aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-auth-gitlab
diff options
context:
space:
mode:
authorAntoine Vigneau <antoine.vigneau@sonarsource.com>2024-01-16 15:35:59 +0100
committersonartech <sonartech@sonarsource.com>2024-01-23 20:04:15 +0000
commitc6471c039ede0753dc9396bb5348939f17b30665 (patch)
tree42e24172ddc2abed98f139146499cf0ccf4e83a9 /server/sonar-auth-gitlab
parentee268b1caac7c777dbe612ef4cde8cbf15d00f26 (diff)
downloadsonarqube-c6471c039ede0753dc9396bb5348939f17b30665.tar.gz
sonarqube-c6471c039ede0753dc9396bb5348939f17b30665.zip
SONAR-21413 Make provisioning groups ready to handle allowed groups
Diffstat (limited to 'server/sonar-auth-gitlab')
-rw-r--r--server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java31
-rw-r--r--server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java6
2 files changed, 19 insertions, 18 deletions
diff --git a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
index 65d48a1181f..54b449e270a 100644
--- a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
+++ b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java
@@ -42,9 +42,9 @@ public class GitLabSettings implements DevOpsPlatformSettings {
public static final String GITLAB_AUTH_APPLICATION_ID = "sonar.auth.gitlab.applicationId.secured";
public static final String GITLAB_AUTH_SECRET = "sonar.auth.gitlab.secret.secured";
public static final String GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP = "sonar.auth.gitlab.allowUsersToSignUp";
+ public static final String GITLAB_AUTH_ALLOWED_GROUPS = "sonar.auth.gitlab.allowedGroups";
public static final String GITLAB_AUTH_SYNC_USER_GROUPS = "sonar.auth.gitlab.groupsSync";
public static final String GITLAB_AUTH_PROVISIONING_TOKEN = "provisioning.gitlab.token.secured";
- public static final String GITLAB_AUTH_PROVISIONING_GROUPS = "provisioning.gitlab.groups";
public static final String GITLAB_AUTH_PROVISIONING_ENABLED = "provisioning.gitlab.enabled";
private static final String CATEGORY = "authentication";
@@ -84,6 +84,10 @@ public class GitLabSettings implements DevOpsPlatformSettings {
return configuration.getBoolean(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP).orElse(false);
}
+ public Set<String> allowedGroups() {
+ return Set.of(configuration.getStringArray(GITLAB_AUTH_ALLOWED_GROUPS));
+ }
+
public boolean syncUserGroups() {
return configuration.getBoolean(GITLAB_AUTH_SYNC_USER_GROUPS).orElse(false);
}
@@ -92,10 +96,6 @@ public class GitLabSettings implements DevOpsPlatformSettings {
return configuration.get(GITLAB_AUTH_PROVISIONING_TOKEN).map(Strings::emptyToNull).orElse(null);
}
- public Set<String> provisioningGroups() {
- return Set.of(configuration.getStringArray(GITLAB_AUTH_PROVISIONING_GROUPS));
- }
-
@Override
public String getDevOpsPlatform() {
return ALM.GITLAB.getId();
@@ -154,6 +154,16 @@ public class GitLabSettings implements DevOpsPlatformSettings {
.defaultValue(valueOf(true))
.index(5)
.build(),
+ PropertyDefinition.builder(GITLAB_AUTH_ALLOWED_GROUPS)
+ .name("Groups allowed")
+ .description("Only members of these groups (and sub-groups) will be allowed to authenticate. " +
+ "Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`. " +
+ "If you use Auto-provisioning, only members of these groups (and sub-groups) will be provisioned")
+ .multiValues(true)
+ .category(CATEGORY)
+ .subCategory(SUBCATEGORY)
+ .index(6)
+ .build(),
PropertyDefinition.builder(GITLAB_AUTH_SYNC_USER_GROUPS)
.deprecatedKey("sonar.auth.gitlab.sync_user_groups")
.name("Synchronize user groups")
@@ -163,7 +173,7 @@ public class GitLabSettings implements DevOpsPlatformSettings {
.subCategory(SUBCATEGORY)
.type(PropertyType.BOOLEAN)
.defaultValue(valueOf(false))
- .index(6)
+ .index(7)
.build(),
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN)
.name("Provisioning token")
@@ -172,15 +182,6 @@ public class GitLabSettings implements DevOpsPlatformSettings {
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PASSWORD)
- .index(7)
- .build(),
- PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_GROUPS)
- .name("Groups")
- .description("Only members of these groups (and sub-groups) will be provisioned." +
- " Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`.")
- .multiValues(true)
- .category(CATEGORY)
- .subCategory(SUBCATEGORY)
.index(8)
.build(),
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_ENABLED)
diff --git a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
index 089cad77cb8..808cf8175bc 100644
--- a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
+++ b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java
@@ -26,11 +26,11 @@ import org.sonar.api.config.internal.MapSettings;
import org.sonar.api.utils.System2;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOWED_GROUPS;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED;
-import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET;
import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS;
@@ -83,8 +83,8 @@ public class GitLabSettingsTest {
settings.setProperty(GITLAB_AUTH_PROVISIONING_TOKEN, "token");
assertThat(config.provisioningToken()).isEqualTo("token");
- settings.setProperty(GITLAB_AUTH_PROVISIONING_GROUPS, new String[] {"Group1", "Group2"});
- assertThat(config.provisioningGroups()).containsExactlyInAnyOrder("Group1", "Group2");
+ settings.setProperty(GITLAB_AUTH_ALLOWED_GROUPS, new String[] {"Group1", "Group2"});
+ assertThat(config.allowedGroups()).containsExactlyInAnyOrder("Group1", "Group2");
assertThat(config.isProvisioningEnabled()).isFalse();
settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true);