Added WRITE_REPOSITORY scope and test for same.

1a6f7e7c · Greg Messner · 970a3690 · 1a6f7e7c · 1a6f7e7c
Commit 1a6f7e7c authored Jun 07, 2019 by Greg Messner
--- a/src/main/java/org/gitlab4j/api/utils/AccessTokenUtils.java
+++ b/src/main/java/org/gitlab4j/api/utils/AccessTokenUtils.java
@@ -8,6 +8,7 @@ import java.net.HttpURLConnection;
 import java.net.URL;
 import java.net.URLConnection;
 import java.net.URLEncoder;
+import java.util.Arrays;
 import java.util.List;
 import java.util.StringJoiner;
 import java.util.regex.Matcher;
@@ -39,7 +40,9 @@ public final class AccessTokenUtils {

        /**
         * Allows to read (pull) container registry images if a project is private and
-         * authorization is required (introduced in GitLab 9.3).
+         * authorization is required (introduced in GitLab 9.3).  If the GitLab server you
+         * are using does not have the Registry properly configured, using this scope will
+         * result in an exception.
         */
        READ_REGISTRY,

@@ -58,7 +61,12 @@ public final class AccessTokenUtils {
         * Allows performing API actions as any user in the system,
         * if the authenticated user is an admin (introduced in GitLab 10.2).
         */
-        SUDO;
+        SUDO,
+
+        /**
+         * Grants read-write access to repositories on private projects using Git-over-HTTP (not using the API).
+         */
+        WRITE_REPOSITORY;

        private static JacksonJsonEnumHelper<Scope> enumHelper = new JacksonJsonEnumHelper<>(Scope.class);

@@ -99,6 +107,27 @@ public final class AccessTokenUtils {
    protected static final String HEALTH_CHECK_ACCESS_TOKEN_REGEX = "id=\"health-check-token\">([^<]*)<\\/code>";
    protected static final Pattern HEALTH_CHECK_ACCESS_TOKEN_PATTERN = Pattern.compile(HEALTH_CHECK_ACCESS_TOKEN_REGEX);

+    /**
+     * Create a GitLab personal access token with the provided configuration.
+     *
+     * @param baseUrl the GitLab server base URL
+     * @param username the user name to create the personal access token for
+     * @param password the password of the user to create the personal access token for
+     * @param tokenName the name for the new personal access token
+     * @param scopes an array of scopes for the new personal access token
+     * @return the created personal access token
+     * @throws GitLabApiException if any exception occurs
+     */
+    public static final String createPersonalAccessToken(final String baseUrl, final String username,
+            final String password, final String tokenName, final Scope[] scopes) throws GitLabApiException {
+
+        if (scopes == null || scopes.length == 0) {
+            throw new RuntimeException("scopes cannot be null or empty");
+        }
+
+        return (createPersonalAccessToken(baseUrl, username, password, tokenName, Arrays.asList(scopes)));
+    }
+
    /**
     * Create a GitLab personal access token with the provided configuration.
     *
@@ -232,6 +261,26 @@ public final class AccessTokenUtils {
        }
    }

+    /**
+     * Revoke the first matching GitLab personal access token.
+     *
+     * @param baseUrl the GitLab server base URL
+     * @param username the user name to revoke the personal access token for
+     * @param password the password of the user to revoke the personal access token for
+     * @param tokenName the name of the personal access token to revoke
+     * @param scopes an array of scopes of the personal access token to revoke
+     * @throws GitLabApiException if any exception occurs
+     */
+    public static final void revokePersonalAccessToken(final String baseUrl, final String username,
+            final String password, final String tokenName, final Scope[] scopes) throws GitLabApiException {
+
+        if (scopes == null || scopes.length == 0) {
+            throw new RuntimeException("scopes cannot be null or empty");
+        }
+
+        revokePersonalAccessToken(baseUrl, username, password, tokenName, Arrays.asList(scopes));
+    }
+
    /**
     * Revoke the first matching GitLab personal access token.
     *

--- a/src/test/java/org/gitlab4j/api/TestAccessTokenUtils.java
+++ b/src/test/java/org/gitlab4j/api/TestAccessTokenUtils.java
@@ -70,9 +70,11 @@ public class TestAccessTokenUtils {

        final String tokenName = "Testing Token Creation-" + HelperUtils.getRandomInt(1000);

+        // NOTE: READ_REGISTRY scope is left out because the GitLab server docker instance does not have the
+        // registry configured and the test would thus fail.
+        Scope[] scopes = {Scope.API, Scope.READ_USER, Scope.READ_REPOSITORY, Scope.WRITE_REPOSITORY, Scope.SUDO};
        String accessToken = AccessTokenUtils.createPersonalAccessToken(
-                TEST_HOST_URL, TEST_LOGIN_USERNAME, TEST_LOGIN_PASSWORD,
-                tokenName, Arrays.asList(Scope.API, Scope.SUDO));
+                TEST_HOST_URL, TEST_LOGIN_USERNAME, TEST_LOGIN_PASSWORD, tokenName, scopes);
        System.out.format("Created '%s' personal access token: %s%n", tokenName, accessToken);

        assertNotNull(accessToken);
@@ -81,8 +83,7 @@ public class TestAccessTokenUtils {
        // Go ahead and revoke (delete) the just created access token
        try {
            AccessTokenUtils.revokePersonalAccessToken(
-                TEST_HOST_URL, TEST_LOGIN_USERNAME, TEST_LOGIN_PASSWORD,
-                tokenName, Arrays.asList(Scope.API, Scope.SUDO));
+                TEST_HOST_URL, TEST_LOGIN_USERNAME, TEST_LOGIN_PASSWORD, tokenName, scopes);
            System.out.format("Revoked '%s' personal access token: %s%n", tokenName, accessToken);
        } catch (Exception ignore) {}
    }