Skip to content
Snippets Groups Projects
Commit 105be403 authored by michael.minelli's avatar michael.minelli
Browse files

Gitlab => Move check template access to a function

parent 43c4dbec
No related branches found
No related tags found
No related merge requests found
......@@ -3,6 +3,9 @@ import Config from '../config/Config';
import GitlabRepository from '../shared/types/Gitlab/GitlabRepository';
import GitlabAccessLevel from '../shared/types/Gitlab/GitlabAccessLevel';
import GitlabMember from '../shared/types/Gitlab/GitlabMember';
import { StatusCodes } from 'http-status-codes';
import GitlabVisibility from '../shared/types/Gitlab/GitlabVisibility';
import ApiRequest from '../models/ApiRequest';
enum GitlabRoutes {
......@@ -65,6 +68,37 @@ class GitlabHelper {
return response.data;
}
async checkTemplateAccess(idOrNamespace: string, req: ApiRequest): Promise<StatusCodes> {
// Get the Gitlab project and check if it have public or internal visibility
try {
const project: GitlabRepository = await this.getRepository(idOrNamespace);
if ( [ GitlabVisibility.Public.valueOf(), GitlabVisibility.Internal.valueOf() ].includes(project.visibility) ) {
return StatusCodes.OK;
}
} catch ( e ) {
return StatusCodes.NOT_FOUND;
}
// Check if the user and dojo are members (with at least reporter access) of the project
const members = await this.getRepositoryMembers(idOrNamespace);
const isUsersAtLeastReporter = {
user: false,
dojo: false
};
members.forEach(member => {
if ( member.access_level >= GitlabAccessLevel.Reporter ) {
if ( member.id === req.session.profile.userGitlabId ) {
isUsersAtLeastReporter.user = true;
} else if ( member.id === Config.gitlab.account.id ) {
isUsersAtLeastReporter.dojo = true;
}
}
});
return isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED;
}
}
......
import { Express } from 'express-serve-static-core';
import express from 'express';
import { StatusCodes } from 'http-status-codes';
import RoutesManager from '../express/RoutesManager';
import ApiRequest from '../models/ApiRequest';
import SecurityMiddleware from '../middlewares/SecurityMiddleware';
import SecurityCheckType from '../types/SecurityCheckType';
import GitlabHelper from '../helpers/GitlabHelper';
import GitlabRepository from '../shared/types/Gitlab/GitlabRepository';
import GitlabVisibility from '../shared/types/Gitlab/GitlabVisibility';
import Config from '../config/Config';
import GitlabAccessLevel from '../shared/types/Gitlab/GitlabAccessLevel';
class EnonceRoutes implements RoutesManager {
......@@ -32,34 +27,7 @@ class EnonceRoutes implements RoutesManager {
private async checkTemplateAccess(req: ApiRequest, res: express.Response) {
const idOrNamespace: string = req.params.idOrNamespace;
// Get the Gitlab project and check if it have public or internal visibility
try {
const project: GitlabRepository = await GitlabHelper.getRepository(idOrNamespace);
if ( [ GitlabVisibility.Public.valueOf(), GitlabVisibility.Internal.valueOf() ].includes(project.visibility) ) {
return res.status(StatusCodes.OK).send();
}
} catch ( e ) {
return res.status(StatusCodes.NOT_FOUND).send();
}
// Check if the user and dojo are members (with at least reporter access) of the project
const members = await GitlabHelper.getRepositoryMembers(idOrNamespace);
const isUsersAtLeastReporter = {
user: false,
dojo: false
};
members.forEach(member => {
if ( member.access_level >= GitlabAccessLevel.Reporter ) {
if ( member.id === req.session.profile.userGitlabId ) {
isUsersAtLeastReporter.user = true;
} else if ( member.id === Config.gitlab.account.id ) {
isUsersAtLeastReporter.dojo = true;
}
}
});
req.session.sendResponse(res, isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED);
return res.status(await GitlabHelper.checkTemplateAccess(idOrNamespace, req)).send();
}
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment