From c6471c039ede0753dc9396bb5348939f17b30665 Mon Sep 17 00:00:00 2001 From: Antoine Vigneau Date: Tue, 16 Jan 2024 15:35:59 +0100 Subject: SONAR-21413 Make provisioning groups ready to handle allowed groups --- .../java/org/sonar/auth/gitlab/GitLabSettings.java | 31 +++++++++++----------- .../org/sonar/auth/gitlab/GitLabSettingsTest.java | 6 ++--- 2 files changed, 19 insertions(+), 18 deletions(-) (limited to 'server/sonar-auth-gitlab') diff --git a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java index 65d48a1181f..54b449e270a 100644 --- a/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java +++ b/server/sonar-auth-gitlab/src/main/java/org/sonar/auth/gitlab/GitLabSettings.java @@ -42,9 +42,9 @@ public class GitLabSettings implements DevOpsPlatformSettings { public static final String GITLAB_AUTH_APPLICATION_ID = "sonar.auth.gitlab.applicationId.secured"; public static final String GITLAB_AUTH_SECRET = "sonar.auth.gitlab.secret.secured"; public static final String GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP = "sonar.auth.gitlab.allowUsersToSignUp"; + public static final String GITLAB_AUTH_ALLOWED_GROUPS = "sonar.auth.gitlab.allowedGroups"; public static final String GITLAB_AUTH_SYNC_USER_GROUPS = "sonar.auth.gitlab.groupsSync"; public static final String GITLAB_AUTH_PROVISIONING_TOKEN = "provisioning.gitlab.token.secured"; - public static final String GITLAB_AUTH_PROVISIONING_GROUPS = "provisioning.gitlab.groups"; public static final String GITLAB_AUTH_PROVISIONING_ENABLED = "provisioning.gitlab.enabled"; private static final String CATEGORY = "authentication"; @@ -84,6 +84,10 @@ public class GitLabSettings implements DevOpsPlatformSettings { return configuration.getBoolean(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP).orElse(false); } + public Set allowedGroups() { + return Set.of(configuration.getStringArray(GITLAB_AUTH_ALLOWED_GROUPS)); + } + public boolean syncUserGroups() { return configuration.getBoolean(GITLAB_AUTH_SYNC_USER_GROUPS).orElse(false); } @@ -92,10 +96,6 @@ public class GitLabSettings implements DevOpsPlatformSettings { return configuration.get(GITLAB_AUTH_PROVISIONING_TOKEN).map(Strings::emptyToNull).orElse(null); } - public Set provisioningGroups() { - return Set.of(configuration.getStringArray(GITLAB_AUTH_PROVISIONING_GROUPS)); - } - @Override public String getDevOpsPlatform() { return ALM.GITLAB.getId(); @@ -154,6 +154,16 @@ public class GitLabSettings implements DevOpsPlatformSettings { .defaultValue(valueOf(true)) .index(5) .build(), + PropertyDefinition.builder(GITLAB_AUTH_ALLOWED_GROUPS) + .name("Groups allowed") + .description("Only members of these groups (and sub-groups) will be allowed to authenticate. " + + "Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`. " + + "If you use Auto-provisioning, only members of these groups (and sub-groups) will be provisioned") + .multiValues(true) + .category(CATEGORY) + .subCategory(SUBCATEGORY) + .index(6) + .build(), PropertyDefinition.builder(GITLAB_AUTH_SYNC_USER_GROUPS) .deprecatedKey("sonar.auth.gitlab.sync_user_groups") .name("Synchronize user groups") @@ -163,7 +173,7 @@ public class GitLabSettings implements DevOpsPlatformSettings { .subCategory(SUBCATEGORY) .type(PropertyType.BOOLEAN) .defaultValue(valueOf(false)) - .index(6) + .index(7) .build(), PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN) .name("Provisioning token") @@ -172,15 +182,6 @@ public class GitLabSettings implements DevOpsPlatformSettings { .category(CATEGORY) .subCategory(SUBCATEGORY) .type(PASSWORD) - .index(7) - .build(), - PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_GROUPS) - .name("Groups") - .description("Only members of these groups (and sub-groups) will be provisioned." + - " Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`.") - .multiValues(true) - .category(CATEGORY) - .subCategory(SUBCATEGORY) .index(8) .build(), PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_ENABLED) diff --git a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java index 089cad77cb8..808cf8175bc 100644 --- a/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java +++ b/server/sonar-auth-gitlab/src/test/java/org/sonar/auth/gitlab/GitLabSettingsTest.java @@ -26,11 +26,11 @@ import org.sonar.api.config.internal.MapSettings; import org.sonar.api.utils.System2; import static org.assertj.core.api.Assertions.assertThat; +import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOWED_GROUPS; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_APPLICATION_ID; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_ENABLED; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_ENABLED; -import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_GROUPS; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_PROVISIONING_TOKEN; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SECRET; import static org.sonar.auth.gitlab.GitLabSettings.GITLAB_AUTH_SYNC_USER_GROUPS; @@ -83,8 +83,8 @@ public class GitLabSettingsTest { settings.setProperty(GITLAB_AUTH_PROVISIONING_TOKEN, "token"); assertThat(config.provisioningToken()).isEqualTo("token"); - settings.setProperty(GITLAB_AUTH_PROVISIONING_GROUPS, new String[] {"Group1", "Group2"}); - assertThat(config.provisioningGroups()).containsExactlyInAnyOrder("Group1", "Group2"); + settings.setProperty(GITLAB_AUTH_ALLOWED_GROUPS, new String[] {"Group1", "Group2"}); + assertThat(config.allowedGroups()).containsExactlyInAnyOrder("Group1", "Group2"); assertThat(config.isProvisioningEnabled()).isFalse(); settings.setProperty(GITLAB_AUTH_PROVISIONING_ENABLED, true); -- cgit v1.2.3