Search in sources :

Example 6 with SUserGroup

use of jetbrains.buildServer.groups.SUserGroup in project teamcity-rest by JetBrains.

the class GroupRequest method addRole.

@POST
@Path("/{groupLocator}/roles")
@Consumes({ "application/xml", "application/json" })
@Produces({ "application/xml", "application/json" })
@ApiOperation(value = "Add a role to the matching user group.", nickname = "addRoleToGroup")
public RoleAssignment addRole(@PathParam("groupLocator") String groupLocator, RoleAssignment roleAssignment) {
    SUserGroup group = myUserGroupFinder.getGroup(groupLocator);
    group.addRole(RoleAssignment.getScope(roleAssignment.scope, myBeanContext.getServiceLocator()), RoleAssignment.getRoleById(roleAssignment.roleId, myBeanContext.getServiceLocator()));
    return new RoleAssignment(DataProvider.getGroupRoleEntry(group, roleAssignment.roleId, roleAssignment.scope, myBeanContext), group, myBeanContext);
}
Also used : RoleAssignment(jetbrains.buildServer.server.rest.model.user.RoleAssignment) SUserGroup(jetbrains.buildServer.groups.SUserGroup) ApiOperation(io.swagger.annotations.ApiOperation)

Example 7 with SUserGroup

use of jetbrains.buildServer.groups.SUserGroup in project teamcity-rest by JetBrains.

the class GroupRequest method deleteRole.

@DELETE
@Path("/{groupLocator}/roles/{roleId}/{scope}")
@ApiOperation(value = "Remove a role with the specific scope from the matching user group.", nickname = "removeRoleAtScopeFromGroup")
public void deleteRole(@PathParam("groupLocator") String groupLocator, @PathParam("roleId") String roleId, @PathParam("scope") String scopeValue) {
    SUserGroup group = myUserGroupFinder.getGroup(groupLocator);
    group.removeRole(RoleAssignment.getScope(scopeValue, myBeanContext.getServiceLocator()), RoleAssignment.getRoleById(roleId, myBeanContext.getServiceLocator()));
}
Also used : SUserGroup(jetbrains.buildServer.groups.SUserGroup) ApiOperation(io.swagger.annotations.ApiOperation)

Example 8 with SUserGroup

use of jetbrains.buildServer.groups.SUserGroup in project teamcity-rest by JetBrains.

the class GroupRequest method setRoles.

@PUT
@Path("/{groupLocator}/roles")
@Consumes({ "application/xml", "application/json" })
@Produces({ "application/xml", "application/json" })
@ApiOperation(value = "Update roles of the matching user group.", nickname = "setGroupRoles")
public RoleAssignments setRoles(@PathParam("groupLocator") String groupLocator, RoleAssignments roleAssignments) {
    SUserGroup group = myUserGroupFinder.getGroup(groupLocator);
    Group.setRoles(group, roleAssignments, myBeanContext.getServiceLocator());
    return new RoleAssignments(group.getRoles(), group, myBeanContext);
}
Also used : SUserGroup(jetbrains.buildServer.groups.SUserGroup) RoleAssignments(jetbrains.buildServer.server.rest.model.user.RoleAssignments) ApiOperation(io.swagger.annotations.ApiOperation)

Example 9 with SUserGroup

use of jetbrains.buildServer.groups.SUserGroup in project teamcity-rest by JetBrains.

the class UserFinderTest method testSearchByRoles.

@Test
public void testSearchByRoles() throws Throwable {
    myFixture.getServerSettings().setPerProjectPermissionsEnabled(true);
    final SUser user10 = createUser("user10");
    final SUser user20 = createUser("user20");
    final SUser user30 = createUser("user30");
    final SUser user40 = createUser("user40");
    final SUser user50 = createUser("user50");
    final SUser user60 = createUser("user60");
    final SUser user70 = createUser("user70");
    final SUser user100 = createUser("user100");
    final SUserGroup group10 = myFixture.createUserGroup("group1", "group 1", "");
    final SUserGroup group20 = myFixture.createUserGroup("group1.1", "group 1.1", "");
    group10.addSubgroup(group20);
    group10.addUser(user60);
    group20.addUser(user70);
    ProjectEx prj1 = createProject("prj1");
    ProjectEx prj1_1 = prj1.createProject("prj1_1", "prj1.1");
    ProjectEx prj3 = createProject("prj3");
    RoleImpl role10 = new RoleImpl("role10", "custom role", new Permissions(Permission.LABEL_BUILD), null);
    myFixture.getRolesManager().addRole(role10);
    RoleImpl role20 = new RoleImpl("role20", "custom role", new Permissions(Permission.PIN_UNPIN_BUILD), myFixture.getRolesManager());
    role20.addIncludedRole(role10);
    myFixture.getRolesManager().addRole(role20);
    RoleImpl role30 = new RoleImpl("role30", "custom role", new Permissions(Permission.LABEL_BUILD, Permission.CANCEL_BUILD), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role30);
    user10.addRole(RoleScope.globalScope(), getSysAdminRole());
    user20.addRole(RoleScope.globalScope(), getProjectAdminRole());
    user30.addRole(RoleScope.projectScope(prj1.getProjectId()), getProjectViewerRole());
    user40.addRole(RoleScope.projectScope(prj1_1.getProjectId()), getProjectViewerRole());
    user50.addRole(RoleScope.projectScope(prj3.getProjectId()), getProjectViewerRole());
    user50.addRole(RoleScope.globalScope(), role30);
    group10.addRole(RoleScope.projectScope(prj1.getProjectId()), role20);
    group10.addRole(RoleScope.projectScope(getRootProject().getProjectId()), getTestRoles().getProjectViewerRole());
    check(null, user10, user20, user30, user40, user50, user60, user70, user100);
    check("role:(scope:(project:(" + prj1_1.getExternalId() + ")),role:(id:" + getProjectAdminRole().getId() + "))", user20);
    check("role:(scope:(project:(" + prj1_1.getExternalId() + ")),role:(id:role10))", user60, user70);
    check("role:(item:(scope:(project:(" + prj1_1.getExternalId() + ")),role:(id:role10)),method:effective)", user60, user70);
    check("role:(item:(scope:(project:(" + prj1_1.getExternalId() + ")),role:(id:role10)))", user60, user70);
    check("role:(item:(scope:(project:(" + prj1_1.getExternalId() + ")),role:(id:role10)),method:byPermission)", user10, user20, user50, user60, user70);
    check("role:(scope:global)", user10, user20, user50);
    // todo: error locators
    checkExceptionOnItemsSearch(LocatorProcessException.class, "role:(aaa)");
}
Also used : ProjectEx(jetbrains.buildServer.serverSide.impl.ProjectEx) SUser(jetbrains.buildServer.users.SUser) RoleImpl(jetbrains.buildServer.serverSide.impl.auth.RoleImpl) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) SUserGroup(jetbrains.buildServer.groups.SUserGroup) Test(org.testng.annotations.Test)

Example 10 with SUserGroup

use of jetbrains.buildServer.groups.SUserGroup in project teamcity-rest by JetBrains.

the class UserFinderTest method testSearchByPermissions.

@Test
public void testSearchByPermissions() throws Throwable {
    myFixture.getServerSettings().setPerProjectPermissionsEnabled(true);
    final SUser user10 = createUser("user10");
    final SUser user20 = createUser("user20");
    final SUser user30 = createUser("user30");
    final SUser user40 = createUser("user40");
    final SUser user50 = createUser("user50");
    final SUser user60 = createUser("user60");
    final SUser user70 = createUser("user70");
    final SUser user100 = createUser("user100");
    final SUserGroup group10 = myFixture.createUserGroup("group1", "group 1", "");
    final SUserGroup group20 = myFixture.createUserGroup("group1.1", "group 1.1", "");
    group10.addSubgroup(group20);
    group20.addUser(user70);
    ProjectEx prj1 = createProject("prj1");
    ProjectEx prj1_1 = prj1.createProject("prj1_1", "prj1.1");
    ProjectEx prj3 = createProject("prj3");
    RoleImpl role10 = new RoleImpl("role10", "custom role", new Permissions(Permission.RUN_BUILD), null);
    myFixture.getRolesManager().addRole(role10);
    RoleImpl role20 = new RoleImpl("role20", "custom role", new Permissions(Permission.VIEW_PROJECT, Permission.CHANGE_SERVER_SETTINGS), myFixture.getRolesManager());
    role20.addIncludedRole(role10);
    myFixture.getRolesManager().addRole(role20);
    RoleImpl role30 = new RoleImpl("role30", "custom role", new Permissions(Permission.LABEL_BUILD, Permission.CANCEL_BUILD), myFixture.getRolesManager());
    myFixture.getRolesManager().addRole(role30);
    user10.addRole(RoleScope.globalScope(), getSysAdminRole());
    user30.addRole(RoleScope.projectScope(prj3.getProjectId()), role10);
    group10.addRole(RoleScope.projectScope(prj1.getProjectId()), role20);
    check(null, user10, user20, user30, user40, user50, user60, user70, user100);
    check("permission:(permission:run_build,project:(id:" + prj1_1.getExternalId() + "))", user10, user70);
    checkExceptionOnItemsSearch(LocatorProcessException.class, "permission:(permission:run_build,permission:label_build,project:(id:" + prj1_1.getExternalId() + "))");
    checkExceptionOnItemsSearch(LocatorProcessException.class, "permission:(permission:run_build,project:(id:a),project:(id:b))");
    assertContains(checkException(LocatorProcessException.class, () -> getFinder().getItems("permission:(project:(id:a))"), null).getMessage(), "Nothing found");
    // global permission check
    check("permission:(permission:run_build)", user10);
    check("permission:(permission:run_build,project:(item:" + prj3.getExternalId() + "))", user10, user30);
    check("permission:(permission:run_build,project:(item:" + prj1_1.getExternalId() + ",item:" + prj3.getExternalId() + "))", user10, user30, // permission in one of the projects
    user70);
    // permission in any project of the first 100
    check("permission:(permission:run_build,project:(count:100))", user10, user30, user70);
}
Also used : ProjectEx(jetbrains.buildServer.serverSide.impl.ProjectEx) SUser(jetbrains.buildServer.users.SUser) RoleImpl(jetbrains.buildServer.serverSide.impl.auth.RoleImpl) Permissions(jetbrains.buildServer.serverSide.auth.Permissions) SUserGroup(jetbrains.buildServer.groups.SUserGroup) Test(org.testng.annotations.Test)

Aggregations

SUserGroup (jetbrains.buildServer.groups.SUserGroup)18 SUser (jetbrains.buildServer.users.SUser)11 ApiOperation (io.swagger.annotations.ApiOperation)9 Test (org.testng.annotations.Test)7 BadRequestException (jetbrains.buildServer.server.rest.errors.BadRequestException)4 NotFoundException (jetbrains.buildServer.server.rest.errors.NotFoundException)4 Fields (jetbrains.buildServer.server.rest.model.Fields)4 Group (jetbrains.buildServer.server.rest.model.group.Group)3 RoleAssignment (jetbrains.buildServer.server.rest.model.user.RoleAssignment)3 Permissions (jetbrains.buildServer.serverSide.auth.Permissions)3 ProjectEx (jetbrains.buildServer.serverSide.impl.ProjectEx)3 RoleImpl (jetbrains.buildServer.serverSide.impl.auth.RoleImpl)3 BaseFinderTest (jetbrains.buildServer.server.rest.data.BaseFinderTest)2 RoleAssignments (jetbrains.buildServer.server.rest.model.user.RoleAssignments)2 StringUtil (com.intellij.openapi.util.text.StringUtil)1 BufferedImage (java.awt.image.BufferedImage)1 HashMap (java.util.HashMap)1 Map (java.util.Map)1 Set (java.util.Set)1 Collectors (java.util.stream.Collectors)1