Add Gitlab routes

b3d81614 · michael.minelli · 0dc8e76d · b3d81614 · b3d81614
Commit b3d81614 authored 2 years ago by michael.minelli
--- a/ExpressAPI/src/routes/ApiRoutesManager.ts
+++ b/ExpressAPI/src/routes/ApiRoutesManager.ts
@@ -3,6 +3,7 @@ import RoutesManager from '../express/RoutesManager';
 import BaseRoutes    from './BaseRoutes';
 import SessionRoutes from './SessionRoutes';
 import EnonceRoutes  from './EnonceRoutes';
+import GitlabRoutes  from './GitlabRoutes';
 class AdminRoutesManager implements RoutesManager {
@@ -22,6 +23,7 @@ class AdminRoutesManager implements RoutesManager {
        BaseRoutes.registerOnBackend(backend);
        SessionRoutes.registerOnBackend(backend);
        EnonceRoutes.registerOnBackend(backend);
+        GitlabRoutes.registerOnBackend(backend);
    }
 }

--- a/ExpressAPI/src/routes/GitlabRoutes.ts
+++ b/ExpressAPI/src/routes/GitlabRoutes.ts
+import { Express }        from 'express-serve-static-core';
+import express            from 'express';
+import { StatusCodes }    from 'http-status-codes';
+import RoutesManager      from '../express/RoutesManager';
+import ApiRequest         from '../models/ApiRequest';
+import SecurityMiddleware from '../middlewares/SecurityMiddleware';
+import SecurityCheckType  from '../types/SecurityCheckType';
+import GitlabHelper       from '../helpers/GitlabHelper';
+import GitlabRepository   from '../shared/types/Gitlab/GitlabRepository';
+import GitlabVisibility   from '../shared/types/Gitlab/GitlabVisibility';
+import Config             from '../config/Config';
+import GitlabAccessLevel  from '../shared/types/Gitlab/GitlabAccessLevel';
+class EnonceRoutes implements RoutesManager {
+    private static _instance: EnonceRoutes;
+    private constructor() { }
+    public static get instance(): EnonceRoutes {
+        if ( !EnonceRoutes._instance ) {
+            EnonceRoutes._instance = new EnonceRoutes();
+        }
+        return EnonceRoutes._instance;
+    }
+    registerOnBackend(backend: Express) {
+        backend.get('/gitlab/project/:idOrNamespace/checkTemplateAccess', SecurityMiddleware.check(true, SecurityCheckType.TEACHING_STAFF), this.checkTemplateAccess);
+    }
+    private async checkTemplateAccess(req: ApiRequest, res: express.Response) {
+        const idOrNamespace: string = req.params.idOrNamespace;
+        // Get the Gitlab project and check if it have public or internal visibility
+        try {
+            const project: GitlabRepository = await GitlabHelper.getRepository(idOrNamespace);
+            if ( [ GitlabVisibility.Public.valueOf(), GitlabVisibility.Internal.valueOf() ].includes(project.visibility) ) {
+                return res.status(StatusCodes.OK).send();
+            }
+        } catch ( e ) {
+            return res.status(StatusCodes.NOT_FOUND).send();
+        }
+        // Check if the user and dojo are members (with at least reporter access) of the project
+        const members = await GitlabHelper.getRepositoryMembers(idOrNamespace);
+        const isUsersAtLeastReporter = {
+            user: false,
+            dojo: false
+        };
+        members.forEach(member => {
+            if ( member.access_level >= GitlabAccessLevel.Reporter ) {
+                if ( member.id === req.session.profile.userGitlabId ) {
+                    isUsersAtLeastReporter.user = true;
+                } else if ( member.id === Config.gitlab.account.id ) {
+                    isUsersAtLeastReporter.dojo = true;
+                }
+            }
+        });
+        req.session.sendResponse(res, isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED);
+    }
+}
+export default EnonceRoutes.instance;