From: Viktor Vorona Date: Wed, 27 Sep 2023 15:18:35 +0000 (+0200) Subject: SONAR-20532 Do not allow custom roles without any permissions X-Git-Tag: 10.3.0.82913~334 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=47b3d65a2d95748dc032f9a4b0156eb12c7a5a8d;p=sonarqube.git SONAR-20532 Do not allow custom roles without any permissions --- diff --git a/server/sonar-web/src/main/js/apps/settings/components/authentication/GitHubMappingModal.tsx b/server/sonar-web/src/main/js/apps/settings/components/authentication/GitHubMappingModal.tsx index 02006c9c4d1..92700f3ea03 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/authentication/GitHubMappingModal.tsx +++ b/server/sonar-web/src/main/js/apps/settings/components/authentication/GitHubMappingModal.tsx @@ -46,7 +46,7 @@ interface PermissionCellProps { } const DEFAULT_CUSTOM_ROLE_PERMISSIONS: GitHubMapping['permissions'] = { - user: false, + user: true, codeViewer: false, issueAdmin: false, securityHotspotAdmin: false, @@ -140,8 +140,18 @@ export default function GitHubMappingModal({ mapping, setMapping, onClose }: Rea } }; + const haveEmptyCustomRoles = !!mapping?.some( + (el) => !el.isBaseRole && !Object.values(el.permissions).some(Boolean), + ); + return ( - +

{header}

@@ -234,7 +244,17 @@ export default function GitHubMappingModal({ mapping, setMapping, onClose }: Rea
- {translate('close')} +
+ + {haveEmptyCustomRoles && + translate( + 'settings.authentication.github.configuration.roles_mapping.empty_custom_role', + )} + + + {translate('close')} + +
); diff --git a/server/sonar-web/src/main/js/apps/settings/components/authentication/GithubAuthenticationTab.tsx b/server/sonar-web/src/main/js/apps/settings/components/authentication/GithubAuthenticationTab.tsx index 6ba0fc587bc..7bf81e1fc5d 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/authentication/GithubAuthenticationTab.tsx +++ b/server/sonar-web/src/main/js/apps/settings/components/authentication/GithubAuthenticationTab.tsx @@ -375,7 +375,7 @@ export default function GithubAuthenticationTab(props: GithubAuthenticationProps > {translate('cancel')} - + {hasGithubProvisioningConfigChange && translate('settings.authentication.github.configuration.unsaved_changes')} diff --git a/server/sonar-web/src/main/js/apps/settings/components/authentication/__tests__/Authentication-it.tsx b/server/sonar-web/src/main/js/apps/settings/components/authentication/__tests__/Authentication-it.tsx index 77a94494869..d2a216a92d2 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/authentication/__tests__/Authentication-it.tsx +++ b/server/sonar-web/src/main/js/apps/settings/components/authentication/__tests__/Authentication-it.tsx @@ -163,6 +163,9 @@ const ui = { roleExistsError: byRole('dialog', { name: 'settings.authentication.github.configuration.roles_mapping.dialog.title', }).byText('settings.authentication.github.configuration.roles_mapping.role_exists'), + emptyRoleError: byRole('dialog', { + name: 'settings.authentication.github.configuration.roles_mapping.dialog.title', + }).byText('settings.authentication.github.configuration.roles_mapping.empty_custom_role'), deleteCustomRoleCustom2: byRole('button', { name: 'settings.authentication.github.configuration.roles_mapping.dialog.delete_custom_role.custom2', }), @@ -1006,13 +1009,18 @@ describe('Github tab', () => { await user.click(github.customRoleAddBtn.get()); let custom3Checkboxes = github.mappingCheckbox.getAll(github.getMappingRowByRole('custom3')); - expect(custom3Checkboxes[0]).not.toBeChecked(); + expect(custom3Checkboxes[0]).toBeChecked(); expect(custom3Checkboxes[1]).not.toBeChecked(); expect(custom3Checkboxes[2]).not.toBeChecked(); expect(custom3Checkboxes[3]).not.toBeChecked(); expect(custom3Checkboxes[4]).not.toBeChecked(); expect(custom3Checkboxes[5]).not.toBeChecked(); + await user.click(custom3Checkboxes[0]); + expect(await github.emptyRoleError.find()).toBeInTheDocument(); + expect(github.mappingDialogClose.get()).toBeDisabled(); await user.click(custom3Checkboxes[1]); + expect(github.emptyRoleError.query()).not.toBeInTheDocument(); + expect(github.mappingDialogClose.get()).toBeEnabled(); await user.click(github.mappingDialogClose.get()); expect(await github.saveGithubProvisioning.find()).toBeEnabled(); diff --git a/sonar-core/src/main/resources/org/sonar/l10n/core.properties b/sonar-core/src/main/resources/org/sonar/l10n/core.properties index 5cf3a651a65..8c409b5a0da 100644 --- a/sonar-core/src/main/resources/org/sonar/l10n/core.properties +++ b/sonar-core/src/main/resources/org/sonar/l10n/core.properties @@ -1540,9 +1540,10 @@ settings.authentication.github.configuration.roles_mapping.button_label=Edit map settings.authentication.github.configuration.roles_mapping.dialog.title=GitHub Roles Mapping settings.authentication.github.configuration.roles_mapping.dialog.roles_column=Roles settings.authentication.github.configuration.roles_mapping.dialog.add_custom_role=Add custom role: -settings.authentication.github.configuration.roles_mapping.role_exists=Role already exists settings.authentication.github.configuration.roles_mapping.dialog.custom_roles_description=When a custom role name added here matches an existing GitHub custom role in any of your organizations, the mapping applies to all users with this custom role. If an existing GitHub custom role has no exact match in this list, the permissions of its inherited base role are mapped. settings.authentication.github.configuration.roles_mapping.dialog.delete_custom_role=Delete custom role {0} +settings.authentication.github.configuration.roles_mapping.role_exists=Role already exists. +settings.authentication.github.configuration.roles_mapping.empty_custom_role=Custom roles should have some permissions. settings.authentication.github.configuration.unsaved_changes=You have unsaved changes. # SAML