mirror of
https://github.com/gitpod-io/gitpod.git
synced 2025-12-08 17:36:30 +00:00
a05af0cc2e
* [bbs] fallback REPO_WRITE permission check to bbs * Use repos search api * Add test cases
50 lines
1.7 KiB
TypeScript
50 lines
1.7 KiB
TypeScript
/**
|
|
* Copyright (c) 2022 Gitpod GmbH. All rights reserved.
|
|
* Licensed under the GNU Affero General Public License (AGPL).
|
|
* See License.AGPL.txt in the project root for license information.
|
|
*/
|
|
|
|
import { inject, injectable } from "inversify";
|
|
import { CheckWriteAccessResult, IGitTokenValidator, IGitTokenValidatorParams } from "../workspace/git-token-validator";
|
|
import { BitbucketServerApi } from "./bitbucket-server-api";
|
|
|
|
@injectable()
|
|
export class BitbucketServerTokenValidator implements IGitTokenValidator {
|
|
@inject(BitbucketServerApi) protected readonly api: BitbucketServerApi;
|
|
|
|
async checkWriteAccess(params: IGitTokenValidatorParams): Promise<CheckWriteAccessResult> {
|
|
const { token, owner, repo, repoKind } = params;
|
|
if (!repoKind || !["users", "projects"].includes(repoKind)) {
|
|
throw new Error("repo kind is missing");
|
|
}
|
|
|
|
let found = false;
|
|
let isPrivateRepo: boolean | undefined;
|
|
let writeAccessToRepo: boolean | undefined = false;
|
|
|
|
try {
|
|
const repository = await this.api.getRepository(token, {
|
|
repoKind: repoKind as any,
|
|
owner,
|
|
repositorySlug: repo,
|
|
});
|
|
found = true;
|
|
isPrivateRepo = !repository.public;
|
|
writeAccessToRepo = await this.api.hasRepoPermission(token, {
|
|
permission: "REPO_WRITE",
|
|
projectKey: repository.project.key,
|
|
repoName: repository.name,
|
|
repoId: repository.id,
|
|
});
|
|
} catch (error) {
|
|
console.error(error);
|
|
}
|
|
|
|
return {
|
|
found,
|
|
isPrivateRepo,
|
|
writeAccessToRepo,
|
|
};
|
|
}
|
|
}
|