mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
Browse Source

SONAR-21504 Correctly set project visibility and permissions on projects created from GH Actions.

tags/10.4.0.87286
Wojtek Wajerowicz 4 months ago
parent
ec89bff4f8
commit
99056ccdc6
8 changed files with 98 additions and 68 deletions
Split View Show Diff Stats
  1. 10
    9
      server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/github/ImportGithubProjectActionIT.java
  2. 1
    1
      server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/BranchReportSubmitterIT.java
  3. 34
    14
      server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/ReportSubmitterIT.java
  4. 26
    13
      server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GithubProjectCreator.java
  5. 2
    3
      server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GithubProjectCreatorFactory.java
  6. 4
    8
      server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/ProjectCreator.java
  7. 1
    1
      server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/GithubProjectCreatorFactoryTest.java
  8. 20
    19
      server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/GithubProjectCreatorTest.java

+ 10
- 9
server/sonar-webserver-webapi/src/it/java/org/sonar/server/almintegration/ws/github/ImportGithubProjectActionIT.java View File

@@ -61,7 +61,6 @@ import org.sonar.server.exceptions.BadConfigurationException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.favorite.FavoriteUpdater;
import org.sonar.server.management.ManagedInstanceService;
import org.sonar.server.management.ManagedProjectService;
import org.sonar.server.newcodeperiod.NewCodeDefinitionResolver;
import org.sonar.server.permission.GroupPermissionChanger;
@@ -137,11 +136,10 @@ public class ImportGithubProjectActionIT {
private final NewCodeDefinitionResolver newCodeDefinitionResolver = new NewCodeDefinitionResolver(db.getDbClient(), editionProvider);

private final ManagedProjectService managedProjectService = mock(ManagedProjectService.class);
private final ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class);

private final GithubPermissionConverter githubPermissionConverter = mock();

private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, managedInstanceService, componentUpdater);
private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, componentUpdater);

private final GithubProjectCreatorFactory gitHubProjectCreatorFactory = new GithubProjectCreatorFactory(db.getDbClient(),
null, appClient, projectKeyGenerator, userSession, projectCreator, gitHubSettings, githubPermissionConverter, userPermissionUpdater, permissionService,
@@ -151,7 +149,7 @@ public class ImportGithubProjectActionIT {

@Before
public void before() {
when(projectDefaultVisibility.get(any())).thenReturn(Visibility.PRIVATE);
when(projectDefaultVisibility.get(any())).thenReturn(Visibility.PUBLIC);
when(defaultBranchNameResolver.getEffectiveMainBranchName()).thenReturn(DEFAULT_MAIN_BRANCH_NAME);
}

@@ -160,6 +158,8 @@ public class ImportGithubProjectActionIT {
AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();

GithubApplicationClient.Repository repository = mockGithubDevOpsAppInteractions();
mockGithubAuthAppInteractions();
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);

Projects.CreateWsResponse response = callWebService(githubAlmSetting);

@@ -308,7 +308,7 @@ public class ImportGithubProjectActionIT {
}

@Test
public void importProject_whenGithubProvisioningIsDisabled_shouldApplyPermissionTemplate() {
public void importProject_whenGithubProvisioningIsDisabled_shouldApplyPermissionTemplateAndSetDefaultVisibility() {
AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();

mockGithubDevOpsAppInteractions();
@@ -321,8 +321,9 @@ public class ImportGithubProjectActionIT {

ArgumentCaptor<EntityDto> projectDtoArgumentCaptor = ArgumentCaptor.forClass(EntityDto.class);
verify(permissionTemplateService).applyDefaultToNewComponent(any(DbSession.class), projectDtoArgumentCaptor.capture(), eq(userSession.getUuid()));
String projectKey = projectDtoArgumentCaptor.getValue().getKey();
assertThat(projectKey).isEqualTo(GENERATED_PROJECT_KEY);
EntityDto capturedProjectDto = projectDtoArgumentCaptor.getValue();
assertThat(capturedProjectDto.getKey()).isEqualTo(GENERATED_PROJECT_KEY);
assertThat(capturedProjectDto.isPrivate()).isFalse();

}

@@ -330,7 +331,7 @@ public class ImportGithubProjectActionIT {
public void importProject_whenGithubProvisioningIsEnabled_shouldNotApplyPermissionTemplate() {
AlmSettingDto githubAlmSetting = setupUserWithPatAndAlmSettings();

when(managedInstanceService.isInstanceExternallyManaged()).thenReturn(true);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
mockGithubDevOpsAppInteractions();
mockGithubAuthAppInteractions();

@@ -443,7 +444,7 @@ public class ImportGithubProjectActionIT {
assertThatThrownBy(request::execute)
.isInstanceOf(BadConfigurationException.class)
.hasMessage(format("GitHub auto-provisioning is activated. However the repo %s is not in the scope of the authentication application. "
+ "The permissions can't be checked, and the project can not be created.",
+ "The permissions can't be checked, and the project can not be created.",
"octocat/" + PROJECT_KEY_NAME));
}


+ 1
- 1
server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/BranchReportSubmitterIT.java View File

@@ -112,7 +112,7 @@ public class BranchReportSubmitterIT {
null, null, userSession, null, null, null, null, null, null);

private final ManagedInstanceService managedInstanceService = mock();
private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, managedInstanceService, componentUpdater);
private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, componentUpdater);
private final ReportSubmitter underTest = new ReportSubmitter(queue, userSession, projectCreator, componentUpdater, permissionTemplateService, db.getDbClient(), branchSupport,
devOpsProjectCreatorFactory, managedInstanceService);


+ 34
- 14
server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/ReportSubmitterIT.java View File

@@ -127,7 +127,7 @@ public class ReportSubmitterIT {
new FavoriteUpdater(db.getDbClient()), projectIndexers, new SequenceUuidFactory(), defaultBranchNameResolver, mock(PermissionUpdater.class), permissionService);
private final ManagedProjectService managedProjectService = mock();
private final ManagedInstanceService managedInstanceService = mock();
private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, managedInstanceService, componentUpdater);
private final ProjectCreator projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, componentUpdater);
private final GithubProjectCreatorFactory githubProjectCreatorFactory = new GithubProjectCreatorFactory(db.getDbClient(), githubGlobalSettingsValidator,
githubApplicationClient, projectKeyGenerator, userSession, projectCreator, gitHubSettings, null, permissionUpdater, permissionService,
managedProjectService);
@@ -288,15 +288,33 @@ public class ReportSubmitterIT {
UserDto user = db.users().insertUser();
userSession.logIn(user).addPermission(PROVISION_PROJECTS).addPermission(SCAN);

when(managedInstanceService.isInstanceExternallyManaged()).thenReturn(true);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
mockSuccessfulPrepareSubmitCall();

DevOpsProjectCreator devOpsProjectCreator = mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS);
DevOpsProjectCreator devOpsProjectCreator = mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS, false);
doReturn(true).when(devOpsProjectCreator).isScanAllowedUsingPermissionsFromDevopsPlatform();

underTest.submit(PROJECT_KEY, PROJECT_NAME, CHARACTERISTICS, IOUtils.toInputStream("{binary}", UTF_8));

assertProjectWasCreatedWithBinding();
assertProjectWasCreatedWithBinding(true);
verify(permissionTemplateService, never()).applyDefaultToNewComponent(any(), any(), any());
}

@Test
public void submit_whenReportIsForANewProjectWithValidAlmSettingsAutoProvisioningOnAndProjectVisibilitySyncAndPermOnGh_createsProjectWithBinding() {
UserDto user = db.users().insertUser();
userSession.logIn(user).addPermission(PROVISION_PROJECTS).addPermission(SCAN);

when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
when(gitHubSettings.isProjectVisibilitySynchronizationActivated()).thenReturn(true);
mockSuccessfulPrepareSubmitCall();

DevOpsProjectCreator devOpsProjectCreator = mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS, false);
doReturn(true).when(devOpsProjectCreator).isScanAllowedUsingPermissionsFromDevopsPlatform();

underTest.submit(PROJECT_KEY, PROJECT_NAME, CHARACTERISTICS, IOUtils.toInputStream("{binary}", UTF_8));

assertProjectWasCreatedWithBinding(false);
verify(permissionTemplateService, never()).applyDefaultToNewComponent(any(), any(), any());
}

@@ -304,15 +322,15 @@ public class ReportSubmitterIT {
public void submit_whenReportIsForANewProjectWithValidAlmSettingsAutoProvisioningOnNoPermOnGhAndGlobalScanPerm_createsProjectWithBinding() {
UserDto user = db.users().insertUser();
userSession.logIn(user).addPermission(GlobalPermission.SCAN).addPermission(PROVISION_PROJECTS);
when(managedInstanceService.isInstanceExternallyManaged()).thenReturn(true);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
mockSuccessfulPrepareSubmitCall();

DevOpsProjectCreator devOpsProjectCreator = mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS);
DevOpsProjectCreator devOpsProjectCreator = mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS, false);
doReturn(true).when(devOpsProjectCreator).isScanAllowedUsingPermissionsFromDevopsPlatform();

underTest.submit(PROJECT_KEY, PROJECT_NAME, CHARACTERISTICS, IOUtils.toInputStream("{binary}", UTF_8));

assertProjectWasCreatedWithBinding();
assertProjectWasCreatedWithBinding(true);
verify(permissionTemplateService, never()).applyDefaultToNewComponent(any(), any(), any());
}

@@ -346,19 +364,20 @@ public class ReportSubmitterIT {
userSession.addPermission(GlobalPermission.SCAN).addPermission(PROVISION_PROJECTS);
mockSuccessfulPrepareSubmitCall();

mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS);
mockAlmSettingDtoAndDevOpsProjectCreator(CHARACTERISTICS, true);

when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true);

underTest.submit(PROJECT_KEY, PROJECT_NAME, CHARACTERISTICS, IOUtils.toInputStream("{binary}", UTF_8));

assertProjectWasCreatedWithBinding();
assertProjectWasCreatedWithBinding(false);
}

private void assertProjectWasCreatedWithBinding() {
private void assertProjectWasCreatedWithBinding(boolean isPrivate) {
ProjectDto projectDto = db.getDbClient().projectDao().selectProjectByKey(db.getSession(), PROJECT_KEY).orElseThrow();
assertThat(projectDto.getCreationMethod()).isEqualTo(CreationMethod.SCANNER_API_DEVOPS_AUTO_CONFIG);
assertThat(projectDto.getName()).isEqualTo("repoName");
assertThat(projectDto.isPrivate()).isEqualTo(isPrivate);

BranchDto branchDto = db.getDbClient().branchDao().selectByBranchKey(db.getSession(), projectDto.getUuid(), "defaultBranch").orElseThrow();
assertThat(branchDto.isMain()).isTrue();
@@ -366,27 +385,28 @@ public class ReportSubmitterIT {
assertThat(db.getDbClient().projectAlmSettingDao().selectByProject(db.getSession(), projectDto.getUuid())).isPresent();
}

private DevOpsProjectCreator mockAlmSettingDtoAndDevOpsProjectCreator(Map<String, String> characteristics) {
private DevOpsProjectCreator mockAlmSettingDtoAndDevOpsProjectCreator(Map<String, String> characteristics, boolean isPrivate) {
AlmSettingDto almSettingDto = mock(AlmSettingDto.class);
when(almSettingDto.getAlm()).thenReturn(ALM.GITHUB);
when(almSettingDto.getUrl()).thenReturn("https://www.toto.com");
when(almSettingDto.getUuid()).thenReturn("uuid_gh_1");

mockGithubRepository();
mockGithubRepository(isPrivate);

DevOpsProjectDescriptor projectDescriptor = new DevOpsProjectDescriptor(ALM.GITHUB, "apiUrl", "orga/repo");
GithubProjectCreationParameters githubProjectCreationParameters = new GithubProjectCreationParameters(projectDescriptor, almSettingDto, userSession, mock(), null);
DevOpsProjectCreator devOpsProjectCreator = spy(new GithubProjectCreator(db.getDbClient(), githubApplicationClient, null, projectKeyGenerator,
permissionUpdater, permissionService, managedProjectService, projectCreator, githubProjectCreationParameters));
permissionUpdater, permissionService, managedProjectService, projectCreator, githubProjectCreationParameters, gitHubSettings));
doReturn(Optional.of(devOpsProjectCreator)).when(devOpsProjectCreatorFactorySpy).getDevOpsProjectCreator(any(), eq(characteristics));
return devOpsProjectCreator;
}

private void mockGithubRepository() {
private void mockGithubRepository(boolean isPrivate) {
GithubApplicationClient.Repository repository = mock(GithubApplicationClient.Repository.class);
when(repository.getDefaultBranch()).thenReturn("defaultBranch");
when(repository.getFullName()).thenReturn("orga/repoName");
when(repository.getName()).thenReturn("repoName");
when(repository.isPrivate()).thenReturn(isPrivate);
when(githubApplicationClient.getRepository(any(), any(), any())).thenReturn(Optional.of(repository));
}


+ 26
- 13
server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GithubProjectCreator.java View File

@@ -24,10 +24,12 @@ import java.util.Set;
import javax.annotation.CheckForNull;
import javax.annotation.Nullable;
import org.sonar.auth.github.AppInstallationToken;
import org.sonar.auth.github.GitHubSettings;
import org.sonar.auth.github.client.GithubApplicationClient;
import org.sonar.alm.client.github.GithubPermissionConverter;
import org.sonar.auth.github.GsonRepositoryCollaborator;
import org.sonar.auth.github.GsonRepositoryTeam;
import org.sonar.auth.github.client.GithubApplicationClient.Repository;
import org.sonar.auth.github.security.AccessToken;
import org.sonar.api.web.UserRole;
import org.sonar.auth.github.GsonRepositoryPermissions;
@@ -70,13 +72,14 @@ public class GithubProjectCreator implements DevOpsProjectCreator {
private final UserSession userSession;
private final AlmSettingDto almSettingDto;
private final AccessToken devOpsAppInstallationToken;
private final GitHubSettings gitHubSettings;

@CheckForNull
private final AppInstallationToken authAppInstallationToken;

public GithubProjectCreator(DbClient dbClient, GithubApplicationClient githubApplicationClient, GithubPermissionConverter githubPermissionConverter,
ProjectKeyGenerator projectKeyGenerator, PermissionUpdater<UserPermissionChange> permissionUpdater, PermissionService permissionService,
ManagedProjectService managedProjectService, ProjectCreator projectCreator, GithubProjectCreationParameters githubProjectCreationParameters) {
ManagedProjectService managedProjectService, ProjectCreator projectCreator, GithubProjectCreationParameters githubProjectCreationParameters, GitHubSettings gitHubSettings) {

this.dbClient = dbClient;
this.githubApplicationClient = githubApplicationClient;
@@ -92,6 +95,7 @@ public class GithubProjectCreator implements DevOpsProjectCreator {
devOpsProjectDescriptor = githubProjectCreationParameters.devOpsProjectDescriptor();
devOpsAppInstallationToken = githubProjectCreationParameters.devOpsAppInstallationToken();
authAppInstallationToken = githubProjectCreationParameters.authAppInstallationToken();
this.gitHubSettings = gitHubSettings;
}

@Override
@@ -154,7 +158,7 @@ public class GithubProjectCreator implements DevOpsProjectCreator {
@Override
public ComponentCreationData createProjectAndBindToDevOpsPlatform(DbSession dbSession, CreationMethod creationMethod, @Nullable String projectKey) {
String url = requireNonNull(almSettingDto.getUrl(), "DevOps Platform url cannot be null");
GithubApplicationClient.Repository repository = githubApplicationClient.getRepository(url, devOpsAppInstallationToken, devOpsProjectDescriptor.projectIdentifier())
Repository repository = githubApplicationClient.getRepository(url, devOpsAppInstallationToken, devOpsProjectDescriptor.projectIdentifier())
.orElseThrow(() -> new IllegalStateException(
String.format("Impossible to find the repository '%s' on GitHub, using the devops config %s", devOpsProjectDescriptor.projectIdentifier(), almSettingDto.getKey())));

@@ -162,26 +166,35 @@ public class GithubProjectCreator implements DevOpsProjectCreator {
}

private ComponentCreationData createProjectAndBindToDevOpsPlatform(DbSession dbSession, @Nullable String projectKey, AlmSettingDto almSettingDto,
GithubApplicationClient.Repository repository, CreationMethod creationMethod) {
Repository repository, CreationMethod creationMethod) {
String key = Optional.ofNullable(projectKey).orElse(getUniqueProjectKey(repository));

boolean isPrivate;
if (managedProjectService.isProjectVisibilitySynchronizationActivated()) {
isPrivate = repository.isPrivate();
} else {
isPrivate = true;
}
boolean isManaged = gitHubSettings.isProvisioningEnabled();

ComponentCreationData componentCreationData = projectCreator.createProject(dbSession, key, repository.getName(), repository.getDefaultBranch(), creationMethod, isPrivate);
ComponentCreationData componentCreationData = projectCreator.createProject(dbSession, key, repository.getName(), repository.getDefaultBranch(), creationMethod,
shouldProjectBePrivate(repository), isManaged);
ProjectDto projectDto = Optional.ofNullable(componentCreationData.projectDto()).orElseThrow();
createProjectAlmSettingDto(dbSession, repository, projectDto, almSettingDto);
addScanPermissionToCurrentUser(dbSession, projectDto);

BranchDto mainBranchDto = Optional.ofNullable(componentCreationData.mainBranchDto()).orElseThrow();
syncProjectPermissionsWithGithub(projectDto, mainBranchDto);
if (gitHubSettings.isProvisioningEnabled()) {
syncProjectPermissionsWithGithub(projectDto, mainBranchDto);
}
return componentCreationData;
}

@CheckForNull
private Boolean shouldProjectBePrivate(Repository repository) {
if (gitHubSettings.isProvisioningEnabled() && gitHubSettings.isProjectVisibilitySynchronizationActivated()) {
return repository.isPrivate();
} else if (gitHubSettings.isProvisioningEnabled()) {
return true;
} else {
return null;
}
}

private void addScanPermissionToCurrentUser(DbSession dbSession, ProjectDto projectDto) {
UserIdDto userId = new UserIdDto(requireNonNull(userSession.getUuid()), requireNonNull(userSession.getLogin()));
UserPermissionChange scanPermission = new UserPermissionChange(Operation.ADD, UserRole.SCAN, projectDto, userId, permissionService);
@@ -193,11 +206,11 @@ public class GithubProjectCreator implements DevOpsProjectCreator {
managedProjectService.queuePermissionSyncTask(userUuid, mainBranchDto.getUuid(), projectDto.getUuid());
}

private String getUniqueProjectKey(GithubApplicationClient.Repository repository) {
private String getUniqueProjectKey(Repository repository) {
return projectKeyGenerator.generateUniqueProjectKey(repository.getFullName());
}

private void createProjectAlmSettingDto(DbSession dbSession, GithubApplicationClient.Repository repo, ProjectDto projectDto, AlmSettingDto almSettingDto) {
private void createProjectAlmSettingDto(DbSession dbSession, Repository repo, ProjectDto projectDto, AlmSettingDto almSettingDto) {
ProjectAlmSettingDto projectAlmSettingDto = new ProjectAlmSettingDto()
.setAlmSettingUuid(almSettingDto.getUuid())
.setAlmRepo(repo.getFullName())

+ 2
- 3
server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/GithubProjectCreatorFactory.java View File

@@ -62,7 +62,6 @@ public class GithubProjectCreatorFactory implements DevOpsProjectCreatorFactory
private final GithubPermissionConverter githubPermissionConverter;
private final PermissionUpdater<UserPermissionChange> permissionUpdater;
private final PermissionService permissionService;

private final ManagedProjectService managedProjectService;

public GithubProjectCreatorFactory(DbClient dbClient, GithubGlobalSettingsValidator githubGlobalSettingsValidator,
@@ -115,7 +114,7 @@ public class GithubProjectCreatorFactory implements DevOpsProjectCreatorFactory
GithubProjectCreationParameters githubProjectCreationParameters = new GithubProjectCreationParameters(devOpsProjectDescriptor, almSettingDto, userSession, appInstallationToken,
authAppInstallationToken.orElse(null));
return new GithubProjectCreator(dbClient, githubApplicationClient, githubPermissionConverter, projectKeyGenerator, permissionUpdater, permissionService,
managedProjectService, projectCreator, githubProjectCreationParameters);
managedProjectService, projectCreator, githubProjectCreationParameters, gitHubSettings);
}

public DevOpsProjectCreator getDevOpsProjectCreator(AlmSettingDto almSettingDto, AccessToken accessToken,
@@ -125,7 +124,7 @@ public class GithubProjectCreatorFactory implements DevOpsProjectCreatorFactory
GithubProjectCreationParameters githubProjectCreationParameters = new GithubProjectCreationParameters(devOpsProjectDescriptor, almSettingDto, userSession, accessToken,
authAppInstallationToken.orElse(null));
return new GithubProjectCreator(dbClient, githubApplicationClient, githubPermissionConverter, projectKeyGenerator, permissionUpdater, permissionService,
managedProjectService, projectCreator, githubProjectCreationParameters
managedProjectService, projectCreator, githubProjectCreationParameters, gitHubSettings
);
}


+ 4
- 8
server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/ProjectCreator.java View File

@@ -27,7 +27,6 @@ import org.sonar.server.component.ComponentCreationData;
import org.sonar.server.component.ComponentCreationParameters;
import org.sonar.server.component.ComponentUpdater;
import org.sonar.server.component.NewComponent;
import org.sonar.server.management.ManagedInstanceService;
import org.sonar.server.project.ProjectDefaultVisibility;
import org.sonar.server.user.UserSession;

@@ -39,19 +38,16 @@ public class ProjectCreator {

private final UserSession userSession;
private final ProjectDefaultVisibility projectDefaultVisibility;
private final ManagedInstanceService managedInstanceService;
private final ComponentUpdater componentUpdater;

public ProjectCreator(UserSession userSession, ProjectDefaultVisibility projectDefaultVisibility, ManagedInstanceService managedInstanceService,
ComponentUpdater componentUpdater) {
public ProjectCreator(UserSession userSession, ProjectDefaultVisibility projectDefaultVisibility, ComponentUpdater componentUpdater) {
this.userSession = userSession;
this.projectDefaultVisibility = projectDefaultVisibility;
this.managedInstanceService = managedInstanceService;
this.componentUpdater = componentUpdater;
}

public ComponentCreationData createProject(DbSession dbSession, String projectKey, String projectName, @Nullable String mainBranchName, CreationMethod creationMethod,
@Nullable Boolean isPrivate) {
@Nullable Boolean isPrivate, boolean isManaged) {
boolean visibility = isPrivate != null ? isPrivate : projectDefaultVisibility.get(dbSession).isPrivate();
NewComponent projectComponent = newComponentBuilder()
.setKey(projectKey)
@@ -64,13 +60,13 @@ public class ProjectCreator {
.userLogin(userSession.getLogin())
.userUuid(userSession.getUuid())
.mainBranchName(mainBranchName)
.isManaged(managedInstanceService.isInstanceExternallyManaged() && !creationMethod.isLocal())
.isManaged(isManaged)
.creationMethod(creationMethod)
.build();
return componentUpdater.createWithoutCommit(dbSession, componentCreationParameters);
}

public ComponentCreationData createProject(DbSession dbSession, String projectKey, String projectName, @Nullable String mainBranchName, CreationMethod creationMethod) {
return createProject(dbSession, projectKey, projectName, mainBranchName, creationMethod, projectDefaultVisibility.get(dbSession).isPrivate());
return createProject(dbSession, projectKey, projectName, mainBranchName, creationMethod, projectDefaultVisibility.get(dbSession).isPrivate(), false);
}
}

+ 1
- 1
server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/GithubProjectCreatorFactoryTest.java View File

@@ -237,7 +237,7 @@ public class GithubProjectCreatorFactoryTest {
GithubProjectCreationParameters githubProjectCreationParameters = new GithubProjectCreationParameters(devOpsProjectDescriptor, almSettingDto, userSession, appInstallationToken,
authAppInstallToken);
return new GithubProjectCreator(dbClient, githubApplicationClient, githubPermissionConverter, projectKeyGenerator, permissionUpdater, permissionService,
managedProjectService, projectCreator, githubProjectCreationParameters);
managedProjectService, projectCreator, githubProjectCreationParameters, gitHubSettings);
}

private AlmSettingDto mockAlmSettingDto(boolean repoAccess) {

+ 20
- 19
server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/GithubProjectCreatorTest.java View File

@@ -31,15 +31,16 @@ import org.mockito.ArgumentCaptor;
import org.mockito.Captor;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;
import org.sonar.alm.client.github.GithubPermissionConverter;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.web.UserRole;
import org.sonar.auth.github.AppInstallationToken;
import org.sonar.auth.github.client.GithubApplicationClient;
import org.sonar.auth.github.GitHubSettings;
import org.sonar.auth.github.GsonRepositoryCollaborator;
import org.sonar.auth.github.GsonRepositoryPermissions;
import org.sonar.auth.github.GsonRepositoryTeam;
import org.sonar.auth.github.client.GithubApplicationClient;
import org.sonar.auth.github.security.AccessToken;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.web.UserRole;
import org.sonar.alm.client.github.GithubPermissionConverter;
import org.sonar.auth.github.GsonRepositoryPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.alm.setting.ALM;
import org.sonar.db.alm.setting.AlmSettingDto;
@@ -55,13 +56,13 @@ import org.sonar.server.component.ComponentCreationData;
import org.sonar.server.component.ComponentCreationParameters;
import org.sonar.server.component.ComponentUpdater;
import org.sonar.server.component.NewComponent;
import org.sonar.server.management.ManagedInstanceService;
import org.sonar.server.management.ManagedProjectService;
import org.sonar.server.permission.PermissionService;
import org.sonar.server.permission.PermissionServiceImpl;
import org.sonar.server.permission.PermissionUpdater;
import org.sonar.server.permission.UserPermissionChange;
import org.sonar.server.project.ProjectDefaultVisibility;
import org.sonar.server.project.Visibility;
import org.sonar.server.project.ws.ProjectCreator;
import org.sonar.server.user.UserSession;

@@ -115,11 +116,9 @@ public class GithubProjectCreatorTest {
private PermissionUpdater<UserPermissionChange> permissionUpdater;
@Mock
private ManagedProjectService managedProjectService;
@Mock
private ManagedInstanceService managedInstanceService;

@Mock(answer = Answers.RETURNS_DEEP_STUBS)
private ProjectDefaultVisibility projectDefaultVisibility;
private GitHubSettings gitHubSettings = mock();
private ProjectCreator projectCreator;

private GithubProjectCreator githubProjectCreator;
@@ -143,9 +142,9 @@ public class GithubProjectCreatorTest {
when(githubProjectCreationParameters.authAppInstallationToken()).thenReturn(authAppInstallationToken);
when(githubProjectCreationParameters.almSettingDto()).thenReturn(almSettingDto);

projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, managedInstanceService, componentUpdater);
projectCreator = new ProjectCreator(userSession, projectDefaultVisibility, componentUpdater);
githubProjectCreator = new GithubProjectCreator(dbClient, githubApplicationClient, githubPermissionConverter, projectKeyGenerator,
permissionUpdater, permissionService, managedProjectService, projectCreator, githubProjectCreationParameters);
permissionUpdater, permissionService, managedProjectService, projectCreator, githubProjectCreationParameters,gitHubSettings);

}

@@ -267,7 +266,7 @@ public class GithubProjectCreatorTest {
@Test
public void createProjectAndBindToDevOpsPlatform_whenRepoNotFound_throws() {
assertThatIllegalStateException().isThrownBy(
() -> githubProjectCreator.createProjectAndBindToDevOpsPlatform(mock(), SCANNER_API_DEVOPS_AUTO_CONFIG, null))
() -> githubProjectCreator.createProjectAndBindToDevOpsPlatform(mock(), SCANNER_API_DEVOPS_AUTO_CONFIG, null))
.withMessage("Impossible to find the repository 'orga2/repo1' on GitHub, using the devops config " + ALM_SETTING_KEY);
}

@@ -279,6 +278,7 @@ public class GithubProjectCreatorTest {
ComponentCreationData componentCreationData = mockProjectCreation("generated_orga2/repo1");
ProjectAlmSettingDao projectAlmSettingDao = mock();
when(dbClient.projectAlmSettingDao()).thenReturn(projectAlmSettingDao);
when(projectDefaultVisibility.get(any())).thenReturn(Visibility.PRIVATE);

// when
ComponentCreationData actualComponentCreationData = githubProjectCreator.createProjectAndBindToDevOpsPlatform(dbClient.openSession(true),
@@ -305,7 +305,8 @@ public class GithubProjectCreatorTest {
ComponentCreationData componentCreationData = mockProjectCreation("generated_orga2/repo1");
ProjectAlmSettingDao projectAlmSettingDao = mock();
when(dbClient.projectAlmSettingDao()).thenReturn(projectAlmSettingDao);
when(managedProjectService.isProjectVisibilitySynchronizationActivated()).thenReturn(true);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
when(gitHubSettings.isProjectVisibilitySynchronizationActivated()).thenReturn(true);

// when
ComponentCreationData actualComponentCreationData = githubProjectCreator.createProjectAndBindToDevOpsPlatform(dbClient.openSession(true),
@@ -326,7 +327,8 @@ public class GithubProjectCreatorTest {
ComponentCreationData componentCreationData = mockProjectCreation("generated_orga2/repo1");
ProjectAlmSettingDao projectAlmSettingDao = mock();
when(dbClient.projectAlmSettingDao()).thenReturn(projectAlmSettingDao);
when(managedProjectService.isProjectVisibilitySynchronizationActivated()).thenReturn(false);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);
when(gitHubSettings.isProjectVisibilitySynchronizationActivated()).thenReturn(false);

// when
ComponentCreationData actualComponentCreationData = githubProjectCreator.createProjectAndBindToDevOpsPlatform(dbClient.openSession(true),
@@ -348,6 +350,7 @@ public class GithubProjectCreatorTest {
ComponentCreationData componentCreationData = mockProjectCreation(projectKey);
ProjectAlmSettingDao projectAlmSettingDao = mock();
when(dbClient.projectAlmSettingDao()).thenReturn(projectAlmSettingDao);
when(projectDefaultVisibility.get(any())).thenReturn(Visibility.PRIVATE);

// when
ComponentCreationData actualComponentCreationData = githubProjectCreator.createProjectAndBindToDevOpsPlatform(dbClient.openSession(true), ALM_IMPORT_API, projectKey);
@@ -372,7 +375,6 @@ public class GithubProjectCreatorTest {
public void createProjectAndBindToDevOpsPlatformFromApi_whenRepoFoundOnGitHubAutoProvisioningOnAndRepoPrivate_successfullyCreatesProject() {
// given
when(projectDefaultVisibility.get(any()).isPrivate()).thenReturn(true);
when(managedInstanceService.isInstanceExternallyManaged()).thenReturn(true);

String projectKey = "customProjectKey";
mockGitHubRepository();
@@ -380,6 +382,7 @@ public class GithubProjectCreatorTest {
ComponentCreationData componentCreationData = mockProjectCreation(projectKey);
ProjectAlmSettingDao projectAlmSettingDao = mock();
when(dbClient.projectAlmSettingDao()).thenReturn(projectAlmSettingDao);
when(gitHubSettings.isProvisioningEnabled()).thenReturn(true);

// when
ComponentCreationData actualComponentCreationData = githubProjectCreator.createProjectAndBindToDevOpsPlatform(dbClient.openSession(true), ALM_IMPORT_API, projectKey);
@@ -416,7 +419,7 @@ public class GithubProjectCreatorTest {
}

private void mockPublicGithubRepository() {
GithubApplicationClient.Repository repository =mockGitHubRepository();
GithubApplicationClient.Repository repository = mockGitHubRepository();
when(repository.isPrivate()).thenReturn(false);
}

@@ -429,11 +432,9 @@ public class GithubProjectCreatorTest {
when(githubApplicationClient.getRepository(DEVOPS_PROJECT_DESCRIPTOR.url(), devOpsAppInstallationToken, DEVOPS_PROJECT_DESCRIPTOR.projectIdentifier())).thenReturn(
Optional.of(repository));
when(projectKeyGenerator.generateUniqueProjectKey(repository.getFullName())).thenReturn("generated_" + DEVOPS_PROJECT_DESCRIPTOR.projectIdentifier());
return repository;
return repository;
}



private ComponentCreationData mockProjectCreation(String projectKey) {
ComponentCreationData componentCreationData = mock();
ProjectDto projectDto = mockProjectDto(projectKey);

Write Preview
Loading…
Cancel
Save