From f8b063a0bcea5bc34c2885c82114f16ef6b5a852 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 17 Jun 2024 17:56:16 +0300 Subject: [PATCH] [#4358,#4359] Feature/LDAP Decommissioning - Removed LDAP group endpoints (icla,ecla) - Updated gerrit onboarding API input with no icla &&& ccla group IDs - Updated signed handlers to remove ldap group additions on signing - Updated approval list handling of gerrit users (TODO - update a new way of handling users) Signed-off-by: Harold Wanyama --- .../cmd/dynamo_events_lambda/main.go | 7 +- .../handler/handler.go | 7 +- .../cmd/migrate_approval_list/main.go | 2 +- cla-backend-go/cmd/server.go | 8 +- .../gerrits/mocks/mock_repository.go | 143 +++++++ cla-backend-go/gerrits/models.go | 21 +- cla-backend-go/gerrits/repository.go | 21 +- cla-backend-go/gerrits/service.go | 280 +------------ cla-backend-go/gerrits/service_test.go | 47 +++ cla-backend-go/signatures/repository.go | 127 +++--- cla-backend-go/swagger/cla.v2.yaml | 390 +++++++++--------- .../swagger/common/add-gerrit-input.yaml | 14 - cla-backend-go/swagger/common/gerrit.yaml | 19 - cla-backend-go/v2/gerrits/handlers.go | 386 +++++++++-------- cla-backend-go/v2/sign/service.go | 70 ++-- 15 files changed, 707 insertions(+), 835 deletions(-) create mode 100644 cla-backend-go/gerrits/mocks/mock_repository.go create mode 100644 cla-backend-go/gerrits/service_test.go diff --git a/cla-backend-go/cmd/dynamo_events_lambda/main.go b/cla-backend-go/cmd/dynamo_events_lambda/main.go index ee910d335..652f7e4e3 100644 --- a/cla-backend-go/cmd/dynamo_events_lambda/main.go +++ b/cla-backend-go/cmd/dynamo_events_lambda/main.go @@ -115,12 +115,7 @@ func init() { githubOrganizationsService := github_organizations.NewService(githubOrganizationsRepo, repositoriesRepo, projectClaGroupRepo) repositoriesService := repositories.NewService(repositoriesRepo, githubOrganizationsRepo, projectClaGroupRepo) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - }) + gerritService := gerrits.NewService(gerritRepo) // Services projectService := service.NewService(projectRepo, repositoriesRepo, gerritRepo, projectClaGroupRepo, usersRepo) diff --git a/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go b/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go index f4b261403..1097ffa52 100644 --- a/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go +++ b/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go @@ -137,12 +137,7 @@ func Handler(ctx context.Context) error { v1ProjectClaGroupRepo, }) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - }) + gerritService := gerrits.NewService(gerritRepo) approvalsTableName := "cla-" + stage + "-approvals" diff --git a/cla-backend-go/cmd/migrate_approval_list/main.go b/cla-backend-go/cmd/migrate_approval_list/main.go index 574b58356..63f6c387f 100644 --- a/cla-backend-go/cmd/migrate_approval_list/main.go +++ b/cla-backend-go/cmd/migrate_approval_list/main.go @@ -81,7 +81,7 @@ func init() { v1ProjectClaGroupRepo, }) ghOrgRepo = github_organizations.NewRepository(awsSession, stage) - gerritService = gerrits.NewService(gerritsRepo, nil) + gerritService = gerrits.NewService(gerritsRepo) signatureRepo = signatures.NewRepository(awsSession, stage, companyRepo, usersRepo, eventsService, &ghRepo, ghOrgRepo, gerritService, approvalRepo) log.Info("initialized repositories\n") diff --git a/cla-backend-go/cmd/server.go b/cla-backend-go/cmd/server.go index 1e67f9680..e2291e37d 100644 --- a/cla-backend-go/cmd/server.go +++ b/cla-backend-go/cmd/server.go @@ -273,13 +273,7 @@ func server(localMode bool) http.Handler { v1ProjectClaGroupRepo, }) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - EventsService: eventsService, - }) + gerritService := gerrits.NewService(gerritRepo) // Signature repository handler signaturesRepo := signatures.NewRepository(awsSession, stage, v1CompanyRepo, usersRepo, eventsService, gitV1Repository, githubOrganizationsRepo, gerritService, approvalsRepo) diff --git a/cla-backend-go/gerrits/mocks/mock_repository.go b/cla-backend-go/gerrits/mocks/mock_repository.go new file mode 100644 index 000000000..6d45afc36 --- /dev/null +++ b/cla-backend-go/gerrits/mocks/mock_repository.go @@ -0,0 +1,143 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +// Code generated by MockGen. DO NOT EDIT. +// Source: gerrits/repository.go + +// Package mock_gerrits is a generated GoMock package. +package mock_gerrits + +import ( + context "context" + reflect "reflect" + + models "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + gomock "github.com/golang/mock/gomock" +) + +// MockRepository is a mock of Repository interface. +type MockRepository struct { + ctrl *gomock.Controller + recorder *MockRepositoryMockRecorder +} + +// MockRepositoryMockRecorder is the mock recorder for MockRepository. +type MockRepositoryMockRecorder struct { + mock *MockRepository +} + +// NewMockRepository creates a new mock instance. +func NewMockRepository(ctrl *gomock.Controller) *MockRepository { + mock := &MockRepository{ctrl: ctrl} + mock.recorder = &MockRepositoryMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockRepository) EXPECT() *MockRepositoryMockRecorder { + return m.recorder +} + +// AddGerrit mocks base method. +func (m *MockRepository) AddGerrit(ctx context.Context, input *models.Gerrit) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AddGerrit", ctx, input) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AddGerrit indicates an expected call of AddGerrit. +func (mr *MockRepositoryMockRecorder) AddGerrit(ctx, input interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AddGerrit", reflect.TypeOf((*MockRepository)(nil).AddGerrit), ctx, input) +} + +// DeleteGerrit mocks base method. +func (m *MockRepository) DeleteGerrit(ctx context.Context, gerritID string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteGerrit", ctx, gerritID) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteGerrit indicates an expected call of DeleteGerrit. +func (mr *MockRepositoryMockRecorder) DeleteGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteGerrit", reflect.TypeOf((*MockRepository)(nil).DeleteGerrit), ctx, gerritID) +} + +// ExistsByName mocks base method. +func (m *MockRepository) ExistsByName(ctx context.Context, gerritName string) ([]*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ExistsByName", ctx, gerritName) + ret0, _ := ret[0].([]*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ExistsByName indicates an expected call of ExistsByName. +func (mr *MockRepositoryMockRecorder) ExistsByName(ctx, gerritName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ExistsByName", reflect.TypeOf((*MockRepository)(nil).ExistsByName), ctx, gerritName) +} + +// GetClaGroupGerrits mocks base method. +func (m *MockRepository) GetClaGroupGerrits(ctx context.Context, claGroupID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClaGroupGerrits", ctx, claGroupID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClaGroupGerrits indicates an expected call of GetClaGroupGerrits. +func (mr *MockRepositoryMockRecorder) GetClaGroupGerrits(ctx, claGroupID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClaGroupGerrits", reflect.TypeOf((*MockRepository)(nil).GetClaGroupGerrits), ctx, claGroupID) +} + +// GetGerrit mocks base method. +func (m *MockRepository) GetGerrit(ctx context.Context, gerritID string) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerrit", ctx, gerritID) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerrit indicates an expected call of GetGerrit. +func (mr *MockRepositoryMockRecorder) GetGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerrit", reflect.TypeOf((*MockRepository)(nil).GetGerrit), ctx, gerritID) +} + +// GetGerritsByID mocks base method. +func (m *MockRepository) GetGerritsByID(ctx context.Context, ID, IDType string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritsByID", ctx, ID, IDType) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritsByID indicates an expected call of GetGerritsByID. +func (mr *MockRepositoryMockRecorder) GetGerritsByID(ctx, ID, IDType interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritsByID", reflect.TypeOf((*MockRepository)(nil).GetGerritsByID), ctx, ID, IDType) +} + +// GetGerritsByProjectSFID mocks base method. +func (m *MockRepository) GetGerritsByProjectSFID(ctx context.Context, projectSFID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritsByProjectSFID", ctx, projectSFID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritsByProjectSFID indicates an expected call of GetGerritsByProjectSFID. +func (mr *MockRepositoryMockRecorder) GetGerritsByProjectSFID(ctx, projectSFID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritsByProjectSFID", reflect.TypeOf((*MockRepository)(nil).GetGerritsByProjectSFID), ctx, projectSFID) +} diff --git a/cla-backend-go/gerrits/models.go b/cla-backend-go/gerrits/models.go index b31689693..f15a074d0 100644 --- a/cla-backend-go/gerrits/models.go +++ b/cla-backend-go/gerrits/models.go @@ -27,18 +27,15 @@ type Gerrit struct { // toModel converts the gerrit structure into a response model func (g *Gerrit) toModel() *models.Gerrit { return &models.Gerrit{ - DateCreated: g.DateCreated, - DateModified: g.DateModified, - GerritID: strfmt.UUID4(g.GerritID), - GerritName: g.GerritName, - GerritURL: strfmt.URI(g.GerritURL), - GroupIDCcla: g.GroupIDCcla, - GroupIDIcla: g.GroupIDIcla, - GroupNameCcla: g.GroupNameCcla, - GroupNameIcla: g.GroupNameIcla, - ProjectID: g.ProjectID, - Version: g.Version, - ProjectSFID: g.ProjectSFID, + DateCreated: g.DateCreated, + DateModified: g.DateModified, + GerritID: strfmt.UUID4(g.GerritID), + GerritName: g.GerritName, + GerritURL: strfmt.URI(g.GerritURL), + GroupIDCcla: g.GroupIDCcla, + ProjectID: g.ProjectID, + Version: g.Version, + ProjectSFID: g.ProjectSFID, } } diff --git a/cla-backend-go/gerrits/repository.go b/cla-backend-go/gerrits/repository.go index d9f4ae410..80207f3e3 100644 --- a/cla-backend-go/gerrits/repository.go +++ b/cla-backend-go/gerrits/repository.go @@ -71,18 +71,15 @@ func (repo *repo) AddGerrit(ctx context.Context, input *models.Gerrit) (*models. } _, currentTime := utils.CurrentTime() gerrit := &Gerrit{ - DateCreated: currentTime, - DateModified: currentTime, - GerritID: gerritID.String(), - GerritName: input.GerritName, - GerritURL: input.GerritURL.String(), - GroupIDCcla: input.GroupIDCcla, - GroupIDIcla: input.GroupIDIcla, - GroupNameCcla: input.GroupNameCcla, - GroupNameIcla: input.GroupNameIcla, - ProjectID: input.ProjectID, - ProjectSFID: input.ProjectSFID, - Version: input.Version, + DateCreated: currentTime, + DateModified: currentTime, + GerritID: gerritID.String(), + GerritName: input.GerritName, + GerritURL: input.GerritURL.String(), + GroupIDCcla: input.GroupIDCcla, + ProjectID: input.ProjectID, + ProjectSFID: input.ProjectSFID, + Version: input.Version, } av, err := dynamodbattribute.MarshalMap(gerrit) if err != nil { diff --git a/cla-backend-go/gerrits/service.go b/cla-backend-go/gerrits/service.go index ecc72b236..b10e9ce92 100644 --- a/cla-backend-go/gerrits/service.go +++ b/cla-backend-go/gerrits/service.go @@ -11,7 +11,7 @@ import ( "net/url" "strings" - "github.com/LF-Engineering/lfx-kit/auth" + // "github.com/LF-Engineering/lfx-kit/auth" "github.com/go-openapi/strfmt" @@ -21,7 +21,7 @@ import ( "github.com/communitybridge/easycla/cla-backend-go/utils" "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" - v2Models "github.com/communitybridge/easycla/cla-backend-go/gen/v2/models" + // v2Models "github.com/communitybridge/easycla/cla-backend-go/gen/v2/models" log "github.com/communitybridge/easycla/cla-backend-go/logging" ) @@ -35,23 +35,16 @@ type Service interface { GetGerritRepos(ctx context.Context, gerritName string) (*models.GerritRepoList, error) DeleteClaGroupGerrits(ctx context.Context, claGroupID string) (int, error) DeleteGerrit(ctx context.Context, gerritID string) error - GetUsersOfGroup(ctx context.Context, authUser *auth.User, claGroupID, claType string) (*v2Models.GerritGroupResponse, error) - AddUserToGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error - AddUsersToGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error - RemoveUserFromGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error - RemoveUsersFromGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error } type service struct { - repo Repository - lfGroup *LFGroup + repo Repository } // NewService creates a new gerrit service -func NewService(repo Repository, lfg *LFGroup) Service { +func NewService(repo Repository) Service { return service{ - repo: repo, - lfGroup: lfg, + repo: repo, } } @@ -62,34 +55,10 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s "claGroupID": claGroupID, "projectSFID": projectSFID, } - if params.GroupIDIcla == "" && params.GroupIDCcla == "" { - return nil, errors.New("should specify at least a LDAP group for ICLA or CCLA") - } log.WithFields(f).Debugf("cla groupID %s", claGroupID) log.WithFields(f).Debugf("project Model %+v", claGroupModel) - if claGroupModel.ProjectCCLAEnabled && claGroupModel.ProjectICLAEnabled { - if params.GroupIDCcla == "" { - return nil, errors.New("please provide GroupIDCcla") - } - if params.GroupIDIcla == "" { - return nil, errors.New("please provide GroupIDIcla") - } - } else if claGroupModel.ProjectCCLAEnabled { - if params.GroupIDCcla == "" { - return nil, errors.New("please provide GroupIDCcla") - } - } else if claGroupModel.ProjectICLAEnabled { - if params.GroupIDIcla == "" { - return nil, errors.New("please provide GroupIDIcla") - } - } - - if params.GroupIDIcla == params.GroupIDCcla { - return nil, errors.New("LDAP group for ICLA and CCLA are same") - } - if params.GerritName == nil { return nil, errors.New("gerrit_name required") } @@ -104,59 +73,16 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s return nil, errors.New("gerrit_name already present in the system") } - gerritCcla, err := s.repo.GetGerritsByID(ctx, params.GroupIDCcla, "CCLA") - if err != nil { - message := fmt.Sprintf("unable to get gerrit by ccla id : %s", params.GroupIDCcla) - log.WithFields(f).WithError(err).Warnf(message) - } - - if len(gerritCcla.List) > 0 { - return nil, errors.New("gerrit_ccla id already present in the system") - } - - gerritIcla, err := s.repo.GetGerritsByID(ctx, params.GroupIDIcla, "ICLA") - if err != nil { - message := fmt.Sprintf("unable to get gerrit by icla : %s", params.GroupIDIcla) - log.WithFields(f).WithError(err).Warnf(message) - } - - if len(gerritIcla.List) > 0 { - return nil, errors.New("gerrit_icla id already present in the system") - } - if params.GerritURL == nil { return nil, errors.New("gerrit_url required") } - var groupNameCcla, groupNameIcla string - if params.GroupIDIcla != "" { - group, err := s.lfGroup.GetGroup(ctx, params.GroupIDIcla) - if err != nil { - message := fmt.Sprintf("unable to get LDAP ICLA Group: %s", params.GroupIDIcla) - log.WithFields(f).WithError(err).Warnf(message) - return nil, errors.New(message) - } - groupNameIcla = group.Title - } - if params.GroupIDCcla != "" { - group, err := s.lfGroup.GetGroup(ctx, params.GroupIDCcla) - if err != nil { - message := fmt.Sprintf("unable to get LDAP CCLA Group: %s", params.GroupIDCcla) - log.WithFields(f).WithError(err).Warnf(message) - return nil, errors.New(message) - } - groupNameCcla = group.Title - } input := &models.Gerrit{ - GerritName: utils.StringValue(params.GerritName), - GerritURL: strfmt.URI(*params.GerritURL), - GroupIDCcla: params.GroupIDCcla, - GroupIDIcla: params.GroupIDIcla, - GroupNameCcla: groupNameCcla, - GroupNameIcla: groupNameIcla, - ProjectID: claGroupID, - ProjectSFID: projectSFID, - Version: params.Version, + GerritName: utils.StringValue(params.GerritName), + GerritURL: strfmt.URI(*params.GerritURL), + ProjectID: claGroupID, + ProjectSFID: projectSFID, + Version: params.Version, } return s.repo.AddGerrit(ctx, input) } @@ -278,192 +204,6 @@ func (s service) DeleteGerrit(ctx context.Context, gerritID string) error { return s.repo.DeleteGerrit(ctx, gerritID) } -// GetUsersOfGroup -func (s service) GetUsersOfGroup(ctx context.Context, authUser *auth.User, claGroupID, claType string) (*v2Models.GerritGroupResponse, error) { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.GetUsersOfGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return nil, gerritErr - } - - // Just load the first one... - if len(g.List) > 0 { - gerritModel := g.List[0] - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return nil, &utils.InvalidCLAType{ - CLAType: claType, - } - } - - log.WithFields(f).Debugf("querying for members of gerrit group: %s...", ldapGroupName) - g, gerritErr := s.lfGroup.GetUsersOfGroup(ctx, authUser, claGroupID, ldapGroupName) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return nil, gerritErr - } - return g, nil - } - - return nil, nil -} - -// AddUserToGroup adds the specified user to the group -func (s service) AddUserToGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.AddUserToGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userName": userName, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return gerritErr - } - - for _, gerritModel := range g.List { - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return &utils.InvalidCLAType{ - CLAType: claType, - } - } - log.WithFields(f).Debugf("LDAP group name: %s", ldapGroupName) - addErr := s.lfGroup.AddUserToGroup(ctx, authUser, claGroupID, ldapGroupName, userName) - if addErr != nil { - log.WithFields(f).WithError(addErr).Warnf("unable to add user %s to group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - return gerritErr - } - log.WithFields(f).Debugf("added user %s to group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - - // Log Event - } - - return nil -} - -// AddUsersToGroup adds the specified users to the group -func (s service) AddUsersToGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.AddUsersToGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userNameList": strings.Join(userNameList, ","), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - var errorList []error - for _, userName := range userNameList { - err := s.AddUserToGroup(ctx, authUser, claGroupID, userName, claType) - if err != nil { - log.WithFields(f).WithError(err).Warnf("encountered an error when adding username: %s to the CLA Group: %s", userName, claGroupID) - errorList = append(errorList, err) - } - } - - if len(errorList) > 0 { - log.WithFields(f).Warnf("encountered %d errors when adding %d users to the CLA Group: %s", len(errorList), len(userNameList), claGroupID) - return errorList[0] - } - - return nil -} - -// RemoveUserFromGroup removes the specified user from the group -func (s service) RemoveUserFromGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.RemoveUserFromGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userName": userName, - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return gerritErr - } - - for _, gerritModel := range g.List { - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return &utils.InvalidCLAType{ - CLAType: claType, - } - } - log.WithFields(f).Debugf("LDAP group name: %s", ldapGroupName) - addErr := s.lfGroup.RemoveUserFromGroup(ctx, authUser, claGroupID, ldapGroupName, userName) - if addErr != nil { - log.WithFields(f).WithError(addErr).Warnf("unable to remove user %s from group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - return gerritErr - } - log.WithFields(f).Debugf("removed user %s from group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - - // Log Event - } - - return nil -} - -// RemoveUsersFromGroup removes the specified users from the group -func (s service) RemoveUsersFromGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.RemoveUsersFromGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userNameList": strings.Join(userNameList, ","), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - var errorList []error - for _, userName := range userNameList { - err := s.RemoveUserFromGroup(ctx, authUser, claGroupID, userName, claType) - if err != nil { - log.WithFields(f).WithError(err).Warnf("encountered an error when removing username: %s from the CLA Group: %s", userName, claGroupID) - errorList = append(errorList, err) - } - } - - if len(errorList) > 0 { - log.WithFields(f).Warnf("encountered %d errors when removing %d users from the CLA Group: %s", len(errorList), len(userNameList), claGroupID) - return errorList[0] - } - - return nil -} - // convertModel is a helper function to create a GerritRepoList response model func convertModel(responseModel map[string]GerritRepoInfo, serverInfo *ServerInfo) *models.GerritRepoList { var gerritRepos []*models.GerritRepo diff --git a/cla-backend-go/gerrits/service_test.go b/cla-backend-go/gerrits/service_test.go new file mode 100644 index 000000000..457361f6a --- /dev/null +++ b/cla-backend-go/gerrits/service_test.go @@ -0,0 +1,47 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +package gerrits + +import ( + "context" + "testing" + + "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + gerritsMock "github.com/communitybridge/easycla/cla-backend-go/gerrits/mocks" + "github.com/golang/mock/gomock" + "github.com/stretchr/testify/assert" +) + +func TestService_AddGerrit(t *testing.T) { + // AddGerrit test case + + gerritName := "ONAP" + gerritURL := "https://gerrit.onap.org" + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + mockRepo := gerritsMock.NewMockRepository(ctrl) + mockRepo.EXPECT().AddGerrit(gomock.Any(), gomock.Any()).Return(&models.Gerrit{ + GerritID: "e82c469a-55ea-492d-9722-fd30b31da2aa", + GerritName: "ONAP", + GerritURL: "https://gerrit.onap.org", + ProjectID: "projectID", + }, nil) + + //Gerrit repo by name does not exist + mockRepo.EXPECT().ExistsByName(context.TODO(), "ONAP").Return(nil, nil) + + service := NewService(mockRepo) + gerrit, err := service.AddGerrit(context.TODO(), "projectID", "projectSFID", &models.AddGerritInput{ + GerritName: &gerritName, + GerritURL: &gerritURL, + }, &models.ClaGroup{ + ProjectID: "projectID", + }) + + assert.NotNil(t, gerrit) + assert.NoError(t, err) + +} diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index b98540b44..cf103f4e7 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -19,7 +19,6 @@ import ( "github.com/communitybridge/easycla/cla-backend-go/config" - "github.com/LF-Engineering/lfx-kit/auth" "github.com/sirupsen/logrus" "github.com/communitybridge/easycla/cla-backend-go/users" @@ -3198,10 +3197,10 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model PageSize: utils.Int64(10), } - authUser := auth.User{ - Email: claManager.LfEmail.String(), - UserName: claManager.LfUsername, - } + // authUser := auth.User{ + // Email: claManager.LfEmail.String(), + // UserName: claManager.LfUsername, + // } // Keep track of gerrit users under a give CLA Group var gerritICLAECLAs []string @@ -3212,8 +3211,8 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model goRoutines := 2 gerritResultChannel := make(chan *GerritUserResponse, goRoutines) gerritQueryStartTime, _ := utils.CurrentTime() - go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeICLA, gerritResultChannel) - go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeECLA, gerritResultChannel) + // go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeICLA, gerritResultChannel) + // go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeECLA, gerritResultChannel) log.WithFields(f).Debug("waiting on gerrit user query results from 2 go routines...") for i := 0; i < goRoutines; i++ { @@ -3311,19 +3310,19 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model } } else { - // Update gerrit user - if utils.StringInSlice(user.LfUsername, gerritICLAECLAs) { - gerritIclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) - if gerritIclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).WithError(gerritIclaErr).Warn(msg) - } - eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) - if eclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).WithError(eclaErr).Warn(msg) - } - } + // // Update gerrit user + // if utils.StringInSlice(user.LfUsername, gerritICLAECLAs) { + // // gerritIclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) + // if gerritIclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).WithError(gerritIclaErr).Warn(msg) + // } + // eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) + // if eclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).WithError(eclaErr).Warn(msg) + // } + // } results <- &ICLAUserResponse{ ICLASignature: &models.IclaSignature{ GithubUsername: icla.UserGHUsername, @@ -4051,10 +4050,10 @@ func (repo repository) verifyUserApprovals(ctx context.Context, userID, signatur } email := getBestEmail(user) - authUser := auth.User{ - Email: claManager.LfEmail.String(), - UserName: claManager.LfUsername, - } + // authUser := auth.User{ + // Email: claManager.LfEmail.String(), + // UserName: claManager.LfUsername, + // } if approvalList.Criteria == utils.EmailDomainCriteria { // Handle Domains @@ -4070,20 +4069,20 @@ func (repo repository) verifyUserApprovals(ctx context.Context, userID, signatur return user, err } - // Update Gerrit group users - if utils.StringInSlice(user.LfUsername, approvalList.GerritICLAECLAs) { - log.WithFields(f).Debugf("removing gerrit user:%s from claGroup: %s ...", user.LfUsername, approvalList.ClaGroupID) - iclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) - if iclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).Warn(msg) - } - eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) - if eclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).Warn(msg) - } - } + // // Update Gerrit group users + // if utils.StringInSlice(user.LfUsername, approvalList.GerritICLAECLAs) { + // log.WithFields(f).Debugf("removing gerrit user:%s from claGroup: %s ...", user.LfUsername, approvalList.ClaGroupID) + // iclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) + // if iclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).Warn(msg) + // } + // eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) + // if eclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).Warn(msg) + // } + // } } } } else if approvalList.Criteria == utils.GitHubOrgCriteria { @@ -4945,32 +4944,32 @@ func (repo repository) ActivateSignature(ctx context.Context, signatureID string } // getGerritUsers is a helper function to fetch the list of gerrit users for the specified type - results are returned through the specified results channel -func (repo repository) getGerritUsers(ctx context.Context, authUser *auth.User, projectSFID string, claType string, gerritResultChannel chan *GerritUserResponse) { - f := logrus.Fields{ - "functionName": "v1.signatures.repository.getGerritUsers", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "projectSFID": projectSFID, - } - log.WithFields(f).Debugf("querying gerrit for %s gerrit users...", claType) - gerritIclaUsers, getGerritQueryErr := repo.gerritService.GetUsersOfGroup(ctx, authUser, projectSFID, claType) - if getGerritQueryErr != nil || gerritIclaUsers == nil { - msg := fmt.Sprintf("unable to fetch gerrit users for claGroup: %s , claType: %s ", projectSFID, claType) - log.WithFields(f).WithError(getGerritQueryErr).Warn(msg) - gerritResultChannel <- &GerritUserResponse{ - gerritGroupResponse: nil, - queryType: claType, - Error: errors.New(msg), - } - return - } - - log.WithFields(f).Debugf("retrieved %d gerrit users for CLA type: %s...", len(gerritIclaUsers.Members), claType) - gerritResultChannel <- &GerritUserResponse{ - gerritGroupResponse: gerritIclaUsers, - queryType: claType, - Error: nil, - } -} +// func (repo repository) getGerritUsers(ctx context.Context, authUser *auth.User, projectSFID string, claType string, gerritResultChannel chan *GerritUserResponse) { +// // f := logrus.Fields{ +// // "functionName": "v1.signatures.repository.getGerritUsers", +// // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), +// // "projectSFID": projectSFID, +// // } +// // log.WithFields(f).Debugf("querying gerrit for %s gerrit users...", claType) +// // gerritIclaUsers, getGerritQueryErr := repo.gerritService.GetUsersOfGroup(ctx, authUser, projectSFID, claType) +// // if getGerritQueryErr != nil || gerritIclaUsers == nil { +// // msg := fmt.Sprintf("unable to fetch gerrit users for claGroup: %s , claType: %s ", projectSFID, claType) +// // log.WithFields(f).WithError(getGerritQueryErr).Warn(msg) +// // gerritResultChannel <- &GerritUserResponse{ +// // gerritGroupResponse: nil, +// // queryType: claType, +// // Error: errors.New(msg), +// // } +// // return +// // } + +// // log.WithFields(f).Debugf("retrieved %d gerrit users for CLA type: %s...", len(gerritIclaUsers.Members), claType) +// gerritResultChannel <- &GerritUserResponse{ +// gerritGroupResponse: nil, +// queryType: claType, +// Error: nil, +// } +// } func buildNextKey(indexName string, signature *models.Signature) (string, error) { nextKey := make(map[string]*dynamodb.AttributeValue) diff --git a/cla-backend-go/swagger/cla.v2.yaml b/cla-backend-go/swagger/cla.v2.yaml index 56da4ebbb..428aab844 100644 --- a/cla-backend-go/swagger/cla.v2.yaml +++ b/cla-backend-go/swagger/cla.v2.yaml @@ -3222,201 +3222,201 @@ paths: tags: - gerrits - /cla-group/{claGroupID}/project/{projectSFID}/gerrits/icla/user: - get: - summary: Get Gerrit ICLA Users - description: Gets the authorized individual CLA users from a gerrit instance for the CLA Group/Projecct - operationId: getGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - schema: - $ref: '#/definitions/gerrit-group-response' - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - put: - summary: Add Gerrit ICLA Users - description: Adds one or more individual CLA users to the gerrit CLA Group/project - operationId: addGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: add-gerrit-user-input - schema: - $ref: '#/definitions/add-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - delete: - summary: Remove Gerrit ICLA Users - description: Removes one or more individual CLA users from a gerrit instance for the CLA Group/Project - operationId: removeGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: remove-gerrit-user-input - schema: - $ref: '#/definitions/remove-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - - /cla-group/{claGroupID}/project/{projectSFID}/gerrits/ecla/user: - get: - summary: Get Gerrit ECLA Users - description: Gets the authorized employee CLA users from a gerrit instance for the CLA Group/Projecct - operationId: getGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - schema: - $ref: '#/definitions/gerrit-group-response' - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - put: - summary: Add Gerrit ECLA Users - description: Adds one or more employee CLA users to a gerrit instance for the CLA Group/Project - operationId: addGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: add-gerrit-user-input - schema: - $ref: '#/definitions/add-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - delete: - summary: Remove Gerrit ECLA Users - description: Removes one or more employee CLA users from a gerrit instance for the project - operationId: removeGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: remove-gerrit-user-input - schema: - $ref: '#/definitions/remove-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits + # /cla-group/{claGroupID}/project/{projectSFID}/gerrits/icla/user: + # get: + # summary: Get Gerrit ICLA Users + # description: Gets the authorized individual CLA users from a gerrit instance for the CLA Group/Projecct + # operationId: getGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # schema: + # $ref: '#/definitions/gerrit-group-response' + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # put: + # summary: Add Gerrit ICLA Users + # description: Adds one or more individual CLA users to the gerrit CLA Group/project + # operationId: addGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: add-gerrit-user-input + # schema: + # $ref: '#/definitions/add-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # delete: + # summary: Remove Gerrit ICLA Users + # description: Removes one or more individual CLA users from a gerrit instance for the CLA Group/Project + # operationId: removeGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: remove-gerrit-user-input + # schema: + # $ref: '#/definitions/remove-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + + # /cla-group/{claGroupID}/project/{projectSFID}/gerrits/ecla/user: + # get: + # summary: Get Gerrit ECLA Users + # description: Gets the authorized employee CLA users from a gerrit instance for the CLA Group/Projecct + # operationId: getGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # schema: + # $ref: '#/definitions/gerrit-group-response' + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # put: + # summary: Add Gerrit ECLA Users + # description: Adds one or more employee CLA users to a gerrit instance for the CLA Group/Project + # operationId: addGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: add-gerrit-user-input + # schema: + # $ref: '#/definitions/add-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # delete: + # summary: Remove Gerrit ECLA Users + # description: Removes one or more employee CLA users from a gerrit instance for the project + # operationId: removeGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: remove-gerrit-user-input + # schema: + # $ref: '#/definitions/remove-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits /cla-group/{claGroupID}/user/{userID}/icla: put: summary: Invalidate ICLA record diff --git a/cla-backend-go/swagger/common/add-gerrit-input.yaml b/cla-backend-go/swagger/common/add-gerrit-input.yaml index 9ad977a16..858bafa89 100644 --- a/cla-backend-go/swagger/common/add-gerrit-input.yaml +++ b/cla-backend-go/swagger/common/add-gerrit-input.yaml @@ -26,20 +26,6 @@ properties: minLength: 10 maxLength: 255 pattern: ^(?:http(s)?:\/\/).+$ - groupIdCcla: - type: string - description: the LDAP group ID for CCLA encoded as a string value - example: '1902' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ - groupIdIcla: - type: string - description: the LDAP group ID for ICLA encoded as a string value - example: '1903' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ version: type: string description: the version associated with the gerrit record diff --git a/cla-backend-go/swagger/common/gerrit.yaml b/cla-backend-go/swagger/common/gerrit.yaml index 589cc40c2..e3d738c44 100644 --- a/cla-backend-go/swagger/common/gerrit.yaml +++ b/cla-backend-go/swagger/common/gerrit.yaml @@ -40,25 +40,6 @@ properties: minLength: 1 maxLength: 12 pattern: ^[1-9]\d{0,11}$ - groupIdIcla: - type: string - description: the LDAP group ID for ICLA encoded as a string value - example: '1903' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ - groupNameCcla: - type: string - description: the LDAP group name for CCLA - example: 'onap-cla-ccla' - minLength: 3 - maxLength: 20 - groupNameIcla: - type: string - description: the LDAP group name for ICLA - example: 'onap-cla-icla' - minLength: 3 - maxLength: 20 projectSFID: type: string description: the Project SalesForce ID (external ID) associated with this gerrit record diff --git a/cla-backend-go/v2/gerrits/handlers.go b/cla-backend-go/v2/gerrits/handlers.go index c0da4a705..1fb02686a 100644 --- a/cla-backend-go/v2/gerrits/handlers.go +++ b/cla-backend-go/v2/gerrits/handlers.go @@ -129,11 +129,9 @@ func Configure(api *operations.EasyclaAPI, v1Service v1Gerrits.Service, projectS // add the gerrit addGerritInput := &v1Models.AddGerritInput{ - GerritName: params.AddGerritInput.GerritName, - GerritURL: params.AddGerritInput.GerritURL, - GroupIDCcla: params.AddGerritInput.GroupIDCcla, - GroupIDIcla: params.AddGerritInput.GroupIDIcla, - Version: "v2", + GerritName: params.AddGerritInput.GerritName, + GerritURL: params.AddGerritInput.GerritURL, + Version: "v2", } result, err := v1Service.AddGerrit(ctx, params.ClaGroupID, params.ProjectSFID, addGerritInput, projectModel) if err != nil { @@ -261,195 +259,195 @@ func Configure(api *operations.EasyclaAPI, v1Service v1Gerrits.Service, projectS return gerrits.NewGetGerritReposOK().WithXRequestID(reqID).WithPayload(&response) }) - api.GerritsGetGerritICLAUserHandler = gerrits.GetGerritICLAUserHandlerFunc(func(params gerrits.GetGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsGetGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewGetGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("getting user list to gerrit...") - responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewGetGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewGetGerritICLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) - }) - - api.GerritsGetGerritECLAUserHandler = gerrits.GetGerritECLAUserHandlerFunc(func(params gerrits.GetGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsGetGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewGetGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("getting user list to gerrit...") - responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewGetGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewGetGerritECLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) - }) - - api.GerritsAddGerritICLAUserHandler = gerrits.AddGerritICLAUserHandlerFunc(func(params gerrits.AddGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsAddGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.AddGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewAddGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("adding user list to gerrit...") - err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewAddGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewAddGerritICLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsRemoveGerritICLAUserHandler = gerrits.RemoveGerritICLAUserHandlerFunc(func(params gerrits.RemoveGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsRemoveGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewRemoveGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("removing user list from gerrit...") - err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewRemoveGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewRemoveGerritICLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsAddGerritECLAUserHandler = gerrits.AddGerritECLAUserHandlerFunc(func(params gerrits.AddGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsAddGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.AddGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewAddGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("adding user list to gerrit...") - err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewAddGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewAddGerritECLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsRemoveGerritECLAUserHandler = gerrits.RemoveGerritECLAUserHandlerFunc(func(params gerrits.RemoveGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsRemoveGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewRemoveGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("removing user list from gerrit...") - err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewRemoveGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewRemoveGerritECLAUserOK().WithXRequestID(reqID) - }) + // api.GerritsGetGerritICLAUserHandler = gerrits.GetGerritICLAUserHandlerFunc(func(params gerrits.GetGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsGetGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewGetGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("getting user list to gerrit...") + // responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewGetGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewGetGerritICLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) + // }) + + // api.GerritsGetGerritECLAUserHandler = gerrits.GetGerritECLAUserHandlerFunc(func(params gerrits.GetGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsGetGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewGetGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("getting user list to gerrit...") + // responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewGetGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewGetGerritECLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) + // }) + + // api.GerritsAddGerritICLAUserHandler = gerrits.AddGerritICLAUserHandlerFunc(func(params gerrits.AddGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsAddGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.AddGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewAddGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("adding user list to gerrit...") + // err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewAddGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewAddGerritICLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsRemoveGerritICLAUserHandler = gerrits.RemoveGerritICLAUserHandlerFunc(func(params gerrits.RemoveGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsRemoveGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewRemoveGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("removing user list from gerrit...") + // err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewRemoveGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewRemoveGerritICLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsAddGerritECLAUserHandler = gerrits.AddGerritECLAUserHandlerFunc(func(params gerrits.AddGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsAddGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.AddGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewAddGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("adding user list to gerrit...") + // err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewAddGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewAddGerritECLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsRemoveGerritECLAUserHandler = gerrits.RemoveGerritECLAUserHandlerFunc(func(params gerrits.RemoveGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsRemoveGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewRemoveGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("removing user list from gerrit...") + // err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewRemoveGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewRemoveGerritECLAUserOK().WithXRequestID(reqID) + // }) } diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index 2438ea8f9..f13d370dc 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -1007,17 +1007,17 @@ func (s *service) SignedIndividualCallbackGerrit(ctx context.Context, payload [] CLAGroupID: signature.ProjectID, }) - // Add User to Gerrit Group - if claUser.LfUsername != "" { - log.WithFields(f).Debugf("adding user to gerrit group: %s", claUser.LfUsername) - err = s.gerritService.AddUserToGroup(ctx, nil, signature.ProjectID, claUser.LfUsername, utils.ClaTypeICLA) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") - return err - } - } else { - log.WithFields(f).Warnf("user LF username is empty") - } + // // Add User to Gerrit Group + // if claUser.LfUsername != "" { + // log.WithFields(f).Debugf("adding user to gerrit group: %s", claUser.LfUsername) + // err = s.gerritService.AddUserToGroup(ctx, nil, signature.ProjectID, claUser.LfUsername, utils.ClaTypeICLA) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") + // return err + // } + // } else { + // log.WithFields(f).Warnf("user LF username is empty") + // } } else { log.WithFields(f).Debugf("envelope not signed - status: %s", status) @@ -1194,30 +1194,30 @@ func (s *service) SignedCorporateCallback(ctx context.Context, payload []byte, c CompanySFID: companyModel.CompanyExternalID, }) - // Check if project is a gerrit instance - var gerrits []*v1Models.Gerrit - gerritList, err := s.gerritService.GetClaGroupGerrits(ctx, projectID) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to get gerrit instances for project: %s", projectID) - gerrits = []*v1Models.Gerrit{} - } else { - log.WithFields(f).Debugf("gerrit instances found for project: %s", projectID) - gerrits = gerritList.List - } - - // Add User to Gerrit Group - if len(gerrits) > 0 { - if user.LfUsername != "" { - log.WithFields(f).Debugf("adding user to gerrit group: %s", user.LfUsername) - err = s.gerritService.AddUserToGroup(ctx, nil, projectID, user.LfUsername, utils.ClaTypeCCLA) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") - return err - } - } else { - log.WithFields(f).Warnf("user LF username is empty") - } - } + // // Check if project is a gerrit instance + // var gerrits []*v1Models.Gerrit + // gerritList, err := s.gerritService.GetClaGroupGerrits(ctx, projectID) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to get gerrit instances for project: %s", projectID) + // gerrits = []*v1Models.Gerrit{} + // } else { + // log.WithFields(f).Debugf("gerrit instances found for project: %s", projectID) + // gerrits = gerritList.List + // } + + // // Add User to Gerrit Group + // if len(gerrits) > 0 { + // if user.LfUsername != "" { + // log.WithFields(f).Debugf("adding user to gerrit group: %s", user.LfUsername) + // err = s.gerritService.AddUserToGroup(ctx, nil, projectID, user.LfUsername, utils.ClaTypeCCLA) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") + // return err + // } + // } else { + // log.WithFields(f).Warnf("user LF username is empty") + // } + // } return nil