics_dashboard_allowed }.policy do rule { public_project & metrics_dashboard_allowed }.policy do
......
...@@ -6,10 +6,7 @@ RSpec.describe 'RunnersRegistrationTokenReset' do ...@@ -6,10 +6,7 @@ RSpec.describe 'RunnersRegistrationTokenReset' do
include GraphqlHelpers include GraphqlHelpers
let(:mutation) { graphql_mutation(:runners_registration_token_reset, input) } let(:mutation) { graphql_mutation(:runners_registration_token_reset, input) }
let(:mutation_response) { graphql_mutation_response(:runners_registration_token_reset) }
def mutation_response
graphql_mutation_response(:runners_registration_token_reset)
end
subject { post_graphql_mutation(mutation, current_user: user) } subject { post_graphql_mutation(mutation, current_user: user) }
...@@ -19,6 +16,7 @@ RSpec.describe 'RunnersRegistrationTokenReset' do ...@@ -19,6 +16,7 @@ RSpec.describe 'RunnersRegistrationTokenReset' do
expect(graphql_errors).not_to be_empty expect(graphql_errors).not_to be_empty
expect(graphql_errors).to include(a_hash_including('message' => "The resource that you are attempting to access does not exist or you don't have permission to perform this action")) expect(graphql_errors).to include(a_hash_including('message' => "The resource that you are attempting to access does not exist or you don't have permission to perform this action"))
expect(mutation_response).to be_nil
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment