aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-auth-gitlab
diff options
context:
space:
mode:
authorAntoine Vigneau <antoine.vigneau@sonarsource.com>2023-11-29 16:36:40 +0100
committersonartech <sonartech@sonarsource.com>2023-12-22 20:03:01 +0000
commit3cbfd8163ffdc42f89631382031dd115c0df65b6 (patch)
tree0feaff8db3c929e416d1cafdfb6bee6e162ba562 /server/sonar-auth-gitlab
parent5cd396ce0569610969c9610b99fc40c97703734e (diff)
downloadsonarqube-3cbfd8163ffdc42f89631382031dd115c0df65b6.tar.gz
sonarqube-3cbfd8163ffdc42f89631382031dd115c0df65b6.zip
SONAR-21119 Add GitLab config for provisioning
Diffstat (limited to 'server/sonar-auth-gitlab')
-rw-r--r--server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java42
-rw-r--r--server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabModuleTest.java2
-rw-r--r--server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java48
3 files changed, 90 insertions, 2 deletions
diff --git a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
index a9ecff73e67..70254202886 100644
--- a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
+++ b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
@@ -21,6 +21,7 @@ package org.sonar.auth.gitlab;
import java.util.Arrays;
import java.util.List;
+import java.util.Set;
import org.sonar.api.PropertyType;
import org.sonar.api.config.Configuration;
import org.sonar.api.config.PropertyDefinition;
@@ -37,6 +38,9 @@ public class GitLabSettings {
public static final String GITLAB_AUTH_SECRET = "sonar.auth.gitlab.secret.secured";
public static final String GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP = "sonar.auth.gitlab.allowUsersToSignUp";
public static final String GITLAB_AUTH_SYNC_USER_GROUPS = "sonar.auth.gitlab.groupsSync";
+ public static final String GITLAB_AUTH_PROVISIONING_TOKEN = "provisioning.gitlab.token.secured";
+ public static final String GITLAB_AUTH_PROVISIONING_GROUPS = "provisioning.gitlab.groups";
+ public static final String GITLAB_AUTH_PROVISIONING_ENABLED = "provisioning.gitlab.enabled";
private static final String CATEGORY = "authentication";
private static final String SUBCATEGORY = "gitlab";
@@ -75,6 +79,18 @@ public class GitLabSettings {
return configuration.getBoolean(GITLAB_AUTH_SYNC_USER_GROUPS).orElse(false);
}
+ public String provisioningToken() {
+ return configuration.get(GITLAB_AUTH_PROVISIONING_TOKEN).orElse(null);
+ }
+
+ public Set<String> provisioningGroups() {
+ return Set.of(configuration.getStringArray(GITLAB_AUTH_PROVISIONING_GROUPS));
+ }
+
+ public boolean isProvisioningEnabled() {
+ return isEnabled() && configuration.getBoolean(GITLAB_AUTH_PROVISIONING_ENABLED).orElse(false);
+ }
+
static List<PropertyDefinition> definitions() {
return Arrays.asList(
PropertyDefinition.builder(GITLAB_AUTH_ENABLED)
@@ -128,6 +144,32 @@ public class GitLabSettings {
.type(PropertyType.BOOLEAN)
.defaultValue(valueOf(false))
.index(6)
+ .build(),
+ PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN)
+ .name("Provisioning token")
+ .description("Token used for provisioning users. Both a group or a personal access token can be used as soon as it has visibility on desired groups.")
+ .category(CATEGORY)
+ .subCategory(SUBCATEGORY)
+ .type(PASSWORD)
+ .index(7)
+ .build(),
+ PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_GROUPS)
+ .name("Groups")
+ .description("Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in GitLab URL, for instance `my-gitlab-group`.")
+ .multiValues(true)
+ .category(CATEGORY)
+ .subCategory(SUBCATEGORY)
+ .index(8)
+ .build(),
+ PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_ENABLED)
+ .name("Provisioning enabled")
+ .description("Enable Gitlab provisioning for users.")
+ .category(CATEGORY)
+ .subCategory(SUBCATEGORY)
+ .type(BOOLEAN)
+ .defaultValue(valueOf(false))
+ .index(9)
.build());
+
}
}
diff --git a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabModuleTest.java b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabModuleTest.java
index 261dd728830..d6096033969 100644
--- a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabModuleTest.java
+++ b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabModuleTest.java
@@ -33,7 +33,7 @@ public class GitLabModuleTest {
public void verify_count_of_added_components() {
ListContainer container = new ListContainer();
new GitLabModule().configure(container);
- assertThat(container.getAddedObjects()).hasSize(10);
+ assertThat(container.getAddedObjects()).hasSize(13);
}
private static class ListContainer implements Container {
diff --git a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
index 6135fa9cc11..e910eab0712 100644
--- a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
+++ b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
@@ -29,13 +29,15 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED;
+import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED;
+import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS;
+import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_URL;
public class GitLabSettingsTest {
-
private MapSettings settings;
private GitLabSettings config;
@@ -73,5 +75,49 @@ public class GitLabSettingsTest {
assertThat(config.syncUserGroups()).isFalse();
settings.setProperty(GITLAB_AUTH_SYNC_USER_GROUPS, true);
assertThat(config.syncUserGroups()).isTrue();
+
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_TOKEN, "token");
+ assertThat(config.provisioningToken()).isEqualTo("token");
+
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_GROUPS, new String[] {"Group1", "Group2"});
+ assertThat(config.provisioningGroups()).containsExactlyInAnyOrder("Group1", "Group2");
+
+ assertThat(config.isProvisioningEnabled()).isFalse();
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true);
+ assertThat(config.isProvisioningEnabled()).isTrue();
+ }
+
+ @Test
+ public void isProvisioningEnabled_whenNotSet_returnsFalse() {
+ enableGithubAuthentication();
+ assertThat(config.isProvisioningEnabled()).isFalse();
+ }
+
+ @Test
+ public void isProvisioningEnabled_ifProvisioningDisabled_returnsFalse() {
+ enableGithubAuthentication();
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, false);
+ assertThat(config.isProvisioningEnabled()).isFalse();
}
+
+ @Test
+ public void isProvisioningEnabled_ifProvisioningEnabledButGithubAuthDisabled_returnsFalse() {
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true);
+ assertThat(config.isProvisioningEnabled()).isFalse();
+ }
+
+ @Test
+ public void isProvisioningEnabled_ifProvisioningEnabledAndGithubAuthEnabled_returnsTrue() {
+ enableGithubAuthentication();
+ settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true);
+ assertThat(config.isProvisioningEnabled()).isTrue();
+ }
+
+ private void enableGithubAuthentication() {
+ settings.setProperty(GITLAB_AUTH_ENABLED, true);
+ settings.setProperty(GITLAB_AUTH_APPLICATION_ID, "on");
+ settings.setProperty(GITLAB_AUTH_SECRET, "on");
+ }
+
}
+