Search in sources :

Example 1 with AccessLevel

use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.

the class GitLabUserManagementService method removeOrUpdateUserFromGroups.

/**
 * Removes or updates the user to or from the groups.
 *
 * @param gitlabUserId the Gitlab user id
 * @param userGroups groups that the user belongs to
 * @param groupsToRemove groups where the user should be removed from
 */
private void removeOrUpdateUserFromGroups(int gitlabUserId, Set<String> userGroups, Set<String> groupsToRemove) throws GitLabApiException {
    if (groupsToRemove == null || groupsToRemove.isEmpty()) {
        return;
    }
    // Gitlab groups are identified by the project key of the programming exercise
    var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groupsToRemove);
    log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    for (var exercise : exercises) {
        // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
        Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
        Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(userGroups, course);
        // Do not remove the user from the group and only update it's access level
        var shouldUpdateGroupAccess = accessLevel.isPresent();
        if (shouldUpdateGroupAccess) {
            gitlabApi.getGroupApi().updateMember(exercise.getProjectKey(), gitlabUserId, accessLevel.get());
        } else {
            removeUserFromGroup(gitlabUserId, exercise.getProjectKey());
        }
    }
}
Also used : Course(de.tum.in.www1.artemis.domain.Course) AccessLevel(org.gitlab4j.api.models.AccessLevel)

Example 2 with AccessLevel

use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.

the class GitLabUserManagementService method addUserToGroups.

/**
 * Adds the Gitlab user to the groups. It will be given a different access level
 * based on the group type (instructors are given the MAINTAINER level and teaching
 * assistants REPORTED).
 *
 * @param gitlabUserId the user id of the Gitlab user
 * @param groups the new groups
 */
private void addUserToGroups(int gitlabUserId, Set<String> groups) {
    if (groups == null || groups.isEmpty()) {
        return;
    }
    List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
    log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
    // TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
    for (var exercise : exercises) {
        Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
        Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
        accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
    }
}
Also used : ProgrammingExercise(de.tum.in.www1.artemis.domain.ProgrammingExercise) Course(de.tum.in.www1.artemis.domain.Course) AccessLevel(org.gitlab4j.api.models.AccessLevel)

Example 3 with AccessLevel

use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.

the class GitLabProjectApi method checkUserAuthorizationActions.

@Override
public Set<ProjectAuthorizationAction> checkUserAuthorizationActions(String id, Set<ProjectAuthorizationAction> actions) {
    try {
        GitLabProjectId projectId = parseProjectId(id);
        org.gitlab4j.api.models.Project gitLabProject = withRetries(() -> getGitLabApi(projectId.getGitLabMode()).getProjectApi().getProject(projectId.getGitLabId()));
        if (!isLegendSDLCProject(gitLabProject)) {
            throw new LegendSDLCServerException("Failed to get project " + id);
        }
        AccessLevel userLevel = getUserAccess(gitLabProject);
        if (userLevel == null) {
            return Collections.emptySet();
        }
        return actions.stream().filter(Objects::nonNull).filter(a -> checkUserAction(projectId, a, userLevel)).collect(Collectors.toSet());
    } catch (Exception e) {
        throw buildException(e, () -> "Failed to get project " + id);
    }
}
Also used : ProjectType(org.finos.legend.sdlc.domain.model.project.ProjectType) ProjectStructureConfiguration(org.finos.legend.sdlc.server.project.config.ProjectStructureConfiguration) Branch(org.gitlab4j.api.models.Branch) GitLabConfiguration(org.finos.legend.sdlc.server.gitlab.GitLabConfiguration) ProjectAuthorizationAction(org.finos.legend.sdlc.domain.model.project.accessRole.ProjectAuthorizationAction) LoggerFactory(org.slf4j.LoggerFactory) AccessLevel(org.gitlab4j.api.models.AccessLevel) GitLabApiTools(org.finos.legend.sdlc.server.gitlab.tools.GitLabApiTools) LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException) ProjectStructure(org.finos.legend.sdlc.server.project.ProjectStructure) MergeRequest(org.gitlab4j.api.models.MergeRequest) BackgroundTaskProcessor(org.finos.legend.sdlc.server.tools.BackgroundTaskProcessor) EnumSet(java.util.EnumSet) Visibility(org.gitlab4j.api.models.Visibility) RepositoryApi(org.gitlab4j.api.RepositoryApi) Pager(org.gitlab4j.api.Pager) Set(java.util.Set) Iterate(org.eclipse.collections.impl.utility.Iterate) Collectors(java.util.stream.Collectors) Objects(java.util.Objects) ProjectConfigurationUpdateBuilder(org.finos.legend.sdlc.server.project.ProjectConfigurationUpdateBuilder) List(java.util.List) Stream(java.util.stream.Stream) ProjectStructurePlatformExtensions(org.finos.legend.sdlc.server.project.ProjectStructurePlatformExtensions) Pattern(java.util.regex.Pattern) GitLabApi(org.gitlab4j.api.GitLabApi) ProjectApi(org.finos.legend.sdlc.server.domain.api.project.ProjectApi) Permissions(org.gitlab4j.api.models.Permissions) Lists(org.eclipse.collections.api.factory.Lists) GitLabUserContext(org.finos.legend.sdlc.server.gitlab.auth.GitLabUserContext) ProjectStructureExtensionProvider(org.finos.legend.sdlc.server.project.extension.ProjectStructureExtensionProvider) ProjectCreationConfiguration(org.finos.legend.sdlc.server.project.config.ProjectCreationConfiguration) AccessRole(org.finos.legend.sdlc.domain.model.project.accessRole.AccessRole) Inject(javax.inject.Inject) StreamSupport(java.util.stream.StreamSupport) PagerTools(org.finos.legend.sdlc.server.gitlab.tools.PagerTools) Status(javax.ws.rs.core.Response.Status) Sets(org.eclipse.collections.api.factory.Sets) Logger(org.slf4j.Logger) GitLabMode(org.finos.legend.sdlc.server.gitlab.mode.GitLabMode) ProtectedTag(org.gitlab4j.api.models.ProtectedTag) ProjectFileAccessProvider(org.finos.legend.sdlc.server.project.ProjectFileAccessProvider) ListIterate(org.eclipse.collections.impl.utility.ListIterate) WorkspaceType(org.finos.legend.sdlc.domain.model.project.workspace.WorkspaceType) ProjectStructureVersion(org.finos.legend.sdlc.domain.model.project.configuration.ProjectStructureVersion) GitLabProjectId(org.finos.legend.sdlc.server.gitlab.GitLabProjectId) Project(org.finos.legend.sdlc.domain.model.project.Project) ProjectConfiguration(org.finos.legend.sdlc.domain.model.project.configuration.ProjectConfiguration) Revision(org.finos.legend.sdlc.domain.model.revision.Revision) Comparator(java.util.Comparator) ProjectAccess(org.gitlab4j.api.models.ProjectAccess) Collections(java.util.Collections) LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException) GitLabProjectId(org.finos.legend.sdlc.server.gitlab.GitLabProjectId) Objects(java.util.Objects) AccessLevel(org.gitlab4j.api.models.AccessLevel) LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)

Example 4 with AccessLevel

use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.

the class GitLabProjectApi method getUserAccess.

private AccessLevel getUserAccess(org.gitlab4j.api.models.Project gitLabProject) {
    Permissions permissions = gitLabProject.getPermissions();
    if (permissions != null) {
        ProjectAccess projectAccess = permissions.getProjectAccess();
        AccessLevel projectAccessLevel = (projectAccess == null) ? null : projectAccess.getAccessLevel();
        if (projectAccessLevel != null) {
            return projectAccessLevel;
        }
        ProjectAccess groupAccess = permissions.getGroupAccess();
        return (groupAccess == null) ? null : groupAccess.getAccessLevel();
    }
    return null;
}
Also used : Permissions(org.gitlab4j.api.models.Permissions) ProjectAccess(org.gitlab4j.api.models.ProjectAccess) AccessLevel(org.gitlab4j.api.models.AccessLevel)

Example 5 with AccessLevel

use of org.gitlab4j.api.models.AccessLevel in project catma by forTEXT.

the class GitlabManagerRestricted method getResourcePermissions.

private Map<String, AccessLevel> getResourcePermissions(Integer groupId) throws GitLabApiException {
    Map<String, AccessLevel> resultMap = Maps.newHashMap();
    ProjectApi projectApi = new ProjectApi(restrictedGitLabApi);
    logger.info("Loading project permissions");
    List<Project> resourceAndContainerProjects = projectApi.getProjects(new ProjectFilter().withMembership(true));
    logger.info(String.format("Filtering %1$d resources on group #%2$d", resourceAndContainerProjects.size(), groupId));
    Set<Project> filteredOnGroupProjects = resourceAndContainerProjects.stream().filter(p -> p.getNamespace().getId().equals(groupId)).collect(Collectors.toSet());
    logger.info(String.format("Updating accesslevel registry for %1$d resources", filteredOnGroupProjects.size()));
    for (Project p : filteredOnGroupProjects) {
        Permissions permission = p.getPermissions();
        if (permission.getGroupAccess() != null) {
            resultMap.put(p.getName(), permission.getGroupAccess().getAccessLevel());
        }
        if (permission.getProjectAccess() != null && (!resultMap.containsKey(p.getName()) || resultMap.get(p.getName()).value.intValue() < permission.getProjectAccess().getAccessLevel().value.intValue())) {
            resultMap.put(p.getName(), permission.getProjectAccess().getAccessLevel());
        }
    }
    return resultMap;
}
Also used : NotesApi(org.gitlab4j.api.NotesApi) JsonObject(com.google.gson.JsonObject) Reply(de.catma.document.comment.Reply) AccessLevel(org.gitlab4j.api.models.AccessLevel) ProjectFilter(org.gitlab4j.api.models.ProjectFilter) StringUtils(org.apache.commons.lang3.StringUtils) Author(org.gitlab4j.api.models.Author) IssuesApi(org.gitlab4j.api.IssuesApi) ChangeUserAttributeEvent(de.catma.ui.events.ChangeUserAttributeEvent) Map(java.util.Map) Group(org.gitlab4j.api.models.Group) IssueState(org.gitlab4j.api.Constants.IssueState) GroupApi(org.gitlab4j.api.GroupApi) Visibility(org.gitlab4j.api.models.Visibility) CATMAPropertyKey(de.catma.properties.CATMAPropertyKey) IGitUserInformation(de.catma.repository.git.interfaces.IGitUserInformation) GitMember(de.catma.repository.git.GitMember) Pager(org.gitlab4j.api.Pager) GitlabUtils(de.catma.repository.git.GitlabUtils) Set(java.util.Set) Logger(java.util.logging.Logger) SerializationHelper(de.catma.repository.git.serialization.SerializationHelper) Collectors(java.util.stream.Collectors) ProjectReference(de.catma.project.ProjectReference) Objects(java.util.Objects) List(java.util.List) ProjectApi(org.gitlab4j.api.ProjectApi) Optional(java.util.Optional) GitLabApiException(org.gitlab4j.api.GitLabApiException) Status(org.gitlab4j.api.models.ImportStatus.Status) CacheBuilder(com.google.common.cache.CacheBuilder) GitLabApi(org.gitlab4j.api.GitLabApi) RBACPermission(de.catma.rbac.RBACPermission) Permissions(org.gitlab4j.api.models.Permissions) GroupFilter(org.gitlab4j.api.models.GroupFilter) Namespace(org.gitlab4j.api.models.Namespace) HashMap(java.util.HashMap) RBACRole(de.catma.rbac.RBACRole) JsonParser(com.google.gson.JsonParser) User(de.catma.user.User) ArrayList(java.util.ArrayList) Level(java.util.logging.Level) EventBus(com.google.common.eventbus.EventBus) IRemoteGitManagerRestricted(de.catma.repository.git.interfaces.IRemoteGitManagerRestricted) Comment(de.catma.document.comment.Comment) ForkStatus(de.catma.project.ForkStatus) GitProjectManager(de.catma.repository.git.GitProjectManager) Note(org.gitlab4j.api.models.Note) IDGenerator(de.catma.util.IDGenerator) Subscribe(com.google.common.eventbus.Subscribe) CreateRepositoryResponse(de.catma.repository.git.CreateRepositoryResponse) Issue(org.gitlab4j.api.models.Issue) IOException(java.io.IOException) Project(org.gitlab4j.api.models.Project) Maps(com.google.common.collect.Maps) IssueFilter(org.gitlab4j.api.models.IssueFilter) TimeUnit(java.util.concurrent.TimeUnit) Member(org.gitlab4j.api.models.Member) Cache(com.google.common.cache.Cache) Collections(java.util.Collections) BackgroundService(de.catma.backgroundservice.BackgroundService) GitUser(de.catma.repository.git.GitUser) Project(org.gitlab4j.api.models.Project) ProjectFilter(org.gitlab4j.api.models.ProjectFilter) ProjectApi(org.gitlab4j.api.ProjectApi) Permissions(org.gitlab4j.api.models.Permissions) AccessLevel(org.gitlab4j.api.models.AccessLevel)

Aggregations

AccessLevel (org.gitlab4j.api.models.AccessLevel)21 Course (de.tum.in.www1.artemis.domain.Course)8 Permissions (org.gitlab4j.api.models.Permissions)6 GitLabApiException (org.gitlab4j.api.GitLabApiException)5 ProgrammingExercise (de.tum.in.www1.artemis.domain.ProgrammingExercise)4 User (de.tum.in.www1.artemis.domain.User)4 Collections (java.util.Collections)4 List (java.util.List)4 Objects (java.util.Objects)4 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 LegendSDLCServerException (org.finos.legend.sdlc.server.error.LegendSDLCServerException)3 GitLabProjectId (org.finos.legend.sdlc.server.gitlab.GitLabProjectId)3 GitLabApi (org.gitlab4j.api.GitLabApi)3 Pager (org.gitlab4j.api.Pager)3 Visibility (org.gitlab4j.api.models.Visibility)3 Cache (com.google.common.cache.Cache)2 CacheBuilder (com.google.common.cache.CacheBuilder)2 Maps (com.google.common.collect.Maps)2 EventBus (com.google.common.eventbus.EventBus)2