[openSUSE/open-build-service] a1eb7a: Refactor code for tokens

26 Apr 2021

      Branch: refs/heads/refactor_trigger_webhooks_controllers
  Home:   https://github.com/openSUSE/open-build-service
  Commit: a1eb7a46b270271592ac4ee53127184b840ae92c
      https://github.com/openSUSE/open-build-service/commit/a1eb7a46b270271592ac4e...
  Author: Victor Pereira <vpereira@suse.de>
  Date:   2021-04-26 (Mon, 26 Apr 2021)

  Changed paths:
    R src/api/app/controllers/services/webhooks_controller.rb
    M src/api/app/controllers/trigger/errors.rb
    M src/api/app/controllers/trigger_controller.rb
    M src/api/app/models/token.rb
    A src/api/app/models/token/errors.rb
    M src/api/app/models/token/rebuild.rb
    M src/api/app/models/token/release.rb
    M src/api/app/models/token/service.rb
    A src/api/app/policies/token/rebuild_policy.rb
    A src/api/app/policies/token/release_policy.rb
    A src/api/app/policies/token/service_policy.rb
    M src/api/app/services/trigger_controller_service/token_extractor.rb
    M src/api/config/routes/api_routes.rb
    R src/api/spec/cassettes/Services_WebhooksController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_1_3_1_1_1.yml
    R src/api/spec/cassettes/Services_WebhooksController/_create/with_HTTP_X_HUB_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_1_2_1_1_1.yml
    R src/api/spec/cassettes/Services_WebhooksController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_1_1_1_1_1.yml
    A src/api/spec/cassettes/Token_RebuildPolicy/_create/create_/1_1_1_1.yml
    A src/api/spec/cassettes/Token_RebuildPolicy/_create/create_/1_1_1_2.yml
    A src/api/spec/cassettes/Token_Release/_call/when_a_manual_release_target_is_set/triggers_the_release_process_in_the_backend.yml
    A src/api/spec/cassettes/Token_Release/_call/when_no_manual_release_target_is_set/throws_an_exception.yml
    A src/api/spec/cassettes/Token_Release/_call/when_no_release_target_is_set/throws_an_exception.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_package.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_project.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_4_3_1_1_1.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_signature.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_token.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_an_inactive_user.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X-Pagure-Signature-256_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_missing_package_permissions.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_package.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_project.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_4_2_1_1_1.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_signature.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_token.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_an_inactive_user.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_256_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_missing_package_permissions.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_HUB_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_4_2_1_1_1.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_package.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_entity_does_not_exist/renders_an_error_for_project.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_signature_is_valid/1_4_1_1_1_1.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_signature.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_token_is_invalid/renders_an_error_with_an_invalid_token.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_an_inactive_user.yml
    A src/api/spec/cassettes/TriggerController/_create/with_HTTP_X_OBS_SIGNATURE_http_header/behaves_like_it_verifies_the_signature/when_user_has_no_permissions/renders_an_error_for_missing_package_permissions.yml
    M src/api/spec/cassettes/TriggerController/_rebuild/authentication_token_is_invalid/1_1_1_1.yml
    A src/api/spec/cassettes/TriggerController/_rebuild/when_project_passed_by_params_ignore_it/1_1_3_1.yml
    M src/api/spec/cassettes/TriggerController/_rebuild/when_token_is_valid_and_packet_rebuild/1_1_2_1.yml
    A src/api/spec/cassettes/TriggerController/_release/for_inexistent_project/1_2_1_1.yml
    A src/api/spec/cassettes/TriggerController/_release/when_there_are_no_release_targets/1_2_5_1.yml
    M src/api/spec/cassettes/TriggerController/_release/when_token_is_valid_and_package_exists/1_2_2_1.yml
    A src/api/spec/cassettes/TriggerController/_release/when_user_has_no_rights_for_source/1_2_3_1.yml
    A src/api/spec/cassettes/TriggerController/_release/when_user_has_no_rights_for_target/1_2_4_1.yml
    A src/api/spec/cassettes/TriggerController/_release/when_user_has_no_rights_for_target/1_2_4_2.yml
    M src/api/spec/cassettes/TriggerController/_runservice/1_3_1.yml
    R src/api/spec/controllers/services/webhooks_controller_spec.rb
    M src/api/spec/controllers/trigger_controller_spec.rb
    M src/api/spec/factories/tokens.rb
    A src/api/spec/models/token/release_spec.rb
    R src/api/spec/models/token/service_spec.rb
    A src/api/spec/models/token_spec.rb
    A src/api/spec/policies/token/rebuild_policy_spec.rb
    A src/api/spec/policies/token/release_policy_spec.rb
    A src/api/spec/policies/token/service_policy_spec.rb
    M src/api/spec/services/trigger_controller_service/token_extractor_spec.rb
    A src/api/spec/support/shared_examples/tokens.rb
    M src/api/test/functional/source_services_test.rb

  Log Message:
  -----------
  Refactor code for tokens

Result of multiple mob programming sessions to lay out foundations to a
better SCM/CI integration.

The controllers trigger_controller and services/webhooks_controller are
now merged and a single action is handling the various tokens. The
routes are kept for backward compatibility.

Authorization is done through Pundit, although we couldn't get away from
Package.get_by_project_and_name... it's just doing too much and we
wanted to avoid increasing the scope of the changes even more.

Anything related to extracting tokens out of the various
headers/parameters is now handled by
TriggerControllerService::TokenExtractor. It was previously scattered in
the aforementioned controllers and token models.

Finally, the specs were adapted to follow the changes.

Co-authored-by: Daniel Donisa <daniel.donisa@suse.com>
Co-authored-by: Dany Marcoux <dmarcoux@suse.com>
Co-authored-by: Eduardo Navarro <enavarro@suse.com>
Co-authored-by: Henne Vogelsang <hvogel@opensuse.org>
Co-authored-by: Lukas Krause <lkrause@suse.de>
Co-authored-by: Saray Cabrera Padrón <scabrerapadron@suse.de>
Co-authored-by: Victor Pereira <vpereira@suse.com>

Victor Pereira

tags

participants (1)