USEFULL
/
drone
mirror of https://github.com/harness/drone.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
drone/app/api/controller/migrate/controller.go

149 lines
4.3 KiB
Go
Raw Blame History

// Copyright 2023 Harness, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package migrate
import (
"context"
"fmt"
apiauth "github.com/harness/gitness/app/api/auth"
"github.com/harness/gitness/app/api/controller/limiter"
"github.com/harness/gitness/app/api/usererror"
"github.com/harness/gitness/app/auth"
"github.com/harness/gitness/app/auth/authz"
repoevents "github.com/harness/gitness/app/events/repo"
"github.com/harness/gitness/app/services/migrate"
"github.com/harness/gitness/app/services/publicaccess"
"github.com/harness/gitness/app/services/refcache"
"github.com/harness/gitness/app/store"
"github.com/harness/gitness/app/url"
"github.com/harness/gitness/audit"
"github.com/harness/gitness/git"
"github.com/harness/gitness/store/database/dbtx"
"github.com/harness/gitness/types"
"github.com/harness/gitness/types/check"
"github.com/harness/gitness/types/enum"
)
type Controller struct {
authorizer authz.Authorizer
publicAccess publicaccess.Service
git git.Interface
urlProvider url.Provider
pullreqImporter *migrate.PullReq
ruleImporter *migrate.Rule
webhookImporter *migrate.Webhook
labelImporter *migrate.Label
resourceLimiter limiter.ResourceLimiter
auditService audit.Service
identifierCheck check.RepoIdentifier
tx dbtx.Transactor
spaceStore store.SpaceStore
repoStore store.RepoStore
spaceFinder refcache.SpaceFinder
repoFinder refcache.RepoFinder
eventReporter *repoevents.Reporter
}
func NewController(
authorizer authz.Authorizer,
publicAccess publicaccess.Service,
git git.Interface,
urlProvider url.Provider,
pullreqImporter *migrate.PullReq,
ruleImporter *migrate.Rule,
webhookImporter *migrate.Webhook,
labelImporter *migrate.Label,
resourceLimiter limiter.ResourceLimiter,
auditService audit.Service,
identifierCheck check.RepoIdentifier,
tx dbtx.Transactor,
spaceStore store.SpaceStore,
repoStore store.RepoStore,
spaceFinder refcache.SpaceFinder,
repoFinder refcache.RepoFinder,
eventReporter *repoevents.Reporter,
) *Controller {
return &Controller{
authorizer: authorizer,
publicAccess: publicAccess,
git: git,
urlProvider: urlProvider,
pullreqImporter: pullreqImporter,
ruleImporter: ruleImporter,
webhookImporter: webhookImporter,
labelImporter: labelImporter,
resourceLimiter: resourceLimiter,
auditService: auditService,
identifierCheck: identifierCheck,
tx: tx,
spaceStore: spaceStore,
repoStore: repoStore,
spaceFinder: spaceFinder,
repoFinder: repoFinder,
eventReporter: eventReporter,
}
}
func (c *Controller) getRepoCheckAccess(
ctx context.Context,
session *auth.Session,
repoRef string,
reqPermission enum.Permission,
) (*types.RepositoryCore, error) {
if repoRef == "" {
return nil, usererror.BadRequest("A valid repository reference must be provided.")
}
repo, err := c.repoFinder.FindByRef(ctx, repoRef)
if err != nil {
return nil, fmt.Errorf("failed to find repo: %w", err)
}
// repo state check happens per operation as it varies given the stage of the migration.
if err = apiauth.CheckRepo(ctx, c.authorizer, session, repo, reqPermission); err != nil {
return nil, fmt.Errorf("failed to verify authorization: %w", err)
}
return repo, nil
}
func (c *Controller) getSpaceCheckAccess(
ctx context.Context,
session *auth.Session,
parentRef string,
reqPermission enum.Permission,
) (*types.SpaceCore, error) {
space, err := c.spaceFinder.FindByRef(ctx, parentRef)
if err != nil {
return nil, fmt.Errorf("parent space not found: %w", err)
}
err = apiauth.CheckSpaceScope(
ctx,
c.authorizer,
session,
space,
enum.ResourceTypeSpace,
reqPermission,
)
if err != nil {
return nil, fmt.Errorf("auth check failed: %w", err)
}
return space, nil
}
Reference in New Issue View Git Blame Copy Permalink