@@ -155,16 +155,20 @@ public class GithubBinding { | |||
@SerializedName("metadata") | |||
String metadata; | |||
@SerializedName("administration") | |||
String administration; | |||
String repoAdministration; | |||
@SerializedName("organization_administration") | |||
String orgAdministration; | |||
public Permissions(@Nullable String checks, @Nullable String members, @Nullable String emails, @Nullable String contents, @Nullable String metadata, | |||
@Nullable String administration) { | |||
@Nullable String repoAdministration, @Nullable String orgAdministration) { | |||
this.checks = checks; | |||
this.members = members; | |||
this.emails = emails; | |||
this.contents = contents; | |||
this.metadata = metadata; | |||
this.administration = administration; | |||
this.repoAdministration = repoAdministration; | |||
this.orgAdministration = orgAdministration; | |||
} | |||
public Permissions() { | |||
@@ -203,8 +207,13 @@ public class GithubBinding { | |||
} | |||
@CheckForNull | |||
public String getAdministration() { | |||
return administration; | |||
public String getRepoAdministration() { | |||
return repoAdministration; | |||
} | |||
@CheckForNull | |||
public String getOrgAdministration() { | |||
return orgAdministration; | |||
} | |||
public static class Builder { | |||
@@ -213,7 +222,9 @@ public class GithubBinding { | |||
private String emails; | |||
private String contents; | |||
private String metadata; | |||
private String administration; | |||
private String repoAdministration; | |||
private String orgAdministration; | |||
private Builder() { | |||
// Use static factory method | |||
@@ -244,13 +255,18 @@ public class GithubBinding { | |||
return this; | |||
} | |||
public Builder setAdministration(String administration) { | |||
this.administration = administration; | |||
public Builder setRepoAdministration(String repoAdministration) { | |||
this.repoAdministration = repoAdministration; | |||
return this; | |||
} | |||
public Builder setOrgAdministration(String orgAdministration) { | |||
this.orgAdministration = orgAdministration; | |||
return this; | |||
} | |||
public GithubBinding.Permissions build() { | |||
return new GithubBinding.Permissions(checks, members, emails, contents, metadata, administration); | |||
return new GithubBinding.Permissions(checks, members, emails, contents, metadata, repoAdministration, orgAdministration); | |||
} | |||
} | |||
} |
@@ -40,6 +40,7 @@ import static org.sonar.alm.client.github.config.ConfigCheckResult.InstallationS | |||
public class GithubProvisioningConfigValidator { | |||
private static final String ORG_MEMBERS_PERMISSION = "Organization permissions > Members (Read-only)"; | |||
private static final String ORG_ADMIN_PERMISSION = "Organization permissions > Administration (Read-only)"; | |||
private static final String ACCOUNT_EMAILS_PERMISSION = "Account permissions > Email addresses (Read-only)"; | |||
private static final String REPO_ADMIN_PERMISSION = "Repository permissions > Administration (Read-only)"; | |||
private static final String REPO_METADATA_PERMISSION = "Repository permissions > Metadata (Read-only)"; | |||
@@ -129,15 +130,7 @@ public class GithubProvisioningConfigValidator { | |||
if (permissions.getEmails() == null) { | |||
missingPermissions.add(ACCOUNT_EMAILS_PERMISSION); | |||
} | |||
if (permissions.getMembers() == null) { | |||
missingPermissions.add(ORG_MEMBERS_PERMISSION); | |||
} | |||
if (permissions.getAdministration() == null) { | |||
missingPermissions.add(REPO_ADMIN_PERMISSION); | |||
} | |||
if (permissions.getMetadata() == null) { | |||
missingPermissions.add(REPO_METADATA_PERMISSION); | |||
} | |||
checkCommonPermissions(permissions, missingPermissions); | |||
if (missingPermissions.isEmpty()) { | |||
return ConfigStatus.SUCCESS; | |||
} | |||
@@ -167,19 +160,26 @@ public class GithubProvisioningConfigValidator { | |||
private static ConfigStatus autoProvisioningInstallationConfigStatus(Permissions permissions) { | |||
List<String> missingPermissions = new ArrayList<>(); | |||
checkCommonPermissions(permissions, missingPermissions); | |||
if (missingPermissions.isEmpty()) { | |||
return ConfigStatus.SUCCESS; | |||
} | |||
return failedStatus(missingPermissions); | |||
} | |||
private static void checkCommonPermissions(Permissions permissions, List<String> missingPermissions) { | |||
if (permissions.getMembers() == null) { | |||
missingPermissions.add(ORG_MEMBERS_PERMISSION); | |||
} | |||
if (permissions.getAdministration() == null) { | |||
if (permissions.getOrgAdministration() == null) { | |||
missingPermissions.add(ORG_ADMIN_PERMISSION); | |||
} | |||
if (permissions.getRepoAdministration() == null) { | |||
missingPermissions.add(REPO_ADMIN_PERMISSION); | |||
} | |||
if (permissions.getMetadata() == null) { | |||
missingPermissions.add(REPO_METADATA_PERMISSION); | |||
} | |||
if (missingPermissions.isEmpty()) { | |||
return ConfigStatus.SUCCESS; | |||
} | |||
return failedStatus(missingPermissions); | |||
} | |||
} |
@@ -53,9 +53,11 @@ public class GithubProvisioningConfigValidatorTest { | |||
private static final String INCOMPLETE_APP_CONFIG_STATUS = "The GitHub App configuration is not complete."; | |||
private static final String MISSING_EMAIL_PERMISSION = "Missing GitHub permissions: Account permissions > Email addresses (Read-only)"; | |||
private static final String MISSING_ALL_AUTOPROVISIONNING_PERMISSIONS = "Missing GitHub permissions: Organization permissions > Members (Read-only), " | |||
+ "Organization permissions > Administration (Read-only), " | |||
+ "Repository permissions > Administration (Read-only), Repository permissions > Metadata (Read-only)"; | |||
private static final String MISSING_ALL_PERMISSIONS = "Missing GitHub permissions: Account permissions > Email addresses (Read-only), " | |||
+ "Organization permissions > Members (Read-only), Repository permissions > Administration (Read-only), Repository permissions > Metadata (Read-only)"; | |||
+ "Organization permissions > Members (Read-only), Organization permissions > Administration (Read-only), " | |||
+ "Repository permissions > Administration (Read-only), Repository permissions > Metadata (Read-only)"; | |||
private static final String NO_INSTALLATIONS_STATUS = "The GitHub App is not installed on any organizations or the organization is not white-listed."; | |||
private static final String SUSPENDED_INSTALLATION = "Installation suspended"; | |||
@@ -193,7 +195,6 @@ public class GithubProvisioningConfigValidatorTest { | |||
assertThat(checkResult.installations()).isEmpty(); | |||
verifyAppConfiguration(appConfigurationCaptor.getValue()); | |||
} | |||
@Test | |||
@@ -270,7 +271,15 @@ public class GithubProvisioningConfigValidatorTest { | |||
private GsonApp mockGithubAppWithValidConfig(ArgumentCaptor<GithubAppConfiguration> appConfigurationCaptor) { | |||
GsonApp githubApp = mock(GsonApp.class); | |||
when(githubClient.getApp(appConfigurationCaptor.capture())).thenReturn(githubApp); | |||
when(githubApp.getPermissions()).thenReturn(Permissions.builder().setMembers("read").setEmails("read").setMetadata("read").setAdministration("read").build()); | |||
when(githubApp.getPermissions()).thenReturn( | |||
Permissions.builder() | |||
.setMembers("read") | |||
.setEmails("read") | |||
.setMetadata("read") | |||
.setRepoAdministration("read") | |||
.setOrgAdministration("read") | |||
.build() | |||
); | |||
return githubApp; | |||
} | |||
@@ -301,7 +310,15 @@ public class GithubProvisioningConfigValidatorTest { | |||
private static GithubAppInstallation mockInstallationWithAllPermissions(String org) { | |||
GithubAppInstallation installation = mockInstallation(org); | |||
when(installation.permissions()).thenReturn(Permissions.builder().setMembers("read").setEmails("read").setMetadata("read").setAdministration("read").build()); | |||
when(installation.permissions()).thenReturn( | |||
Permissions.builder() | |||
.setMembers("read") | |||
.setEmails("read") | |||
.setMetadata("read") | |||
.setRepoAdministration("read") | |||
.setOrgAdministration("read") | |||
.build() | |||
); | |||
return installation; | |||
} | |||