execute

in ee/app/services/security/security_orchestration_policies/validate_policy_service.rb [15:42]

• 21 lines of code
• 18 McCabe index (conditional complexity)

      def execute
        return error_with_title(s_('SecurityOrchestration|Empty policy name')) if blank_name?

        return success if policy_disabled?

        return error_with_title(s_('SecurityOrchestration|Invalid policy type')) if invalid_policy_type?
        return error_with_title(format(s_('SecurityOrchestration|Policy exceeds the maximum of %{limit} actions'), limit: scan_execution_policies_action_limit)) if exceeds_action_limit?
        return error_with_title(format(s_('SecurityOrchestration|Policy exceeds the maximum of %{limit} rule schedules'), limit: scan_execution_policies_schedule_limit)) if exceeds_scan_execution_policy_schedule_limit?
        return error_with_title(format(s_('SecurityOrchestration|Policy exceeds the maximum of %{limit} pipeline execution schedules'), limit: pipeline_execution_schedule_policies_schedule_limit)) if exceeds_pipeline_execution_schedule_policy_schedule_limit?
        return error_with_title(format(s_('SecurityOrchestration|Policy exceeds the maximum of %{limit} approver actions'), limit: approval_action_limit)) if exceeds_approver_action_limit?

        return error_with_title(s_('SecurityOrchestration|Policy cannot be enabled without branch information'), field: :branches) if blank_branch_for_rule?
        return error_with_title(s_('SecurityOrchestration|Policy cannot be enabled for non-existing branches (%{branches})') % { branches: missing_branch_names.join(', ') }, field: :branches) if missing_branch_for_rule?
        return error_with_title(s_('SecurityOrchestration|This merge request approval policy targets the default branch, but the default branch is not protected in this project. To set up this policy, the default branch must be protected.'), field: :branches) if default_branch_unprotected?
        return error_with_title(s_('SecurityOrchestration|Branch types don\'t match any existing branches.'), field: :branches) if invalid_branch_types?
        return error_with_title(s_('SecurityOrchestration|Timezone is invalid'), field: :timezone) if invalid_timezone?
        return error_with_title(s_('SecurityOrchestration|Vulnerability age requires previously existing vulnerability states (detected, confirmed, resolved, or dismissed)'), field: :vulnerability_age) if invalid_vulnerability_age?
        return error_with_title(s_('SecurityOrchestration|Invalid Compliance Framework ID(s)'), field: :compliance_frameworks) if invalid_compliance_framework_ids?

        if required_approvals_exceed_eligible_approvers?
          return errors_with_title(s_('SecurityOrchestration|Required approvals exceed eligible approvers.'), title: s_('SecurityOrchestration|Logic error'), field: :actions, indices: multiple_approvals_failed_action_indices)
        end

        return error_with_title(s_('SecurityOrchestration|Cadence is invalid'), field: :cadence) if invalid_cadence?

        success
      end