Example 16 with AccessLevel
use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.
the class GitLabUserManagementService method addUserToGroups.
/**
* Adds the Gitlab user to the groups. It will be given a different access level
* based on the group type (instructors are given the MAINTAINER level and teaching
* assistants REPORTED).
*
* @param gitlabUserId the user id of the Gitlab user
* @param groups the new groups
*/
private void addUserToGroups(Long gitlabUserId, Set<String> groups) {
if (groups == null || groups.isEmpty()) {
return;
}
List<ProgrammingExercise> exercises = programmingExerciseRepository.findAllByInstructorOrEditorOrTAGroupNameIn(groups);
log.info("Update Gitlab permissions for programming exercises: " + exercises.stream().map(ProgrammingExercise::getProjectKey).toList());
// TODO: in case we update a tutor group / role here, the tutor should NOT get access to exam exercises before the exam has finished
for (var exercise : exercises) {
Course course = exercise.getCourseViaExerciseGroupOrCourseMember();
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(groups, course);
accessLevel.ifPresent(level -> addUserToGroup(exercise.getProjectKey(), gitlabUserId, level));
}
}
Also used :
ProgrammingExercise(de.tum.in.www1.artemis.domain.ProgrammingExercise)
Course(de.tum.in.www1.artemis.domain.Course)
AccessLevel(org.gitlab4j.api.models.AccessLevel)
Example 17 with AccessLevel
use of org.gitlab4j.api.models.AccessLevel in project Artemis by ls1intum.
the class GitlabRequestMockProvider method mockSetPermissionsForNewGroupMembers.
private void mockSetPermissionsForNewGroupMembers(List<ProgrammingExercise> programmingExercises, Set<de.tum.in.www1.artemis.domain.User> newUsers, Course updatedCourse) {
for (de.tum.in.www1.artemis.domain.User user : newUsers) {
try {
mockGetUserId(user.getLogin(), true, false);
Optional<AccessLevel> accessLevel = getAccessLevelFromUserGroups(user.getGroups(), updatedCourse);
if (accessLevel.isPresent()) {
mockAddUserToGroups(1L, programmingExercises, accessLevel.get());
} else {
mockRemoveMemberFromExercises(programmingExercises);
}
} catch (GitLabApiException e) {
throw new GitLabException("Error while trying to set permission for user in GitLab: " + user, e);
}
}
}
Also used :
GitLabException(de.tum.in.www1.artemis.service.connectors.gitlab.GitLabException)
AccessLevel(org.gitlab4j.api.models.AccessLevel)
Example 18 with AccessLevel
use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.
the class GitLabProjectApi method checkUserReleasePermission.
private boolean checkUserReleasePermission(GitLabProjectId projectId, ProjectAuthorizationAction action, AccessLevel accessLevel) {
try {
List<ProtectedTag> protectedTags = withRetries(() -> getGitLabApi(projectId.getGitLabMode()).getTagsApi().getProtectedTags(projectId.getGitLabId()));
if (protectedTags == null || protectedTags.isEmpty()) {
// By default user can perform a release if the user has developer access or above https://docs.gitlab.com/ee/user/permissions.html#release-permissions-with-protected-tags
return defaultReleaseAction(accessLevel);
}
protectedTags = protectedTags.stream().filter(a -> a.getName().startsWith("release") || a.getName().startsWith("version")).collect(Collectors.toList());
for (ProtectedTag tag : protectedTags) {
if (tag.getCreateAccessLevels().isEmpty()) {
return defaultReleaseAction(accessLevel);
}
// with th release protected tag the user must have the min access_level
List<ProtectedTag.CreateAccessLevel> matchedTags = tag.getCreateAccessLevels().stream().filter(a -> a.getAccess_level().value >= accessLevel.value).collect(Collectors.toList());
// if the machedTags are empty or null user access does not match any of the protected tags
if (matchedTags.isEmpty()) {
return defaultReleaseAction(accessLevel);
}
// User does not meet all criteria not authorized for the action
if (matchedTags.size() != tag.getCreateAccessLevels().size()) {
return false;
}
}
} catch (Exception e) {
throw buildException(e, () -> "Failed to get protected tags for " + projectId.getGitLabId());
}
return false;
}
Also used :
ProjectType(org.finos.legend.sdlc.domain.model.project.ProjectType)
ProjectStructureConfiguration(org.finos.legend.sdlc.server.project.config.ProjectStructureConfiguration)
Branch(org.gitlab4j.api.models.Branch)
GitLabConfiguration(org.finos.legend.sdlc.server.gitlab.GitLabConfiguration)
ProjectAuthorizationAction(org.finos.legend.sdlc.domain.model.project.accessRole.ProjectAuthorizationAction)
LoggerFactory(org.slf4j.LoggerFactory)
AccessLevel(org.gitlab4j.api.models.AccessLevel)
GitLabApiTools(org.finos.legend.sdlc.server.gitlab.tools.GitLabApiTools)
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
ProjectStructure(org.finos.legend.sdlc.server.project.ProjectStructure)
MergeRequest(org.gitlab4j.api.models.MergeRequest)
BackgroundTaskProcessor(org.finos.legend.sdlc.server.tools.BackgroundTaskProcessor)
EnumSet(java.util.EnumSet)
Visibility(org.gitlab4j.api.models.Visibility)
RepositoryApi(org.gitlab4j.api.RepositoryApi)
Pager(org.gitlab4j.api.Pager)
Set(java.util.Set)
Iterate(org.eclipse.collections.impl.utility.Iterate)
Collectors(java.util.stream.Collectors)
Objects(java.util.Objects)
ProjectConfigurationUpdateBuilder(org.finos.legend.sdlc.server.project.ProjectConfigurationUpdateBuilder)
List(java.util.List)
Stream(java.util.stream.Stream)
ProjectStructurePlatformExtensions(org.finos.legend.sdlc.server.project.ProjectStructurePlatformExtensions)
Pattern(java.util.regex.Pattern)
GitLabApi(org.gitlab4j.api.GitLabApi)
ProjectApi(org.finos.legend.sdlc.server.domain.api.project.ProjectApi)
Permissions(org.gitlab4j.api.models.Permissions)
Lists(org.eclipse.collections.api.factory.Lists)
GitLabUserContext(org.finos.legend.sdlc.server.gitlab.auth.GitLabUserContext)
ProjectStructureExtensionProvider(org.finos.legend.sdlc.server.project.extension.ProjectStructureExtensionProvider)
ProjectCreationConfiguration(org.finos.legend.sdlc.server.project.config.ProjectCreationConfiguration)
AccessRole(org.finos.legend.sdlc.domain.model.project.accessRole.AccessRole)
Inject(javax.inject.Inject)
StreamSupport(java.util.stream.StreamSupport)
PagerTools(org.finos.legend.sdlc.server.gitlab.tools.PagerTools)
Status(javax.ws.rs.core.Response.Status)
Sets(org.eclipse.collections.api.factory.Sets)
Logger(org.slf4j.Logger)
GitLabMode(org.finos.legend.sdlc.server.gitlab.mode.GitLabMode)
ProtectedTag(org.gitlab4j.api.models.ProtectedTag)
ProjectFileAccessProvider(org.finos.legend.sdlc.server.project.ProjectFileAccessProvider)
ListIterate(org.eclipse.collections.impl.utility.ListIterate)
WorkspaceType(org.finos.legend.sdlc.domain.model.project.workspace.WorkspaceType)
ProjectStructureVersion(org.finos.legend.sdlc.domain.model.project.configuration.ProjectStructureVersion)
GitLabProjectId(org.finos.legend.sdlc.server.gitlab.GitLabProjectId)
Project(org.finos.legend.sdlc.domain.model.project.Project)
ProjectConfiguration(org.finos.legend.sdlc.domain.model.project.configuration.ProjectConfiguration)
Revision(org.finos.legend.sdlc.domain.model.revision.Revision)
Comparator(java.util.Comparator)
ProjectAccess(org.gitlab4j.api.models.ProjectAccess)
Collections(java.util.Collections)
ProtectedTag(org.gitlab4j.api.models.ProtectedTag)
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
Example 19 with AccessLevel
use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.
the class GitLabProjectApi method checkUserAuthorizationAction.
@Override
public boolean checkUserAuthorizationAction(String id, ProjectAuthorizationAction action) {
try {
GitLabProjectId projectId = parseProjectId(id);
org.gitlab4j.api.models.Project gitLabProject = withRetries(() -> getGitLabApi(projectId.getGitLabMode()).getProjectApi().getProject(projectId.getGitLabId()));
if (!isLegendSDLCProject(gitLabProject)) {
throw new LegendSDLCServerException("Failed to get project " + id);
}
AccessLevel userLevel = getUserAccess(gitLabProject);
if (userLevel == null) {
return false;
}
return checkUserAction(projectId, action, userLevel);
} catch (Exception e) {
throw buildException(e, () -> "Failed to get project " + id);
}
}
Also used :
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
GitLabProjectId(org.finos.legend.sdlc.server.gitlab.GitLabProjectId)
AccessLevel(org.gitlab4j.api.models.AccessLevel)
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
Example 20 with AccessLevel
use of org.gitlab4j.api.models.AccessLevel in project legend-sdlc by finos.
the class GitLabProjectApi method getCurrentUserAccessRole.
@Override
public AccessRole getCurrentUserAccessRole(String id) {
LegendSDLCServerException.validateNonNull(id, "id may not be null");
try {
GitLabProjectId projectId = parseProjectId(id);
org.gitlab4j.api.models.Project gitLabProject = withRetries(() -> getGitLabApi(projectId.getGitLabMode()).getProjectApi().getProject(projectId.getGitLabId()));
if (!isLegendSDLCProject(gitLabProject)) {
throw new LegendSDLCServerException("Failed to get project " + id);
}
Permissions permissions = gitLabProject.getPermissions();
if (permissions != null) {
ProjectAccess projectAccess = permissions.getProjectAccess();
AccessLevel projectAccessLevel = (projectAccess == null) ? null : projectAccess.getAccessLevel();
if (projectAccessLevel != null) {
return new AccessRoleWrapper(projectAccessLevel);
}
ProjectAccess groupAccess = permissions.getGroupAccess();
AccessLevel groupAccessLevel = (groupAccess == null) ? null : groupAccess.getAccessLevel();
if (groupAccessLevel != null) {
return new AccessRoleWrapper(groupAccessLevel);
}
}
return null;
} catch (Exception e) {
throw buildException(e, () -> "Failed to get project " + id);
}
}
Also used :
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
GitLabProjectId(org.finos.legend.sdlc.server.gitlab.GitLabProjectId)
Permissions(org.gitlab4j.api.models.Permissions)
ProjectAccess(org.gitlab4j.api.models.ProjectAccess)
AccessLevel(org.gitlab4j.api.models.AccessLevel)
LegendSDLCServerException(org.finos.legend.sdlc.server.error.LegendSDLCServerException)
Aggregations
AccessLevel (org.gitlab4j.api.models.AccessLevel)21
Course (de.tum.in.www1.artemis.domain.Course)8
Permissions (org.gitlab4j.api.models.Permissions)6
GitLabApiException (org.gitlab4j.api.GitLabApiException)5
ProgrammingExercise (de.tum.in.www1.artemis.domain.ProgrammingExercise)4
User (de.tum.in.www1.artemis.domain.User)4
Collections (java.util.Collections)4
List (java.util.List)4
Objects (java.util.Objects)4
Set (java.util.Set)4
Collectors (java.util.stream.Collectors)4
LegendSDLCServerException (org.finos.legend.sdlc.server.error.LegendSDLCServerException)3
GitLabProjectId (org.finos.legend.sdlc.server.gitlab.GitLabProjectId)3
GitLabApi (org.gitlab4j.api.GitLabApi)3
Pager (org.gitlab4j.api.Pager)3
Visibility (org.gitlab4j.api.models.Visibility)3
Cache (com.google.common.cache.Cache)2
CacheBuilder (com.google.common.cache.CacheBuilder)2
Maps (com.google.common.collect.Maps)2
EventBus (com.google.common.eventbus.EventBus)2
