From c6471c039ede0753dc9396bb5348939f17b30665 Mon Sep 17 00:00:00 2001 From: Antoine Vigneau Date: Tue, 16 Jan 2024 15:35:59 +0100 Subject: SONAR-21413 Make provisioning groups ready to handle allowed groups --- .../DefaultGitlabConfigurationController.java | 13 +-- .../GitlabConfigurationCreateRestRequest.java | 12 +-- .../GitlabConfigurationUpdateRestRequest.java | 20 ++--- .../resource/GitlabConfigurationResource.java | 6 +- .../DefaultGitlabConfigurationControllerTest.java | 96 ++++++++++++---------- 5 files changed, 78 insertions(+), 69 deletions(-) (limited to 'server/sonar-webserver-webapi-v2') diff --git a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/controller/DefaultGitlabConfigurationController.java b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/controller/DefaultGitlabConfigurationController.java index 4a0c1b4b9db..e1adcb057ee 100644 --- a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/controller/DefaultGitlabConfigurationController.java +++ b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/controller/DefaultGitlabConfigurationController.java @@ -81,10 +81,11 @@ public class DefaultGitlabConfigurationController implements GitlabConfiguration createRestRequest.url(), createRestRequest.secret(), createRestRequest.synchronizeGroups(), - toProvisioningType(createRestRequest.provisioningType()), + Set.copyOf(createRestRequest.allowedGroups()), createRestRequest.allowUsersToSignUp() != null && createRestRequest.allowUsersToSignUp(), - createRestRequest.provisioningToken(), - createRestRequest.provisioningGroups() == null ? Set.of() : Set.copyOf(createRestRequest.provisioningGroups())); + toProvisioningType(createRestRequest.provisioningType()), + createRestRequest.provisioningToken() + ); } private GitlabConfigurationResource getGitlabConfigurationResource(String id) { @@ -107,10 +108,10 @@ public class DefaultGitlabConfigurationController implements GitlabConfiguration .url(updateRequest.getUrl().toNonNullUpdatedValue()) .secret(updateRequest.getSecret().toNonNullUpdatedValue()) .synchronizeGroups(updateRequest.getSynchronizeGroups().toNonNullUpdatedValue()) + .allowedGroups(updateRequest.getAllowedGroups().map(DefaultGitlabConfigurationController::getGroups).toNonNullUpdatedValue()) .provisioningType(updateRequest.getProvisioningType().map(DefaultGitlabConfigurationController::toProvisioningType).toNonNullUpdatedValue()) .allowUserToSignUp(updateRequest.getAllowUsersToSignUp().toNonNullUpdatedValue()) .provisioningToken(updateRequest.getProvisioningToken().toUpdatedValue()) - .provisioningGroups(updateRequest.getProvisioningGroups().map(DefaultGitlabConfigurationController::getGroups).toNonNullUpdatedValue()) .build(); } @@ -126,9 +127,9 @@ public class DefaultGitlabConfigurationController implements GitlabConfiguration configuration.applicationId(), configuration.url(), configuration.synchronizeGroups(), - toRestProvisioningType(configuration), + sortGroups(configuration.allowedGroups()), configuration.allowUsersToSignUp(), - sortGroups(configuration.provisioningGroups()), + toRestProvisioningType(configuration), configurationError.orElse(null) ); } diff --git a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationCreateRestRequest.java b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationCreateRestRequest.java index 848e073f9e7..b4c92f862e2 100644 --- a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationCreateRestRequest.java +++ b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationCreateRestRequest.java @@ -36,9 +36,11 @@ public record GitlabConfigurationCreateRestRequest( @NotEmpty @Schema(description = "Gitlab Application id") String applicationId, + @NotEmpty @Schema(description = "Url of Gitlab instance for authentication (for instance https://gitlab.com)") String url, + @NotEmpty @Schema(accessMode = Schema.AccessMode.WRITE_ONLY, description = "Secret of the application") String secret, @@ -47,6 +49,10 @@ public record GitlabConfigurationCreateRestRequest( @Schema(description = "Set whether to synchronize groups") Boolean synchronizeGroups, + @NotEmpty + @ArraySchema(arraySchema = @Schema(description = "GitLab groups allowed to authenticate and provisioned (for Auto-Provisioning only). Subgroups will automatically be included")) + List allowedGroups, + @NotNull @Schema(description = "Type of synchronization") ProvisioningType provisioningType, @@ -57,10 +63,6 @@ public record GitlabConfigurationCreateRestRequest( @Schema(description = "Allow user to sign up") @Nullable - Boolean allowUsersToSignUp, - - @ArraySchema(arraySchema = @Schema(description = "Root GitLab groups to provision.")) - @Nullable - List provisioningGroups + Boolean allowUsersToSignUp ) { } diff --git a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationUpdateRestRequest.java b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationUpdateRestRequest.java index 149be458a36..6bc9f941b0d 100644 --- a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationUpdateRestRequest.java +++ b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/request/GitlabConfigurationUpdateRestRequest.java @@ -33,10 +33,10 @@ public class GitlabConfigurationUpdateRestRequest { private UpdateField url = UpdateField.undefined(); private UpdateField secret = UpdateField.undefined(); private UpdateField synchronizeGroups = UpdateField.undefined(); + private UpdateField> allowedGroups = UpdateField.undefined(); private UpdateField provisioningType = UpdateField.undefined(); private UpdateField allowUsersToSignUp = UpdateField.undefined(); private UpdateField provisioningToken = UpdateField.undefined(); - private UpdateField> provisioningGroups = UpdateField.undefined(); @Schema(implementation = Boolean.class, description = "Enable Gitlab authentication") public UpdateField getEnabled() { @@ -83,6 +83,15 @@ public class GitlabConfigurationUpdateRestRequest { this.synchronizeGroups = UpdateField.withValue(synchronizeGroups); } + @ArraySchema(arraySchema = @Schema(description = "Root Gitlab groups allowed to authenticate and provisioned"), schema = @Schema(implementation = String.class)) + public UpdateField> getAllowedGroups() { + return allowedGroups; + } + + public void setAllowedGroups(List allowedGroups) { + this.allowedGroups = UpdateField.withValue(allowedGroups); + } + @Schema(implementation = ProvisioningType.class, description = "Type of synchronization") public UpdateField getProvisioningType() { return provisioningType; @@ -110,13 +119,4 @@ public class GitlabConfigurationUpdateRestRequest { public void setProvisioningToken(String provisioningToken) { this.provisioningToken = UpdateField.withValue(provisioningToken); } - - @ArraySchema(arraySchema = @Schema(description = "Root gitlab groups to provision."), schema = @Schema(implementation = String.class)) - public UpdateField> getProvisioningGroups() { - return provisioningGroups; - } - - public void setProvisioningGroups(List provisioningGroups) { - this.provisioningGroups = UpdateField.withValue(provisioningGroups); - } } diff --git a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/resource/GitlabConfigurationResource.java b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/resource/GitlabConfigurationResource.java index 79bfaf3972f..749c0515201 100644 --- a/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/resource/GitlabConfigurationResource.java +++ b/server/sonar-webserver-webapi-v2/src/main/java/org/sonar/server/v2/api/gitlab/config/resource/GitlabConfigurationResource.java @@ -38,12 +38,12 @@ public record GitlabConfigurationResource( boolean synchronizeGroups, - ProvisioningType provisioningType, + @Schema(description = "Root Gitlab groups allowed to authenticate and provisioned") + List allowedGroups, boolean allowUsersToSignUp, - @Schema(description = "Root Gitlab groups to provision") - List provisioningGroups, + ProvisioningType provisioningType, @Schema(accessMode = Schema.AccessMode.READ_ONLY, description = "In case the GitLab configuration is incorrect, error message") @Nullable diff --git a/server/sonar-webserver-webapi-v2/src/test/java/org/sonar/server/v2/api/gitlab/config/DefaultGitlabConfigurationControllerTest.java b/server/sonar-webserver-webapi-v2/src/test/java/org/sonar/server/v2/api/gitlab/config/DefaultGitlabConfigurationControllerTest.java index 64a790887f8..3cef1d97d1d 100644 --- a/server/sonar-webserver-webapi-v2/src/test/java/org/sonar/server/v2/api/gitlab/config/DefaultGitlabConfigurationControllerTest.java +++ b/server/sonar-webserver-webapi-v2/src/test/java/org/sonar/server/v2/api/gitlab/config/DefaultGitlabConfigurationControllerTest.java @@ -69,20 +69,23 @@ public class DefaultGitlabConfigurationControllerTest { "www.url.com", "secret", true, - AUTO_PROVISIONING, + Set.of("group1", "group2"), true, - "provisioning-token", - Set.of("provisioning-group2", "provisioning-group1")); + AUTO_PROVISIONING, + "provisioning-token" + ); + private static final GitlabConfigurationResource EXPECTED_GITLAB_CONF_RESOURCE = new GitlabConfigurationResource( GITLAB_CONFIGURATION.id(), GITLAB_CONFIGURATION.enabled(), GITLAB_CONFIGURATION.applicationId(), GITLAB_CONFIGURATION.url(), GITLAB_CONFIGURATION.synchronizeGroups(), - org.sonar.server.v2.api.gitlab.config.resource.ProvisioningType.valueOf(GITLAB_CONFIGURATION.provisioningType().name()), + List.of("group1", "group2"), GITLAB_CONFIGURATION.allowUsersToSignUp(), - List.of("provisioning-group1", "provisioning-group2"), + org.sonar.server.v2.api.gitlab.config.resource.ProvisioningType.valueOf(GITLAB_CONFIGURATION.provisioningType().name()), "error-message"); + private static final String EXPECTED_CONFIGURATION = """ { "id": "existing-id", @@ -90,12 +93,12 @@ public class DefaultGitlabConfigurationControllerTest { "applicationId": "application-id", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ], "errorMessage": "error-message" } """; @@ -200,13 +203,13 @@ public class DefaultGitlabConfigurationControllerTest { "url": "www.url.com", "secret": "newSecret", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", "allowUsersToSignUp": true, - "provisioningToken": "token", - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "provisioningToken": "token" } """; @@ -224,10 +227,11 @@ public class DefaultGitlabConfigurationControllerTest { NonNullUpdatedValue.withValueOrThrow("www.url.com"), NonNullUpdatedValue.withValueOrThrow("newSecret"), NonNullUpdatedValue.withValueOrThrow(true), - NonNullUpdatedValue.withValueOrThrow(AUTO_PROVISIONING), + NonNullUpdatedValue.withValueOrThrow(Set.of("group1", "group2")), NonNullUpdatedValue.withValueOrThrow(true), UpdatedValue.withValue("token"), - NonNullUpdatedValue.withValueOrThrow(Set.of("provisioning-group2", "provisioning-group1")))); + NonNullUpdatedValue.withValueOrThrow(AUTO_PROVISIONING) + )); } @Test @@ -258,10 +262,8 @@ public class DefaultGitlabConfigurationControllerTest { NonNullUpdatedValue.undefined(), NonNullUpdatedValue.undefined(), NonNullUpdatedValue.undefined(), - NonNullUpdatedValue.withValueOrThrow(JIT), - NonNullUpdatedValue.withValueOrThrow(false), - UpdatedValue.withValue(null), - NonNullUpdatedValue.undefined())); + NonNullUpdatedValue.undefined(), NonNullUpdatedValue.withValueOrThrow(false), UpdatedValue.withValue(null), NonNullUpdatedValue.withValueOrThrow(JIT) + )); } @Test @@ -278,12 +280,12 @@ public class DefaultGitlabConfigurationControllerTest { "url": "www.url.com", "secret": "123", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", - "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "allowUsersToSignUp": true } """)) .andExpectAll( @@ -306,12 +308,12 @@ public class DefaultGitlabConfigurationControllerTest { "secret": "123", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", - "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "allowUsersToSignUp": true } """)) @@ -324,12 +326,12 @@ public class DefaultGitlabConfigurationControllerTest { "applicationId": "application-id", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", - "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "allowUsersToSignUp": true } """)); @@ -349,6 +351,10 @@ public class DefaultGitlabConfigurationControllerTest { "secret": "123", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING" } @@ -362,12 +368,12 @@ public class DefaultGitlabConfigurationControllerTest { "applicationId": "application-id", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", - "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "allowUsersToSignUp": true } """)); @@ -386,12 +392,12 @@ public class DefaultGitlabConfigurationControllerTest { "applicationId": "application-id", "url": "www.url.com", "synchronizeGroups": true, + "allowedGroups": [ + "group1", + "group2" + ], "provisioningType": "AUTO_PROVISIONING", - "allowUsersToSignUp": true, - "provisioningGroups": [ - "provisioning-group2", - "provisioning-group1" - ] + "allowUsersToSignUp": true } """)) .andExpectAll( -- cgit v1.2.3