From b3d8161400c571eb88ff89b67bd748f933abb193 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Wed, 28 Jun 2023 21:55:17 +0200
Subject: [PATCH] Add Gitlab routes

---
 ExpressAPI/src/routes/ApiRoutesManager.ts |  2 +
 ExpressAPI/src/routes/GitlabRoutes.ts     | 67 +++++++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100644 ExpressAPI/src/routes/GitlabRoutes.ts

diff --git a/ExpressAPI/src/routes/ApiRoutesManager.ts b/ExpressAPI/src/routes/ApiRoutesManager.ts
index 24bf091..85ec024 100644
--- a/ExpressAPI/src/routes/ApiRoutesManager.ts
+++ b/ExpressAPI/src/routes/ApiRoutesManager.ts
@@ -3,6 +3,7 @@ import RoutesManager from '../express/RoutesManager';
 import BaseRoutes    from './BaseRoutes';
 import SessionRoutes from './SessionRoutes';
 import EnonceRoutes  from './EnonceRoutes';
+import GitlabRoutes  from './GitlabRoutes';
 
 
 class AdminRoutesManager implements RoutesManager {
@@ -22,6 +23,7 @@ class AdminRoutesManager implements RoutesManager {
         BaseRoutes.registerOnBackend(backend);
         SessionRoutes.registerOnBackend(backend);
         EnonceRoutes.registerOnBackend(backend);
+        GitlabRoutes.registerOnBackend(backend);
     }
 }
 
diff --git a/ExpressAPI/src/routes/GitlabRoutes.ts b/ExpressAPI/src/routes/GitlabRoutes.ts
new file mode 100644
index 0000000..77e9ed7
--- /dev/null
+++ b/ExpressAPI/src/routes/GitlabRoutes.ts
@@ -0,0 +1,67 @@
+import { Express }        from 'express-serve-static-core';
+import express            from 'express';
+import { StatusCodes }    from 'http-status-codes';
+import RoutesManager      from '../express/RoutesManager';
+import ApiRequest         from '../models/ApiRequest';
+import SecurityMiddleware from '../middlewares/SecurityMiddleware';
+import SecurityCheckType  from '../types/SecurityCheckType';
+import GitlabHelper       from '../helpers/GitlabHelper';
+import GitlabRepository   from '../shared/types/Gitlab/GitlabRepository';
+import GitlabVisibility   from '../shared/types/Gitlab/GitlabVisibility';
+import Config             from '../config/Config';
+import GitlabAccessLevel  from '../shared/types/Gitlab/GitlabAccessLevel';
+
+
+class EnonceRoutes implements RoutesManager {
+    private static _instance: EnonceRoutes;
+
+    private constructor() { }
+
+    public static get instance(): EnonceRoutes {
+        if ( !EnonceRoutes._instance ) {
+            EnonceRoutes._instance = new EnonceRoutes();
+        }
+
+        return EnonceRoutes._instance;
+    }
+
+    registerOnBackend(backend: Express) {
+        backend.get('/gitlab/project/:idOrNamespace/checkTemplateAccess', SecurityMiddleware.check(true, SecurityCheckType.TEACHING_STAFF), this.checkTemplateAccess);
+    }
+
+    private async checkTemplateAccess(req: ApiRequest, res: express.Response) {
+        const idOrNamespace: string = req.params.idOrNamespace;
+
+        // Get the Gitlab project and check if it have public or internal visibility
+        try {
+            const project: GitlabRepository = await GitlabHelper.getRepository(idOrNamespace);
+
+            if ( [ GitlabVisibility.Public.valueOf(), GitlabVisibility.Internal.valueOf() ].includes(project.visibility) ) {
+                return res.status(StatusCodes.OK).send();
+            }
+        } catch ( e ) {
+            return res.status(StatusCodes.NOT_FOUND).send();
+        }
+
+        // Check if the user and dojo are members (with at least reporter access) of the project
+        const members = await GitlabHelper.getRepositoryMembers(idOrNamespace);
+        const isUsersAtLeastReporter = {
+            user: false,
+            dojo: false
+        };
+        members.forEach(member => {
+            if ( member.access_level >= GitlabAccessLevel.Reporter ) {
+                if ( member.id === req.session.profile.userGitlabId ) {
+                    isUsersAtLeastReporter.user = true;
+                } else if ( member.id === Config.gitlab.account.id ) {
+                    isUsersAtLeastReporter.dojo = true;
+                }
+            }
+        });
+
+        req.session.sendResponse(res, isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED);
+    }
+}
+
+
+export default EnonceRoutes.instance;
-- 
GitLab