From 8df0d85e3c80052d7826c47005c1a83bf6025920 Mon Sep 17 00:00:00 2001 From: Aurelien Poscia Date: Mon, 11 Sep 2023 15:35:22 +0200 Subject: [PATCH] SONAR-20393 allow to deactivate GH project visibility sync --- .../org/sonar/auth/github/GitHubSettings.java | 17 +++++++++++- .../sonar/auth/github/GitHubModuleTest.java | 2 +- .../sonar/auth/github/GitHubSettingsTest.java | 26 ++++++++++++++++--- .../hook/useGithubConfiguration.ts | 1 + 4 files changed, 40 insertions(+), 6 deletions(-) diff --git a/server/sonar-auth-github/src/main/java/org/sonar/auth/github/GitHubSettings.java b/server/sonar-auth-github/src/main/java/org/sonar/auth/github/GitHubSettings.java index 620d7652df3..bd93b13cfbb 100644 --- a/server/sonar-auth-github/src/main/java/org/sonar/auth/github/GitHubSettings.java +++ b/server/sonar-auth-github/src/main/java/org/sonar/auth/github/GitHubSettings.java @@ -61,12 +61,13 @@ public class GitHubSettings { @VisibleForTesting static final String PROVISIONING = "provisioning.github.enabled"; @VisibleForTesting + static final String PROVISION_VISIBILITY = "provisioning.github.project.visibility.enabled"; + @VisibleForTesting static final String USER_CONSENT_FOR_PERMISSIONS_REQUIRED_AFTER_UPGRADE = "sonar.auth.github.userConsentForPermissionProvisioningRequired"; private static final String CATEGORY = "authentication"; private static final String SUBCATEGORY = "github"; - private final Configuration configuration; private final InternalProperties internalProperties; @@ -166,6 +167,10 @@ public class GitHubSettings { return configuration.get(USER_CONSENT_FOR_PERMISSIONS_REQUIRED_AFTER_UPGRADE).isPresent(); } + public boolean isProjectVisibilitySynchronizationActivated() { + return configuration.getBoolean(PROVISION_VISIBILITY).orElse(true); + } + public static List definitions() { int index = 1; return Arrays.asList( @@ -255,6 +260,16 @@ public class GitHubSettings { .category(CATEGORY) .subCategory(SUBCATEGORY) .index(index) + .build(), + PropertyDefinition.builder(PROVISION_VISIBILITY) + .name("Provision project visibility") + .description("Change project visibility based on GitHub repository visibility. If disabled, every provisioned project will be private and will be seen only for those users" + + " that have explicit GitHub permissions for the according repository.") + .type(BOOLEAN) + .category(CATEGORY) + .subCategory(SUBCATEGORY) + .defaultValue(valueOf(true)) + .index(index) .build()); } } diff --git a/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubModuleTest.java b/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubModuleTest.java index ebb9b1b1f2b..635dbf1df54 100644 --- a/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubModuleTest.java +++ b/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubModuleTest.java @@ -30,7 +30,7 @@ public class GitHubModuleTest { public void verify_count_of_added_components() { ListContainer container = new ListContainer(); new GitHubModule().configure(container); - assertThat(container.getAddedObjects()).hasSize(14); + assertThat(container.getAddedObjects()).hasSize(15); } } diff --git a/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubSettingsTest.java b/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubSettingsTest.java index fa31f09f9ce..5641897330f 100644 --- a/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubSettingsTest.java +++ b/server/sonar-auth-github/src/test/java/org/sonar/auth/github/GitHubSettingsTest.java @@ -37,15 +37,16 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; import static org.sonar.auth.github.GitHubSettings.USER_CONSENT_FOR_PERMISSIONS_REQUIRED_AFTER_UPGRADE; +import static org.sonar.auth.github.GitHubSettings.PROVISION_VISIBILITY; public class GitHubSettingsTest { @Rule public DbTester db = DbTester.create(System2.INSTANCE); - private MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); - private InternalProperties internalProperties = mock(InternalProperties.class); + private final MapSettings settings = new MapSettings(new PropertyDefinitions(System2.INSTANCE, GitHubSettings.definitions())); + private final InternalProperties internalProperties = mock(InternalProperties.class); - private GitHubSettings underTest = new GitHubSettings(settings.asConfig(), internalProperties, db.getDbClient()); + private final GitHubSettings underTest = new GitHubSettings(settings.asConfig(), internalProperties, db.getDbClient()); @Test public void is_enabled() { @@ -113,6 +114,22 @@ public class GitHubSettingsTest { assertThat(underTest.isUserConsentRequiredAfterUpgrade()).isTrue(); } + @Test + public void isProjectVisibilitySynchronizationActivated_whenPropertyNotSet_returnsTrueByDefault() { + assertThat(underTest.isProjectVisibilitySynchronizationActivated()).isTrue(); + } + + @Test + public void isProjectVisibilitySynchronizationActivated_whenPropertyIsSetToFalse_returnsFalse() { + settings.setProperty(PROVISION_VISIBILITY, "false"); + assertThat(underTest.isProjectVisibilitySynchronizationActivated()).isFalse(); + } + @Test + public void isProjectVisibilitySynchronizationActivated_whenPropertyIsSetToTrue_returnsTrue() { + settings.setProperty(PROVISION_VISIBILITY, "true"); + assertThat(underTest.isProjectVisibilitySynchronizationActivated()).isTrue(); + } + @Test public void setProvisioning_whenGitHubAuthDisabled_shouldThrow() { assertThatIllegalStateException() @@ -273,7 +290,8 @@ public class GitHubSettingsTest { "Synchronize teams as groups", "The API url for a GitHub instance.", "The WEB url for a GitHub instance.", - "Organizations"); + "Organizations", + "Provision project visibility"); } private void enableGithubAuthentication() { diff --git a/server/sonar-web/src/main/js/apps/settings/components/authentication/hook/useGithubConfiguration.ts b/server/sonar-web/src/main/js/apps/settings/components/authentication/hook/useGithubConfiguration.ts index 5ad6944dd0d..6f9ac390726 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/authentication/hook/useGithubConfiguration.ts +++ b/server/sonar-web/src/main/js/apps/settings/components/authentication/hook/useGithubConfiguration.ts @@ -39,6 +39,7 @@ export const OPTIONAL_FIELDS = [ ...GITHUB_JIT_FIELDS, 'sonar.auth.github.organizations', 'sonar.auth.github.groupsSync', + 'provisioning.github.project.visibility.enabled', ]; export interface SamlSettingValue { -- 2.39.5