This is an automated email from the ASF dual-hosted git repository.
abeizn pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/incubator-devlake.git
The following commit(s) were added to refs/heads/main by this push:
new 5665982f7 fix: add token permission check (#4759)
5665982f7 is described below
commit 5665982f7fb95274714e398c1ade76ec794e8193
Author: mappjzc <[email protected]>
AuthorDate: Fri Mar 24 19:02:17 2023 +0800
fix: add token permission check (#4759)
Add token permissionn check on connection test.
Nddtfjiang <[email protected]>
---
backend/plugins/gitlab/api/connection.go | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/backend/plugins/gitlab/api/connection.go
b/backend/plugins/gitlab/api/connection.go
index 65867ec8a..e9cc6265c 100644
--- a/backend/plugins/gitlab/api/connection.go
+++ b/backend/plugins/gitlab/api/connection.go
@@ -19,7 +19,9 @@ package api
import (
"context"
+ "fmt"
"net/http"
+ "net/url"
"github.com/apache/incubator-devlake/core/errors"
"github.com/apache/incubator-devlake/core/plugin"
@@ -49,11 +51,24 @@ func TestConnection(input *plugin.ApiResourceInput)
(*plugin.ApiResourceOutput,
return nil, err
}
- _, err = api.NewApiClientFromConnection(context.TODO(), basicRes,
&connection)
+ apiClient, err := api.NewApiClientFromConnection(context.TODO(),
basicRes, &connection)
if err != nil {
return nil, err
}
+ // check API/read_api permissions
+ query := url.Values{}
+ query.Set("page", fmt.Sprintf("%v", 1))
+ query.Set("per_page", fmt.Sprintf("%v", 1))
+ res, err := apiClient.Get("projects", query, nil)
+ if err != nil {
+ return nil, err
+ }
+
+ if res.StatusCode == http.StatusForbidden {
+ return nil, errors.BadInput.New("token need api or read_api
permissions scope")
+ }
+
body := GitlabTestConnResponse{}
body.Success = true
body.Message = "success"
