NOISSUE welcome to ofborg! (tickborg)

Signed-off-by: Mehmet Samet Duman <yongdohyun@projecttick.org>
author: Mehmet Samet Duman <yongdohyun@projecttick.org> 2026-04-04 20:47:05 +0300
committer: Mehmet Samet Duman <yongdohyun@projecttick.org> 2026-04-04 20:47:05 +0300
commit: 17962fd076e857921c374b4d705a54d5e1055178 (patch)
tree: 6195e9cfdc913cd95b8f577eca3f39d41b089008 /ofborg/tickborg/src/acl.rs
parent: 7c7f28532f1898a81b0250f875614ad3aa494a1c (diff)
download: Project-Tick-17962fd076e857921c374b4d705a54d5e1055178.tar.gz
Project-Tick-17962fd076e857921c374b4d705a54d5e1055178.zip
1 files changed, 59 insertions, 0 deletions
diff --git a/ofborg/tickborg/src/acl.rs b/ofborg/tickborg/src/acl.rs
new file mode 100644
index 0000000000..2059b3e08f
--- /dev/null
+++ b/ofborg/tickborg/src/acl.rs
@@ -0,0 +1,59 @@
+use crate::systems::System;
+
+pub struct Acl {
+    trusted_users: Option<Vec<String>>,
+    repos: Vec<String>,
+}
+
+impl Acl {
+    pub fn new(repos: Vec<String>, mut trusted_users: Option<Vec<String>>) -> Acl {
+        if let Some(ref mut users) = trusted_users {
+            for user in users.iter_mut() {
+                *user = user.to_lowercase();
+            }
+        }
+
+        Acl {
+            trusted_users,
+            repos,
+        }
+    }
+
+    pub fn is_repo_eligible(&self, name: &str) -> bool {
+        self.repos.contains(&name.to_lowercase())
+    }
+
+    pub fn build_job_architectures_for_user_repo(&self, user: &str, repo: &str) -> Vec<System> {
+        if self.can_build_unrestricted(user, repo) {
+            System::all_known_systems()
+        } else {
+            // Non-trusted users can only build on primary platforms
+            System::primary_systems()
+        }
+    }
+
+    pub fn build_job_destinations_for_user_repo(
+        &self,
+        user: &str,
+        repo: &str,
+    ) -> Vec<(Option<String>, Option<String>)> {
+        self.build_job_architectures_for_user_repo(user, repo)
+            .iter()
+            .map(|system| system.as_build_destination())
+            .collect()
+    }
+
+    pub fn can_build_unrestricted(&self, user: &str, repo: &str) -> bool {
+        if let Some(ref users) = self.trusted_users {
+            if repo.to_lowercase().starts_with("project-tick/") {
+                users.contains(&user.to_lowercase())
+            } else {
+                false
+            }
+        } else {
+            // If trusted_users is disabled (and thus None), everybody can build
+            // unrestricted
+            true
+        }
+    }
+}
author	Mehmet Samet Duman <yongdohyun@projecttick.org>	2026-04-04 20:47:05 +0300
committer	Mehmet Samet Duman <yongdohyun@projecttick.org>	2026-04-04 20:47:05 +0300
commit	17962fd076e857921c374b4d705a54d5e1055178 (patch)
tree	6195e9cfdc913cd95b8f577eca3f39d41b089008 /ofborg/tickborg/src/acl.rs
parent	7c7f28532f1898a81b0250f875614ad3aa494a1c (diff)
download	Project-Tick-17962fd076e857921c374b4d705a54d5e1055178.tar.gz Project-Tick-17962fd076e857921c374b4d705a54d5e1055178.zip