introduce functionality to assign/create team via group claim

2022-10-12 15:11:45 +02:00 · 2022-10-12 15:11:45 +02:00 · 69391fa0fb
parent 1ffec9da1f
commit 69391fa0fb
3 changed files with 89 additions and 1 deletions
--- a/pkg/models/error.go
+++ b/pkg/models/error.go
@ -1052,7 +1052,33 @@ func (err ErrTeamDoesNotExist) HTTPError() web.HTTPError {
 	return web.HTTPError{HTTPCode: http.StatusNotFound, Code: ErrCodeTeamDoesNotExist, Message: "This team does not exist."}
 }

+<<<<<<< HEAD
 // ErrTeamAlreadyHasAccess represents an error where a team already has access to a project
+=======
+type ErrTeamsDoNotExist struct {
+	Name string
+}
+
+// IsErrTeamDoNotExist checks if an error is ErrTeamDoesNotExist.
+func IsErrTeamsDoNotExist(err error) bool {
+	_, ok := err.(ErrTeamsDoNotExist)
+	return ok
+}
+
+func (err ErrTeamsDoNotExist) Error() string {
+	return fmt.Sprintf("Team does not exist [Team Name: %v]", err.Name)
+}
+
+// ErrCodeTeamDoesNotExist holds the unique world-error code of this error
+const ErrCodeTeamsDoNotExist = 6002
+
+// HTTPError holds the http error description
+func (err ErrTeamsDoNotExist) HTTPError() web.HTTPError {
+	return web.HTTPError{HTTPCode: http.StatusNotFound, Code: ErrCodeTeamDoesNotExist, Message: "No team with given name exists."}
+}
+
+// ErrTeamAlreadyHasAccess represents an error where a team already has access to a list/namespace
+>>>>>>> 2715a556... introduce functionality to assign/create team via group claim
 type ErrTeamAlreadyHasAccess struct {
 	TeamID int64
 	ID     int64
--- a/pkg/models/teams.go
+++ b/pkg/models/teams.go
@ -81,7 +81,7 @@ type TeamMember struct {
 }

 // TableName makes beautiful table names
-func (*TeamMember) TableName() string {
+func (TeamMember) TableName() string {
 	return "team_members"
 }

@ -128,6 +128,34 @@ func GetTeamByID(s *xorm.Session, id int64) (team *Team, err error) {

 	return
 }
+func GetTeamsByName(s *xorm.Session, name string) (teams []*Team, err error) {
+	if name == "" {
+		return teams, ErrTeamsDoNotExist{name}
+	}
+
+	var ts []*Team
+
+	exists := s.
+		Where("name = ?", name).
+		Find(&ts)
+	if exists != nil {
+		return
+	}
+	if len(ts) == 0 {
+		return ts, ErrTeamsDoNotExist{name}
+	}
+
+	// //for each ts
+	// teamSlice := []*Team{ts}
+	// err = addMoreInfoToTeams(s, teamSlice)
+	// if err != nil {
+	// 	return
+	// }
+
+	teams = ts
+
+	return
+}

 // GetTeamByOidcIDAndName gets teams where oidc_id and name match parameters
 // For oidc team creation oidcID and Name need to be set
@ -319,6 +347,37 @@ func (t *Team) Create(s *xorm.Session, a web.Auth) (err error) {
 	})
 }

+func (t *Team) CreateNoAdmin(s *xorm.Session, a web.Auth) (err error) {
+	doer, err := user.GetFromAuth(a)
+	if err != nil {
+		return err
+	}
+
+	// Check if we have a name
+	if t.Name == "" {
+		return ErrTeamNameCannotBeEmpty{}
+	}
+
+	t.CreatedByID = doer.ID
+	t.CreatedBy = doer
+
+	_, err = s.Insert(t)
+	if err != nil {
+		return
+	}
+
+	// Insert the current user as member and admin
+	tm := TeamMember{TeamID: t.ID, Username: doer.Username, Admin: false}
+	if err = tm.Create(s, doer); err != nil {
+		return err
+	}
+
+	return events.Dispatch(&TeamCreatedEvent{
+		Team: t,
+		Doer: a,
+	})
+}
+
 // Delete deletes a team
 // @Summary Deletes a team
 // @Description Delets a team. This will also remove the access for all users in that team.
--- a/pkg/modules/auth/openid/openid.go
+++ b/pkg/modules/auth/openid/openid.go
@ -191,6 +191,9 @@ func HandleCallback(c echo.Context) error {

 	// Check if we have seen this user before
 	u, err := getOrCreateUser(s, cl, idToken.Issuer, idToken.Subject)
+
+	log.Errorf("Issuer %s: %v", idToken.Issuer, err)
+
 	if err != nil {
 		_ = s.Rollback()
 		log.Errorf("Error creating new user for provider %s: %v", provider.Name, err)