Have gitlab default to True on permissions if they are missing

This allows the repositories to be selected in the UI, if we are unsure whether the user has permission. Since gitlab will do the check anyway, this is safe, although not a great user experience if they chose an invalid repository, but we can't really do much about that.
2017-05-02 13:11:57 -04:00 · 2017-05-02 13:11:57 -04:00 · bf41aedc9c
commit bf41aedc9c
parent a78d5fb9ff
3 changed files with 39 additions and 13 deletions
--- a/buildtrigger/gitlabhandler.py
+++ b/buildtrigger/gitlabhandler.py
@ -309,9 +309,22 @@ class GitLabBuildTrigger(BuildTriggerHandler):
    def repo_view(repo):
      # Because *anything* can be None in GitLab API!
      permissions = repo.get('permissions') or {}
+      group_access = permissions.get('group_access') or {}
      project_access = permissions.get('project_access') or {}
-      access_level = project_access.get('access_level') or 0
+
+      missing_group_access = permissions.get('group_access') is None
+      missing_project_access = permissions.get('project_access') is None
+
+      access_level = max(group_access.get('access_level') or 0,
+                         project_access.get('access_level') or 0)
+
      has_admin_permission = _ACCESS_LEVEL_MAP.get(access_level, ("", False))[1]
+      if missing_group_access or missing_project_access:
+        # Default to has permission if we cannot check the permissions. This will allow our users
+        # to select the repository and then GitLab's own checks will ensure that the webhook is
+        # added only if allowed.
+        # TODO: Do we want to display this differently in the UI?
+        has_admin_permission = True

      view = {
        'name': repo['path'],