forked from lix-project/hydra
Merge pull request #687 from andir/more-roles
Add `cancel-build` & `bump-to-front` roles
This commit is contained in:
Graham Christensen
GitHub
commit
e89ea733d0
|
|
@ -504,7 +504,7 @@ sub restart : Chained('buildChain') PathPart Args(0) {
|
|||
sub cancel : Chained('buildChain') PathPart Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
my $build = $c->stash->{build};
|
||||
requireProjectOwner($c, $build->project);
|
||||
requireCancelBuildPrivileges($c, $build->project);
|
||||
my $n = cancelBuilds($c->model('DB')->schema, $c->model('DB::Builds')->search({ id => $build->id }));
|
||||
error($c, "This build cannot be cancelled.") if $n != 1;
|
||||
$c->flash->{successMsg} = "Build has been cancelled.";
|
||||
|
|
@ -540,7 +540,7 @@ sub bump : Chained('buildChain') PathPart('bump') {
|
|||
|
||||
my $build = $c->stash->{build};
|
||||
|
||||
requireProjectOwner($c, $build->project); # FIXME: require admin?
|
||||
requireBumpPrivileges($c, $build->project);
|
||||
|
||||
$c->model('DB')->schema->txn_do(sub {
|
||||
$build->update({globalpriority => time()});
|
||||
|
|
|
|||
|
|
@ -179,7 +179,7 @@ sub create_jobset : Chained('evalChain') PathPart('create-jobset') Args(0) {
|
|||
|
||||
sub cancel : Chained('evalChain') PathPart('cancel') Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
requireProjectOwner($c, $c->stash->{eval}->project);
|
||||
requireCancelBuildPrivileges($c, $c->stash->{eval}->project);
|
||||
my $n = cancelBuilds($c->model('DB')->schema, $c->stash->{eval}->builds);
|
||||
$c->flash->{successMsg} = "$n builds have been cancelled.";
|
||||
$c->res->redirect($c->uri_for($c->controller('JobsetEval')->action_for('view'), $c->req->captures));
|
||||
|
|
@ -210,7 +210,7 @@ sub restart_failed : Chained('evalChain') PathPart('restart-failed') Args(0) {
|
|||
|
||||
sub bump : Chained('evalChain') PathPart('bump') Args(0) {
|
||||
my ($self, $c) = @_;
|
||||
requireProjectOwner($c, $c->stash->{eval}->project); # FIXME: require admin?
|
||||
requireBumpPrivileges($c, $c->stash->{eval}->project); # FIXME: require admin?
|
||||
my $builds = $c->stash->{eval}->builds->search({ finished => 0 });
|
||||
my $n = $builds->count();
|
||||
$c->model('DB')->schema->txn_do(sub {
|
||||
|
|
|
|||
|
|
@ -13,6 +13,8 @@ our @EXPORT = qw(
|
|||
searchBuildsAndEvalsForJobset
|
||||
error notFound gone accessDenied
|
||||
forceLogin requireUser requireProjectOwner requireRestartPrivileges requireAdmin requirePost isAdmin isProjectOwner
|
||||
requireBumpPrivileges
|
||||
requireCancelBuildPrivileges
|
||||
trim
|
||||
getLatestFinishedEval getFirstEval
|
||||
paramToList
|
||||
|
|
@ -181,6 +183,48 @@ sub isProjectOwner {
|
|||
defined $c->model('DB::ProjectMembers')->find({ project => $project, userName => $c->user->username }));
|
||||
}
|
||||
|
||||
sub hasCancelBuildRole {
|
||||
my ($c) = @_;
|
||||
return $c->user_exists && $c->check_user_roles('cancel-build');
|
||||
}
|
||||
|
||||
sub mayCancelBuild {
|
||||
my ($c, $project) = @_;
|
||||
return
|
||||
$c->user_exists &&
|
||||
(isAdmin($c) ||
|
||||
hasCancelBuildRole($c) ||
|
||||
isProjectOwner($c, $project));
|
||||
}
|
||||
|
||||
sub requireCancelBuildPrivileges {
|
||||
my ($c, $project) = @_;
|
||||
requireUser($c);
|
||||
accessDenied($c, "Only the project members, administrators, and accounts with cancel-build privileges can perform this operation.")
|
||||
unless mayCancelBuild($c, $project);
|
||||
}
|
||||
|
||||
sub hasBumpJobsRole {
|
||||
my ($c) = @_;
|
||||
return $c->user_exists && $c->check_user_roles('bump-to-front');
|
||||
}
|
||||
|
||||
sub mayBumpJobs {
|
||||
my ($c, $project) = @_;
|
||||
return
|
||||
$c->user_exists &&
|
||||
(isAdmin($c) ||
|
||||
hasBumpJobsRole($c) ||
|
||||
isProjectOwner($c, $project));
|
||||
}
|
||||
|
||||
sub requireBumpPrivileges {
|
||||
my ($c, $project) = @_;
|
||||
requireUser($c);
|
||||
accessDenied($c, "Only the project members, administrators, and accounts with bump-to-front privileges can perform this operation.")
|
||||
unless mayBumpJobs($c, $project);
|
||||
}
|
||||
|
||||
sub hasRestartJobsRole {
|
||||
my ($c) = @_;
|
||||
return $c->user_exists && $c->check_user_roles('restart-jobs');
|
||||
|
|
|
|||
|
|
@ -81,6 +81,8 @@
|
|||
[% INCLUDE roleoption role="admin" %]
|
||||
[% INCLUDE roleoption role="create-projects" %]
|
||||
[% INCLUDE roleoption role="restart-jobs" %]
|
||||
[% INCLUDE roleoption role="bump-to-front" %]
|
||||
[% INCLUDE roleoption role="cancel-build" %]
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue