feat: add user as group / project owner

Author: BoxBoxJason

internal/mirroring/groups.go

@@ -105,6 +105,11 @@ func (g *GitlabInstance) CreateGroupFromSource(sourceGroup *gitlab.Group, copyOp
 	if err == nil {
 		zap.L().Info("Group created", zap.String("group", destinationGroup.WebURL))
 		g.AddGroup(destinationGroup)
+
+		// Claim ownership of the created group
+		if err := g.ClaimOwnershipToGroup(destinationGroup); err != nil {
+			zap.L().Warn("Failed to claim ownership of group", zap.String("group", destinationGroup.FullPath), zap.Error(err))
+		}
 	}
 
 	return destinationGroup, err
@@ -440,3 +445,20 @@ func (destinationGitlabInstance *GitlabInstance) syncGroupAttributes(sourceGroup
 	}
 	return nil
 }
+
+// ClaimOwnershipToGroup adds the authenticated user as an owner to the specified group.
+// It uses the GitLab API to add the user as a group member with owner access level.
+func (g *GitlabInstance) ClaimOwnershipToGroup(group *gitlab.Group) error {
+	zap.L().Debug("Claiming ownership of group", zap.String("group", group.FullPath), zap.Int("userID", g.UserID))
+
+	_, _, err := g.Gitlab.GroupMembers.AddGroupMember(group.ID, &gitlab.AddGroupMemberOptions{
+		UserID:      &g.UserID,
+		AccessLevel: gitlab.Ptr(gitlab.AccessLevelValue(50)),
+	})
+	if err != nil {
+		return fmt.Errorf("failed to add user as owner to group %s: %w", group.FullPath, err)
+	}
+
+	zap.L().Info("Successfully claimed ownership of group", zap.String("group", group.FullPath))
+	return nil
+}

internal/mirroring/groups_test.go

@@ -113,3 +113,12 @@ func TestCreateGroups(t *testing.T) {
 		})
 	}
 }
+
+func TestClaimOwnershipToGroup(t *testing.T) {
+	_, gitlabInstance := setupTestServer(t, ROLE_DESTINATION, INSTANCE_SIZE_SMALL)
+
+	err := gitlabInstance.ClaimOwnershipToGroup(TEST_GROUP)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+}

internal/mirroring/helper_test.go

@@ -17,6 +17,17 @@ const (
 	HEADER_ACCEPT       = "application/json"
 )
 
+// Helper functions for common HTTP responses
+func writeJSONResponse(w http.ResponseWriter, status int, body string) {
+	w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+	w.WriteHeader(status)
+	fmt.Fprint(w, body)
+}
+
+func writeMethodNotAllowed(w http.ResponseWriter) {
+	w.WriteHeader(http.StatusMethodNotAllowed)
+}
+
 var (
 	// TEST_PROJECT is a test project used in unit tests.
 	TEST_PROJECT = &gitlab.Project{
@@ -379,6 +390,18 @@ func setupEmptyTestServer(t *testing.T, role string, instanceSize string) (*http
 	server := httptest.NewServer(mux)
 	t.Cleanup(server.Close)
 
+	// Add test handler for current user
+	mux.HandleFunc("/api/v4/user", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodGet {
+			w.WriteHeader(http.StatusMethodNotAllowed)
+			return
+		}
+		w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+		w.WriteHeader(http.StatusOK)
+		// Return mock current user with ID 1
+		fmt.Fprint(w, `{"id": 1, "username": "testuser", "name": "Test User", "state": "active"}`)
+	})
+
 	gitlabInstance, err := NewGitlabInstance(&GitlabInstanceOpts{
 		GitlabURL:    server.URL,
 		GitlabToken:  "test-token",
@@ -405,30 +428,42 @@ func setupTestServer(t *testing.T, role string, instanceSize string) (*http.Serv
 	server := httptest.NewServer(mux)
 	t.Cleanup(server.Close)
 
-	gitlabInstance, err := NewGitlabInstance(&GitlabInstanceOpts{
-		GitlabURL:    server.URL,
-		GitlabToken:  "test-token",
-		Role:         role,
-		InstanceSize: instanceSize,
-		MaxRetries:   0,
-	})
-
-	if err != nil {
-		t.Fatalf("Failed to create client: %v", err)
-	}
-
 	// Add test handlers for the projects and groups endpoints.
 	setupTestProjects(mux)
 	setupTestGroups(mux)
 
 	// Add test handlers for the GraphQL endpoint.
 	setupTestGraphQL(mux)
 
+	// Add test handler for current user
+	mux.HandleFunc("/api/v4/user", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodGet {
+			w.WriteHeader(http.StatusMethodNotAllowed)
+			return
+		}
+		w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+		w.WriteHeader(http.StatusOK)
+		// Return mock current user with ID 1
+		fmt.Fprint(w, `{"id": 1, "username": "testuser", "name": "Test User", "state": "active"}`)
+	})
+
 	// Catch-all handler for undefined routes
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, fmt.Sprintf("Undefined route accessed: %s %s", r.Method, r.URL.Path), http.StatusNotFound)
 	})
 
+	gitlabInstance, err := NewGitlabInstance(&GitlabInstanceOpts{
+		GitlabURL:    server.URL,
+		GitlabToken:  "test-token",
+		Role:         role,
+		InstanceSize: instanceSize,
+		MaxRetries:   0,
+	})
+
+	if err != nil {
+		t.Fatalf("Failed to create client: %v", err)
+	}
+
 	return mux, gitlabInstance
 }
 
@@ -476,15 +511,11 @@ func setupTestGroup(mux *http.ServeMux, group *gitlab.Group, stringResponse stri
 	mux.HandleFunc(fmt.Sprintf("/api/v4/groups/%d", group.ID), func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case http.MethodGet:
-			w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
-			w.WriteHeader(http.StatusOK)
-			fmt.Fprint(w, stringResponse)
+			writeJSONResponse(w, http.StatusOK, stringResponse)
 		case http.MethodPut:
-			w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
-			w.WriteHeader(http.StatusOK)
-			fmt.Fprint(w, stringResponse)
+			writeJSONResponse(w, http.StatusOK, stringResponse)
 		default:
-			w.WriteHeader(http.StatusMethodNotAllowed)
+			writeMethodNotAllowed(w)
 			return
 		}
 	})
@@ -499,6 +530,17 @@ func setupTestGroup(mux *http.ServeMux, group *gitlab.Group, stringResponse stri
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte{0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A}) // PNG header
 	})
+	// Setup the add group member endpoint
+	mux.HandleFunc(fmt.Sprintf("/api/v4/groups/%d/members", group.ID), func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodPost {
+			w.WriteHeader(http.StatusMethodNotAllowed)
+			return
+		}
+		w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+		w.WriteHeader(http.StatusCreated)
+		// Return a mock member response
+		fmt.Fprint(w, `{"id": 1, "username": "testuser", "name": "Test User", "state": "active", "access_level": 50}`)
+	})
 }
 
 func setupTestGraphQL(mux *http.ServeMux) {
@@ -678,17 +720,24 @@ func setupTestProject(mux *http.ServeMux, project *gitlab.Project, stringRespons
 	mux.HandleFunc(fmt.Sprintf("/api/v4/projects/%d/issues/%d", project.ID, TEST_ISSUE.IID), func(w http.ResponseWriter, r *http.Request) {
 		switch r.Method {
 		case http.MethodGet:
-			w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
-			w.WriteHeader(http.StatusOK)
-			fmt.Fprint(w, TEST_ISSUE_STRING)
+			writeJSONResponse(w, http.StatusOK, TEST_ISSUE_STRING)
 		case http.MethodPut:
-			w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
-			w.WriteHeader(http.StatusOK)
-			fmt.Fprint(w, TEST_ISSUE_STRING)
+			writeJSONResponse(w, http.StatusOK, TEST_ISSUE_STRING)
 		default:
+			writeMethodNotAllowed(w)
+			return
+		}
+	})
+
+	mux.HandleFunc(fmt.Sprintf("/api/v4/projects/%d/members", project.ID), func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodPost {
 			w.WriteHeader(http.StatusMethodNotAllowed)
 			return
 		}
+		w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+		w.WriteHeader(http.StatusCreated)
+		// Return a mock member response
+		fmt.Fprint(w, `{"id": 1, "username": "testuser", "name": "Test User", "state": "active", "access_level": 50}`)
 	})
 	// Setup the get project issue notes response from the project ID and issue IID
 }

internal/mirroring/instance.go

@@ -45,6 +45,8 @@ type GitlabInstance struct {
 	PullMirrorAvailable bool
 	// GitAuth is the HTTP authentication used for GitLab git over HTTP operations (only for non premium instances)
 	GitAuth transport.AuthMethod
+	// UserID is the ID of the authenticated user
+	UserID int
 }
 
 type GitlabInstanceOpts struct {
@@ -70,13 +72,20 @@ func NewGitlabInstance(initArgs *GitlabInstanceOpts) (*GitlabInstance, error) {
 		return nil, err
 	}
 
+	// Get the current user ID
+	user, _, err := gitlabClient.Users.CurrentUser()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get current user: %w", err)
+	}
+
 	gitlabInstance := &GitlabInstance{
 		Gitlab:       gitlabClient,
 		Projects:     make(map[string]*gitlab.Project),
 		Groups:       make(map[string]*gitlab.Group),
 		Role:         initArgs.Role,
 		InstanceSize: initArgs.InstanceSize,
 		GitAuth:      helpers.BuildHTTPAuth("", initArgs.GitlabToken),
+		UserID:       user.ID,
 	}
 
 	return gitlabInstance, nil

internal/mirroring/instance_test.go

@@ -1,7 +1,9 @@
 package mirroring
 
 import (
+	"fmt"
 	"net/http"
+	"net/http/httptest"
 	"testing"
 
 	gitlab "gitlab.com/gitlab-org/api/client-go"
@@ -12,12 +14,25 @@ const (
 )
 
 func TestNewGitlabInstance(t *testing.T) {
-	gitlabURL := "https://gitlab.example.com"
-	gitlabToken := "test-token"
+	// Create a test server to mock the CurrentUser API
+	mux := http.NewServeMux()
+	server := httptest.NewServer(mux)
+	t.Cleanup(server.Close)
+
+	// Add mock handler for current user
+	mux.HandleFunc("/api/v4/user", func(w http.ResponseWriter, r *http.Request) {
+		if r.Method != http.MethodGet {
+			w.WriteHeader(http.StatusMethodNotAllowed)
+			return
+		}
+		w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
+		w.WriteHeader(http.StatusOK)
+		fmt.Fprint(w, `{"id": 1, "username": "testuser", "name": "Test User", "state": "active"}`)
+	})
 
 	instance, err := NewGitlabInstance(&GitlabInstanceOpts{
-		GitlabURL:    gitlabURL,
-		GitlabToken:  gitlabToken,
+		GitlabURL:    server.URL,
+		GitlabToken:  "test-token",
 		Role:         ROLE_SOURCE,
 		MaxRetries:   3,
 		InstanceSize: INSTANCE_SIZE_SMALL,
@@ -37,6 +52,10 @@ func TestNewGitlabInstance(t *testing.T) {
 	if instance.Groups == nil {
 		t.Error("expected Groups map to be initialized")
 	}
+
+	if instance.UserID != 1 {
+		t.Errorf("expected UserID to be 1, got %d", instance.UserID)
+	}
 }
 
 func TestAddProject(t *testing.T) {
@@ -209,7 +228,7 @@ func TestIsVersionGreaterThanThreshold(t *testing.T) {
 			mux, gitlabInstance := setupEmptyTestServer(t, ROLE_DESTINATION, INSTANCE_SIZE_SMALL)
 			if !test.noApiResponse {
 				mux.HandleFunc("/api/v4/metadata", func(w http.ResponseWriter, r *http.Request) {
-					w.Header().Set("Content-Type", "application/json")
+					w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
 					w.WriteHeader(http.StatusOK)
 					_, err := w.Write([]byte(`{"version": "` + test.version + `"}`))
 					if err != nil {
@@ -275,7 +294,7 @@ func TestIsLicensePremium(t *testing.T) {
 			mux, gitlabInstance := setupEmptyTestServer(t, ROLE_DESTINATION, INSTANCE_SIZE_SMALL)
 			if !test.expectedError {
 				mux.HandleFunc("/api/v4/license", func(w http.ResponseWriter, r *http.Request) {
-					w.Header().Set("Content-Type", "application/json")
+					w.Header().Set(HEADER_CONTENT_TYPE, HEADER_ACCEPT)
 					w.WriteHeader(http.StatusOK)
 					_, err := w.Write([]byte(`{"plan": "` + test.license + `"}`))
 					if err != nil {

internal/mirroring/main.go

@@ -55,6 +55,7 @@ func MirrorGitlabs(gitlabMirrorArgs *utils.ParserArgs) []error {
 
 	if err != nil {
 		// Could not obtain a result from the destination GitLab instance, so we cannot proceed with the mirroring process.
+		// TODO: have a non zero exit code in this case
 		return []error{err}
 	} else if pullMirrorAvailable {
 		// Proceed with the pull mirroring process

internal/mirroring/projects.go

@@ -315,6 +315,11 @@ func (g *GitlabInstance) CreateProjectFromSource(sourceProject *gitlab.Project,
 	if err == nil {
 		zap.L().Info("Project created", zap.String("project", destinationProject.HTTPURLToRepo))
 		g.AddProject(destinationProject)
+
+		// Claim ownership of the created project
+		if err := g.ClaimOwnershipToProject(destinationProject); err != nil {
+			zap.L().Warn("Failed to claim ownership of project", zap.String("project", destinationProject.PathWithNamespace), zap.Error(err))
+		}
 	}
 
 	return destinationProject, err
@@ -525,3 +530,20 @@ func (g *GitlabInstance) AddProjectToCICDCatalog(project *gitlab.Project) error
 	_, err := g.Gitlab.GraphQL.Do(gitlab.GraphQLQuery{Query: query}, &response)
 	return err
 }
+
+// ClaimOwnershipToProject adds the authenticated user as an owner to the specified project.
+// It uses the GitLab API to add the user as a project member with owner access level.
+func (g *GitlabInstance) ClaimOwnershipToProject(project *gitlab.Project) error {
+	zap.L().Debug("Claiming ownership of project", zap.String("project", project.PathWithNamespace), zap.Int("userID", g.UserID))
+
+	_, _, err := g.Gitlab.ProjectMembers.AddProjectMember(project.ID, &gitlab.AddProjectMemberOptions{
+		UserID:      &g.UserID,
+		AccessLevel: gitlab.Ptr(gitlab.AccessLevelValue(50)),
+	})
+	if err != nil {
+		return fmt.Errorf("failed to add user as owner to project %s: %w", project.PathWithNamespace, err)
+	}
+
+	zap.L().Info("Successfully claimed ownership of project", zap.String("project", project.PathWithNamespace))
+	return nil
+}

internal/mirroring/projects_test.go

@@ -283,3 +283,12 @@ func TestAddProjectToCICDCatalog(t *testing.T) {
 		}
 	})
 }
+
+func TestClaimOwnershipToProject(t *testing.T) {
+	_, gitlabInstance := setupTestServer(t, ROLE_DESTINATION, INSTANCE_SIZE_SMALL)
+
+	err := gitlabInstance.ClaimOwnershipToProject(TEST_PROJECT)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+}