use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.
the class GitLabUserManagementService method removeOrUpdateUserFromGroups.
/**
* Removes or updates the user to or from the groups.
*
* @param gitlabUserId the Gitlab user id
* @param userGroups groups that the user belongs to
* @param groupsToRemove groups where the user should be removed from
*/
private void removeOrUpdateUserFromGroups(int gitlabUserId, Set<String> userGroups, Set<String> groupsToRemove) throws GitLabApiException {
if (groupsToRemove == null || groupsToRemove.isEmpty()) {
return;
}
// Gitlab groups are identified by the project key of the programming exercise
var exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groupsToRemove);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
for (var exercise : exercises) {
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(userGroups, course);
// Do not remove the user from the group and only update it's access level
var shouldUpdateGroupAccess = accessLevel.isPresent();
if (shouldUpdateGroupAccess) {
gitlabApi.getGroupApi().updateMember(exercise.getProjectKey(), gitlabUserId, accessLevel.get());
} else {
removeUserFromGroup(gitlabUserId, exercise.getProjectKey());
}
}
}
use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.
the class GitLabUserManagementService method addUserToGroups.
/**
* Adds the Gitlab user to the groups. It will be given a different access level
* based on the group type (instructors are given the MAINTAINER level and teaching
* assistants REPORTED).
*
* @param gitlabUserId the user id of the Gitlab user
* @param groups the new groups
*/
private void addUserToGroups(int gitlabUserId, Set<String> groups) {
if (groups == null || groups.isEmpty()) {
return;
}
List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
for (var exercise : exercises) {
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
}
}
use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.
the class GitLabProjectApi method checkUserAuthorizationActions.
@Override
public Set<ProjectAuthorizationAction> checkUserAuthorizationActions(String id, Set<ProjectAuthorizationAction> actions) {
try {
GitLabProjectId projectId = parseProjectId(id);
org.gitlab4j.api.models.Project gitLabProject = withRetries(() -> getGitLabApi(projectId.getGitLabMode()).getProjectApi().getProject(projectId.getGitLabId()));
if (!isLegendSDLCProject(gitLabProject)) {
throw new LegendSDLCServerException("Failed to get project " + id);
}
AccessLevel userLevel = getUserAccess(gitLabProject);
if (userLevel == null) {
return Collections.emptySet();
}
return actions.stream().filter(Objects::nonNull).filter(a -> checkUserAction(projectId, a, userLevel)).collect(Collectors.toSet());
} catch (Exception e) {
throw buildException(e, () -> "Failed to get project " + id);
}
}
use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.
the class GitLabProjectApi method getUserAccess.
private AccessLevel getUserAccess(org.gitlab4j.api.models.Project gitLabProject) {
Permissions permissions = gitLabProject.getPermissions();
if (permissions != null) {
ProjectAccess projectAccess = permissions.getProjectAccess();
AccessLevel projectAccessLevel = (projectAccess == null) ? null : projectAccess.getAccessLevel();
if (projectAccessLevel != null) {
return projectAccessLevel;
}
ProjectAccess groupAccess = permissions.getGroupAccess();
return (groupAccess == null) ? null : groupAccess.getAccessLevel();
}
return null;
}
use of org.gitlab4j.api.models.AccessLevel in project catma by forTEXT.
the class GitlabManagerRestricted method getResourcePermissions.
private Map<String, AccessLevel> getResourcePermissions(Integer groupId) throws GitLabApiException {
Map<String, AccessLevel> resultMap = Maps.newHashMap();
ProjectApi projectApi = new ProjectApi(restrictedGitLabApi);
logger.info("Loading project permissions");
List<Project> resourceAndContainerProjects = projectApi.getProjects(new ProjectFilter().withMembership(true));
logger.info(String.format("Filtering %1$d resources on group #%2$d", resourceAndContainerProjects.size(), groupId));
Set<Project> filteredOnGroupProjects = resourceAndContainerProjects.stream().filter(p -> p.getNamespace().getId().equals(groupId)).collect(Collectors.toSet());
logger.info(String.format("Updating accesslevel registry for %1$d resources", filteredOnGroupProjects.size()));
for (Project p : filteredOnGroupProjects) {
Permissions permission = p.getPermissions();
if (permission.getGroupAccess() != null) {
resultMap.put(p.getName(), permission.getGroupAccess().getAccessLevel());
}
if (permission.getProjectAccess() != null && (!resultMap.containsKey(p.getName()) || resultMap.get(p.getName()).value.intValue() < permission.getProjectAccess().getAccessLevel().value.intValue())) {
resultMap.put(p.getName(), permission.getProjectAccess().getAccessLevel());
}
}
return resultMap;
}
Aggregations