public static final String GITLAB_AUTH_APPLICATION_ID = "sonar.auth.gitlab.applicationId.secured"; | public static final String GITLAB_AUTH_APPLICATION_ID = "sonar.auth.gitlab.applicationId.secured"; | ||||
public static final String GITLAB_AUTH_SECRET = "sonar.auth.gitlab.secret.secured"; | public static final String GITLAB_AUTH_SECRET = "sonar.auth.gitlab.secret.secured"; | ||||
public static final String GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP = "sonar.auth.gitlab.allowUsersToSignUp"; | public static final String GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP = "sonar.auth.gitlab.allowUsersToSignUp"; | ||||
public static final String GITLAB_AUTH_ALLOWED_GROUPS = "sonar.auth.gitlab.allowedGroups"; | |||||
public static final String GITLAB_AUTH_SYNC_USER_GROUPS = "sonar.auth.gitlab.groupsSync"; | public static final String GITLAB_AUTH_SYNC_USER_GROUPS = "sonar.auth.gitlab.groupsSync"; | ||||
public static final String GITLAB_AUTH_PROVISIONING_TOKEN = "provisioning.gitlab.token.secured"; | public static final String GITLAB_AUTH_PROVISIONING_TOKEN = "provisioning.gitlab.token.secured"; | ||||
public static final String GITLAB_AUTH_PROVISIONING_GROUPS = "provisioning.gitlab.groups"; | |||||
public static final String GITLAB_AUTH_PROVISIONING_ENABLED = "provisioning.gitlab.enabled"; | public static final String GITLAB_AUTH_PROVISIONING_ENABLED = "provisioning.gitlab.enabled"; | ||||
private static final String CATEGORY = "authentication"; | private static final String CATEGORY = "authentication"; | ||||
return configuration.getBoolean(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP).orElse(false); | return configuration.getBoolean(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP).orElse(false); | ||||
} | } | ||||
public Set<String> allowedGroups() { | |||||
return Set.of(configuration.getStringArray(GITLAB_AUTH_ALLOWED_GROUPS)); | |||||
} | |||||
public boolean syncUserGroups() { | public boolean syncUserGroups() { | ||||
return configuration.getBoolean(GITLAB_AUTH_SYNC_USER_GROUPS).orElse(false); | return configuration.getBoolean(GITLAB_AUTH_SYNC_USER_GROUPS).orElse(false); | ||||
} | } | ||||
return configuration.get(GITLAB_AUTH_PROVISIONING_TOKEN).map(Strings::emptyToNull).orElse(null); | return configuration.get(GITLAB_AUTH_PROVISIONING_TOKEN).map(Strings::emptyToNull).orElse(null); | ||||
} | } | ||||
public Set<String> provisioningGroups() { | |||||
return Set.of(configuration.getStringArray(GITLAB_AUTH_PROVISIONING_GROUPS)); | |||||
} | |||||
@Override | @Override | ||||
public String getDevOpsPlatform() { | public String getDevOpsPlatform() { | ||||
return ALM.GITLAB.getId(); | return ALM.GITLAB.getId(); | ||||
.defaultValue(valueOf(true)) | .defaultValue(valueOf(true)) | ||||
.index(5) | .index(5) | ||||
.build(), | .build(), | ||||
PropertyDefinition.builder(GITLAB_AUTH_ALLOWED_GROUPS) | |||||
.name("Groups allowed") | |||||
.description("Only members of these groups (and sub-groups) will be allowed to authenticate. " + | |||||
"Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`. " + | |||||
"If you use Auto-provisioning, only members of these groups (and sub-groups) will be provisioned") | |||||
.multiValues(true) | |||||
.category(CATEGORY) | |||||
.subCategory(SUBCATEGORY) | |||||
.index(6) | |||||
.build(), | |||||
PropertyDefinition.builder(GITLAB_AUTH_SYNC_USER_GROUPS) | PropertyDefinition.builder(GITLAB_AUTH_SYNC_USER_GROUPS) | ||||
.deprecatedKey("sonar.auth.gitlab.sync_user_groups") | .deprecatedKey("sonar.auth.gitlab.sync_user_groups") | ||||
.name("Synchronize user groups") | .name("Synchronize user groups") | ||||
.subCategory(SUBCATEGORY) | .subCategory(SUBCATEGORY) | ||||
.type(PropertyType.BOOLEAN) | .type(PropertyType.BOOLEAN) | ||||
.defaultValue(valueOf(false)) | .defaultValue(valueOf(false)) | ||||
.index(6) | |||||
.index(7) | |||||
.build(), | .build(), | ||||
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN) | PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN) | ||||
.name("Provisioning token") | .name("Provisioning token") | ||||
.category(CATEGORY) | .category(CATEGORY) | ||||
.subCategory(SUBCATEGORY) | .subCategory(SUBCATEGORY) | ||||
.type(PASSWORD) | .type(PASSWORD) | ||||
.index(7) | |||||
.build(), | |||||
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_GROUPS) | |||||
.name("Groups") | |||||
.description("Only members of these groups (and sub-groups) will be provisioned." + | |||||
" Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`.") | |||||
.multiValues(true) | |||||
.category(CATEGORY) | |||||
.subCategory(SUBCATEGORY) | |||||
.index(8) | .index(8) | ||||
.build(), | .build(), | ||||
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_ENABLED) | PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_ENABLED) |
import org.sonar.api.utils.System2; | import org.sonar.api.utils.System2; | ||||
import static org.assertj.core.api.Assertions.assertThat; | import static org.assertj.core.api.Assertions.assertThat; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOWED_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | ||||
settings.setProperty(GITLAB_AUTH_PROVISIONING_TOKEN, "token"); | settings.setProperty(GITLAB_AUTH_PROVISIONING_TOKEN, "token"); | ||||
assertThat(config.provisioningToken()).isEqualTo("token"); | assertThat(config.provisioningToken()).isEqualTo("token"); | ||||
settings.setProperty(GITLAB_AUTH_PROVISIONING_GROUPS, new String[] {"Group1", "Group2"}); | |||||
assertThat(config.provisioningGroups()).containsExactlyInAnyOrder("Group1", "Group2"); | |||||
settings.setProperty(GITLAB_AUTH_ALLOWED_GROUPS, new String[] {"Group1", "Group2"}); | |||||
assertThat(config.allowedGroups()).containsExactlyInAnyOrder("Group1", "Group2"); | |||||
assertThat(config.isProvisioningEnabled()).isFalse(); | assertThat(config.isProvisioningEnabled()).isFalse(); | ||||
settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true); | settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true); |
import static org.mockito.Mockito.when; | import static org.mockito.Mockito.when; | ||||
import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.AUTH_ONLY; | import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.AUTH_ONLY; | ||||
import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.COMPLETE; | import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.COMPLETE; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOWED_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | ||||
@Test | @Test | ||||
public void getConfiguration_whenConfigurationSetAndEmpty_returnsConfig() { | public void getConfiguration_whenConfigurationSetAndEmpty_returnsConfig() { | ||||
dbTester.properties().insertProperty(GITLAB_AUTH_ENABLED, "true", null); | dbTester.properties().insertProperty(GITLAB_AUTH_ENABLED, "true", null); | ||||
dbTester.properties().insertProperty(GITLAB_AUTH_PROVISIONING_GROUPS, "", null); | |||||
dbTester.properties().insertProperty(GITLAB_AUTH_ALLOWED_GROUPS, "", null); | |||||
GitlabConfiguration configuration = gitlabConfigurationService.getConfiguration("gitlab-configuration"); | GitlabConfiguration configuration = gitlabConfigurationService.getConfiguration("gitlab-configuration"); | ||||
assertThat(configuration.url()).isEmpty(); | assertThat(configuration.url()).isEmpty(); | ||||
assertThat(configuration.secret()).isEmpty(); | assertThat(configuration.secret()).isEmpty(); | ||||
assertThat(configuration.synchronizeGroups()).isFalse(); | assertThat(configuration.synchronizeGroups()).isFalse(); | ||||
assertThat(configuration.allowedGroups()).isEmpty(); | |||||
assertThat(configuration.provisioningType()).isEqualTo(JIT); | assertThat(configuration.provisioningType()).isEqualTo(JIT); | ||||
assertThat(configuration.allowUsersToSignUp()).isFalse(); | assertThat(configuration.allowUsersToSignUp()).isFalse(); | ||||
assertThat(configuration.provisioningToken()).isNull(); | assertThat(configuration.provisioningToken()).isNull(); | ||||
assertThat(configuration.provisioningGroups()).isEmpty(); | |||||
} | } | ||||
@Test | @Test | ||||
.url(withValueOrThrow("url")) | .url(withValueOrThrow("url")) | ||||
.secret(withValueOrThrow("secret")) | .secret(withValueOrThrow("secret")) | ||||
.synchronizeGroups(withValueOrThrow(true)) | .synchronizeGroups(withValueOrThrow(true)) | ||||
.allowedGroups(withValueOrThrow(new LinkedHashSet<>(List.of("group1", "group2", "group3")))) | |||||
.provisioningType(withValueOrThrow(AUTO_PROVISIONING)) | .provisioningType(withValueOrThrow(AUTO_PROVISIONING)) | ||||
.allowUserToSignUp(withValueOrThrow(true)) | .allowUserToSignUp(withValueOrThrow(true)) | ||||
.provisioningToken(withValueOrThrow("provisioningToken")) | .provisioningToken(withValueOrThrow("provisioningToken")) | ||||
.provisioningGroups(withValueOrThrow(new LinkedHashSet<>(List.of("group1", "group2", "group3")))) | |||||
.build(); | .build(); | ||||
GitlabConfiguration gitlabConfiguration = gitlabConfigurationService.updateConfiguration(updateRequest); | GitlabConfiguration gitlabConfiguration = gitlabConfigurationService.updateConfiguration(updateRequest); | ||||
verifySettingWasSet(GITLAB_AUTH_URL, "url"); | verifySettingWasSet(GITLAB_AUTH_URL, "url"); | ||||
verifySettingWasSet(GITLAB_AUTH_SECRET, "secret"); | verifySettingWasSet(GITLAB_AUTH_SECRET, "secret"); | ||||
verifySettingWasSet(GITLAB_AUTH_SYNC_USER_GROUPS, "true"); | verifySettingWasSet(GITLAB_AUTH_SYNC_USER_GROUPS, "true"); | ||||
verifySettingWasSet(GITLAB_AUTH_ALLOWED_GROUPS, "group1,group2,group3"); | |||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_ENABLED, "true"); | verifySettingWasSet(GITLAB_AUTH_PROVISIONING_ENABLED, "true"); | ||||
verifySettingWasSet(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, "true"); | verifySettingWasSet(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, "true"); | ||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_TOKEN, "provisioningToken"); | verifySettingWasSet(GITLAB_AUTH_PROVISIONING_TOKEN, "provisioningToken"); | ||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_GROUPS, "group1,group2,group3"); | |||||
verify(managedInstanceService).queueSynchronisationTask(); | verify(managedInstanceService).queueSynchronisationTask(); | ||||
assertConfigurationFields(gitlabConfiguration); | assertConfigurationFields(gitlabConfiguration); | ||||
assertThat(configuration.url()).isEqualTo("url"); | assertThat(configuration.url()).isEqualTo("url"); | ||||
assertThat(configuration.secret()).isEqualTo("secret"); | assertThat(configuration.secret()).isEqualTo("secret"); | ||||
assertThat(configuration.synchronizeGroups()).isTrue(); | assertThat(configuration.synchronizeGroups()).isTrue(); | ||||
assertThat(configuration.allowedGroups()).containsExactlyInAnyOrder("group1", "group2", "group3"); | |||||
assertThat(configuration.provisioningType()).isEqualTo(AUTO_PROVISIONING); | assertThat(configuration.provisioningType()).isEqualTo(AUTO_PROVISIONING); | ||||
assertThat(configuration.allowUsersToSignUp()).isTrue(); | assertThat(configuration.allowUsersToSignUp()).isTrue(); | ||||
assertThat(configuration.provisioningToken()).isEqualTo("provisioningToken"); | assertThat(configuration.provisioningToken()).isEqualTo("provisioningToken"); | ||||
assertThat(configuration.provisioningGroups()).containsExactlyInAnyOrder("group1", "group2", "group3"); | |||||
} | } | ||||
@Test | @Test | ||||
"url", | "url", | ||||
"secret", | "secret", | ||||
true, | true, | ||||
AUTO_PROVISIONING, | |||||
Set.of("group1", "group2", "group3"), | |||||
true, | true, | ||||
null, | |||||
Set.of("group1", "group2", "group3")); | |||||
AUTO_PROVISIONING, | |||||
null | |||||
); | |||||
assertThatThrownBy(() -> gitlabConfigurationService.createConfiguration(configuration)) | assertThatThrownBy(() -> gitlabConfigurationService.createConfiguration(configuration)) | ||||
.isInstanceOf(IllegalStateException.class) | .isInstanceOf(IllegalStateException.class) | ||||
"url", | "url", | ||||
"secret", | "secret", | ||||
true, | true, | ||||
JIT, | |||||
Set.of("group1", "group2", "group3"), | |||||
true, | true, | ||||
null, | |||||
Set.of("group1", "group2", "group3")); | |||||
JIT, | |||||
null | |||||
); | |||||
GitlabConfiguration createdConfiguration = gitlabConfigurationService.createConfiguration(configuration); | GitlabConfiguration createdConfiguration = gitlabConfigurationService.createConfiguration(configuration); | ||||
verifySettingWasSet(GITLAB_AUTH_URL, configuration.url()); | verifySettingWasSet(GITLAB_AUTH_URL, configuration.url()); | ||||
verifySettingWasSet(GITLAB_AUTH_SECRET, configuration.secret()); | verifySettingWasSet(GITLAB_AUTH_SECRET, configuration.secret()); | ||||
verifySettingWasSet(GITLAB_AUTH_SYNC_USER_GROUPS, String.valueOf(configuration.synchronizeGroups())); | verifySettingWasSet(GITLAB_AUTH_SYNC_USER_GROUPS, String.valueOf(configuration.synchronizeGroups())); | ||||
verifySettingWasSet(GITLAB_AUTH_ALLOWED_GROUPS, String.join(",", configuration.allowedGroups())); | |||||
verifySettingWasSet(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, String.valueOf(configuration.allowUsersToSignUp())); | verifySettingWasSet(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, String.valueOf(configuration.allowUsersToSignUp())); | ||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_TOKEN, Strings.nullToEmpty(configuration.provisioningToken())); | verifySettingWasSet(GITLAB_AUTH_PROVISIONING_TOKEN, Strings.nullToEmpty(configuration.provisioningToken())); | ||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_GROUPS, String.join(",", configuration.provisioningGroups())); | |||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_ENABLED, | |||||
String.valueOf(configuration.provisioningType().equals(AUTO_PROVISIONING))); | |||||
verifySettingWasSet(GITLAB_AUTH_PROVISIONING_ENABLED, String.valueOf(configuration.provisioningType().equals(AUTO_PROVISIONING))); | |||||
} | } | ||||
private void verifySettingWasSet(String setting, @Nullable String value) { | private void verifySettingWasSet(String setting, @Nullable String value) { | ||||
assertPropertyIsDeleted(GITLAB_AUTH_URL); | assertPropertyIsDeleted(GITLAB_AUTH_URL); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_SECRET); | assertPropertyIsDeleted(GITLAB_AUTH_SECRET); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_SYNC_USER_GROUPS); | assertPropertyIsDeleted(GITLAB_AUTH_SYNC_USER_GROUPS); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_ALLOWED_GROUPS); | |||||
assertPropertyIsDeleted(GITLAB_AUTH_PROVISIONING_ENABLED); | assertPropertyIsDeleted(GITLAB_AUTH_PROVISIONING_ENABLED); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP); | assertPropertyIsDeleted(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_PROVISIONING_TOKEN); | assertPropertyIsDeleted(GITLAB_AUTH_PROVISIONING_TOKEN); | ||||
assertPropertyIsDeleted(GITLAB_AUTH_PROVISIONING_GROUPS); | |||||
assertThat(dbTester.getDbClient().externalGroupDao().selectByIdentityProvider(dbTester.getSession(), GitLabIdentityProvider.KEY)).isEmpty(); | assertThat(dbTester.getDbClient().externalGroupDao().selectByIdentityProvider(dbTester.getSession(), GitLabIdentityProvider.KEY)).isEmpty(); | ||||
} | } | ||||
when(gitlabConfiguration.url()).thenReturn("url"); | when(gitlabConfiguration.url()).thenReturn("url"); | ||||
when(gitlabConfiguration.secret()).thenReturn("secret"); | when(gitlabConfiguration.secret()).thenReturn("secret"); | ||||
when(gitlabConfiguration.synchronizeGroups()).thenReturn(true); | when(gitlabConfiguration.synchronizeGroups()).thenReturn(true); | ||||
when(gitlabConfiguration.allowedGroups()).thenReturn(new LinkedHashSet<>(Set.of("group1", "group2", "group3"))); | |||||
when(gitlabConfiguration.provisioningType()).thenReturn(provisioningType); | when(gitlabConfiguration.provisioningType()).thenReturn(provisioningType); | ||||
when(gitlabConfiguration.allowUsersToSignUp()).thenReturn(true); | when(gitlabConfiguration.allowUsersToSignUp()).thenReturn(true); | ||||
when(gitlabConfiguration.provisioningToken()).thenReturn("provisioningToken"); | when(gitlabConfiguration.provisioningToken()).thenReturn("provisioningToken"); | ||||
when(gitlabConfiguration.provisioningGroups()).thenReturn(new LinkedHashSet<>(Set.of("group1", "group2", "group3"))); | |||||
return gitlabConfiguration; | return gitlabConfiguration; | ||||
} | } | ||||
assertThat(actualConfiguration.url()).isEqualTo(expectedConfiguration.url()); | assertThat(actualConfiguration.url()).isEqualTo(expectedConfiguration.url()); | ||||
assertThat(actualConfiguration.secret()).isEqualTo(expectedConfiguration.secret()); | assertThat(actualConfiguration.secret()).isEqualTo(expectedConfiguration.secret()); | ||||
assertThat(actualConfiguration.synchronizeGroups()).isEqualTo(expectedConfiguration.synchronizeGroups()); | assertThat(actualConfiguration.synchronizeGroups()).isEqualTo(expectedConfiguration.synchronizeGroups()); | ||||
assertThat(actualConfiguration.allowedGroups()).containsExactlyInAnyOrderElementsOf(expectedConfiguration.allowedGroups()); | |||||
assertThat(actualConfiguration.provisioningType()).isEqualTo(expectedConfiguration.provisioningType()); | assertThat(actualConfiguration.provisioningType()).isEqualTo(expectedConfiguration.provisioningType()); | ||||
assertThat(actualConfiguration.allowUsersToSignUp()).isEqualTo(expectedConfiguration.allowUsersToSignUp()); | assertThat(actualConfiguration.allowUsersToSignUp()).isEqualTo(expectedConfiguration.allowUsersToSignUp()); | ||||
assertThat(actualConfiguration.provisioningToken()).isEqualTo(expectedConfiguration.provisioningToken()); | assertThat(actualConfiguration.provisioningToken()).isEqualTo(expectedConfiguration.provisioningToken()); | ||||
assertThat(actualConfiguration.provisioningGroups()).containsExactlyInAnyOrderElementsOf(expectedConfiguration.provisioningGroups()); | |||||
} | } | ||||
} | } |
boolean synchronizeGroups, | boolean synchronizeGroups, | ||||
ProvisioningType provisioningType, | |||||
Set<String> allowedGroups, | |||||
boolean allowUsersToSignUp, | boolean allowUsersToSignUp, | ||||
ProvisioningType provisioningType, | |||||
@Nullable | @Nullable | ||||
String provisioningToken, | |||||
String provisioningToken | |||||
Set<String> provisioningGroups | |||||
) { | ) { | ||||
} | } |
import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.AUTH_ONLY; | import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.AUTH_ONLY; | ||||
import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.COMPLETE; | import static org.sonar.alm.client.gitlab.GitlabGlobalSettingsValidator.ValidationMode.COMPLETE; | ||||
import static org.sonar.api.utils.Preconditions.checkState; | import static org.sonar.api.utils.Preconditions.checkState; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOWED_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS; | |||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; | ||||
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; | ||||
GITLAB_AUTH_URL, | GITLAB_AUTH_URL, | ||||
GITLAB_AUTH_SECRET, | GITLAB_AUTH_SECRET, | ||||
GITLAB_AUTH_SYNC_USER_GROUPS, | GITLAB_AUTH_SYNC_USER_GROUPS, | ||||
GITLAB_AUTH_ALLOWED_GROUPS, | |||||
GITLAB_AUTH_PROVISIONING_ENABLED, | GITLAB_AUTH_PROVISIONING_ENABLED, | ||||
GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, | GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, | ||||
GITLAB_AUTH_PROVISIONING_TOKEN, | |||||
GITLAB_AUTH_PROVISIONING_GROUPS); | |||||
GITLAB_AUTH_PROVISIONING_TOKEN); | |||||
public static final String UNIQUE_GITLAB_CONFIGURATION_ID = "gitlab-configuration"; | public static final String UNIQUE_GITLAB_CONFIGURATION_ID = "gitlab-configuration"; | ||||
private final DbClient dbClient; | private final DbClient dbClient; | ||||
setIfDefined(dbSession, GITLAB_AUTH_URL, updateRequest.url()); | setIfDefined(dbSession, GITLAB_AUTH_URL, updateRequest.url()); | ||||
setIfDefined(dbSession, GITLAB_AUTH_SECRET, updateRequest.secret()); | setIfDefined(dbSession, GITLAB_AUTH_SECRET, updateRequest.secret()); | ||||
setIfDefined(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS, updateRequest.synchronizeGroups().map(String::valueOf)); | setIfDefined(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS, updateRequest.synchronizeGroups().map(String::valueOf)); | ||||
setIfDefined(dbSession, GITLAB_AUTH_ALLOWED_GROUPS, updateRequest.allowedGroups().map(groups -> String.join(",", groups))); | |||||
setIfDefined(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED, provisioningEnabled.map(String::valueOf)); | setIfDefined(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED, provisioningEnabled.map(String::valueOf)); | ||||
setIfDefined(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, updateRequest.allowUsersToSignUp().map(String::valueOf)); | setIfDefined(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, updateRequest.allowUsersToSignUp().map(String::valueOf)); | ||||
setIfDefined(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN, updateRequest.provisioningToken()); | setIfDefined(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN, updateRequest.provisioningToken()); | ||||
setIfDefined(dbSession, GITLAB_AUTH_PROVISIONING_GROUPS, updateRequest.provisioningGroups().map(groups -> String.join(",", groups))); | |||||
boolean shouldTriggerProvisioning = | boolean shouldTriggerProvisioning = | ||||
provisioningEnabled.orElse(false) && !currentConfiguration.provisioningType().equals(AUTO_PROVISIONING); | provisioningEnabled.orElse(false) && !currentConfiguration.provisioningType().equals(AUTO_PROVISIONING); | ||||
deleteExternalGroupsWhenDisablingAutoProvisioning(dbSession, currentConfiguration, updateRequest.provisioningType()); | deleteExternalGroupsWhenDisablingAutoProvisioning(dbSession, currentConfiguration, updateRequest.provisioningType()); | ||||
setProperty(dbSession, GITLAB_AUTH_URL, configuration.url()); | setProperty(dbSession, GITLAB_AUTH_URL, configuration.url()); | ||||
setProperty(dbSession, GITLAB_AUTH_SECRET, configuration.secret()); | setProperty(dbSession, GITLAB_AUTH_SECRET, configuration.secret()); | ||||
setProperty(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS, String.valueOf(configuration.synchronizeGroups())); | setProperty(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS, String.valueOf(configuration.synchronizeGroups())); | ||||
setProperty(dbSession, GITLAB_AUTH_ALLOWED_GROUPS, String.join(",", configuration.allowedGroups())); | |||||
setProperty(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED, String.valueOf(enableAutoProvisioning)); | setProperty(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED, String.valueOf(enableAutoProvisioning)); | ||||
setProperty(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, String.valueOf(configuration.allowUsersToSignUp())); | setProperty(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP, String.valueOf(configuration.allowUsersToSignUp())); | ||||
setProperty(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN, configuration.provisioningToken()); | setProperty(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN, configuration.provisioningToken()); | ||||
setProperty(dbSession, GITLAB_AUTH_PROVISIONING_GROUPS, String.join(",", configuration.provisioningGroups())); | |||||
if (enableAutoProvisioning) { | if (enableAutoProvisioning) { | ||||
triggerRun(configuration); | triggerRun(configuration); | ||||
} | } | ||||
getStringPropertyOrEmpty(dbSession, GITLAB_AUTH_URL), | getStringPropertyOrEmpty(dbSession, GITLAB_AUTH_URL), | ||||
getStringPropertyOrEmpty(dbSession, GITLAB_AUTH_SECRET), | getStringPropertyOrEmpty(dbSession, GITLAB_AUTH_SECRET), | ||||
getBooleanOrFalse(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS), | getBooleanOrFalse(dbSession, GITLAB_AUTH_SYNC_USER_GROUPS), | ||||
toProvisioningType(getBooleanOrFalse(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED)), | |||||
getAllowedGroups(dbSession), | |||||
getBooleanOrFalse(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP), | getBooleanOrFalse(dbSession, GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP), | ||||
getStringPropertyOrNull(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN), | |||||
getProvisioningGroups(dbSession) | |||||
toProvisioningType(getBooleanOrFalse(dbSession, GITLAB_AUTH_PROVISIONING_ENABLED)), | |||||
getStringPropertyOrNull(dbSession, GITLAB_AUTH_PROVISIONING_TOKEN) | |||||
); | ); | ||||
} | } | ||||
private Set<String> getProvisioningGroups(DbSession dbSession) { | |||||
return Optional.ofNullable(dbClient.propertiesDao().selectGlobalProperty(dbSession, GITLAB_AUTH_PROVISIONING_GROUPS)) | |||||
private Set<String> getAllowedGroups(DbSession dbSession) { | |||||
return Optional.ofNullable(dbClient.propertiesDao().selectGlobalProperty(dbSession, GITLAB_AUTH_ALLOWED_GROUPS)) | |||||
.map(dto -> Arrays.stream(dto.getValue().split(",")) | .map(dto -> Arrays.stream(dto.getValue().split(",")) | ||||
.filter(s -> !s.isEmpty()) | .filter(s -> !s.isEmpty()) | ||||
.collect(Collectors.toSet()) | .collect(Collectors.toSet()) |
NonNullUpdatedValue<String> url, | NonNullUpdatedValue<String> url, | ||||
NonNullUpdatedValue<String> secret, | NonNullUpdatedValue<String> secret, | ||||
NonNullUpdatedValue<Boolean> synchronizeGroups, | NonNullUpdatedValue<Boolean> synchronizeGroups, | ||||
NonNullUpdatedValue<ProvisioningType> provisioningType, | |||||
NonNullUpdatedValue<Set<String>> allowedGroups, | |||||
NonNullUpdatedValue<Boolean> allowUsersToSignUp, | NonNullUpdatedValue<Boolean> allowUsersToSignUp, | ||||
UpdatedValue<String> provisioningToken, | UpdatedValue<String> provisioningToken, | ||||
NonNullUpdatedValue<Set<String>> provisioningGroups | |||||
NonNullUpdatedValue<ProvisioningType> provisioningType | |||||
) { | ) { | ||||
public static Builder builder() { | public static Builder builder() { | ||||
private NonNullUpdatedValue<String> url = NonNullUpdatedValue.undefined(); | private NonNullUpdatedValue<String> url = NonNullUpdatedValue.undefined(); | ||||
private NonNullUpdatedValue<String> secret = NonNullUpdatedValue.undefined(); | private NonNullUpdatedValue<String> secret = NonNullUpdatedValue.undefined(); | ||||
private NonNullUpdatedValue<Boolean> synchronizeGroups = NonNullUpdatedValue.undefined(); | private NonNullUpdatedValue<Boolean> synchronizeGroups = NonNullUpdatedValue.undefined(); | ||||
private NonNullUpdatedValue<Set<String>> allowedGroups = NonNullUpdatedValue.undefined(); | |||||
private NonNullUpdatedValue<ProvisioningType> provisioningType = NonNullUpdatedValue.undefined(); | private NonNullUpdatedValue<ProvisioningType> provisioningType = NonNullUpdatedValue.undefined(); | ||||
private NonNullUpdatedValue<Boolean> allowUserToSignUp = NonNullUpdatedValue.undefined(); | private NonNullUpdatedValue<Boolean> allowUserToSignUp = NonNullUpdatedValue.undefined(); | ||||
private UpdatedValue<String> provisioningToken = UpdatedValue.undefined(); | private UpdatedValue<String> provisioningToken = UpdatedValue.undefined(); | ||||
private NonNullUpdatedValue<Set<String>> provisioningGroups = NonNullUpdatedValue.undefined(); | |||||
private Builder() { | private Builder() { | ||||
} | } | ||||
return this; | return this; | ||||
} | } | ||||
public Builder allowedGroups(NonNullUpdatedValue<Set<String>> allowedGroups) { | |||||
this.allowedGroups = allowedGroups; | |||||
return this; | |||||
} | |||||
public Builder provisioningType(NonNullUpdatedValue<ProvisioningType> provisioningType) { | public Builder provisioningType(NonNullUpdatedValue<ProvisioningType> provisioningType) { | ||||
this.provisioningType = provisioningType; | this.provisioningType = provisioningType; | ||||
return this; | return this; | ||||
return this; | return this; | ||||
} | } | ||||
public Builder provisioningGroups(NonNullUpdatedValue<Set<String>> provisioningGroups) { | |||||
this.provisioningGroups = provisioningGroups; | |||||
return this; | |||||
} | |||||
public UpdateGitlabConfigurationRequest build() { | public UpdateGitlabConfigurationRequest build() { | ||||
return new UpdateGitlabConfigurationRequest(gitlabConfigurationId, enabled, applicationId, url, secret, synchronizeGroups, provisioningType, allowUserToSignUp, | |||||
provisioningToken, provisioningGroups); | |||||
return new UpdateGitlabConfigurationRequest(gitlabConfigurationId, enabled, applicationId, url, secret, synchronizeGroups, allowedGroups, allowUserToSignUp, | |||||
provisioningToken, provisioningType | |||||
); | |||||
} | } | ||||
} | } | ||||
} | } |
createRestRequest.url(), | createRestRequest.url(), | ||||
createRestRequest.secret(), | createRestRequest.secret(), | ||||
createRestRequest.synchronizeGroups(), | createRestRequest.synchronizeGroups(), | ||||
toProvisioningType(createRestRequest.provisioningType()), | |||||
Set.copyOf(createRestRequest.allowedGroups()), | |||||
createRestRequest.allowUsersToSignUp() != null && createRestRequest.allowUsersToSignUp(), | createRestRequest.allowUsersToSignUp() != null && createRestRequest.allowUsersToSignUp(), | ||||
createRestRequest.provisioningToken(), | |||||
createRestRequest.provisioningGroups() == null ? Set.of() : Set.copyOf(createRestRequest.provisioningGroups())); | |||||
toProvisioningType(createRestRequest.provisioningType()), | |||||
createRestRequest.provisioningToken() | |||||
); | |||||
} | } | ||||
private GitlabConfigurationResource getGitlabConfigurationResource(String id) { | private GitlabConfigurationResource getGitlabConfigurationResource(String id) { | ||||
.url(updateRequest.getUrl().toNonNullUpdatedValue()) | .url(updateRequest.getUrl().toNonNullUpdatedValue()) | ||||
.secret(updateRequest.getSecret().toNonNullUpdatedValue()) | .secret(updateRequest.getSecret().toNonNullUpdatedValue()) | ||||
.synchronizeGroups(updateRequest.getSynchronizeGroups().toNonNullUpdatedValue()) | .synchronizeGroups(updateRequest.getSynchronizeGroups().toNonNullUpdatedValue()) | ||||
.allowedGroups(updateRequest.getAllowedGroups().map(DefaultGitlabConfigurationController::getGroups).toNonNullUpdatedValue()) | |||||
.provisioningType(updateRequest.getProvisioningType().map(DefaultGitlabConfigurationController::toProvisioningType).toNonNullUpdatedValue()) | .provisioningType(updateRequest.getProvisioningType().map(DefaultGitlabConfigurationController::toProvisioningType).toNonNullUpdatedValue()) | ||||
.allowUserToSignUp(updateRequest.getAllowUsersToSignUp().toNonNullUpdatedValue()) | .allowUserToSignUp(updateRequest.getAllowUsersToSignUp().toNonNullUpdatedValue()) | ||||
.provisioningToken(updateRequest.getProvisioningToken().toUpdatedValue()) | .provisioningToken(updateRequest.getProvisioningToken().toUpdatedValue()) | ||||
.provisioningGroups(updateRequest.getProvisioningGroups().map(DefaultGitlabConfigurationController::getGroups).toNonNullUpdatedValue()) | |||||
.build(); | .build(); | ||||
} | } | ||||
configuration.applicationId(), | configuration.applicationId(), | ||||
configuration.url(), | configuration.url(), | ||||
configuration.synchronizeGroups(), | configuration.synchronizeGroups(), | ||||
toRestProvisioningType(configuration), | |||||
sortGroups(configuration.allowedGroups()), | |||||
configuration.allowUsersToSignUp(), | configuration.allowUsersToSignUp(), | ||||
sortGroups(configuration.provisioningGroups()), | |||||
toRestProvisioningType(configuration), | |||||
configurationError.orElse(null) | configurationError.orElse(null) | ||||
); | ); | ||||
} | } |
@NotEmpty | @NotEmpty | ||||
@Schema(description = "Gitlab Application id") | @Schema(description = "Gitlab Application id") | ||||
String applicationId, | String applicationId, | ||||
@NotEmpty | @NotEmpty | ||||
@Schema(description = "Url of Gitlab instance for authentication (for instance https://gitlab.com)") | @Schema(description = "Url of Gitlab instance for authentication (for instance https://gitlab.com)") | ||||
String url, | String url, | ||||
@NotEmpty | @NotEmpty | ||||
@Schema(accessMode = Schema.AccessMode.WRITE_ONLY, description = "Secret of the application") | @Schema(accessMode = Schema.AccessMode.WRITE_ONLY, description = "Secret of the application") | ||||
String secret, | String secret, | ||||
@Schema(description = "Set whether to synchronize groups") | @Schema(description = "Set whether to synchronize groups") | ||||
Boolean synchronizeGroups, | Boolean synchronizeGroups, | ||||
@NotEmpty | |||||
@ArraySchema(arraySchema = @Schema(description = "GitLab groups allowed to authenticate and provisioned (for Auto-Provisioning only). Subgroups will automatically be included")) | |||||
List<String> allowedGroups, | |||||
@NotNull | @NotNull | ||||
@Schema(description = "Type of synchronization") | @Schema(description = "Type of synchronization") | ||||
ProvisioningType provisioningType, | ProvisioningType provisioningType, | ||||
@Schema(description = "Allow user to sign up") | @Schema(description = "Allow user to sign up") | ||||
@Nullable | @Nullable | ||||
Boolean allowUsersToSignUp, | |||||
@ArraySchema(arraySchema = @Schema(description = "Root GitLab groups to provision.")) | |||||
@Nullable | |||||
List<String> provisioningGroups | |||||
Boolean allowUsersToSignUp | |||||
) { | ) { | ||||
} | } |
private UpdateField<String> url = UpdateField.undefined(); | private UpdateField<String> url = UpdateField.undefined(); | ||||
private UpdateField<String> secret = UpdateField.undefined(); | private UpdateField<String> secret = UpdateField.undefined(); | ||||
private UpdateField<Boolean> synchronizeGroups = UpdateField.undefined(); | private UpdateField<Boolean> synchronizeGroups = UpdateField.undefined(); | ||||
private UpdateField<List<String>> allowedGroups = UpdateField.undefined(); | |||||
private UpdateField<ProvisioningType> provisioningType = UpdateField.undefined(); | private UpdateField<ProvisioningType> provisioningType = UpdateField.undefined(); | ||||
private UpdateField<Boolean> allowUsersToSignUp = UpdateField.undefined(); | private UpdateField<Boolean> allowUsersToSignUp = UpdateField.undefined(); | ||||
private UpdateField<String> provisioningToken = UpdateField.undefined(); | private UpdateField<String> provisioningToken = UpdateField.undefined(); | ||||
private UpdateField<List<String>> provisioningGroups = UpdateField.undefined(); | |||||
@Schema(implementation = Boolean.class, description = "Enable Gitlab authentication") | @Schema(implementation = Boolean.class, description = "Enable Gitlab authentication") | ||||
public UpdateField<Boolean> getEnabled() { | public UpdateField<Boolean> getEnabled() { | ||||
this.synchronizeGroups = UpdateField.withValue(synchronizeGroups); | this.synchronizeGroups = UpdateField.withValue(synchronizeGroups); | ||||
} | } | ||||
@ArraySchema(arraySchema = @Schema(description = "Root Gitlab groups allowed to authenticate and provisioned"), schema = @Schema(implementation = String.class)) | |||||
public UpdateField<List<String>> getAllowedGroups() { | |||||
return allowedGroups; | |||||
} | |||||
public void setAllowedGroups(List<String> allowedGroups) { | |||||
this.allowedGroups = UpdateField.withValue(allowedGroups); | |||||
} | |||||
@Schema(implementation = ProvisioningType.class, description = "Type of synchronization") | @Schema(implementation = ProvisioningType.class, description = "Type of synchronization") | ||||
public UpdateField<ProvisioningType> getProvisioningType() { | public UpdateField<ProvisioningType> getProvisioningType() { | ||||
return provisioningType; | return provisioningType; | ||||
public void setProvisioningToken(String provisioningToken) { | public void setProvisioningToken(String provisioningToken) { | ||||
this.provisioningToken = UpdateField.withValue(provisioningToken); | this.provisioningToken = UpdateField.withValue(provisioningToken); | ||||
} | } | ||||
@ArraySchema(arraySchema = @Schema(description = "Root gitlab groups to provision."), schema = @Schema(implementation = String.class)) | |||||
public UpdateField<List<String>> getProvisioningGroups() { | |||||
return provisioningGroups; | |||||
} | |||||
public void setProvisioningGroups(List<String> provisioningGroups) { | |||||
this.provisioningGroups = UpdateField.withValue(provisioningGroups); | |||||
} | |||||
} | } |
boolean synchronizeGroups, | boolean synchronizeGroups, | ||||
ProvisioningType provisioningType, | |||||
@Schema(description = "Root Gitlab groups allowed to authenticate and provisioned") | |||||
List<String> allowedGroups, | |||||
boolean allowUsersToSignUp, | boolean allowUsersToSignUp, | ||||
@Schema(description = "Root Gitlab groups to provision") | |||||
List<String> provisioningGroups, | |||||
ProvisioningType provisioningType, | |||||
@Schema(accessMode = Schema.AccessMode.READ_ONLY, description = "In case the GitLab configuration is incorrect, error message") | @Schema(accessMode = Schema.AccessMode.READ_ONLY, description = "In case the GitLab configuration is incorrect, error message") | ||||
@Nullable | @Nullable |
"www.url.com", | "www.url.com", | ||||
"secret", | "secret", | ||||
true, | true, | ||||
AUTO_PROVISIONING, | |||||
Set.of("group1", "group2"), | |||||
true, | true, | ||||
"provisioning-token", | |||||
Set.of("provisioning-group2", "provisioning-group1")); | |||||
AUTO_PROVISIONING, | |||||
"provisioning-token" | |||||
); | |||||
private static final GitlabConfigurationResource EXPECTED_GITLAB_CONF_RESOURCE = new GitlabConfigurationResource( | private static final GitlabConfigurationResource EXPECTED_GITLAB_CONF_RESOURCE = new GitlabConfigurationResource( | ||||
GITLAB_CONFIGURATION.id(), | GITLAB_CONFIGURATION.id(), | ||||
GITLAB_CONFIGURATION.enabled(), | GITLAB_CONFIGURATION.enabled(), | ||||
GITLAB_CONFIGURATION.applicationId(), | GITLAB_CONFIGURATION.applicationId(), | ||||
GITLAB_CONFIGURATION.url(), | GITLAB_CONFIGURATION.url(), | ||||
GITLAB_CONFIGURATION.synchronizeGroups(), | GITLAB_CONFIGURATION.synchronizeGroups(), | ||||
org.sonar.server.v2.api.gitlab.config.resource.ProvisioningType.valueOf(GITLAB_CONFIGURATION.provisioningType().name()), | |||||
List.of("group1", "group2"), | |||||
GITLAB_CONFIGURATION.allowUsersToSignUp(), | GITLAB_CONFIGURATION.allowUsersToSignUp(), | ||||
List.of("provisioning-group1", "provisioning-group2"), | |||||
org.sonar.server.v2.api.gitlab.config.resource.ProvisioningType.valueOf(GITLAB_CONFIGURATION.provisioningType().name()), | |||||
"error-message"); | "error-message"); | ||||
private static final String EXPECTED_CONFIGURATION = """ | private static final String EXPECTED_CONFIGURATION = """ | ||||
{ | { | ||||
"id": "existing-id", | "id": "existing-id", | ||||
"applicationId": "application-id", | "applicationId": "application-id", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | "allowUsersToSignUp": true, | ||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
], | |||||
"errorMessage": "error-message" | "errorMessage": "error-message" | ||||
} | } | ||||
"""; | """; | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"secret": "newSecret", | "secret": "newSecret", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | "allowUsersToSignUp": true, | ||||
"provisioningToken": "token", | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"provisioningToken": "token" | |||||
} | } | ||||
"""; | """; | ||||
NonNullUpdatedValue.withValueOrThrow("www.url.com"), | NonNullUpdatedValue.withValueOrThrow("www.url.com"), | ||||
NonNullUpdatedValue.withValueOrThrow("newSecret"), | NonNullUpdatedValue.withValueOrThrow("newSecret"), | ||||
NonNullUpdatedValue.withValueOrThrow(true), | NonNullUpdatedValue.withValueOrThrow(true), | ||||
NonNullUpdatedValue.withValueOrThrow(AUTO_PROVISIONING), | |||||
NonNullUpdatedValue.withValueOrThrow(Set.of("group1", "group2")), | |||||
NonNullUpdatedValue.withValueOrThrow(true), | NonNullUpdatedValue.withValueOrThrow(true), | ||||
UpdatedValue.withValue("token"), | UpdatedValue.withValue("token"), | ||||
NonNullUpdatedValue.withValueOrThrow(Set.of("provisioning-group2", "provisioning-group1")))); | |||||
NonNullUpdatedValue.withValueOrThrow(AUTO_PROVISIONING) | |||||
)); | |||||
} | } | ||||
@Test | @Test | ||||
NonNullUpdatedValue.undefined(), | NonNullUpdatedValue.undefined(), | ||||
NonNullUpdatedValue.undefined(), | NonNullUpdatedValue.undefined(), | ||||
NonNullUpdatedValue.undefined(), | NonNullUpdatedValue.undefined(), | ||||
NonNullUpdatedValue.withValueOrThrow(JIT), | |||||
NonNullUpdatedValue.withValueOrThrow(false), | |||||
UpdatedValue.withValue(null), | |||||
NonNullUpdatedValue.undefined())); | |||||
NonNullUpdatedValue.undefined(), NonNullUpdatedValue.withValueOrThrow(false), UpdatedValue.withValue(null), NonNullUpdatedValue.withValueOrThrow(JIT) | |||||
)); | |||||
} | } | ||||
@Test | @Test | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"secret": "123", | "secret": "123", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"allowUsersToSignUp": true | |||||
} | } | ||||
""")) | """)) | ||||
.andExpectAll( | .andExpectAll( | ||||
"secret": "123", | "secret": "123", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"allowUsersToSignUp": true | |||||
} | } | ||||
""")) | """)) | ||||
"applicationId": "application-id", | "applicationId": "application-id", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"allowUsersToSignUp": true | |||||
} | } | ||||
""")); | """)); | ||||
"secret": "123", | "secret": "123", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING" | "provisioningType": "AUTO_PROVISIONING" | ||||
} | } | ||||
"applicationId": "application-id", | "applicationId": "application-id", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"allowUsersToSignUp": true | |||||
} | } | ||||
""")); | """)); | ||||
"applicationId": "application-id", | "applicationId": "application-id", | ||||
"url": "www.url.com", | "url": "www.url.com", | ||||
"synchronizeGroups": true, | "synchronizeGroups": true, | ||||
"allowedGroups": [ | |||||
"group1", | |||||
"group2" | |||||
], | |||||
"provisioningType": "AUTO_PROVISIONING", | "provisioningType": "AUTO_PROVISIONING", | ||||
"allowUsersToSignUp": true, | |||||
"provisioningGroups": [ | |||||
"provisioning-group2", | |||||
"provisioning-group1" | |||||
] | |||||
"allowUsersToSignUp": true | |||||
} | } | ||||
""")) | """)) | ||||
.andExpectAll( | .andExpectAll( |
public record GitlabConfiguration(boolean enabled, String applicationId, String url, String secret, boolean synchronizeGroups, | public record GitlabConfiguration(boolean enabled, String applicationId, String url, String secret, boolean synchronizeGroups, | ||||
String provisioningType, boolean allowUsersToSignUp, String provisioningToken, | String provisioningType, boolean allowUsersToSignUp, String provisioningToken, | ||||
String singleProvisioningGroup) { | |||||
String singleAllowedGroup) { | |||||
} | } |
"provisioningType": "%s", | "provisioningType": "%s", | ||||
"allowUsersToSignUp": "%s", | "allowUsersToSignUp": "%s", | ||||
"provisioningToken": "%s", | "provisioningToken": "%s", | ||||
"provisioningGroups": ["%s"] | |||||
"allowedGroups": ["%s"] | |||||
} | } | ||||
""", gitlabConfiguration.enabled(), gitlabConfiguration.applicationId(), gitlabConfiguration.url(), gitlabConfiguration.secret(), | """, gitlabConfiguration.enabled(), gitlabConfiguration.applicationId(), gitlabConfiguration.url(), gitlabConfiguration.secret(), | ||||
gitlabConfiguration.synchronizeGroups(), gitlabConfiguration.provisioningType(), gitlabConfiguration.allowUsersToSignUp(), | gitlabConfiguration.synchronizeGroups(), gitlabConfiguration.provisioningType(), gitlabConfiguration.allowUsersToSignUp(), | ||||
gitlabConfiguration.provisioningToken(), gitlabConfiguration.singleProvisioningGroup()); | |||||
gitlabConfiguration.provisioningToken(), gitlabConfiguration.singleAllowedGroup()); | |||||
WsResponse response = call( | WsResponse response = call( | ||||
new PostRequest(path()).setBody(body) | new PostRequest(path()).setBody(body) | ||||
); | ); |