This repository was archived by the owner on Sep 30, 2024. It is now read-only.
[gitlab] Fix GitLab internal project visibility#54426
Merged
Merged
Conversation
Contributor
|
Codenotify: Notifying subscribers in CODENOTIFY files for diff 0b1f669...204d404.
|
indradhanush
approved these changes
Jun 29, 2023
indradhanush
left a comment
Contributor
There was a problem hiding this comment.
LGTM as we paired on it. 😆
sashaostrikov
approved these changes
Jun 29, 2023
sashaostrikov
left a comment
Contributor
There was a problem hiding this comment.
LGTM! Let's add a comment directly in code?
|
|
||
| for _, p := range projects { | ||
| projectIDs = append(projectIDs, extsvc.RepoID(strconv.Itoa(p.ID))) | ||
| if p.DefaultBranch != "" { |
Contributor
There was a problem hiding this comment.
I'd add a nice comment that you had in Slack/PR here as well
Contributor
There was a problem hiding this comment.
+500. This feels like a tripwire for future us.
I'd also love to see a test for this change.
Contributor
There was a problem hiding this comment.
+1024 really nice trick but even Cody won't be able to explain this 😂
BolajiOlajide
approved these changes
Jun 29, 2023
BolajiOlajide
left a comment
Contributor
There was a problem hiding this comment.
+1 to @sashaostrikov's comment.
Asides that, this looks good to me.
sashaostrikov
approved these changes
Jul 5, 2023
| return p.Visibility == "private" || p.Visibility == "internal" | ||
| } | ||
|
|
||
| // ContentsVisible reports whether or not the repository contents of this project is visible to the user. |
…t_branch, instead of using group access level
eb14c81 to
6da60d3
Compare
kopancek
approved these changes
Jul 27, 2023
github-actions Bot
pushed a commit
that referenced
this pull request
Jul 27, 2023
Original Slack thread [here](https://sourcegraph.slack.com/archives/C05EMJM2SLR/p1687969384430849) ## Before this PR We use a `min_access_level=20` check on GitLab project queries, because `access_level` 10 is GUEST, and users with GUEST access cannot see repo contents, so we don't want to give access to those repos on Sourcegraph HOWEVER, for Internal repos on GitLab, users can see the contents of the repo depending on how the repo is configured, regardless of their access level. So this puts us in a conundrum. If we have `min_access_level=20`, users can't see repos they should be able to see, but if we remove it, users can see repos they shouldn't be able to see ## After this PR Adds a feature flag named "gitLabProjectVisibilityExperimental". When set to true: @indradhanush and I diffed some responses from the GitLab API, depending on whether or not you are part of the GitLab group or not, whether the project is visible or not, etc. etc. and there is a common field: `default_branch` is only visible in the project API response if the user is able to see the contents of the project. If they cannot see the contents of the project, they cannot see the default branch of the project. So by removing `min_access_level=20` and checking for the presence of `default_branch` on the returned project list, we can determine whether or not the user should be able to see the repo contents or not ## Test plan VCR tests should be updated <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles --> (cherry picked from commit 8cb61f8)
MaedahBatool
pushed a commit
that referenced
this pull request
Jul 28, 2023
Original Slack thread [here](https://sourcegraph.slack.com/archives/C05EMJM2SLR/p1687969384430849) ## Before this PR We use a `min_access_level=20` check on GitLab project queries, because `access_level` 10 is GUEST, and users with GUEST access cannot see repo contents, so we don't want to give access to those repos on Sourcegraph HOWEVER, for Internal repos on GitLab, users can see the contents of the repo depending on how the repo is configured, regardless of their access level. So this puts us in a conundrum. If we have `min_access_level=20`, users can't see repos they should be able to see, but if we remove it, users can see repos they shouldn't be able to see ## After this PR Adds a feature flag named "gitLabProjectVisibilityExperimental". When set to true: @indradhanush and I diffed some responses from the GitLab API, depending on whether or not you are part of the GitLab group or not, whether the project is visible or not, etc. etc. and there is a common field: `default_branch` is only visible in the project API response if the user is able to see the contents of the project. If they cannot see the contents of the project, they cannot see the default branch of the project. So by removing `min_access_level=20` and checking for the presence of `default_branch` on the returned project list, we can determine whether or not the user should be able to see the repo contents or not ## Test plan VCR tests should be updated <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles -->
coury-clark
pushed a commit
that referenced
this pull request
Aug 1, 2023
Original Slack thread [here](https://sourcegraph.slack.com/archives/C05EMJM2SLR/p1687969384430849) ## Before this PR We use a `min_access_level=20` check on GitLab project queries, because `access_level` 10 is GUEST, and users with GUEST access cannot see repo contents, so we don't want to give access to those repos on Sourcegraph HOWEVER, for Internal repos on GitLab, users can see the contents of the repo depending on how the repo is configured, regardless of their access level. So this puts us in a conundrum. If we have `min_access_level=20`, users can't see repos they should be able to see, but if we remove it, users can see repos they shouldn't be able to see ## After this PR Adds a feature flag named "gitLabProjectVisibilityExperimental". When set to true: @indradhanush and I diffed some responses from the GitLab API, depending on whether or not you are part of the GitLab group or not, whether the project is visible or not, etc. etc. and there is a common field: `default_branch` is only visible in the project API response if the user is able to see the contents of the project. If they cannot see the contents of the project, they cannot see the default branch of the project. So by removing `min_access_level=20` and checking for the presence of `default_branch` on the returned project list, we can determine whether or not the user should be able to see the repo contents or not ## Test plan VCR tests should be updated <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles --> <br> Backport 8cb61f8 from #54426 Co-authored-by: Petri-Johan Last <petri.last@sourcegraph.com>
davejrt
pushed a commit
that referenced
this pull request
Aug 9, 2023
Original Slack thread [here](https://sourcegraph.slack.com/archives/C05EMJM2SLR/p1687969384430849) ## Before this PR We use a `min_access_level=20` check on GitLab project queries, because `access_level` 10 is GUEST, and users with GUEST access cannot see repo contents, so we don't want to give access to those repos on Sourcegraph HOWEVER, for Internal repos on GitLab, users can see the contents of the repo depending on how the repo is configured, regardless of their access level. So this puts us in a conundrum. If we have `min_access_level=20`, users can't see repos they should be able to see, but if we remove it, users can see repos they shouldn't be able to see ## After this PR Adds a feature flag named "gitLabProjectVisibilityExperimental". When set to true: @indradhanush and I diffed some responses from the GitLab API, depending on whether or not you are part of the GitLab group or not, whether the project is visible or not, etc. etc. and there is a common field: `default_branch` is only visible in the project API response if the user is able to see the contents of the project. If they cannot see the contents of the project, they cannot see the default branch of the project. So by removing `min_access_level=20` and checking for the presence of `default_branch` on the returned project list, we can determine whether or not the user should be able to see the repo contents or not ## Test plan VCR tests should be updated <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles -->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Original Slack thread here
Before this PR
We use a
min_access_level=20check on GitLab project queries, becauseaccess_level10 is GUEST, and users with GUEST access cannot see repo contents, so we don't want to give access to those repos on SourcegraphHOWEVER, for Internal repos on GitLab, users can see the contents of the repo depending on how the repo is configured, regardless of their access level. So this puts us in a conundrum. If we have
min_access_level=20, users can't see repos they should be able to see, but if we remove it, users can see repos they shouldn't be able to seeAfter this PR
Adds a feature flag named "gitLabProjectVisibilityExperimental". When set to true:
@indradhanush and I diffed some responses from the GitLab API, depending on whether or not you are part of the GitLab group or not, whether the project is visible or not, etc. etc. and there is a common field:
default_branchis only visible in the project API response if the user is able to see the contents of the project. If they cannot see the contents of the project, they cannot see the default branch of the project.So by removing
min_access_level=20and checking for the presence ofdefault_branchon the returned project list, we can determine whether or not the user should be able to see the repo contents or notTest plan
VCR tests should be updated