1# frozen_string_literal: true 2 3class ReleasePolicy < BasePolicy 4 delegate { @subject.project } 5 6 condition(:protected_tag) do 7 access = ::Gitlab::UserAccess.new(@user, container: @subject.project) 8 9 !access.can_create_tag?(@subject.tag) 10 end 11 12 rule { protected_tag }.policy do 13 prevent :create_release 14 prevent :update_release 15 prevent :destroy_release 16 end 17end 18