@@ -161,12 +161,7 @@ export default function GitLabAuthenticationTab() { | |||
} | |||
const type = changes.provisioningType ?? configuration.provisioningType; | |||
if (type === ProvisioningType.auto) { | |||
const hasConfigGroups = | |||
configuration.provisioningGroups && configuration.provisioningGroups.length > 0; | |||
const hasToken = hasConfigGroups | |||
? changes.provisioningToken !== '' | |||
: !!changes.provisioningToken; | |||
return hasToken; | |||
return configuration.isProvisioningTokenSet || !!changes.provisioningToken; | |||
} | |||
return true; | |||
}; | |||
@@ -371,7 +366,7 @@ export default function GitLabAuthenticationTab() { | |||
provisioningToken: value as string, | |||
}) | |||
} | |||
isNotSet={configuration.provisioningType !== ProvisioningType.auto} | |||
isNotSet={!configuration.isProvisioningTokenSet} | |||
/> | |||
</> | |||
)} |
@@ -104,16 +104,14 @@ export default function GitLabConfigurationForm(props: Readonly<Props>) { | |||
type: SettingType.BOOLEAN, | |||
}, | |||
}, | |||
provisioningGroups: { | |||
value: data?.provisioningGroups ?? [], | |||
allowedGroups: { | |||
value: data?.allowedGroups ?? [], | |||
required: true, | |||
definition: { | |||
name: translate('settings.authentication.gitlab.form.provisioningGroups.name'), | |||
name: translate('settings.authentication.gitlab.form.allowedGroups.name'), | |||
secured: false, | |||
key: 'provisioningGroups', | |||
description: translate( | |||
'settings.authentication.gitlab.form.provisioningGroups.description', | |||
), | |||
key: 'allowedGroups', | |||
description: translate('settings.authentication.gitlab.form.allowedGroups.description'), | |||
multiValues: true, | |||
}, | |||
}, |
@@ -103,11 +103,11 @@ const ui = { | |||
name: 'settings.almintegration.form.secret.update_field', | |||
}), | |||
groups: byRole('textbox', { | |||
name: 'property.provisioningGroups.name', | |||
name: 'property.allowedGroups.name', | |||
}), | |||
deleteGroupButton: byRole('button', { name: /delete_value/ }), | |||
removeProvisioniongGroup: byRole('button', { | |||
name: /settings.definition.delete_value.property.provisioningGroups.name./, | |||
name: /settings.definition.delete_value.property.allowedGroups.name./, | |||
}), | |||
saveProvisioning: glContainer.byRole('button', { name: 'save' }), | |||
cancelProvisioningChanges: glContainer.byRole('button', { name: 'cancel' }), | |||
@@ -214,13 +214,50 @@ it('should edit a configuration with proper validation and delete it', async () | |||
expect(ui.editConfigButton.query()).not.toBeInTheDocument(); | |||
}); | |||
it('should change from just-in-time to Auto Provisioning if auto was never set', async () => { | |||
const user = userEvent.setup(); | |||
renderAuthentication([Feature.GitlabProvisioning]); | |||
expect(await ui.editConfigButton.find()).toBeInTheDocument(); | |||
expect(ui.jitProvisioningRadioButton.get()).toBeChecked(); | |||
user.click(ui.autoProvisioningRadioButton.get()); | |||
expect(await ui.autoProvisioningRadioButton.find()).toBeEnabled(); | |||
expect(ui.saveProvisioning.get()).toBeDisabled(); | |||
await user.type(ui.autoProvisioningToken.get(), 'JRR Tolkien'); | |||
expect(await ui.saveProvisioning.find()).toBeEnabled(); | |||
}); | |||
it('should change from just-in-time to Auto Provisioning if auto was set before', async () => { | |||
handler.setGitlabConfigurations([ | |||
mockGitlabConfiguration({ | |||
allowUsersToSignUp: false, | |||
enabled: true, | |||
provisioningType: ProvisioningType.jit, | |||
allowedGroups: ['D12'], | |||
isProvisioningTokenSet: true, | |||
}), | |||
]); | |||
const user = userEvent.setup(); | |||
renderAuthentication([Feature.GitlabProvisioning]); | |||
expect(await ui.editConfigButton.find()).toBeInTheDocument(); | |||
expect(ui.jitProvisioningRadioButton.get()).toBeChecked(); | |||
user.click(ui.autoProvisioningRadioButton.get()); | |||
expect(await ui.autoProvisioningRadioButton.find()).toBeEnabled(); | |||
expect(ui.saveProvisioning.get()).toBeEnabled(); | |||
}); | |||
it('should change from auto provisioning to JIT with proper validation', async () => { | |||
handler.setGitlabConfigurations([ | |||
mockGitlabConfiguration({ | |||
allowUsersToSignUp: false, | |||
enabled: true, | |||
provisioningType: ProvisioningType.auto, | |||
provisioningGroups: ['D12'], | |||
allowedGroups: ['D12'], | |||
isProvisioningTokenSet: true, | |||
}), | |||
]); | |||
const user = userEvent.setup(); | |||
@@ -288,7 +325,8 @@ it('should be able to edit token for Auto provisioning with proper validation', | |||
allowUsersToSignUp: false, | |||
enabled: true, | |||
provisioningType: ProvisioningType.auto, | |||
provisioningGroups: ['Cypress Hill', 'Public Enemy'], | |||
allowedGroups: ['Cypress Hill', 'Public Enemy'], | |||
isProvisioningTokenSet: true, | |||
}), | |||
]); | |||
const user = userEvent.setup(); | |||
@@ -312,7 +350,8 @@ it('should be able to reset Auto Provisioning changes', async () => { | |||
allowUsersToSignUp: false, | |||
enabled: true, | |||
provisioningType: ProvisioningType.auto, | |||
provisioningGroups: ['Cypress Hill', 'Public Enemy'], | |||
allowedGroups: ['Cypress Hill', 'Public Enemy'], | |||
isProvisioningTokenSet: true, | |||
}), | |||
]); | |||
const user = userEvent.setup(); | |||
@@ -337,7 +376,7 @@ describe('Gitlab Provisioning', () => { | |||
mockGitlabConfiguration({ | |||
enabled: true, | |||
provisioningType: ProvisioningType.auto, | |||
provisioningGroups: ['Test'], | |||
allowedGroups: ['Test'], | |||
}), | |||
]); | |||
}); |
@@ -111,7 +111,8 @@ export function mockGitlabConfiguration( | |||
allowUsersToSignUp: false, | |||
synchronizeGroups: true, | |||
provisioningType: ProvisioningType.jit, | |||
provisioningGroups: ['Cypress Hill'], | |||
allowedGroups: ['Cypress Hill'], | |||
isProvisioningTokenSet: false, | |||
...overrides, | |||
}; | |||
} |
@@ -97,7 +97,7 @@ export interface GitLabConfigurationCreateBody { | |||
url: string; | |||
secret: string; | |||
synchronizeGroups: boolean; | |||
provisioningGroups: string[]; | |||
allowedGroups: string[]; | |||
} | |||
export type GitLabConfigurationUpdateBody = { | |||
@@ -108,7 +108,7 @@ export type GitLabConfigurationUpdateBody = { | |||
enabled?: boolean; | |||
provisioningType?: ProvisioningType; | |||
provisioningToken?: string; | |||
provisioningGroups?: string[]; | |||
allowedGroups?: string[]; | |||
allowUsersToSignUp?: boolean; | |||
}; | |||
@@ -119,9 +119,10 @@ export type GitlabConfiguration = { | |||
synchronizeGroups: boolean; | |||
url: string; | |||
provisioningType: ProvisioningType; | |||
provisioningGroups: string[]; | |||
allowedGroups: string[]; | |||
allowUsersToSignUp: boolean; | |||
errorMessage?: string; | |||
isProvisioningTokenSet: boolean; | |||
}; | |||
export enum ProvisioningType { |
@@ -1592,8 +1592,8 @@ settings.authentication.gitlab.form.secret.name=Secret | |||
settings.authentication.gitlab.form.secret.description=Secret provided by GitLab when registering the application. | |||
settings.authentication.gitlab.form.synchronizeGroups.name=Synchronize user groups | |||
settings.authentication.gitlab.form.synchronizeGroups.description=For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube. If enabled, the GitLab OAuth 2 application will need to provide the api scope. | |||
settings.authentication.gitlab.form.provisioningGroups.name=Groups | |||
settings.authentication.gitlab.form.provisioningGroups.description=Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`. | |||
settings.authentication.gitlab.form.allowedGroups.name=Groups | |||
settings.authentication.gitlab.form.allowedGroups.description=Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`. | |||
settings.authentication.gitlab.form.allowUsersToSignUp.name=Allow users to sign up | |||
settings.authentication.gitlab.form.allowUsersToSignUp.description=Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server. | |||
settings.authentication.gitlab.form.provisioningToken.name=Provisioning token |