@pranaysahith/decap-cms-backend-gitlab 3.4.0

package/src/AuthenticationPage.js

@@ -0,0 +1,126 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import styled from '@emotion/styled';
+import {
+  NetlifyAuthenticator,
+  ImplicitAuthenticator,
+  PkceAuthenticator,
+} from 'decap-cms-lib-auth';
+import { AuthenticationPage, Icon } from 'decap-cms-ui-default';
+
+const LoginButtonIcon = styled(Icon)`
+  margin-right: 18px;
+`;
+
+const clientSideAuthenticators = {
+  pkce: ({
+    base_url,
+    auth_endpoint,
+    app_id,
+    auth_token_endpoint}) =>
+    new PkceAuthenticator({
+      base_url,
+      auth_endpoint,
+      app_id,
+      auth_token_endpoint,
+      auth_token_endpoint_content_type: 'application/json; charset=utf-8',
+    }),
+
+  implicit: ({
+    base_url,
+    auth_endpoint,
+    app_id,
+    clearHash }) =>
+    new ImplicitAuthenticator({
+      base_url,
+      auth_endpoint,
+      app_id,
+      clearHash,
+    }),
+};
+
+export default class GitLabAuthenticationPage extends React.Component {
+  static propTypes = {
+    onLogin: PropTypes.func.isRequired,
+    inProgress: PropTypes.bool,
+    base_url: PropTypes.string,
+    siteId: PropTypes.string,
+    authEndpoint: PropTypes.string,
+    config: PropTypes.object.isRequired,
+    clearHash: PropTypes.func,
+    t: PropTypes.func.isRequired,
+  };
+
+  state = {};
+
+  componentDidMount() {
+    // Manually validate PropTypes - React 19 breaking change
+    PropTypes.checkPropTypes(GitLabAuthenticationPage.propTypes, this.props, 'prop', 'GitLabAuthenticationPage');
+
+    const {
+      auth_type: authType = '',
+      base_url = 'https://gitlab.com',
+      auth_endpoint = 'oauth/authorize',
+      app_id = '',
+    } = this.props.config.backend;
+
+    if (clientSideAuthenticators[authType]) {
+      this.auth = clientSideAuthenticators[authType]({
+        base_url,
+        auth_endpoint,
+        app_id,
+        auth_token_endpoint: 'oauth/token',
+        clearHash: this.props.clearHash,
+      });
+      // Complete implicit authentication if we were redirected back to from the provider.
+      this.auth.completeAuth((err, data) => {
+        if (err) {
+          this.setState({ loginError: err.toString() });
+          return;
+        }
+        this.props.onLogin(data);
+      });
+    } else {
+      this.auth = new NetlifyAuthenticator({
+        base_url: this.props.base_url,
+        site_id:
+          document.location.host.split(':')[0] === 'localhost'
+            ? 'demo.decapcms.org'
+            : this.props.siteId,
+        auth_endpoint: this.props.authEndpoint,
+      });
+    }
+  }
+
+  handleLogin = e => {
+    e.preventDefault();
+    this.auth.authenticate({ provider: 'gitlab', scope: 'api' }, (err, data) => {
+      if (err) {
+        this.setState({ loginError: err.toString() });
+        return;
+      }
+      this.props.onLogin(data);
+    });
+  };
+
+  render() {
+    const { inProgress, config, t } = this.props;
+    return (
+      <AuthenticationPage
+        onLogin={this.handleLogin}
+        loginDisabled={inProgress}
+        loginErrorMessage={this.state.loginError}
+        logoUrl={config.logo_url} // Deprecated, replaced by `logo.src`
+        logo={config.logo}
+        siteUrl={config.site_url}
+        renderButtonContent={() => (
+          <React.Fragment>
+            <LoginButtonIcon type="gitlab" />{' '}
+            {inProgress ? t('auth.loggingIn') : t('auth.loginWithGitLab')}
+          </React.Fragment>
+        )}
+        t={t}
+      />
+    );
+  }
+}

package/src/__tests__/API.spec.js

@@ -0,0 +1,187 @@
+import API, { getMaxAccess } from '../API';
+
+global.fetch = jest.fn().mockRejectedValue(new Error('should not call fetch inside tests'));
+
+jest.spyOn(console, 'log').mockImplementation(() => undefined);
+
+describe('GitLab API', () => {
+  beforeEach(() => {
+    jest.resetAllMocks();
+  });
+
+  describe('hasWriteAccess', () => {
+    test('should return true on project access_level >= 30', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest
+        .fn()
+        .mockResolvedValueOnce({ permissions: { project_access: { access_level: 30 } } });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(true);
+    });
+
+    test('should return false on project access_level < 30', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest
+        .fn()
+        .mockResolvedValueOnce({ permissions: { project_access: { access_level: 10 } } });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+    });
+
+    test('should return true on group access_level >= 30', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest
+        .fn()
+        .mockResolvedValueOnce({ permissions: { group_access: { access_level: 30 } } });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(true);
+    });
+
+    test('should return false on group access_level < 30', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest
+        .fn()
+        .mockResolvedValueOnce({ permissions: { group_access: { access_level: 10 } } });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+    });
+
+    test('should return true on shared group access_level >= 40', async () => {
+      const api = new API({ repo: 'repo' });
+      api.requestJSON = jest.fn().mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 40 }],
+      });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(true);
+
+      expect(api.requestJSON).toHaveBeenCalledTimes(1);
+    });
+
+    test('should return true on shared group access_level >= 30, developers can merge and push', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest.fn();
+      api.requestJSON.mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 30 }],
+      });
+      api.requestJSON.mockResolvedValueOnce({
+        developers_can_merge: true,
+        developers_can_push: true,
+      });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(true);
+    });
+
+    test('should return false on shared group access_level < 30,', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest.fn();
+      api.requestJSON.mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 20 }],
+      });
+      api.requestJSON.mockResolvedValueOnce({
+        developers_can_merge: true,
+        developers_can_push: true,
+      });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+    });
+
+    test("should return false on shared group access_level >= 30, developers can't merge", async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest.fn();
+      api.requestJSON.mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 30 }],
+      });
+      api.requestJSON.mockResolvedValueOnce({
+        developers_can_merge: false,
+        developers_can_push: true,
+      });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+    });
+
+    test("should return false on shared group access_level >= 30, developers can't push", async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest.fn();
+      api.requestJSON.mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 30 }],
+      });
+      api.requestJSON.mockResolvedValueOnce({
+        developers_can_merge: true,
+        developers_can_push: false,
+      });
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+    });
+
+    test('should return false on shared group access_level >= 30, error getting branch', async () => {
+      const api = new API({ repo: 'repo' });
+
+      api.requestJSON = jest.fn();
+      api.requestJSON.mockResolvedValueOnce({
+        permissions: { project_access: null, group_access: null },
+        shared_with_groups: [{ group_access_level: 10 }, { group_access_level: 30 }],
+      });
+
+      const error = new Error('Not Found');
+      api.requestJSON.mockRejectedValue(error);
+
+      await expect(api.hasWriteAccess()).resolves.toBe(false);
+
+      expect(console.log).toHaveBeenCalledTimes(1);
+      expect(console.log).toHaveBeenCalledWith('Failed getting default branch', error);
+    });
+  });
+
+  describe('getStatuses', () => {
+    test('should get preview statuses', async () => {
+      const api = new API({ repo: 'repo' });
+
+      const mr = { sha: 'sha' };
+      const statuses = [
+        { name: 'deploy', status: 'success', target_url: 'deploy-url' },
+        { name: 'build', status: 'pending' },
+      ];
+
+      api.getBranchMergeRequest = jest.fn(() => Promise.resolve(mr));
+      api.getMergeRequestStatues = jest.fn(() => Promise.resolve(statuses));
+
+      const collectionName = 'posts';
+      const slug = 'title';
+      await expect(api.getStatuses(collectionName, slug)).resolves.toEqual([
+        { context: 'deploy', state: 'success', target_url: 'deploy-url' },
+        { context: 'build', state: 'other' },
+      ]);
+
+      expect(api.getBranchMergeRequest).toHaveBeenCalledTimes(1);
+      expect(api.getBranchMergeRequest).toHaveBeenCalledWith('cms/posts/title');
+
+      expect(api.getMergeRequestStatues).toHaveBeenCalledTimes(1);
+      expect(api.getMergeRequestStatues).toHaveBeenCalledWith(mr, 'cms/posts/title');
+    });
+  });
+
+  describe('getMaxAccess', () => {
+    it('should return group with max access level', () => {
+      const groups = [
+        { group_access_level: 10 },
+        { group_access_level: 5 },
+        { group_access_level: 100 },
+        { group_access_level: 1 },
+      ];
+      expect(getMaxAccess(groups)).toBe(groups[2]);
+    });
+  });
+});