You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@devlake.apache.org by ab...@apache.org on 2023/03/24 11:02:23 UTC
[incubator-devlake] branch main updated: fix: add token permission check (#4759)
This is an automated email from the ASF dual-hosted git repository.
abeizn pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-devlake.git
The following commit(s) were added to refs/heads/main by this push:
new 5665982f7 fix: add token permission check (#4759)
5665982f7 is described below
commit 5665982f7fb95274714e398c1ade76ec794e8193
Author: mappjzc <zh...@merico.dev>
AuthorDate: Fri Mar 24 19:02:17 2023 +0800
fix: add token permission check (#4759)
Add token permissionn check on connection test.
Nddtfjiang <zh...@merico.dev>
---
backend/plugins/gitlab/api/connection.go | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/backend/plugins/gitlab/api/connection.go b/backend/plugins/gitlab/api/connection.go
index 65867ec8a..e9cc6265c 100644
--- a/backend/plugins/gitlab/api/connection.go
+++ b/backend/plugins/gitlab/api/connection.go
@@ -19,7 +19,9 @@ package api
import (
"context"
+ "fmt"
"net/http"
+ "net/url"
"github.com/apache/incubator-devlake/core/errors"
"github.com/apache/incubator-devlake/core/plugin"
@@ -49,11 +51,24 @@ func TestConnection(input *plugin.ApiResourceInput) (*plugin.ApiResourceOutput,
return nil, err
}
- _, err = api.NewApiClientFromConnection(context.TODO(), basicRes, &connection)
+ apiClient, err := api.NewApiClientFromConnection(context.TODO(), basicRes, &connection)
if err != nil {
return nil, err
}
+ // check API/read_api permissions
+ query := url.Values{}
+ query.Set("page", fmt.Sprintf("%v", 1))
+ query.Set("per_page", fmt.Sprintf("%v", 1))
+ res, err := apiClient.Get("projects", query, nil)
+ if err != nil {
+ return nil, err
+ }
+
+ if res.StatusCode == http.StatusForbidden {
+ return nil, errors.BadInput.New("token need api or read_api permissions scope")
+ }
+
body := GitlabTestConnResponse{}
body.Success = true
body.Message = "success"