Skip to content
Snippets Groups Projects

Return error when client headers are missing (issue #19)

Closed joel.vonderwe requested to merge jw_issue_timeout into main
3 files
+ 13
6
Compare changes
  • Side-by-side
  • Inline

Files

@@ -16,6 +16,7 @@ import GitlabProfile from '../shared/types/Gitlab/GitlabProfile';
@@ -16,6 +16,7 @@ import GitlabProfile from '../shared/types/Gitlab/GitlabProfile';
import GitlabRelease from '../shared/types/Gitlab/GitlabRelease';
import GitlabRelease from '../shared/types/Gitlab/GitlabRelease';
import { CommitSchema, Gitlab } from '@gitbeaker/rest';
import { CommitSchema, Gitlab } from '@gitbeaker/rest';
import logger from '../shared/logging/WinstonLogger';
import logger from '../shared/logging/WinstonLogger';
 
import DojoStatusCode from '../shared/types/Dojo/DojoStatusCode';
class GitlabManager {
class GitlabManager {
@@ -97,11 +98,11 @@ class GitlabManager {
@@ -97,11 +98,11 @@ class GitlabManager {
}
}
}
}
async createRepository(name: string, description: string, visibility: string, initializeWithReadme: boolean, namespace: number, sharedRunnersEnabled: boolean, wikiEnabled: boolean, import_url: string): Promise<GitlabRepository> {
async createRepository(name: string, description: string, visibility: string, initializeWithReadme: boolean, namespace: number, sharedRunnersEnabled: boolean, wikiEnabled: boolean, importUrl: string): Promise<GitlabRepository> {
const response = await axios.post<GitlabRepository>(this.getApiUrl(GitlabRoute.REPOSITORY_CREATE), {
const response = await axios.post<GitlabRepository>(this.getApiUrl(GitlabRoute.REPOSITORY_CREATE), {
name : name,
name : name,
description : description,
description : description,
import_url : import_url,
import_url : importUrl,
initialize_with_readme: initializeWithReadme,
initialize_with_readme: initializeWithReadme,
namespace_id : namespace,
namespace_id : namespace,
shared_runners_enabled: sharedRunnersEnabled,
shared_runners_enabled: sharedRunnersEnabled,
@@ -112,8 +113,8 @@ class GitlabManager {
@@ -112,8 +113,8 @@ class GitlabManager {
return response.data;
return response.data;
}
}
async deleteRepository(repoId: number): Promise<void> {
deleteRepository(repoId: number): Promise<void> {
return await axios.delete(this.getApiUrl(GitlabRoute.REPOSITORY_DELETE).replace('{{id}}', String(repoId)));
return axios.delete(this.getApiUrl(GitlabRoute.REPOSITORY_DELETE).replace('{{id}}', String(repoId)));
}
}
async forkRepository(forkId: number, name: string, path: string, description: string, visibility: string, namespace: number): Promise<GitlabRepository> {
async forkRepository(forkId: number, name: string, path: string, description: string, visibility: string, namespace: number): Promise<GitlabRepository> {
@@ -134,8 +135,8 @@ class GitlabManager {
@@ -134,8 +135,8 @@ class GitlabManager {
return response.data;
return response.data;
}
}
async changeRepositoryVisibility(repoId: number, visibility: GitlabVisibility): Promise<GitlabRepository> {
changeRepositoryVisibility(repoId: number, visibility: GitlabVisibility): Promise<GitlabRepository> {
return await this.editRepository(repoId, { visibility: visibility.toString() });
return this.editRepository(repoId, { visibility: visibility.toString() });
}
}
async addRepositoryMember(repoId: number, userId: number, accessLevel: GitlabAccessLevel): Promise<GitlabMember> {
async addRepositoryMember(repoId: number, userId: number, accessLevel: GitlabAccessLevel): Promise<GitlabMember> {
@@ -169,16 +170,18 @@ class GitlabManager {
@@ -169,16 +170,18 @@ class GitlabManager {
return response.data;
return response.data;
}
}
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request): Promise<StatusCodes> {
async checkTemplateAccess(projectIdOrNamespace: string, req: express.Request, res?: express.Response): Promise<boolean> {
// Get the Gitlab project and check if it have public or internal visibility
// Get the Gitlab project and check if it have public or internal visibility
try {
try {
const project: GitlabRepository = await this.getRepository(projectIdOrNamespace);
const project: GitlabRepository = await this.getRepository(projectIdOrNamespace);
if ( [ GitlabVisibility.PUBLIC.valueOf(), GitlabVisibility.INTERNAL.valueOf() ].includes(project.visibility) ) {
if ( [ GitlabVisibility.PUBLIC.valueOf(), GitlabVisibility.INTERNAL.valueOf() ].includes(project.visibility) ) {
return StatusCodes.OK;
req.session.sendResponse(res, StatusCodes.OK);
 
return true;
}
}
} catch ( e ) {
} catch ( e ) {
return StatusCodes.NOT_FOUND;
req.session.sendResponse(res, StatusCodes.NOT_FOUND, undefined, 'Template not found', DojoStatusCode.GITLAB_TEMPLATE_NOT_FOUND);
 
return false;
}
}
// Check if the user and dojo are members (with at least reporter access) of the project
// Check if the user and dojo are members (with at least reporter access) of the project
@@ -197,7 +200,13 @@ class GitlabManager {
@@ -197,7 +200,13 @@ class GitlabManager {
}
}
});
});
return isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ? StatusCodes.OK : StatusCodes.UNAUTHORIZED;
if ( isUsersAtLeastReporter.user && isUsersAtLeastReporter.dojo ) {
 
req.session.sendResponse(res, StatusCodes.OK);
 
return true;
 
} else {
 
req.session.sendResponse(res, StatusCodes.UNAUTHORIZED, undefined, 'Template access unauthorized', DojoStatusCode.GITLAB_TEMPLATE_ACCESS_UNAUTHORIZED);
 
return false;
 
}
}
}
async protectBranch(repoId: number, branchName: string, allowForcePush: boolean, allowedToMerge: GitlabAccessLevel, allowedToPush: GitlabAccessLevel, allowedToUnprotect: GitlabAccessLevel): Promise<GitlabMember> {
async protectBranch(repoId: number, branchName: string, allowForcePush: boolean, allowedToMerge: GitlabAccessLevel, allowedToPush: GitlabAccessLevel, allowedToUnprotect: GitlabAccessLevel): Promise<GitlabMember> {
@@ -240,8 +249,12 @@ class GitlabManager {
@@ -240,8 +249,12 @@ class GitlabManager {
return results;
return results;
}
}
 
private getRepositoryFileUrl(repoId: number, filePath: string): string {
 
return this.getApiUrl(GitlabRoute.REPOSITORY_FILE).replace('{{id}}', String(repoId)).replace('{{filePath}}', encodeURIComponent(filePath));
 
}
 
async getFile(repoId: number, filePath: string, branch: string = 'main'): Promise<GitlabFile> {
async getFile(repoId: number, filePath: string, branch: string = 'main'): Promise<GitlabFile> {
const response = await axios.get<GitlabFile>(this.getApiUrl(GitlabRoute.REPOSITORY_FILE).replace('{{id}}', String(repoId)).replace('{{filePath}}', encodeURIComponent(filePath)), {
const response = await axios.get<GitlabFile>(this.getRepositoryFileUrl(repoId, filePath), {
params: {
params: {
ref: branch
ref: branch
}
}
@@ -253,7 +266,7 @@ class GitlabManager {
@@ -253,7 +266,7 @@ class GitlabManager {
private async createUpdateFile(create: boolean, repoId: number, filePath: string, fileBase64: string, commitMessage: string, branch: string = 'main', authorName: string = 'Dojo', authorMail: string | undefined = undefined) {
private async createUpdateFile(create: boolean, repoId: number, filePath: string, fileBase64: string, commitMessage: string, branch: string = 'main', authorName: string = 'Dojo', authorMail: string | undefined = undefined) {
const axiosFunction = create ? axios.post : axios.put;
const axiosFunction = create ? axios.post : axios.put;
await axiosFunction(this.getApiUrl(GitlabRoute.REPOSITORY_FILE).replace('{{id}}', String(repoId)).replace('{{filePath}}', encodeURIComponent(filePath)), {
await axiosFunction(this.getRepositoryFileUrl(repoId, filePath), {
encoding : 'base64',
encoding : 'base64',
branch : branch,
branch : branch,
commit_message: commitMessage,
commit_message: commitMessage,
@@ -272,7 +285,7 @@ class GitlabManager {
@@ -272,7 +285,7 @@ class GitlabManager {
}
}
async deleteFile(repoId: number, filePath: string, commitMessage: string, branch: string = 'main', authorName: string = 'Dojo', authorMail: string | undefined = undefined) {
async deleteFile(repoId: number, filePath: string, commitMessage: string, branch: string = 'main', authorName: string = 'Dojo', authorMail: string | undefined = undefined) {
await axios.delete(this.getApiUrl(GitlabRoute.REPOSITORY_FILE).replace('{{id}}', String(repoId)).replace('{{filePath}}', encodeURIComponent(filePath)), {
await axios.delete(this.getRepositoryFileUrl(repoId, filePath), {
data: {
data: {
branch : branch,
branch : branch,
commit_message: commitMessage,
commit_message: commitMessage,
Loading