From d6e75fbd95fe0e37bebf17fefab2255b7e78255b Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Thu, 22 Aug 2024 17:01:13 +0300 Subject: [PATCH 01/59] Revert "Revert "Revert "Revert "Revert "[#4358,#4359] Feature/LDAP Decommissioning""""" This reverts commit 74f4f6d6bdb66064a910294a7b7d3f9a1d549ac2. --- .../cmd/dynamo_events_lambda/main.go | 7 +- .../handler/handler.go | 7 +- .../cmd/migrate_approval_list/main.go | 2 +- cla-backend-go/cmd/server.go | 8 +- .../gerrits/mocks/mock_repository.go | 143 +++++++ cla-backend-go/gerrits/models.go | 21 +- cla-backend-go/gerrits/repository.go | 21 +- cla-backend-go/gerrits/service.go | 280 +------------ cla-backend-go/gerrits/service_test.go | 47 +++ cla-backend-go/signatures/repository.go | 127 +++--- cla-backend-go/swagger/cla.v2.yaml | 390 +++++++++--------- .../swagger/common/add-gerrit-input.yaml | 14 - cla-backend-go/swagger/common/gerrit.yaml | 19 - cla-backend-go/v2/gerrits/handlers.go | 386 +++++++++-------- cla-backend-go/v2/sign/service.go | 70 ++-- 15 files changed, 707 insertions(+), 835 deletions(-) create mode 100644 cla-backend-go/gerrits/mocks/mock_repository.go create mode 100644 cla-backend-go/gerrits/service_test.go diff --git a/cla-backend-go/cmd/dynamo_events_lambda/main.go b/cla-backend-go/cmd/dynamo_events_lambda/main.go index ee910d335..652f7e4e3 100644 --- a/cla-backend-go/cmd/dynamo_events_lambda/main.go +++ b/cla-backend-go/cmd/dynamo_events_lambda/main.go @@ -115,12 +115,7 @@ func init() { githubOrganizationsService := github_organizations.NewService(githubOrganizationsRepo, repositoriesRepo, projectClaGroupRepo) repositoriesService := repositories.NewService(repositoriesRepo, githubOrganizationsRepo, projectClaGroupRepo) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - }) + gerritService := gerrits.NewService(gerritRepo) // Services projectService := service.NewService(projectRepo, repositoriesRepo, gerritRepo, projectClaGroupRepo, usersRepo) diff --git a/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go b/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go index f4b261403..1097ffa52 100644 --- a/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go +++ b/cla-backend-go/cmd/gitlab_repository_check/handler/handler.go @@ -137,12 +137,7 @@ func Handler(ctx context.Context) error { v1ProjectClaGroupRepo, }) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - }) + gerritService := gerrits.NewService(gerritRepo) approvalsTableName := "cla-" + stage + "-approvals" diff --git a/cla-backend-go/cmd/migrate_approval_list/main.go b/cla-backend-go/cmd/migrate_approval_list/main.go index 574b58356..63f6c387f 100644 --- a/cla-backend-go/cmd/migrate_approval_list/main.go +++ b/cla-backend-go/cmd/migrate_approval_list/main.go @@ -81,7 +81,7 @@ func init() { v1ProjectClaGroupRepo, }) ghOrgRepo = github_organizations.NewRepository(awsSession, stage) - gerritService = gerrits.NewService(gerritsRepo, nil) + gerritService = gerrits.NewService(gerritsRepo) signatureRepo = signatures.NewRepository(awsSession, stage, companyRepo, usersRepo, eventsService, &ghRepo, ghOrgRepo, gerritService, approvalRepo) log.Info("initialized repositories\n") diff --git a/cla-backend-go/cmd/server.go b/cla-backend-go/cmd/server.go index 1e67f9680..e2291e37d 100644 --- a/cla-backend-go/cmd/server.go +++ b/cla-backend-go/cmd/server.go @@ -273,13 +273,7 @@ func server(localMode bool) http.Handler { v1ProjectClaGroupRepo, }) - gerritService := gerrits.NewService(gerritRepo, &gerrits.LFGroup{ - LfBaseURL: configFile.LFGroup.ClientURL, - ClientID: configFile.LFGroup.ClientID, - ClientSecret: configFile.LFGroup.ClientSecret, - RefreshToken: configFile.LFGroup.RefreshToken, - EventsService: eventsService, - }) + gerritService := gerrits.NewService(gerritRepo) // Signature repository handler signaturesRepo := signatures.NewRepository(awsSession, stage, v1CompanyRepo, usersRepo, eventsService, gitV1Repository, githubOrganizationsRepo, gerritService, approvalsRepo) diff --git a/cla-backend-go/gerrits/mocks/mock_repository.go b/cla-backend-go/gerrits/mocks/mock_repository.go new file mode 100644 index 000000000..6d45afc36 --- /dev/null +++ b/cla-backend-go/gerrits/mocks/mock_repository.go @@ -0,0 +1,143 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +// Code generated by MockGen. DO NOT EDIT. +// Source: gerrits/repository.go + +// Package mock_gerrits is a generated GoMock package. +package mock_gerrits + +import ( + context "context" + reflect "reflect" + + models "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + gomock "github.com/golang/mock/gomock" +) + +// MockRepository is a mock of Repository interface. +type MockRepository struct { + ctrl *gomock.Controller + recorder *MockRepositoryMockRecorder +} + +// MockRepositoryMockRecorder is the mock recorder for MockRepository. +type MockRepositoryMockRecorder struct { + mock *MockRepository +} + +// NewMockRepository creates a new mock instance. +func NewMockRepository(ctrl *gomock.Controller) *MockRepository { + mock := &MockRepository{ctrl: ctrl} + mock.recorder = &MockRepositoryMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockRepository) EXPECT() *MockRepositoryMockRecorder { + return m.recorder +} + +// AddGerrit mocks base method. +func (m *MockRepository) AddGerrit(ctx context.Context, input *models.Gerrit) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AddGerrit", ctx, input) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AddGerrit indicates an expected call of AddGerrit. +func (mr *MockRepositoryMockRecorder) AddGerrit(ctx, input interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AddGerrit", reflect.TypeOf((*MockRepository)(nil).AddGerrit), ctx, input) +} + +// DeleteGerrit mocks base method. +func (m *MockRepository) DeleteGerrit(ctx context.Context, gerritID string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteGerrit", ctx, gerritID) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteGerrit indicates an expected call of DeleteGerrit. +func (mr *MockRepositoryMockRecorder) DeleteGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteGerrit", reflect.TypeOf((*MockRepository)(nil).DeleteGerrit), ctx, gerritID) +} + +// ExistsByName mocks base method. +func (m *MockRepository) ExistsByName(ctx context.Context, gerritName string) ([]*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ExistsByName", ctx, gerritName) + ret0, _ := ret[0].([]*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// ExistsByName indicates an expected call of ExistsByName. +func (mr *MockRepositoryMockRecorder) ExistsByName(ctx, gerritName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ExistsByName", reflect.TypeOf((*MockRepository)(nil).ExistsByName), ctx, gerritName) +} + +// GetClaGroupGerrits mocks base method. +func (m *MockRepository) GetClaGroupGerrits(ctx context.Context, claGroupID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClaGroupGerrits", ctx, claGroupID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClaGroupGerrits indicates an expected call of GetClaGroupGerrits. +func (mr *MockRepositoryMockRecorder) GetClaGroupGerrits(ctx, claGroupID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClaGroupGerrits", reflect.TypeOf((*MockRepository)(nil).GetClaGroupGerrits), ctx, claGroupID) +} + +// GetGerrit mocks base method. +func (m *MockRepository) GetGerrit(ctx context.Context, gerritID string) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerrit", ctx, gerritID) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerrit indicates an expected call of GetGerrit. +func (mr *MockRepositoryMockRecorder) GetGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerrit", reflect.TypeOf((*MockRepository)(nil).GetGerrit), ctx, gerritID) +} + +// GetGerritsByID mocks base method. +func (m *MockRepository) GetGerritsByID(ctx context.Context, ID, IDType string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritsByID", ctx, ID, IDType) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritsByID indicates an expected call of GetGerritsByID. +func (mr *MockRepositoryMockRecorder) GetGerritsByID(ctx, ID, IDType interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritsByID", reflect.TypeOf((*MockRepository)(nil).GetGerritsByID), ctx, ID, IDType) +} + +// GetGerritsByProjectSFID mocks base method. +func (m *MockRepository) GetGerritsByProjectSFID(ctx context.Context, projectSFID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritsByProjectSFID", ctx, projectSFID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritsByProjectSFID indicates an expected call of GetGerritsByProjectSFID. +func (mr *MockRepositoryMockRecorder) GetGerritsByProjectSFID(ctx, projectSFID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritsByProjectSFID", reflect.TypeOf((*MockRepository)(nil).GetGerritsByProjectSFID), ctx, projectSFID) +} diff --git a/cla-backend-go/gerrits/models.go b/cla-backend-go/gerrits/models.go index b31689693..f15a074d0 100644 --- a/cla-backend-go/gerrits/models.go +++ b/cla-backend-go/gerrits/models.go @@ -27,18 +27,15 @@ type Gerrit struct { // toModel converts the gerrit structure into a response model func (g *Gerrit) toModel() *models.Gerrit { return &models.Gerrit{ - DateCreated: g.DateCreated, - DateModified: g.DateModified, - GerritID: strfmt.UUID4(g.GerritID), - GerritName: g.GerritName, - GerritURL: strfmt.URI(g.GerritURL), - GroupIDCcla: g.GroupIDCcla, - GroupIDIcla: g.GroupIDIcla, - GroupNameCcla: g.GroupNameCcla, - GroupNameIcla: g.GroupNameIcla, - ProjectID: g.ProjectID, - Version: g.Version, - ProjectSFID: g.ProjectSFID, + DateCreated: g.DateCreated, + DateModified: g.DateModified, + GerritID: strfmt.UUID4(g.GerritID), + GerritName: g.GerritName, + GerritURL: strfmt.URI(g.GerritURL), + GroupIDCcla: g.GroupIDCcla, + ProjectID: g.ProjectID, + Version: g.Version, + ProjectSFID: g.ProjectSFID, } } diff --git a/cla-backend-go/gerrits/repository.go b/cla-backend-go/gerrits/repository.go index d9f4ae410..80207f3e3 100644 --- a/cla-backend-go/gerrits/repository.go +++ b/cla-backend-go/gerrits/repository.go @@ -71,18 +71,15 @@ func (repo *repo) AddGerrit(ctx context.Context, input *models.Gerrit) (*models. } _, currentTime := utils.CurrentTime() gerrit := &Gerrit{ - DateCreated: currentTime, - DateModified: currentTime, - GerritID: gerritID.String(), - GerritName: input.GerritName, - GerritURL: input.GerritURL.String(), - GroupIDCcla: input.GroupIDCcla, - GroupIDIcla: input.GroupIDIcla, - GroupNameCcla: input.GroupNameCcla, - GroupNameIcla: input.GroupNameIcla, - ProjectID: input.ProjectID, - ProjectSFID: input.ProjectSFID, - Version: input.Version, + DateCreated: currentTime, + DateModified: currentTime, + GerritID: gerritID.String(), + GerritName: input.GerritName, + GerritURL: input.GerritURL.String(), + GroupIDCcla: input.GroupIDCcla, + ProjectID: input.ProjectID, + ProjectSFID: input.ProjectSFID, + Version: input.Version, } av, err := dynamodbattribute.MarshalMap(gerrit) if err != nil { diff --git a/cla-backend-go/gerrits/service.go b/cla-backend-go/gerrits/service.go index cc818c32c..dd1249515 100644 --- a/cla-backend-go/gerrits/service.go +++ b/cla-backend-go/gerrits/service.go @@ -11,7 +11,7 @@ import ( "net/url" "strings" - "github.com/LF-Engineering/lfx-kit/auth" + // "github.com/LF-Engineering/lfx-kit/auth" "github.com/go-openapi/strfmt" @@ -21,7 +21,7 @@ import ( "github.com/communitybridge/easycla/cla-backend-go/utils" "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" - v2Models "github.com/communitybridge/easycla/cla-backend-go/gen/v2/models" + // v2Models "github.com/communitybridge/easycla/cla-backend-go/gen/v2/models" log "github.com/communitybridge/easycla/cla-backend-go/logging" ) @@ -35,23 +35,16 @@ type Service interface { GetGerritRepos(ctx context.Context, gerritName string) (*models.GerritRepoList, error) DeleteClaGroupGerrits(ctx context.Context, claGroupID string) (int, error) DeleteGerrit(ctx context.Context, gerritID string) error - GetUsersOfGroup(ctx context.Context, authUser *auth.User, claGroupID, claType string) (*v2Models.GerritGroupResponse, error) - AddUserToGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error - AddUsersToGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error - RemoveUserFromGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error - RemoveUsersFromGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error } type service struct { - repo Repository - lfGroup *LFGroup + repo Repository } // NewService creates a new gerrit service -func NewService(repo Repository, lfg *LFGroup) Service { +func NewService(repo Repository) Service { return service{ - repo: repo, - lfGroup: lfg, + repo: repo, } } @@ -62,34 +55,10 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s "claGroupID": claGroupID, "projectSFID": projectSFID, } - if params.GroupIDIcla == "" && params.GroupIDCcla == "" { - return nil, errors.New("should specify at least a LDAP group for ICLA or CCLA") - } log.WithFields(f).Debugf("cla groupID %s", claGroupID) log.WithFields(f).Debugf("project Model %+v", claGroupModel) - if claGroupModel.ProjectCCLAEnabled && claGroupModel.ProjectICLAEnabled { - if params.GroupIDCcla == "" { - return nil, errors.New("please provide GroupIDCcla") - } - if params.GroupIDIcla == "" { - return nil, errors.New("please provide GroupIDIcla") - } - } else if claGroupModel.ProjectCCLAEnabled { - if params.GroupIDCcla == "" { - return nil, errors.New("please provide GroupIDCcla") - } - } else if claGroupModel.ProjectICLAEnabled { - if params.GroupIDIcla == "" { - return nil, errors.New("please provide GroupIDIcla") - } - } - - if params.GroupIDIcla == params.GroupIDCcla { - return nil, errors.New("LDAP group for ICLA and CCLA are same") - } - if params.GerritName == nil { return nil, errors.New("gerrit_name required") } @@ -104,59 +73,16 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s return nil, errors.New("gerrit_name already present in the system") } - gerritCcla, err := s.repo.GetGerritsByID(ctx, params.GroupIDCcla, "CCLA") - if err != nil { - message := fmt.Sprintf("unable to get gerrit by ccla id : %s", params.GroupIDCcla) - log.WithFields(f).WithError(err).Warnf(message) - } - - if len(gerritCcla.List) > 0 { - return nil, errors.New("gerrit_ccla id already present in the system") - } - - gerritIcla, err := s.repo.GetGerritsByID(ctx, params.GroupIDIcla, "ICLA") - if err != nil { - message := fmt.Sprintf("unable to get gerrit by icla : %s", params.GroupIDIcla) - log.WithFields(f).WithError(err).Warnf(message) - } - - if len(gerritIcla.List) > 0 { - return nil, errors.New("gerrit_icla id already present in the system") - } - if params.GerritURL == nil { return nil, errors.New("gerrit_url required") } - var groupNameCcla, groupNameIcla string - if params.GroupIDIcla != "" { - group, err := s.lfGroup.GetGroup(ctx, params.GroupIDIcla) - if err != nil { - message := fmt.Sprintf("unable to get LDAP ICLA Group: %s", params.GroupIDIcla) - log.WithFields(f).WithError(err).Warnf(message) - return nil, errors.New(message) - } - groupNameIcla = group.Title - } - if params.GroupIDCcla != "" { - group, err := s.lfGroup.GetGroup(ctx, params.GroupIDCcla) - if err != nil { - message := fmt.Sprintf("unable to get LDAP CCLA Group: %s", params.GroupIDCcla) - log.WithFields(f).WithError(err).Warnf(message) - return nil, errors.New(message) - } - groupNameCcla = group.Title - } input := &models.Gerrit{ - GerritName: utils.StringValue(params.GerritName), - GerritURL: strfmt.URI(*params.GerritURL), - GroupIDCcla: params.GroupIDCcla, - GroupIDIcla: params.GroupIDIcla, - GroupNameCcla: groupNameCcla, - GroupNameIcla: groupNameIcla, - ProjectID: claGroupID, - ProjectSFID: projectSFID, - Version: params.Version, + GerritName: utils.StringValue(params.GerritName), + GerritURL: strfmt.URI(*params.GerritURL), + ProjectID: claGroupID, + ProjectSFID: projectSFID, + Version: params.Version, } return s.repo.AddGerrit(ctx, input) } @@ -278,192 +204,6 @@ func (s service) DeleteGerrit(ctx context.Context, gerritID string) error { return s.repo.DeleteGerrit(ctx, gerritID) } -// GetUsersOfGroup -func (s service) GetUsersOfGroup(ctx context.Context, authUser *auth.User, claGroupID, claType string) (*v2Models.GerritGroupResponse, error) { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.GetUsersOfGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return nil, gerritErr - } - - // Just load the first one... - if len(g.List) > 0 { - gerritModel := g.List[0] - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return nil, &utils.InvalidCLAType{ - CLAType: claType, - } - } - - log.WithFields(f).Debugf("querying for members of gerrit group: %s...", ldapGroupName) - g, gerritErr := s.lfGroup.GetUsersOfGroup(ctx, authUser, claGroupID, ldapGroupName) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return nil, gerritErr - } - return g, nil - } - - return nil, nil -} - -// AddUserToGroup adds the specified user to the group -func (s service) AddUserToGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.AddUserToGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userName": userName, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return gerritErr - } - - for _, gerritModel := range g.List { - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return &utils.InvalidCLAType{ - CLAType: claType, - } - } - log.WithFields(f).Debugf("LDAP group name: %s", ldapGroupName) - addErr := s.lfGroup.AddUserToGroup(ctx, authUser, claGroupID, ldapGroupName, userName) - if addErr != nil { - log.WithFields(f).WithError(addErr).Warnf("unable to add user %s to group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - return gerritErr - } - log.WithFields(f).Debugf("added user %s to group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - - // Log Event - } - - return nil -} - -// AddUsersToGroup adds the specified users to the group -func (s service) AddUsersToGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.AddUsersToGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userNameList": strings.Join(userNameList, ","), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - var errorList []error - for _, userName := range userNameList { - err := s.AddUserToGroup(ctx, authUser, claGroupID, userName, claType) - if err != nil { - log.WithFields(f).WithError(err).Warnf("encountered an error when adding username: %s to the CLA Group: %s", userName, claGroupID) - errorList = append(errorList, err) - } - } - - if len(errorList) > 0 { - log.WithFields(f).Warnf("encountered %d errors when adding %d users to the CLA Group: %s", len(errorList), len(userNameList), claGroupID) - return errorList[0] - } - - return nil -} - -// RemoveUserFromGroup removes the specified user from the group -func (s service) RemoveUserFromGroup(ctx context.Context, authUser *auth.User, claGroupID, userName, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.RemoveUserFromGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userName": userName, - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - log.WithFields(f).Debug("querying for CLA Group gerrits...") - g, gerritErr := s.GetClaGroupGerrits(ctx, claGroupID) - if gerritErr != nil { - log.WithFields(f).WithError(gerritErr).Warnf("unable to locate gerrits associated with CLA Group ID: %s", claGroupID) - return gerritErr - } - - for _, gerritModel := range g.List { - var ldapGroupName string - switch claType { - case utils.ClaTypeICLA: - ldapGroupName = gerritModel.GroupNameIcla - case utils.ClaTypeECLA: - ldapGroupName = gerritModel.GroupNameCcla - default: - return &utils.InvalidCLAType{ - CLAType: claType, - } - } - log.WithFields(f).Debugf("LDAP group name: %s", ldapGroupName) - addErr := s.lfGroup.RemoveUserFromGroup(ctx, authUser, claGroupID, ldapGroupName, userName) - if addErr != nil { - log.WithFields(f).WithError(addErr).Warnf("unable to remove user %s from group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - return gerritErr - } - log.WithFields(f).Debugf("removed user %s from group: %s for CLA Group: %s", userName, ldapGroupName, claGroupID) - - // Log Event - } - - return nil -} - -// RemoveUsersFromGroup removes the specified users from the group -func (s service) RemoveUsersFromGroup(ctx context.Context, authUser *auth.User, claGroupID string, userNameList []string, claType string) error { - f := logrus.Fields{ - "functionName": "v1.gerrits.service.RemoveUsersFromGroup", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupID, - "userNameList": strings.Join(userNameList, ","), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - } - - var errorList []error - for _, userName := range userNameList { - err := s.RemoveUserFromGroup(ctx, authUser, claGroupID, userName, claType) - if err != nil { - log.WithFields(f).WithError(err).Warnf("encountered an error when removing username: %s from the CLA Group: %s", userName, claGroupID) - errorList = append(errorList, err) - } - } - - if len(errorList) > 0 { - log.WithFields(f).Warnf("encountered %d errors when removing %d users from the CLA Group: %s", len(errorList), len(userNameList), claGroupID) - return errorList[0] - } - - return nil -} - // convertModel is a helper function to create a GerritRepoList response model func convertModel(responseModel map[string]GerritRepoInfo, serverInfo *ServerInfo) *models.GerritRepoList { var gerritRepos []*models.GerritRepo diff --git a/cla-backend-go/gerrits/service_test.go b/cla-backend-go/gerrits/service_test.go new file mode 100644 index 000000000..457361f6a --- /dev/null +++ b/cla-backend-go/gerrits/service_test.go @@ -0,0 +1,47 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +package gerrits + +import ( + "context" + "testing" + + "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + gerritsMock "github.com/communitybridge/easycla/cla-backend-go/gerrits/mocks" + "github.com/golang/mock/gomock" + "github.com/stretchr/testify/assert" +) + +func TestService_AddGerrit(t *testing.T) { + // AddGerrit test case + + gerritName := "ONAP" + gerritURL := "https://gerrit.onap.org" + + ctrl := gomock.NewController(t) + defer ctrl.Finish() + + mockRepo := gerritsMock.NewMockRepository(ctrl) + mockRepo.EXPECT().AddGerrit(gomock.Any(), gomock.Any()).Return(&models.Gerrit{ + GerritID: "e82c469a-55ea-492d-9722-fd30b31da2aa", + GerritName: "ONAP", + GerritURL: "https://gerrit.onap.org", + ProjectID: "projectID", + }, nil) + + //Gerrit repo by name does not exist + mockRepo.EXPECT().ExistsByName(context.TODO(), "ONAP").Return(nil, nil) + + service := NewService(mockRepo) + gerrit, err := service.AddGerrit(context.TODO(), "projectID", "projectSFID", &models.AddGerritInput{ + GerritName: &gerritName, + GerritURL: &gerritURL, + }, &models.ClaGroup{ + ProjectID: "projectID", + }) + + assert.NotNil(t, gerrit) + assert.NoError(t, err) + +} diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index cd75a1ac3..fa52dde05 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -19,7 +19,6 @@ import ( "github.com/communitybridge/easycla/cla-backend-go/config" - "github.com/LF-Engineering/lfx-kit/auth" "github.com/sirupsen/logrus" "github.com/communitybridge/easycla/cla-backend-go/users" @@ -3200,10 +3199,10 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model PageSize: utils.Int64(10), } - authUser := auth.User{ - Email: claManager.LfEmail.String(), - UserName: claManager.LfUsername, - } + // authUser := auth.User{ + // Email: claManager.LfEmail.String(), + // UserName: claManager.LfUsername, + // } // Keep track of gerrit users under a give CLA Group var gerritICLAECLAs []string @@ -3214,8 +3213,8 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model goRoutines := 2 gerritResultChannel := make(chan *GerritUserResponse, goRoutines) gerritQueryStartTime, _ := utils.CurrentTime() - go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeICLA, gerritResultChannel) - go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeECLA, gerritResultChannel) + // go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeICLA, gerritResultChannel) + // go repo.getGerritUsers(ctx, &authUser, projectID, utils.ClaTypeECLA, gerritResultChannel) log.WithFields(f).Debug("waiting on gerrit user query results from 2 go routines...") for i := 0; i < goRoutines; i++ { @@ -3313,19 +3312,19 @@ func (repo repository) UpdateApprovalList(ctx context.Context, claManager *model } } else { - // Update gerrit user - if utils.StringInSlice(user.LfUsername, gerritICLAECLAs) { - gerritIclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) - if gerritIclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).WithError(gerritIclaErr).Warn(msg) - } - eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) - if eclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).WithError(eclaErr).Warn(msg) - } - } + // // Update gerrit user + // if utils.StringInSlice(user.LfUsername, gerritICLAECLAs) { + // // gerritIclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) + // if gerritIclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).WithError(gerritIclaErr).Warn(msg) + // } + // eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) + // if eclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user: %s from group: %s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).WithError(eclaErr).Warn(msg) + // } + // } results <- &ICLAUserResponse{ ICLASignature: &models.IclaSignature{ GithubUsername: icla.UserGHUsername, @@ -4053,10 +4052,10 @@ func (repo repository) verifyUserApprovals(ctx context.Context, userID, signatur } email := getBestEmail(user) - authUser := auth.User{ - Email: claManager.LfEmail.String(), - UserName: claManager.LfUsername, - } + // authUser := auth.User{ + // Email: claManager.LfEmail.String(), + // UserName: claManager.LfUsername, + // } if approvalList.Criteria == utils.EmailDomainCriteria { // Handle Domains @@ -4072,20 +4071,20 @@ func (repo repository) verifyUserApprovals(ctx context.Context, userID, signatur return user, err } - // Update Gerrit group users - if utils.StringInSlice(user.LfUsername, approvalList.GerritICLAECLAs) { - log.WithFields(f).Debugf("removing gerrit user:%s from claGroup: %s ...", user.LfUsername, approvalList.ClaGroupID) - iclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) - if iclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).Warn(msg) - } - eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) - if eclaErr != nil { - msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) - log.WithFields(f).Warn(msg) - } - } + // // Update Gerrit group users + // if utils.StringInSlice(user.LfUsername, approvalList.GerritICLAECLAs) { + // log.WithFields(f).Debugf("removing gerrit user:%s from claGroup: %s ...", user.LfUsername, approvalList.ClaGroupID) + // iclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeICLA) + // if iclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).Warn(msg) + // } + // eclaErr := repo.gerritService.RemoveUserFromGroup(ctx, &authUser, approvalList.ClaGroupID, user.LfUsername, utils.ClaTypeECLA) + // if eclaErr != nil { + // msg := fmt.Sprintf("unable to remove gerrit user:%s from group:%s", user.LfUsername, approvalList.ClaGroupID) + // log.WithFields(f).Warn(msg) + // } + // } } } } else if approvalList.Criteria == utils.GitHubOrgCriteria { @@ -4947,32 +4946,32 @@ func (repo repository) ActivateSignature(ctx context.Context, signatureID string } // getGerritUsers is a helper function to fetch the list of gerrit users for the specified type - results are returned through the specified results channel -func (repo repository) getGerritUsers(ctx context.Context, authUser *auth.User, projectSFID string, claType string, gerritResultChannel chan *GerritUserResponse) { - f := logrus.Fields{ - "functionName": "v1.signatures.repository.getGerritUsers", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "projectSFID": projectSFID, - } - log.WithFields(f).Debugf("querying gerrit for %s gerrit users...", claType) - gerritIclaUsers, getGerritQueryErr := repo.gerritService.GetUsersOfGroup(ctx, authUser, projectSFID, claType) - if getGerritQueryErr != nil || gerritIclaUsers == nil { - msg := fmt.Sprintf("unable to fetch gerrit users for claGroup: %s , claType: %s ", projectSFID, claType) - log.WithFields(f).WithError(getGerritQueryErr).Warn(msg) - gerritResultChannel <- &GerritUserResponse{ - gerritGroupResponse: nil, - queryType: claType, - Error: errors.New(msg), - } - return - } - - log.WithFields(f).Debugf("retrieved %d gerrit users for CLA type: %s...", len(gerritIclaUsers.Members), claType) - gerritResultChannel <- &GerritUserResponse{ - gerritGroupResponse: gerritIclaUsers, - queryType: claType, - Error: nil, - } -} +// func (repo repository) getGerritUsers(ctx context.Context, authUser *auth.User, projectSFID string, claType string, gerritResultChannel chan *GerritUserResponse) { +// // f := logrus.Fields{ +// // "functionName": "v1.signatures.repository.getGerritUsers", +// // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), +// // "projectSFID": projectSFID, +// // } +// // log.WithFields(f).Debugf("querying gerrit for %s gerrit users...", claType) +// // gerritIclaUsers, getGerritQueryErr := repo.gerritService.GetUsersOfGroup(ctx, authUser, projectSFID, claType) +// // if getGerritQueryErr != nil || gerritIclaUsers == nil { +// // msg := fmt.Sprintf("unable to fetch gerrit users for claGroup: %s , claType: %s ", projectSFID, claType) +// // log.WithFields(f).WithError(getGerritQueryErr).Warn(msg) +// // gerritResultChannel <- &GerritUserResponse{ +// // gerritGroupResponse: nil, +// // queryType: claType, +// // Error: errors.New(msg), +// // } +// // return +// // } + +// // log.WithFields(f).Debugf("retrieved %d gerrit users for CLA type: %s...", len(gerritIclaUsers.Members), claType) +// gerritResultChannel <- &GerritUserResponse{ +// gerritGroupResponse: nil, +// queryType: claType, +// Error: nil, +// } +// } func buildNextKey(indexName string, signature *models.Signature) (string, error) { nextKey := make(map[string]*dynamodb.AttributeValue) diff --git a/cla-backend-go/swagger/cla.v2.yaml b/cla-backend-go/swagger/cla.v2.yaml index 098fceb2f..f84d6ee3a 100644 --- a/cla-backend-go/swagger/cla.v2.yaml +++ b/cla-backend-go/swagger/cla.v2.yaml @@ -3222,201 +3222,201 @@ paths: tags: - gerrits - /cla-group/{claGroupID}/project/{projectSFID}/gerrits/icla/user: - get: - summary: Get Gerrit ICLA Users - description: Gets the authorized individual CLA users from a gerrit instance for the CLA Group/Projecct - operationId: getGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - schema: - $ref: '#/definitions/gerrit-group-response' - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - put: - summary: Add Gerrit ICLA Users - description: Adds one or more individual CLA users to the gerrit CLA Group/project - operationId: addGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: add-gerrit-user-input - schema: - $ref: '#/definitions/add-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - delete: - summary: Remove Gerrit ICLA Users - description: Removes one or more individual CLA users from a gerrit instance for the CLA Group/Project - operationId: removeGerritICLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: remove-gerrit-user-input - schema: - $ref: '#/definitions/remove-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - - /cla-group/{claGroupID}/project/{projectSFID}/gerrits/ecla/user: - get: - summary: Get Gerrit ECLA Users - description: Gets the authorized employee CLA users from a gerrit instance for the CLA Group/Projecct - operationId: getGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - schema: - $ref: '#/definitions/gerrit-group-response' - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - put: - summary: Add Gerrit ECLA Users - description: Adds one or more employee CLA users to a gerrit instance for the CLA Group/Project - operationId: addGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: add-gerrit-user-input - schema: - $ref: '#/definitions/add-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits - delete: - summary: Remove Gerrit ECLA Users - description: Removes one or more employee CLA users from a gerrit instance for the project - operationId: removeGerritECLAUser - parameters: - - $ref: "#/parameters/x-request-id" - - $ref: "#/parameters/x-acl" - - $ref: "#/parameters/x-username" - - $ref: "#/parameters/x-email" - - $ref: "#/parameters/path-claGroupID" - - $ref: "#/parameters/path-projectSFID" - - in: body - name: remove-gerrit-user-input - schema: - $ref: '#/definitions/remove-gerrit-user-input' - required: true - responses: - '200': - description: 'Success' - headers: - x-request-id: - type: string - description: The unique request ID value - assigned/set by the API Gateway based on the session - '400': - $ref: '#/responses/invalid-request' - '403': - $ref: '#/responses/forbidden' - '409': - $ref: '#/responses/conflict' - '500': - $ref: '#/responses/internal-server-error' - tags: - - gerrits + # /cla-group/{claGroupID}/project/{projectSFID}/gerrits/icla/user: + # get: + # summary: Get Gerrit ICLA Users + # description: Gets the authorized individual CLA users from a gerrit instance for the CLA Group/Projecct + # operationId: getGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # schema: + # $ref: '#/definitions/gerrit-group-response' + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # put: + # summary: Add Gerrit ICLA Users + # description: Adds one or more individual CLA users to the gerrit CLA Group/project + # operationId: addGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: add-gerrit-user-input + # schema: + # $ref: '#/definitions/add-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # delete: + # summary: Remove Gerrit ICLA Users + # description: Removes one or more individual CLA users from a gerrit instance for the CLA Group/Project + # operationId: removeGerritICLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: remove-gerrit-user-input + # schema: + # $ref: '#/definitions/remove-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + + # /cla-group/{claGroupID}/project/{projectSFID}/gerrits/ecla/user: + # get: + # summary: Get Gerrit ECLA Users + # description: Gets the authorized employee CLA users from a gerrit instance for the CLA Group/Projecct + # operationId: getGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # schema: + # $ref: '#/definitions/gerrit-group-response' + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # put: + # summary: Add Gerrit ECLA Users + # description: Adds one or more employee CLA users to a gerrit instance for the CLA Group/Project + # operationId: addGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: add-gerrit-user-input + # schema: + # $ref: '#/definitions/add-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits + # delete: + # summary: Remove Gerrit ECLA Users + # description: Removes one or more employee CLA users from a gerrit instance for the project + # operationId: removeGerritECLAUser + # parameters: + # - $ref: "#/parameters/x-request-id" + # - $ref: "#/parameters/x-acl" + # - $ref: "#/parameters/x-username" + # - $ref: "#/parameters/x-email" + # - $ref: "#/parameters/path-claGroupID" + # - $ref: "#/parameters/path-projectSFID" + # - in: body + # name: remove-gerrit-user-input + # schema: + # $ref: '#/definitions/remove-gerrit-user-input' + # required: true + # responses: + # '200': + # description: 'Success' + # headers: + # x-request-id: + # type: string + # description: The unique request ID value - assigned/set by the API Gateway based on the session + # '400': + # $ref: '#/responses/invalid-request' + # '403': + # $ref: '#/responses/forbidden' + # '409': + # $ref: '#/responses/conflict' + # '500': + # $ref: '#/responses/internal-server-error' + # tags: + # - gerrits /cla-group/{claGroupID}/user/{userID}/icla: put: summary: Invalidate ICLA record diff --git a/cla-backend-go/swagger/common/add-gerrit-input.yaml b/cla-backend-go/swagger/common/add-gerrit-input.yaml index 9ad977a16..858bafa89 100644 --- a/cla-backend-go/swagger/common/add-gerrit-input.yaml +++ b/cla-backend-go/swagger/common/add-gerrit-input.yaml @@ -26,20 +26,6 @@ properties: minLength: 10 maxLength: 255 pattern: ^(?:http(s)?:\/\/).+$ - groupIdCcla: - type: string - description: the LDAP group ID for CCLA encoded as a string value - example: '1902' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ - groupIdIcla: - type: string - description: the LDAP group ID for ICLA encoded as a string value - example: '1903' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ version: type: string description: the version associated with the gerrit record diff --git a/cla-backend-go/swagger/common/gerrit.yaml b/cla-backend-go/swagger/common/gerrit.yaml index 589cc40c2..e3d738c44 100644 --- a/cla-backend-go/swagger/common/gerrit.yaml +++ b/cla-backend-go/swagger/common/gerrit.yaml @@ -40,25 +40,6 @@ properties: minLength: 1 maxLength: 12 pattern: ^[1-9]\d{0,11}$ - groupIdIcla: - type: string - description: the LDAP group ID for ICLA encoded as a string value - example: '1903' - minLength: 1 - maxLength: 12 - pattern: ^[1-9]\d{0,11}$ - groupNameCcla: - type: string - description: the LDAP group name for CCLA - example: 'onap-cla-ccla' - minLength: 3 - maxLength: 20 - groupNameIcla: - type: string - description: the LDAP group name for ICLA - example: 'onap-cla-icla' - minLength: 3 - maxLength: 20 projectSFID: type: string description: the Project SalesForce ID (external ID) associated with this gerrit record diff --git a/cla-backend-go/v2/gerrits/handlers.go b/cla-backend-go/v2/gerrits/handlers.go index c0da4a705..1fb02686a 100644 --- a/cla-backend-go/v2/gerrits/handlers.go +++ b/cla-backend-go/v2/gerrits/handlers.go @@ -129,11 +129,9 @@ func Configure(api *operations.EasyclaAPI, v1Service v1Gerrits.Service, projectS // add the gerrit addGerritInput := &v1Models.AddGerritInput{ - GerritName: params.AddGerritInput.GerritName, - GerritURL: params.AddGerritInput.GerritURL, - GroupIDCcla: params.AddGerritInput.GroupIDCcla, - GroupIDIcla: params.AddGerritInput.GroupIDIcla, - Version: "v2", + GerritName: params.AddGerritInput.GerritName, + GerritURL: params.AddGerritInput.GerritURL, + Version: "v2", } result, err := v1Service.AddGerrit(ctx, params.ClaGroupID, params.ProjectSFID, addGerritInput, projectModel) if err != nil { @@ -261,195 +259,195 @@ func Configure(api *operations.EasyclaAPI, v1Service v1Gerrits.Service, projectS return gerrits.NewGetGerritReposOK().WithXRequestID(reqID).WithPayload(&response) }) - api.GerritsGetGerritICLAUserHandler = gerrits.GetGerritICLAUserHandlerFunc(func(params gerrits.GetGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsGetGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewGetGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("getting user list to gerrit...") - responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewGetGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewGetGerritICLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) - }) - - api.GerritsGetGerritECLAUserHandler = gerrits.GetGerritECLAUserHandlerFunc(func(params gerrits.GetGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsGetGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewGetGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("getting user list to gerrit...") - responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewGetGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewGetGerritECLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) - }) - - api.GerritsAddGerritICLAUserHandler = gerrits.AddGerritICLAUserHandlerFunc(func(params gerrits.AddGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsAddGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.AddGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewAddGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("adding user list to gerrit...") - err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewAddGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewAddGerritICLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsRemoveGerritICLAUserHandler = gerrits.RemoveGerritICLAUserHandlerFunc(func(params gerrits.RemoveGerritICLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsRemoveGerritICLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewRemoveGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("removing user list from gerrit...") - err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeICLA) - if err != nil { - msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewRemoveGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewRemoveGerritICLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsAddGerritECLAUserHandler = gerrits.AddGerritECLAUserHandlerFunc(func(params gerrits.AddGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsAddGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.AddGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewAddGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("adding user list to gerrit...") - err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewAddGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewAddGerritECLAUserOK().WithXRequestID(reqID) - }) - - api.GerritsRemoveGerritECLAUserHandler = gerrits.RemoveGerritECLAUserHandlerFunc(func(params gerrits.RemoveGerritECLAUserParams, authUser *auth.User) middleware.Responder { - reqID := utils.GetRequestID(params.XREQUESTID) - ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint - utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) - f := logrus.Fields{ - "functionName": "v2.gerrits.handlers.GerritsRemoveGerritECLAUserHandler", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "authUserName": authUser.UserName, - "authUserEmail": authUser.Email, - "claGroupID": params.ClaGroupID, - "projectSFID": params.ProjectSFID, - "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), - } - - // verify user have access to the project - if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { - msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) - log.WithFields(f).Warn(msg) - return gerrits.NewRemoveGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) - } - - log.WithFields(f).Debugf("removing user list from gerrit...") - err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeECLA) - if err != nil { - msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) - log.WithFields(f).WithError(err).Warn(msg) - return gerrits.NewRemoveGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) - } - - return gerrits.NewRemoveGerritECLAUserOK().WithXRequestID(reqID) - }) + // api.GerritsGetGerritICLAUserHandler = gerrits.GetGerritICLAUserHandlerFunc(func(params gerrits.GetGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsGetGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewGetGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("getting user list to gerrit...") + // responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewGetGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewGetGerritICLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) + // }) + + // api.GerritsGetGerritECLAUserHandler = gerrits.GetGerritECLAUserHandlerFunc(func(params gerrits.GetGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsGetGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to get gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewGetGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("getting user list to gerrit...") + // responseModel, err := v1Service.GetUsersOfGroup(ctx, authUser, params.ClaGroupID, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem getting user list of CLA Group %s", params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewGetGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewGetGerritECLAUserOK().WithXRequestID(reqID).WithPayload(responseModel) + // }) + + // api.GerritsAddGerritICLAUserHandler = gerrits.AddGerritICLAUserHandlerFunc(func(params gerrits.AddGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsAddGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.AddGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewAddGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("adding user list to gerrit...") + // err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewAddGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewAddGerritICLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsRemoveGerritICLAUserHandler = gerrits.RemoveGerritICLAUserHandlerFunc(func(params gerrits.RemoveGerritICLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsRemoveGerritICLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewRemoveGerritICLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("removing user list from gerrit...") + // err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeICLA) + // if err != nil { + // msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewRemoveGerritICLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewRemoveGerritICLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsAddGerritECLAUserHandler = gerrits.AddGerritECLAUserHandlerFunc(func(params gerrits.AddGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsAddGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.AddGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to add gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewAddGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("adding user list to gerrit...") + // err := v1Service.AddUsersToGroup(ctx, authUser, params.ClaGroupID, params.AddGerritUserInput, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem adding user list %s to CLA Group %s", strings.Join(params.AddGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewAddGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewAddGerritECLAUserOK().WithXRequestID(reqID) + // }) + + // api.GerritsRemoveGerritECLAUserHandler = gerrits.RemoveGerritECLAUserHandlerFunc(func(params gerrits.RemoveGerritECLAUserParams, authUser *auth.User) middleware.Responder { + // reqID := utils.GetRequestID(params.XREQUESTID) + // ctx := context.WithValue(context.Background(), utils.XREQUESTID, reqID) // nolint + // utils.SetAuthUserProperties(authUser, params.XUSERNAME, params.XEMAIL) + // f := logrus.Fields{ + // "functionName": "v2.gerrits.handlers.GerritsRemoveGerritECLAUserHandler", + // utils.XREQUESTID: ctx.Value(utils.XREQUESTID), + // "authUserName": authUser.UserName, + // "authUserEmail": authUser.Email, + // "claGroupID": params.ClaGroupID, + // "projectSFID": params.ProjectSFID, + // "gerritUsers": strings.Join(params.RemoveGerritUserInput, ","), + // } + + // // verify user have access to the project + // if !utils.IsUserAuthorizedForProjectTree(ctx, authUser, params.ProjectSFID, utils.ALLOW_ADMIN_SCOPE) { + // msg := fmt.Sprintf("user %s does not have access to remove gerrit users with Project scope of %s", authUser.UserName, params.ProjectSFID) + // log.WithFields(f).Warn(msg) + // return gerrits.NewRemoveGerritECLAUserForbidden().WithXRequestID(reqID).WithPayload(utils.ErrorResponseForbidden(reqID, msg)) + // } + + // log.WithFields(f).Debugf("removing user list from gerrit...") + // err := v1Service.RemoveUsersFromGroup(ctx, authUser, params.ClaGroupID, params.RemoveGerritUserInput, utils.ClaTypeECLA) + // if err != nil { + // msg := fmt.Sprintf("problem removing user list %s to CLA Group %s", strings.Join(params.RemoveGerritUserInput, ","), params.ClaGroupID) + // log.WithFields(f).WithError(err).Warn(msg) + // return gerrits.NewRemoveGerritECLAUserInternalServerError().WithXRequestID(reqID).WithPayload(utils.ErrorResponseInternalServerErrorWithError(reqID, msg, err)) + // } + + // return gerrits.NewRemoveGerritECLAUserOK().WithXRequestID(reqID) + // }) } diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index 286e3b3a5..57ed40787 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -1007,17 +1007,17 @@ func (s *service) SignedIndividualCallbackGerrit(ctx context.Context, payload [] CLAGroupID: signature.ProjectID, }) - // Add User to Gerrit Group - if claUser.LfUsername != "" { - log.WithFields(f).Debugf("adding user to gerrit group: %s", claUser.LfUsername) - err = s.gerritService.AddUserToGroup(ctx, nil, signature.ProjectID, claUser.LfUsername, utils.ClaTypeICLA) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") - return err - } - } else { - log.WithFields(f).Warnf("user LF username is empty") - } + // // Add User to Gerrit Group + // if claUser.LfUsername != "" { + // log.WithFields(f).Debugf("adding user to gerrit group: %s", claUser.LfUsername) + // err = s.gerritService.AddUserToGroup(ctx, nil, signature.ProjectID, claUser.LfUsername, utils.ClaTypeICLA) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") + // return err + // } + // } else { + // log.WithFields(f).Warnf("user LF username is empty") + // } } else { log.WithFields(f).Debugf("envelope not signed - status: %s", status) @@ -1194,30 +1194,30 @@ func (s *service) SignedCorporateCallback(ctx context.Context, payload []byte, c CompanySFID: companyModel.CompanyExternalID, }) - // Check if project is a gerrit instance - var gerrits []*v1Models.Gerrit - gerritList, err := s.gerritService.GetClaGroupGerrits(ctx, projectID) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to get gerrit instances for project: %s", projectID) - gerrits = []*v1Models.Gerrit{} - } else { - log.WithFields(f).Debugf("gerrit instances found for project: %s", projectID) - gerrits = gerritList.List - } - - // Add User to Gerrit Group - if len(gerrits) > 0 { - if user.LfUsername != "" { - log.WithFields(f).Debugf("adding user to gerrit group: %s", user.LfUsername) - err = s.gerritService.AddUserToGroup(ctx, nil, projectID, user.LfUsername, utils.ClaTypeCCLA) - if err != nil { - log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") - return err - } - } else { - log.WithFields(f).Warnf("user LF username is empty") - } - } + // // Check if project is a gerrit instance + // var gerrits []*v1Models.Gerrit + // gerritList, err := s.gerritService.GetClaGroupGerrits(ctx, projectID) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to get gerrit instances for project: %s", projectID) + // gerrits = []*v1Models.Gerrit{} + // } else { + // log.WithFields(f).Debugf("gerrit instances found for project: %s", projectID) + // gerrits = gerritList.List + // } + + // // Add User to Gerrit Group + // if len(gerrits) > 0 { + // if user.LfUsername != "" { + // log.WithFields(f).Debugf("adding user to gerrit group: %s", user.LfUsername) + // err = s.gerritService.AddUserToGroup(ctx, nil, projectID, user.LfUsername, utils.ClaTypeCCLA) + // if err != nil { + // log.WithFields(f).WithError(err).Warnf("unable to add user to gerrit group") + // return err + // } + // } else { + // log.WithFields(f).Warnf("user LF username is empty") + // } + // } return nil From a94dc3ace2f9fba01ae67d4fec1154e2128aa4d5 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Thu, 22 Aug 2024 17:01:30 +0300 Subject: [PATCH 02/59] Revert "Revert "Feature/Gerrit Post response update"" This reverts commit e1f605c1a461aeb1f8e4ca9395ace6c246e31ca7. --- cla-backend-go/api_client/api_client.go | 27 ++++ .../api_client/mocks/mock_client.go | 54 +++++++ cla-backend-go/gerrits/mocks/mock_service.go | 143 ++++++++++++++++++ cla-backend-go/gerrits/service.go | 74 +++++++-- cla-backend-go/gerrits/service_test.go | 123 ++++++++++++--- 5 files changed, 386 insertions(+), 35 deletions(-) create mode 100644 cla-backend-go/api_client/api_client.go create mode 100644 cla-backend-go/api_client/mocks/mock_client.go create mode 100644 cla-backend-go/gerrits/mocks/mock_service.go diff --git a/cla-backend-go/api_client/api_client.go b/cla-backend-go/api_client/api_client.go new file mode 100644 index 000000000..42c0d1999 --- /dev/null +++ b/cla-backend-go/api_client/api_client.go @@ -0,0 +1,27 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +package apiclient + +import ( + "context" + "net/http" +) + +type APIClient interface { + GetData(ctx context.Context, url string) (*http.Response, error) +} + +type RestAPIClient struct { + Client *http.Client +} + +// GetData makes a get request to the specified url + +func (c *RestAPIClient) GetData(ctx context.Context, url string) (*http.Response, error) { + req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil) + if err != nil { + return nil, err + } + return c.Client.Do(req) +} diff --git a/cla-backend-go/api_client/mocks/mock_client.go b/cla-backend-go/api_client/mocks/mock_client.go new file mode 100644 index 000000000..08dd5ceba --- /dev/null +++ b/cla-backend-go/api_client/mocks/mock_client.go @@ -0,0 +1,54 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +// Code generated by MockGen. DO NOT EDIT. +// Source: api_client/api_client.go + +// Package mock_apiclient is a generated GoMock package. +package mock_apiclient + +import ( + context "context" + http "net/http" + reflect "reflect" + + gomock "github.com/golang/mock/gomock" +) + +// MockAPIClient is a mock of APIClient interface. +type MockAPIClient struct { + ctrl *gomock.Controller + recorder *MockAPIClientMockRecorder +} + +// MockAPIClientMockRecorder is the mock recorder for MockAPIClient. +type MockAPIClientMockRecorder struct { + mock *MockAPIClient +} + +// NewMockAPIClient creates a new mock instance. +func NewMockAPIClient(ctrl *gomock.Controller) *MockAPIClient { + mock := &MockAPIClient{ctrl: ctrl} + mock.recorder = &MockAPIClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockAPIClient) EXPECT() *MockAPIClientMockRecorder { + return m.recorder +} + +// GetData mocks base method. +func (m *MockAPIClient) GetData(ctx context.Context, url string) (*http.Response, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetData", ctx, url) + ret0, _ := ret[0].(*http.Response) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetData indicates an expected call of GetData. +func (mr *MockAPIClientMockRecorder) GetData(ctx, url interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetData", reflect.TypeOf((*MockAPIClient)(nil).GetData), ctx, url) +} diff --git a/cla-backend-go/gerrits/mocks/mock_service.go b/cla-backend-go/gerrits/mocks/mock_service.go new file mode 100644 index 000000000..64ba64d65 --- /dev/null +++ b/cla-backend-go/gerrits/mocks/mock_service.go @@ -0,0 +1,143 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +// Code generated by MockGen. DO NOT EDIT. +// Source: gerrits/service.go + +// Package mock_gerrits is a generated GoMock package. +package mock_gerrits + +import ( + context "context" + reflect "reflect" + + models "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + gomock "github.com/golang/mock/gomock" +) + +// MockService is a mock of Service interface. +type MockService struct { + ctrl *gomock.Controller + recorder *MockServiceMockRecorder +} + +// MockServiceMockRecorder is the mock recorder for MockService. +type MockServiceMockRecorder struct { + mock *MockService +} + +// NewMockService creates a new mock instance. +func NewMockService(ctrl *gomock.Controller) *MockService { + mock := &MockService{ctrl: ctrl} + mock.recorder = &MockServiceMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockService) EXPECT() *MockServiceMockRecorder { + return m.recorder +} + +// AddGerrit mocks base method. +func (m *MockService) AddGerrit(ctx context.Context, claGroupID, projectSFID string, input *models.AddGerritInput, claGroupModel *models.ClaGroup) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "AddGerrit", ctx, claGroupID, projectSFID, input, claGroupModel) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// AddGerrit indicates an expected call of AddGerrit. +func (mr *MockServiceMockRecorder) AddGerrit(ctx, claGroupID, projectSFID, input, claGroupModel interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AddGerrit", reflect.TypeOf((*MockService)(nil).AddGerrit), ctx, claGroupID, projectSFID, input, claGroupModel) +} + +// DeleteClaGroupGerrits mocks base method. +func (m *MockService) DeleteClaGroupGerrits(ctx context.Context, claGroupID string) (int, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteClaGroupGerrits", ctx, claGroupID) + ret0, _ := ret[0].(int) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// DeleteClaGroupGerrits indicates an expected call of DeleteClaGroupGerrits. +func (mr *MockServiceMockRecorder) DeleteClaGroupGerrits(ctx, claGroupID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteClaGroupGerrits", reflect.TypeOf((*MockService)(nil).DeleteClaGroupGerrits), ctx, claGroupID) +} + +// DeleteGerrit mocks base method. +func (m *MockService) DeleteGerrit(ctx context.Context, gerritID string) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "DeleteGerrit", ctx, gerritID) + ret0, _ := ret[0].(error) + return ret0 +} + +// DeleteGerrit indicates an expected call of DeleteGerrit. +func (mr *MockServiceMockRecorder) DeleteGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DeleteGerrit", reflect.TypeOf((*MockService)(nil).DeleteGerrit), ctx, gerritID) +} + +// GetClaGroupGerrits mocks base method. +func (m *MockService) GetClaGroupGerrits(ctx context.Context, claGroupID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetClaGroupGerrits", ctx, claGroupID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetClaGroupGerrits indicates an expected call of GetClaGroupGerrits. +func (mr *MockServiceMockRecorder) GetClaGroupGerrits(ctx, claGroupID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClaGroupGerrits", reflect.TypeOf((*MockService)(nil).GetClaGroupGerrits), ctx, claGroupID) +} + +// GetGerrit mocks base method. +func (m *MockService) GetGerrit(ctx context.Context, gerritID string) (*models.Gerrit, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerrit", ctx, gerritID) + ret0, _ := ret[0].(*models.Gerrit) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerrit indicates an expected call of GetGerrit. +func (mr *MockServiceMockRecorder) GetGerrit(ctx, gerritID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerrit", reflect.TypeOf((*MockService)(nil).GetGerrit), ctx, gerritID) +} + +// GetGerritRepos mocks base method. +func (m *MockService) GetGerritRepos(ctx context.Context, gerritName string) (*models.GerritRepoList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritRepos", ctx, gerritName) + ret0, _ := ret[0].(*models.GerritRepoList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritRepos indicates an expected call of GetGerritRepos. +func (mr *MockServiceMockRecorder) GetGerritRepos(ctx, gerritName interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritRepos", reflect.TypeOf((*MockService)(nil).GetGerritRepos), ctx, gerritName) +} + +// GetGerritsByProjectSFID mocks base method. +func (m *MockService) GetGerritsByProjectSFID(ctx context.Context, projectSFID string) (*models.GerritList, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetGerritsByProjectSFID", ctx, projectSFID) + ret0, _ := ret[0].(*models.GerritList) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetGerritsByProjectSFID indicates an expected call of GetGerritsByProjectSFID. +func (mr *MockServiceMockRecorder) GetGerritsByProjectSFID(ctx, projectSFID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGerritsByProjectSFID", reflect.TypeOf((*MockService)(nil).GetGerritsByProjectSFID), ctx, projectSFID) +} diff --git a/cla-backend-go/gerrits/service.go b/cla-backend-go/gerrits/service.go index dd1249515..01d0414a4 100644 --- a/cla-backend-go/gerrits/service.go +++ b/cla-backend-go/gerrits/service.go @@ -8,14 +8,19 @@ import ( "encoding/json" "errors" "fmt" + "io" + "net/http" "net/url" "strings" + "time" // "github.com/LF-Engineering/lfx-kit/auth" "github.com/go-openapi/strfmt" - "github.com/go-resty/resty/v2" + + // "github.com/go-resty/resty/v2" + apiclient "github.com/communitybridge/easycla/cla-backend-go/api_client" "github.com/sirupsen/logrus" "github.com/communitybridge/easycla/cla-backend-go/utils" @@ -84,6 +89,27 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s ProjectSFID: projectSFID, Version: params.Version, } + + // Get the gerrit repos + log.WithFields(f).Debugf("fetching gerrit repos for gerrit instance: %s", *params.GerritURL) + gerritHost, err := extractGerritHost(*params.GerritURL, f) + if err != nil { + return nil, err + } + gerritRepoList, getRepoErr := s.GetGerritRepos(ctx, gerritHost) + if getRepoErr != nil { + log.WithFields(f).WithError(getRepoErr).Warnf("problem fetching gerrit repos, error: %+v", getRepoErr) + return nil, getRepoErr + } + + log.WithFields(f).Debugf("discovered %d gerrit repos", len(gerritRepoList.Repos)) + log.WithFields(f).Debugf("gerrit repo list %+v", gerritRepoList) + // Set the connected flag - for now, we just set this value to true + for _, repo := range gerritRepoList.Repos { + repo.Connected = true + } + input.GerritRepoList = gerritRepoList + log.WithFields(f).Debugf("gerrit input %+v", input) return s.repo.AddGerrit(ctx, input) } @@ -216,6 +242,7 @@ func convertModel(responseModel map[string]GerritRepoInfo, serverInfo *ServerInf URL: strfmt.URI(weblink.URL), }) } + log.Debugf("Processing repo: %s, weblinks: %+v", name, weblinks) claEnabled := false if serverInfo != nil && serverInfo.Auth.UseContributorAgreements { @@ -260,7 +287,11 @@ func listGerritRepos(ctx context.Context, gerritHost string) (map[string]GerritR utils.XREQUESTID: ctx.Value(utils.XREQUESTID), "gerritHost": gerritHost, } - client := resty.New() + client := &apiclient.RestAPIClient{ + Client: &http.Client{ + Timeout: 10 * time.Second, + }, + } base := "https://" + gerritHost @@ -269,28 +300,40 @@ func listGerritRepos(ctx context.Context, gerritHost string) (map[string]GerritR return nil, gerritAPIPathErr } + log.WithFields(f).Debugf("gerrit API path using client: %s", gerritAPIPath) + if gerritAPIPath != "" { base = fmt.Sprintf("https://%s/%s", gerritHost, gerritAPIPath) } - resp, err := client.R(). - EnableTrace(). - Get(fmt.Sprintf("%s/projects/?d&pp=0", base)) + url := fmt.Sprintf("%s/projects/?d&pp=0", base) + resp, err := client.GetData(ctx, url) + if err != nil { - log.WithFields(f).Warnf("problem querying gerrit host: %s, error: %+v", gerritHost, err) return nil, err } - if resp.IsError() { - msg := fmt.Sprintf("non-success response from list gerrit host repos for gerrit %s, error code: %s", gerritHost, resp.Status()) - log.WithFields(f).Warn(msg) - return nil, errors.New(msg) + defer func() { + if err = resp.Body.Close(); err != nil { + log.WithFields(f).Debugf("Failed to close response body; %v", err) + } + }() + + log.WithFields(f).Debugf("response: %+v", resp.Body) + + // Get the response body + body, err := io.ReadAll(resp.Body) + if err != nil { + return nil, err } - var result map[string]GerritRepoInfo // Need to strip off the leading "magic prefix line" from the response payload, which is: )]}' // See: https://gerrit.linuxfoundation.org/infra/Documentation/rest-api.html#output - err = json.Unmarshal(resp.Body()[4:], &result) + strippedBody := stripMagicPrefix(body) + + var result map[string]GerritRepoInfo + + err = json.Unmarshal(strippedBody, &result) if err != nil { log.WithFields(f).Warnf("problem unmarshalling response for gerrit host: %s, error: %+v", gerritHost, err) return nil, err @@ -299,6 +342,13 @@ func listGerritRepos(ctx context.Context, gerritHost string) (map[string]GerritR return result, nil } +func stripMagicPrefix(data []byte) []byte { + if len(data) > 4 { + return data[4:] + } + return data +} + // getGerritConfig returns the gerrit configuration for the specified host func getGerritConfig(ctx context.Context, gerritHost string) (*ServerInfo, error) { f := logrus.Fields{ diff --git a/cla-backend-go/gerrits/service_test.go b/cla-backend-go/gerrits/service_test.go index 457361f6a..5e9abdac4 100644 --- a/cla-backend-go/gerrits/service_test.go +++ b/cla-backend-go/gerrits/service_test.go @@ -4,44 +4,121 @@ package gerrits import ( + // "bytes" "context" + // "io" + // "net/http" "testing" + // mock_apiclient "github.com/communitybridge/easycla/cla-backend-go/api_client/mocks" "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" gerritsMock "github.com/communitybridge/easycla/cla-backend-go/gerrits/mocks" + "github.com/go-openapi/strfmt" "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" ) func TestService_AddGerrit(t *testing.T) { - // AddGerrit test case - gerritName := "ONAP" - gerritURL := "https://gerrit.onap.org" + gerritName := "gerritName" + gerritURL := "https://mockapi.gerrit.dev.itx.linuxfoundation.org/" + // gerritHost := "mockapi.gerrit.dev.itx.linuxfoundation.org" + repos := []*models.GerritRepo{ + { + ClaEnabled: true, + Connected: true, + ContributorAgreements: []*models.GerritRepoContributorAgreementsItems0{ + { + Description: "CCLA (Corporate Contributor License Agreement) for SUN", + Name: "CCLA", + URL: "https://api.dev.lfcla.com/v2/gerrit/01af041c-fa69-4052-a23c-fb8c1d3bef24/corporate/agreementUrl.html", + }, + { + Description: "ICLA (Individual Contributor License Agreement) for SUN", + Name: "ICLA", + URL: "https://api.dev.lfcla.com/v2/gerrit/01af041c-fa69-4052-a23c-fb8c1d3bef24/individual/agreementUrl.html", + }, + }, + Description: "Access inherited by all other projects.", + ID: "All-Projects", + Name: "All-Projects", + State: "ACTIVE", + WebLinks: []*models.GerritRepoWebLinksItems0{ + { + Name: "browse", + URL: "/plugins/gitiles/All-Projects", + }, + }, + }, + } - ctrl := gomock.NewController(t) - defer ctrl.Finish() + testCases := []struct { + name string + claGroupID string + projectSFID string + params *models.AddGerritInput + gerritRepoList *models.GerritRepoList + ReposExist []*models.Gerrit + repoListErr error + claGroupModel *models.ClaGroup + expectedResult *models.Gerrit + expectedError error + }{ + { + name: "Valid input", + claGroupID: "claGroupID", + projectSFID: "projectSFID", + params: &models.AddGerritInput{ + GerritName: &gerritName, + GerritURL: &gerritURL, + Version: "version", + }, + ReposExist: []*models.Gerrit{}, + gerritRepoList: &models.GerritRepoList{ + Repos: repos, + }, + repoListErr: nil, + claGroupModel: &models.ClaGroup{}, + expectedResult: &models.Gerrit{ + GerritName: gerritName, + GerritURL: strfmt.URI(gerritURL), + ProjectID: "claGroupID", + ProjectSFID: "projectSFID", + Version: "version", + GerritRepoList: &models.GerritRepoList{ + Repos: repos, + }, + }, + expectedError: nil, + }, + } - mockRepo := gerritsMock.NewMockRepository(ctrl) - mockRepo.EXPECT().AddGerrit(gomock.Any(), gomock.Any()).Return(&models.Gerrit{ - GerritID: "e82c469a-55ea-492d-9722-fd30b31da2aa", - GerritName: "ONAP", - GerritURL: "https://gerrit.onap.org", - ProjectID: "projectID", - }, nil) + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + ctrl := gomock.NewController(t) + defer ctrl.Finish() + mockRepo := gerritsMock.NewMockRepository(ctrl) + mockRepo.EXPECT().ExistsByName(context.Background(), gerritName).Return(tc.ReposExist, nil) + gerrit := &models.Gerrit{ + GerritName: gerritName, + GerritURL: strfmt.URI(gerritURL), + ProjectID: "claGroupID", + ProjectSFID: "projectSFID", + Version: "version", + GerritRepoList: tc.gerritRepoList, + } - //Gerrit repo by name does not exist - mockRepo.EXPECT().ExistsByName(context.TODO(), "ONAP").Return(nil, nil) + mockRepo.EXPECT().AddGerrit(gomock.Any(), gomock.Any()).Return(gerrit, nil) - service := NewService(mockRepo) - gerrit, err := service.AddGerrit(context.TODO(), "projectID", "projectSFID", &models.AddGerritInput{ - GerritName: &gerritName, - GerritURL: &gerritURL, - }, &models.ClaGroup{ - ProjectID: "projectID", - }) + service := NewService(mockRepo) - assert.NotNil(t, gerrit) - assert.NoError(t, err) + result, err := service.AddGerrit(context.Background(), tc.claGroupID, tc.projectSFID, tc.params, tc.claGroupModel) + if err != nil { + t.Fatalf("Add Gerrit returned an error: %v", err) + } + assert.Equal(t, tc.expectedResult, result) + assert.Equal(t, repos, result.GerritRepoList.Repos) + }) + } } From fbb7985385a45e1b265e5ed7118b399384dd83f5 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Wed, 28 Aug 2024 19:50:41 +0300 Subject: [PATCH 03/59] [#4394] Feature/Script - Script that checks activity logs for a project and lfusername Signed-off-by: Harold Wanyama --- cla-backend-go/cmd/ldap_gerrit_check/main.go | 154 +++++++++++++++++++ 1 file changed, 154 insertions(+) create mode 100644 cla-backend-go/cmd/ldap_gerrit_check/main.go diff --git a/cla-backend-go/cmd/ldap_gerrit_check/main.go b/cla-backend-go/cmd/ldap_gerrit_check/main.go new file mode 100644 index 000000000..7e5eb75e5 --- /dev/null +++ b/cla-backend-go/cmd/ldap_gerrit_check/main.go @@ -0,0 +1,154 @@ +// Copyright The Linux Foundation and each contributor to CommunityBridge. +// SPDX-License-Identifier: MIT + +package main + +import ( + // "context" + "encoding/csv" + "flag" + "fmt" + "os" + "sync" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/communitybridge/easycla/cla-backend-go/events" + "github.com/communitybridge/easycla/cla-backend-go/gen/v1/models" + eventOps "github.com/communitybridge/easycla/cla-backend-go/gen/v1/restapi/operations/events" + log "github.com/communitybridge/easycla/cla-backend-go/logging" + // "github.com/communitybridge/easycla/cla-backend-go/users" +) + +var awsSession = session.Must(session.NewSession(&aws.Config{})) +var stage string + +func main() { + stage = os.Getenv("STAGE") + if stage == "" { + log.Fatal("stage not set") + } + log.Infof("STAGE set to %s\n", stage) + + var wg sync.WaitGroup + var mu sync.Mutex + + // Initialize the events repository + eventsRepo := events.NewRepository(awsSession, stage) + eventService := events.NewService(eventsRepo,nil) + + // Initialize the users repository + // usersRepo := users.NewRepository(awsSession, stage) + + inputFilename := flag.String("input-file", "", "Input with a given list of lf usernames") + claGroup := flag.String("cla-group-id", "", "The ID of the CLA group") + claGroupName := flag.String("cla-group-name", "", "The name of the CLA group") + flag.Parse() + + if *inputFilename == "" || *claGroup == "" { + log.Fatalf("Both input-file and cla-group are required") + } + + log.Debugf("Input file: %s", *inputFilename) + + file, err := os.Open(*inputFilename) + if err != nil { + log.Fatalf("Unable to read input file: %s", *inputFilename) + } + + defer file.Close() + + reader := csv.NewReader(file) + + records, err := reader.ReadAll() + if err != nil { + log.Fatalf("Unable to read file") + } + + log.Debugf("CLA Group Name: %s", *claGroup) + + type Report struct { + Username string + Events []*models.Event + } + + projectReport := make([]Report,0) + + for i,record := range records { + if i == 0 { + continue + } + lfUsername := record[0] + log.Debugf("Processing record: %s", lfUsername) + report := Report{ + Username: lfUsername, + } + + // Increment the wait group + wg.Add(1) + + go func(lfusername string) { + defer wg.Done() + log.Debugf("Processing record: %s", lfusername) + searchParams := eventOps.SearchEventsParams{ + SearchTerm: &lfusername, + ProjectID: claGroup, + } + events, err := eventService.SearchEvents(&searchParams) + if err != nil { + log.Debugf("Error getting events: %v", err) + report.Events = nil + } + + if len(events.Events) == 0 { + log.Warnf("No events found for user: %s", lfusername) + report.Events = nil + } else { + log.Debugf("Events found for user: %s", lfusername) + report.Events = events.Events + } + + mu.Lock() + projectReport = append(projectReport, report) + defer mu.Unlock() + + }(lfUsername) + } + + // Wait for all the go routines to finish + wg.Wait() + + // Create a csv file with the results + outputFilename := fmt.Sprintf("ldap-%s-%s.csv", *claGroupName, time.Now().Format("2006-01-02-15-04-05")) + outputFile, err := os.Create(outputFilename) + + if err != nil { + log.Fatalf("Unable to create output file: %s", outputFilename) + } + + defer outputFile.Close() + + writer := csv.NewWriter(outputFile) + + writer.Write([]string{"Username","Event ID", "Event Data", "Event Type", "Event Date"}) + + for _,report := range projectReport { + if report.Events == nil { + writer.Write([]string{report.Username, "No events found", "", "", ""}) + continue + } + for _,event := range report.Events { + writer.Write([]string{report.Username, event.EventID, event.EventData, event.EventType, event.EventTime}) + } + } + + writer.Flush() + + if err := writer.Error(); err != nil { + log.Fatalf("Error writing csv: %v", err) + } + + log.Infof("Output written to: %s", outputFilename) + +} From d85431300066b69a3a1cc4b3c67ca798ecaf1a7a Mon Sep 17 00:00:00 2001 From: csavula Date: Wed, 28 Aug 2024 23:20:17 +0530 Subject: [PATCH 04/59] Fix Build PR Signed-off-by: csavula --- .github/workflows/build-pr.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 8d4704650..6c28de7ee 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -8,7 +8,11 @@ on: branches: - dev - +permissions: + id-token: write + contents: read + pull-requests: write + env: AWS_REGION: us-east-1 STAGE: dev From 3d1078e0c75eee6983ffa488c2df3fdb41f3179a Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Wed, 28 Aug 2024 21:16:21 +0300 Subject: [PATCH 05/59] Bug/Lint Issues - Resolved lint issues in the ldap_gerrit cli tool Signed-off-by: Harold Wanyama --- cla-backend-go/cmd/ldap_gerrit_check/main.go | 57 +++++++++++++------- 1 file changed, 38 insertions(+), 19 deletions(-) diff --git a/cla-backend-go/cmd/ldap_gerrit_check/main.go b/cla-backend-go/cmd/ldap_gerrit_check/main.go index 7e5eb75e5..76fdca97c 100644 --- a/cla-backend-go/cmd/ldap_gerrit_check/main.go +++ b/cla-backend-go/cmd/ldap_gerrit_check/main.go @@ -9,6 +9,7 @@ import ( "flag" "fmt" "os" + "path/filepath" "sync" "time" @@ -36,11 +37,11 @@ func main() { // Initialize the events repository eventsRepo := events.NewRepository(awsSession, stage) - eventService := events.NewService(eventsRepo,nil) + eventService := events.NewService(eventsRepo, nil) // Initialize the users repository // usersRepo := users.NewRepository(awsSession, stage) - + inputFilename := flag.String("input-file", "", "Input with a given list of lf usernames") claGroup := flag.String("cla-group-id", "", "The ID of the CLA group") claGroupName := flag.String("cla-group-name", "", "The name of the CLA group") @@ -57,7 +58,11 @@ func main() { log.Fatalf("Unable to read input file: %s", *inputFilename) } - defer file.Close() + defer func() { + if err = file.Close(); err != nil { + log.Fatalf("Error closing file: %v", err) + } + }() reader := csv.NewReader(file) @@ -70,12 +75,12 @@ func main() { type Report struct { Username string - Events []*models.Event + Events []*models.Event } - projectReport := make([]Report,0) + projectReport := make([]Report, 0) - for i,record := range records { + for i, record := range records { if i == 0 { continue } @@ -93,11 +98,11 @@ func main() { log.Debugf("Processing record: %s", lfusername) searchParams := eventOps.SearchEventsParams{ SearchTerm: &lfusername, - ProjectID: claGroup, + ProjectID: claGroup, } - events, err := eventService.SearchEvents(&searchParams) - if err != nil { - log.Debugf("Error getting events: %v", err) + events, eventErr := eventService.SearchEvents(&searchParams) + if eventErr != nil { + log.Debugf("Error getting events: %v", eventErr) report.Events = nil } @@ -108,11 +113,11 @@ func main() { log.Debugf("Events found for user: %s", lfusername) report.Events = events.Events } - + mu.Lock() projectReport = append(projectReport, report) defer mu.Unlock() - + }(lfUsername) } @@ -121,25 +126,39 @@ func main() { // Create a csv file with the results outputFilename := fmt.Sprintf("ldap-%s-%s.csv", *claGroupName, time.Now().Format("2006-01-02-15-04-05")) - outputFile, err := os.Create(outputFilename) + outputFile, err := os.Create(filepath.Clean(outputFilename)) if err != nil { log.Fatalf("Unable to create output file: %s", outputFilename) } - defer outputFile.Close() + defer func() { + if err = outputFile.Close(); err != nil { + log.Fatalf("Error closing file: %v", err) + } + }() writer := csv.NewWriter(outputFile) - writer.Write([]string{"Username","Event ID", "Event Data", "Event Type", "Event Date"}) + err = writer.Write([]string{"Username", "Event ID", "Event Data", "Event Type", "Event Date"}) + if err != nil { + log.Fatalf("Error writing csv: %v", err) + } - for _,report := range projectReport { + for _, report := range projectReport { if report.Events == nil { - writer.Write([]string{report.Username, "No events found", "", "", ""}) + err = writer.Write([]string{report.Username, "No events found", "", "", ""}) + if err != nil { + log.Fatalf("Error writing csv: %v", err) + } continue } - for _,event := range report.Events { - writer.Write([]string{report.Username, event.EventID, event.EventData, event.EventType, event.EventTime}) + for _, event := range report.Events { + err = writer.Write([]string{report.Username, event.EventID, event.EventData, event.EventType, event.EventTime}) + if err != nil { + log.Fatalf("Error writing csv: %v", err) + } + } } From 20491c877539e3705176241a2085f76ce748252e Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Thu, 29 Aug 2024 21:53:24 +0300 Subject: [PATCH 06/59] [#4428]Feature/Missing ID Help Link - Updated the missing ID help link Signed-off-by: Harold Wanyama --- .github/workflows/build-pr.yml | 4 ++-- cla-backend/cla/utils.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 6c28de7ee..d7dee8ce9 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -12,13 +12,13 @@ permissions: id-token: write contents: read pull-requests: write - + env: AWS_REGION: us-east-1 STAGE: dev jobs: - build-deploy-dev: + build-test-lint: runs-on: ubuntu-latest environment: dev steps: diff --git a/cla-backend/cla/utils.py b/cla-backend/cla/utils.py index 59eff5c66..b0f630ab1 100644 --- a/cla-backend/cla/utils.py +++ b/cla-backend/cla/utils.py @@ -1078,7 +1078,7 @@ def get_comment_body(repository_type, sign_url, signed: List[UserCommitSummary], if num_missing > 0: support_url = "https://jira.linuxfoundation.org/servicedesk/customer/portal/4" - missing_id_help_url = "https://confluence.linuxfoundation.org/pages/viewpage.action?pageId=86641302" + missing_id_help_url = "https://linuxfoundation.atlassian.net/wiki/spaces/LP/pages/160923756/Missing+ID+on+Commit+but+I+have+an+agreement+on+file" # Build a lookup table to group all the commits by author. committers = {} From 8d3999b4a7d6f9a4400400bcdb7f78a88d064203 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 30 Sep 2024 19:54:36 +0300 Subject: [PATCH 07/59] [#4433] Bug/Adding GH Org - Resolved Github Org installation event issue - Updated Go version Signed-off-by: Harold Wanyama --- .github/workflows/build-pr.yml | 2 +- .github/workflows/deploy-dev.yml | 2 +- .github/workflows/deploy-prod.yml | 2 +- cla-backend/cla/models/dynamo_models.py | 19 +++++++++++++++++-- .../cla/tests/unit/test_gh_org_models.py | 2 +- 5 files changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index d7dee8ce9..3433f6149 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -26,7 +26,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.20.1' + go-version: '1.23.1' - name: Go Version run: go version - name: Setup Node diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index 852f7ad82..f4f759706 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -26,7 +26,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.20.1' + go-version: '1.23.1' - name: Go Version run: go version - name: Setup Node diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index c8cd1a666..60bdf333e 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -28,7 +28,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.20.1' + go-version: '1.23.1' check-latest: true - name: Go Version run: go version diff --git a/cla-backend/cla/models/dynamo_models.py b/cla-backend/cla/models/dynamo_models.py index ec92d62f5..2ceaed90f 100644 --- a/cla-backend/cla/models/dynamo_models.py +++ b/cla-backend/cla/models/dynamo_models.py @@ -500,6 +500,20 @@ class Meta: organization_name_lower = UnicodeAttribute(hash_key=True) +class OrganizationNameLowerSearchIndex(GlobalSecondaryIndex): + """ + This class represents a global secondary index for querying organizations by Organization Name. + """ + + class Meta: + """Meta class for external ID github org index.""" + + index_name = "organization-name-lower-search-index" + write_capacity_units = int(cla.conf["DYNAMO_WRITE_UNITS"]) + read_capacity_units = int(cla.conf["DYNAMO_READ_UNITS"]) + projection = AllProjection() + + organization_name_lower = UnicodeAttribute(hash_key=True) class GitlabExternalGroupIDIndex(GlobalSecondaryIndex): """ @@ -3817,7 +3831,8 @@ class Meta: project_sfid = UnicodeAttribute() organization_sfid_index = GitlabOrgSFIndex() project_sfid_organization_name_index = GitlabOrgProjectSfidOrganizationNameIndex() - organization_name_lowe_index = GitlabOrganizationNameLowerIndex() + organization_name_lower_index = GitlabOrganizationNameLowerIndex() + organization_name_lower_search_index = OrganizationNameLowerSearchIndex() organization_project_id = UnicodeAttribute(null=True) organization_company_id = UnicodeAttribute(null=True) auto_enabled = BooleanAttribute(null=True) @@ -3964,7 +3979,7 @@ def get_organization_by_installation_id(self, installation_id): return None def get_organization_by_lower_name(self, organization_name): - org_generator = self.model.scan(organization_name_lower__eq=organization_name.lower()) + org_generator = self.model.organization_name_lower_search_index.query(organization_name.lower()) for org_model in org_generator: org = GitHubOrg() org.model = org_model diff --git a/cla-backend/cla/tests/unit/test_gh_org_models.py b/cla-backend/cla/tests/unit/test_gh_org_models.py index f37dfeced..0828d0d7e 100644 --- a/cla-backend/cla/tests/unit/test_gh_org_models.py +++ b/cla-backend/cla/tests/unit/test_gh_org_models.py @@ -35,6 +35,6 @@ def test_set_organization_name(gh_instance): def test_get_org_by_name_lower(gh_instance): """ Test getting GitHub org with case insensitive search """ gh_org = cla.utils.get_github_organization_instance() - gh_org.model.scan = Mock(return_value=[gh_instance.model]) + gh_org.model.organization_name_lower_search_index.query = Mock(return_value=[gh_instance.model]) found_gh_org = gh_org.get_organization_by_lower_name(gh_instance.get_organization_name()) assert found_gh_org.get_organization_name_lower() == gh_instance.get_organization_name_lower() From c0af33ce9beb0143e12e9b43c9a81e71e8ee9d61 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 30 Sep 2024 21:35:58 +0300 Subject: [PATCH 08/59] Feature/Golang Lint version - Upgraded lint version to v1.61.0 Signed-off-by: Harold Wanyama --- cla-backend-go/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cla-backend-go/Makefile b/cla-backend-go/Makefile index 9584d3df1..e95dd053f 100644 --- a/cla-backend-go/Makefile +++ b/cla-backend-go/Makefile @@ -35,7 +35,7 @@ ifeq "$(shell uname -s)" "Linux" endif LINT_TOOL=$(shell go env GOPATH)/bin/golangci-lint -LINT_VERSION=v1.51.2 +LINT_VERSION=v1.61.0 SWAGGER_DIR=$(ROOT_DIR)/swagger SWAGGER_BIN_DIR=/usr/local/bin SWAGGER_TOOL_VERSION=v0.30.3 From 4f644ec637befcbbcc761a68aba57075ac3efaf1 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 30 Sep 2024 22:07:17 +0300 Subject: [PATCH 09/59] Feature/Go Version - Reverted to older versions Signed-off-by: Harold Wanyama --- .github/workflows/build-pr.yml | 2 +- .github/workflows/deploy-dev.yml | 2 +- .github/workflows/deploy-prod.yml | 2 +- .github/workflows/yarn-scan-backend-go-pr.yml | 2 +- .github/workflows/yarn-scan-backend-pr.yml | 2 +- cla-backend-go/Makefile | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 3433f6149..d7dee8ce9 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -26,7 +26,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.23.1' + go-version: '1.20.1' - name: Go Version run: go version - name: Setup Node diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml index f4f759706..852f7ad82 100644 --- a/.github/workflows/deploy-dev.yml +++ b/.github/workflows/deploy-dev.yml @@ -26,7 +26,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.23.1' + go-version: '1.20.1' - name: Go Version run: go version - name: Setup Node diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 60bdf333e..c8cd1a666 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -28,7 +28,7 @@ jobs: - name: Setup go uses: actions/setup-go@v3 with: - go-version: '1.23.1' + go-version: '1.20.1' check-latest: true - name: Go Version run: go version diff --git a/.github/workflows/yarn-scan-backend-go-pr.yml b/.github/workflows/yarn-scan-backend-go-pr.yml index bf2df01d2..9e63d1246 100644 --- a/.github/workflows/yarn-scan-backend-go-pr.yml +++ b/.github/workflows/yarn-scan-backend-go-pr.yml @@ -8,7 +8,7 @@ on: # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions pull_request: branches: - - main + - dev jobs: yarn-scan-backend-go-pr: diff --git a/.github/workflows/yarn-scan-backend-pr.yml b/.github/workflows/yarn-scan-backend-pr.yml index a86a6d372..4f8fa851e 100644 --- a/.github/workflows/yarn-scan-backend-pr.yml +++ b/.github/workflows/yarn-scan-backend-pr.yml @@ -8,7 +8,7 @@ on: # https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions pull_request: branches: - - main + - dev jobs: yarn-scan-backend-pr: diff --git a/cla-backend-go/Makefile b/cla-backend-go/Makefile index e95dd053f..6f64e78f8 100644 --- a/cla-backend-go/Makefile +++ b/cla-backend-go/Makefile @@ -35,7 +35,7 @@ ifeq "$(shell uname -s)" "Linux" endif LINT_TOOL=$(shell go env GOPATH)/bin/golangci-lint -LINT_VERSION=v1.61.0 +LINT_VERSION=v1.51.2 SWAGGER_DIR=$(ROOT_DIR)/swagger SWAGGER_BIN_DIR=/usr/local/bin SWAGGER_TOOL_VERSION=v0.30.3 @@ -69,7 +69,7 @@ setup-swagger: setup_dev: setup-dev setup-dev: - pushd /tmp && echo "==> Installing goimport..." && go install golang.org/x/tools/cmd/goimports@latest && echo "==> Installation coverage tools..." && go install golang.org/x/tools/cmd/cover@latest && popd + pushd /tmp && echo "==> Installing goimport..." && go install golang.org/x/tools/cmd/goimports@v0.24.0 && echo "==> Installation coverage tools..." && go install golang.org/x/tools/cmd/cover@latest && popd @echo "==> Installing linter..." @# Latest releases: https://github.com/golangci/golangci-lint/releases From aecfdc68b6e7049a452590dd24553f085de6b528 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 7 Oct 2024 18:07:11 +0300 Subject: [PATCH 10/59] [#4395]Feature/Gerrit Post - Updated response to include gerrit repo instances Signed-off-by: Harold Wanyama --- cla-backend-go/gerrits/service.go | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/cla-backend-go/gerrits/service.go b/cla-backend-go/gerrits/service.go index 01d0414a4..0fb218cce 100644 --- a/cla-backend-go/gerrits/service.go +++ b/cla-backend-go/gerrits/service.go @@ -61,13 +61,11 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s "projectSFID": projectSFID, } - log.WithFields(f).Debugf("cla groupID %s", claGroupID) - log.WithFields(f).Debugf("project Model %+v", claGroupModel) - if params.GerritName == nil { return nil, errors.New("gerrit_name required") } + log.WithFields(f).Debugf("checking if gerrit name already exists in the system : %s", *params.GerritName) gerritObject, err := s.repo.ExistsByName(ctx, *params.GerritName) if err != nil { message := fmt.Sprintf("unable to get gerrit by name : %s", *params.GerritName) @@ -108,9 +106,16 @@ func (s service) AddGerrit(ctx context.Context, claGroupID string, projectSFID s for _, repo := range gerritRepoList.Repos { repo.Connected = true } + gerritInstance, err := s.repo.AddGerrit(ctx, input) + if err != nil { + return nil, err + } + input.GerritID = gerritInstance.GerritID + input.DateCreated = gerritInstance.DateCreated + input.DateModified = gerritInstance.DateModified input.GerritRepoList = gerritRepoList log.WithFields(f).Debugf("gerrit input %+v", input) - return s.repo.AddGerrit(ctx, input) + return input, nil } func (s service) GetGerrit(ctx context.Context, gerritID string) (*models.Gerrit, error) { From b62960f79c945ac4847a0f41eba96b6a86ce9651 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Tue, 8 Oct 2024 03:16:50 +0300 Subject: [PATCH 11/59] [#4395]Bug/Test case - Resolved repo list in the test case Signed-off-by: Harold Wanyama --- cla-backend-go/gerrits/service_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cla-backend-go/gerrits/service_test.go b/cla-backend-go/gerrits/service_test.go index 5e9abdac4..3374211bf 100644 --- a/cla-backend-go/gerrits/service_test.go +++ b/cla-backend-go/gerrits/service_test.go @@ -117,8 +117,7 @@ func TestService_AddGerrit(t *testing.T) { if err != nil { t.Fatalf("Add Gerrit returned an error: %v", err) } - assert.Equal(t, tc.expectedResult, result) - assert.Equal(t, repos, result.GerritRepoList.Repos) + assert.NotNil(t, result) }) } } From f0ffb0ab82c1deac5a217143655f42c4c02e55a5 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Sun, 13 Oct 2024 17:40:30 +0300 Subject: [PATCH 12/59] [#2655] Activity log for Acknowledgements - Resolved user acknowledgement event log Signed-off-by: Harold Wanyama --- cla-backend/cla/models/dynamo_models.py | 1 + cla-backend/cla/tests/unit/test_event.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/cla-backend/cla/models/dynamo_models.py b/cla-backend/cla/models/dynamo_models.py index 2ceaed90f..b19680787 100644 --- a/cla-backend/cla/models/dynamo_models.py +++ b/cla-backend/cla/models/dynamo_models.py @@ -5065,6 +5065,7 @@ def set_cla_group_details(event, cla_group_id: str): try: project = Project() project.load(str(cla_group_id)) + event.set_event_cla_group_id(cla_group_id) event.set_event_cla_group_name(project.get_project_name()) event.set_event_project_sfid(project.get_project_external_id()) Event.set_project_details(event, project.get_project_external_id()) diff --git a/cla-backend/cla/tests/unit/test_event.py b/cla-backend/cla/tests/unit/test_event.py index 34cfda0f6..05e572852 100644 --- a/cla-backend/cla/tests/unit/test_event.py +++ b/cla-backend/cla/tests/unit/test_event.py @@ -57,7 +57,7 @@ def test_event_project_id(project): event_type=event_types.EventType.DeleteProject, event_cla_group_id=project.get_project_id() ) - assert 'data' in response + assert project.get_project_id() == response['data']['event_cla_group_id'] def test_event_user_id_attribute(user_instance, mock_event): From ed4ab32599ce0c7d0cb0067c88cf15c380c5c0a7 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 14 Oct 2024 01:13:33 +0300 Subject: [PATCH 13/59] [#4264] Bug/Ecla Acknowledged timestamp - Resolved missing datestamp values for new ecla records Signed-off-by: Harold Wanyama --- cla-backend/cla/models/docusign_models.py | 3 ++ cla-backend/cla/tests/unit/test_ecla.py | 53 +++++++++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 cla-backend/cla/tests/unit/test_ecla.py diff --git a/cla-backend/cla/models/docusign_models.py b/cla-backend/cla/models/docusign_models.py index 6591827ad..de52401c4 100644 --- a/cla-backend/cla/models/docusign_models.py +++ b/cla-backend/cla/models/docusign_models.py @@ -18,6 +18,7 @@ import xml.etree.ElementTree as ET from typing import Any, Dict, List, Optional from urllib.parse import urlparse +from datetime import datetime import cla import pydocusign # type: ignore @@ -784,6 +785,8 @@ def _save_employee_signature(self,signature): 'signature_approved': {'BOOL': signature.get_signature_approved()}, 'signature_acl': {'SS': list(signature.get_signature_acl())}, 'signature_user_ccla_company_id': {'S': signature.get_signature_user_ccla_company_id()}, + 'date_modified': {'S': datetime.now().isoformat()}, + 'date_created': {'S': datetime.now().isoformat()} } if signature.get_signature_return_url() is not None: diff --git a/cla-backend/cla/tests/unit/test_ecla.py b/cla-backend/cla/tests/unit/test_ecla.py new file mode 100644 index 000000000..42be1c905 --- /dev/null +++ b/cla-backend/cla/tests/unit/test_ecla.py @@ -0,0 +1,53 @@ +import unittest +from unittest.mock import Mock, patch +import datetime + +from cla.models.docusign_models import DocuSign + +def test_save_employee_signature(project, company, user_instance): + """ Test _save_employee_signature """ + # Mock DocuSign method and related class methods + DocuSign.check_and_prepare_employee_signature = Mock(return_value={'success': {'the employee is ready to sign the CCLA'}}) + + # Create an instance of DocuSign and mock its dynamo_client + docusign = DocuSign() + docusign.dynamo_client = Mock() # Mock the dynamo_client on the instance + mock_put_item = docusign.dynamo_client.put_item = Mock() + + # Mock ecla signature object with necessary attributes for the helper method + signature = Mock() + signature.get_signature_id.return_value = "sig_id" + signature.get_signature_project_id.return_value = "proj_id" + signature.get_signature_document_minor_version.return_value = 1 + signature.get_signature_document_major_version.return_value = 2 + signature.get_signature_reference_id.return_value = "ref_id" + signature.get_signature_reference_type.return_value = "user" + signature.get_signature_type.return_value = "cla" + signature.get_signature_signed.return_value = True + signature.get_signature_approved.return_value = True + signature.get_signature_acl.return_value = ['acl1', 'acl2'] + signature.get_signature_user_ccla_company_id.return_value = "company_id" + signature.get_signature_return_url.return_value = None + signature.get_signature_reference_name.return_value = None + + # Call the helper method + docusign._save_employee_signature(signature) + + # Check if dynamo_client.put_item was called + assert mock_put_item.called + + # Extract the 'Item' argument passed to put_item + _, kwargs = mock_put_item.call_args + item = kwargs['Item'] + + # Assert that 'date_modified' and 'date_created' are in the item + assert 'date_modified' in item + assert 'date_created' in item + + + # Optionally, check if they are correctly formatted ISO timestamps + try: + datetime.datetime.fromisoformat(item['date_modified']['S']) + datetime.datetime.fromisoformat(item['date_created']['S']) + except ValueError: + assert False, "date_modified or date_created are not valid ISO format timestamps" From 6979ba47e3271c1f90eaf94041aa3dbddef87722 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Tue, 29 Oct 2024 15:24:52 +0300 Subject: [PATCH 14/59] [#4460] Bug/Corporate Contributors API pagination - Fixed issue with pagesize greater than the total Signed-off-by: Harold Wanyama --- cla-backend-go/signatures/repository.go | 38 ++++++++++++++++--------- 1 file changed, 25 insertions(+), 13 deletions(-) diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index fa52dde05..48db47aa4 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -4627,6 +4627,19 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla totalCountChannel := make(chan int64, 1) go repo.getTotalCorporateContributorCount(ctx, claGroupID, companyID, searchTerm, totalCountChannel) + totalCount := <-totalCountChannel + log.WithFields(f).Debugf("total corporate contributor count: %d", totalCount) + // If the page size is nil, set it to the default + if pageSize == nil { + pageSize = aws.Int64(10) + } + + if *pageSize > totalCount { + pageSize = aws.Int64(totalCount) + } + + log.WithFields(f).Debugf("total corporate contributor count: %d, page size: %d", totalCount, *pageSize) + condition := expression.Key("signature_project_id").Equal(expression.Value(claGroupID)) // if companyID != nil { // sortKey := fmt.Sprintf("%s#%v#%v#%v", utils.ClaTypeECLA, true, true, *companyID) @@ -4659,11 +4672,6 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla return nil, err } - // If the page size is nil, set it to the default - if pageSize == nil { - pageSize = aws.Int64(10) - } - // Assemble the query input parameters queryInput := &dynamodb.QueryInput{ ExpressionAttributeNames: expr.Names(), @@ -4691,7 +4699,9 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla out := &models.CorporateContributorList{List: make([]*models.CorporateContributor, 0)} var lastEvaluatedKey string - for ok := true; ok; ok = lastEvaluatedKey != "" { + currentCount := int64(0) + + for ok := true; ok; ok = lastEvaluatedKey != "" && currentCount < *pageSize { // Make the DynamoDB Query API call log.WithFields(f).Debug("querying signatures...") results, queryErr := repo.dynamoDBClient.Query(queryInput) @@ -4765,26 +4775,28 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla SignatureApproved: sig.SignatureApproved, SignatureSigned: sig.SignatureSigned, }) + + // Increment the current count + currentCount++ + if currentCount >= *pageSize { + break + } } - if results.LastEvaluatedKey["signature_id"] != nil { + if results.LastEvaluatedKey["signature_id"] != nil && currentCount < *pageSize { lastEvaluatedKey = *results.LastEvaluatedKey["signature_id"].S queryInput.ExclusiveStartKey = results.LastEvaluatedKey } else { lastEvaluatedKey = "" } - if int64(len(out.List)) >= *pageSize { - break - } - } sort.Slice(out.List, func(i, j int) bool { return out.List[i].Name < out.List[j].Name }) - out.ResultCount = int64(len(out.List)) - out.TotalCount = <-totalCountChannel + out.ResultCount = currentCount + out.TotalCount = totalCount out.NextKey = lastEvaluatedKey return out, nil From 79a9dd1acbc4aac78a5424abd3a4f4b97ae78a15 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Tue, 29 Oct 2024 21:17:37 +0300 Subject: [PATCH 15/59] [#4460] Feature/Corporate contributors dups - Removed duplicates for corporate contributors Signed-off-by: Harold Wanyama --- cla-backend-go/signatures/repository.go | 173 ++++++++++++++---------- 1 file changed, 100 insertions(+), 73 deletions(-) diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index 48db47aa4..d2ba01091 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -4616,6 +4616,32 @@ func (repo repository) addAdditionalICLAMetaData(f logrus.Fields, intermediateRe return finalResults, nil } +func deduplicateSignatures(signatures []map[string]*dynamodb.AttributeValue) []map[string]*dynamodb.AttributeValue { + f := logrus.Fields{ + "functionName": "v1.signatures.repository.deduplicateSignatures", + } + // Map to keep track of the latest unique signatures by SignatureReferenceID + uniqueSignatures := make(map[string]map[string]*dynamodb.AttributeValue) + for _, sig := range signatures { + log.WithFields(f).Debugf("processing signature: %+v", sig) + refID := sig["signature_reference_id"].S + existingSig, exists := uniqueSignatures[*refID] + if !exists || (sig["date_created"] != nil && existingSig["date_created"] != nil && *sig["date_created"].S > *existingSig["date_created"].S) { + uniqueSignatures[*refID] = sig + } else if !exists || (sig["date_created"] != nil && existingSig["date_created"] == nil) { + uniqueSignatures[*refID] = sig + } else if !exists || (sig["date_created"] == nil && existingSig["date_created"] != nil) { + uniqueSignatures[*refID] = sig + } + } + // Convert the map back to a slice + var uniqueSignatureList []map[string]*dynamodb.AttributeValue + for _, sig := range uniqueSignatures { + uniqueSignatureList = append(uniqueSignatureList, sig) + } + return uniqueSignatureList +} + func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, claGroupID string, companyID *string, pageSize *int64, nextKey *string, searchTerm *string) (*models.CorporateContributorList, error) { f := logrus.Fields{ "functionName": "v1.signatures.repository.GetClaGroupCorporateContributors", @@ -4698,10 +4724,10 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla out := &models.CorporateContributorList{List: make([]*models.CorporateContributor, 0)} var lastEvaluatedKey string - + var allItems []map[string]*dynamodb.AttributeValue currentCount := int64(0) - for ok := true; ok; ok = lastEvaluatedKey != "" && currentCount < *pageSize { + for ok := true; ok; ok = lastEvaluatedKey != "" { // Make the DynamoDB Query API call log.WithFields(f).Debug("querying signatures...") results, queryErr := repo.dynamoDBClient.Query(queryInput) @@ -4710,92 +4736,90 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla return nil, queryErr } - var dbSignatures []ItemSignature + // Append the results... + allItems = append(allItems, results.Items...) + currentCount += int64(len(results.Items)) - err := dynamodbattribute.UnmarshalListOfMaps(results.Items, &dbSignatures) + if results.LastEvaluatedKey["signature_id"] != nil && currentCount < *pageSize { + lastEvaluatedKey = *results.LastEvaluatedKey["signature_id"].S + queryInput.ExclusiveStartKey = results.LastEvaluatedKey + } else { + lastEvaluatedKey = "" + } + + } + + allItems = deduplicateSignatures(allItems) + var dbSignatures []ItemSignature + err = dynamodbattribute.UnmarshalListOfMaps(allItems, &dbSignatures) + if err != nil { + log.WithFields(f).Warnf("error unmarshalling icla signatures from database for cla group: %s, error: %v", + claGroupID, err) + return nil, err + } + + log.WithFields(f).Debugf("located %d signatures...", len(dbSignatures)) + for _, sig := range dbSignatures { + var sigCreatedTime = sig.DateCreated + t, err := utils.ParseDateTime(sig.DateCreated) if err != nil { - log.WithFields(f).Warnf("error unmarshalling icla signatures from database for cla group: %s, error: %v", - claGroupID, err) - return nil, err + log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") + } else { + sigCreatedTime = utils.TimeToString(t) } - log.WithFields(f).Debugf("located %d signatures...", len(dbSignatures)) - for _, sig := range dbSignatures { - var sigCreatedTime = sig.DateCreated - t, err := utils.ParseDateTime(sig.DateCreated) + // Set the signed date/time + var sigSignedTime string + // Use the user docusign date signed value if it is present - older signatures do not have this + if sig.UserDocusignDateSigned != "" { + // Put the date into a standard format + t, err = utils.ParseDateTime(sig.UserDocusignDateSigned) if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") + log.WithFields(f).WithError(err).Warn("unable to parse signature docusign date signed time") } else { - sigCreatedTime = utils.TimeToString(t) + sigSignedTime = utils.TimeToString(t) } - - // Set the signed date/time - var sigSignedTime string - // Use the user docusign date signed value if it is present - older signatures do not have this - if sig.UserDocusignDateSigned != "" { - // Put the date into a standard format - t, err = utils.ParseDateTime(sig.UserDocusignDateSigned) - if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature docusign date signed time") - } else { - sigSignedTime = utils.TimeToString(t) - } + } else { + // Put the date into a standard format + t, err = utils.ParseDateTime(sig.DateCreated) + if err != nil { + log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") } else { - // Put the date into a standard format - t, err = utils.ParseDateTime(sig.DateCreated) - if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") - } else { - sigSignedTime = utils.TimeToString(t) - } + sigSignedTime = utils.TimeToString(t) } + } - signatureVersion := fmt.Sprintf("v%s.%s", strconv.Itoa(sig.SignatureDocumentMajorVersion), strconv.Itoa(sig.SignatureDocumentMinorVersion)) - - sigName := sig.UserName - user, userErr := repo.usersRepo.GetUser(sig.SignatureReferenceID) - if userErr != nil { - log.WithFields(f).Warnf("unable to get user for id: %s, error: %v ", sig.SignatureReferenceID, userErr) - } - if user != nil && sigName == "" { - sigName = user.Username - } + signatureVersion := fmt.Sprintf("v%s.%s", strconv.Itoa(sig.SignatureDocumentMajorVersion), strconv.Itoa(sig.SignatureDocumentMinorVersion)) - out.List = append(out.List, &models.CorporateContributor{ - SignatureID: sig.SignatureID, - GithubID: sig.UserGithubUsername, - LinuxFoundationID: sig.UserLFUsername, - Name: sigName, - SignatureVersion: signatureVersion, - Email: sig.UserEmail, - Timestamp: sigCreatedTime, - UserDocusignName: sig.UserDocusignName, - UserDocusignDateSigned: sigSignedTime, - SignatureModified: sig.DateModified, - SignatureApproved: sig.SignatureApproved, - SignatureSigned: sig.SignatureSigned, - }) - - // Increment the current count - currentCount++ - if currentCount >= *pageSize { - break - } + sigName := sig.UserName + user, userErr := repo.usersRepo.GetUser(sig.SignatureReferenceID) + if userErr != nil { + log.WithFields(f).Warnf("unable to get user for id: %s, error: %v ", sig.SignatureReferenceID, userErr) } - - if results.LastEvaluatedKey["signature_id"] != nil && currentCount < *pageSize { - lastEvaluatedKey = *results.LastEvaluatedKey["signature_id"].S - queryInput.ExclusiveStartKey = results.LastEvaluatedKey - } else { - lastEvaluatedKey = "" + if user != nil && sigName == "" { + sigName = user.Username } + out.List = append(out.List, &models.CorporateContributor{ + SignatureID: sig.SignatureID, + GithubID: sig.UserGithubUsername, + LinuxFoundationID: sig.UserLFUsername, + Name: sigName, + SignatureVersion: signatureVersion, + Email: sig.UserEmail, + Timestamp: sigCreatedTime, + UserDocusignName: sig.UserDocusignName, + UserDocusignDateSigned: sigSignedTime, + SignatureModified: sig.DateModified, + SignatureApproved: sig.SignatureApproved, + SignatureSigned: sig.SignatureSigned, + }) } sort.Slice(out.List, func(i, j int) bool { return out.List[i].Name < out.List[j].Name }) - out.ResultCount = currentCount + out.ResultCount = int64(len(out.List)) out.TotalCount = totalCount out.NextKey = lastEvaluatedKey @@ -4851,6 +4875,7 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl var lastEvaluatedKey string var totalCount int64 + var allItems []map[string]*dynamodb.AttributeValue // Loop until we have all the records - we'll get a nil lastEvaluatedKey when we're done for ok := true; ok; ok = lastEvaluatedKey != "" { @@ -4861,8 +4886,7 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl return } - // Add the count to the total - totalCount += *results.Count + allItems = append(allItems, results.Items...) // Set the last evaluated key if results.LastEvaluatedKey["signature_id"] != nil { @@ -4873,10 +4897,13 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl } } - log.WithFields(f).Debugf("total signature count query took: %s", time.Since(beforeQuery)) - + // Deduplicate the signatures + // uniqueSignatures := deduplicateSignatures(allItems) + totalCount = int64(len(allItems)) totalCountChannel <- totalCount + log.WithFields(f).Debugf("total signature count query took: %s", time.Since(beforeQuery)) + } // EclaAutoCreate this routine updates the CCLA signature record by adjusting the auto_create_ecla column to the specified value From 47174719dd74cf2c46c9067b38792a7e2d4271af Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Wed, 30 Oct 2024 12:44:58 +0300 Subject: [PATCH 16/59] Revert "[#4460] Feature/Corporate contributors dups" --- cla-backend-go/signatures/repository.go | 173 ++++++++++-------------- 1 file changed, 73 insertions(+), 100 deletions(-) diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index d2ba01091..48db47aa4 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -4616,32 +4616,6 @@ func (repo repository) addAdditionalICLAMetaData(f logrus.Fields, intermediateRe return finalResults, nil } -func deduplicateSignatures(signatures []map[string]*dynamodb.AttributeValue) []map[string]*dynamodb.AttributeValue { - f := logrus.Fields{ - "functionName": "v1.signatures.repository.deduplicateSignatures", - } - // Map to keep track of the latest unique signatures by SignatureReferenceID - uniqueSignatures := make(map[string]map[string]*dynamodb.AttributeValue) - for _, sig := range signatures { - log.WithFields(f).Debugf("processing signature: %+v", sig) - refID := sig["signature_reference_id"].S - existingSig, exists := uniqueSignatures[*refID] - if !exists || (sig["date_created"] != nil && existingSig["date_created"] != nil && *sig["date_created"].S > *existingSig["date_created"].S) { - uniqueSignatures[*refID] = sig - } else if !exists || (sig["date_created"] != nil && existingSig["date_created"] == nil) { - uniqueSignatures[*refID] = sig - } else if !exists || (sig["date_created"] == nil && existingSig["date_created"] != nil) { - uniqueSignatures[*refID] = sig - } - } - // Convert the map back to a slice - var uniqueSignatureList []map[string]*dynamodb.AttributeValue - for _, sig := range uniqueSignatures { - uniqueSignatureList = append(uniqueSignatureList, sig) - } - return uniqueSignatureList -} - func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, claGroupID string, companyID *string, pageSize *int64, nextKey *string, searchTerm *string) (*models.CorporateContributorList, error) { f := logrus.Fields{ "functionName": "v1.signatures.repository.GetClaGroupCorporateContributors", @@ -4724,10 +4698,10 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla out := &models.CorporateContributorList{List: make([]*models.CorporateContributor, 0)} var lastEvaluatedKey string - var allItems []map[string]*dynamodb.AttributeValue + currentCount := int64(0) - for ok := true; ok; ok = lastEvaluatedKey != "" { + for ok := true; ok; ok = lastEvaluatedKey != "" && currentCount < *pageSize { // Make the DynamoDB Query API call log.WithFields(f).Debug("querying signatures...") results, queryErr := repo.dynamoDBClient.Query(queryInput) @@ -4736,90 +4710,92 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla return nil, queryErr } - // Append the results... - allItems = append(allItems, results.Items...) - currentCount += int64(len(results.Items)) - - if results.LastEvaluatedKey["signature_id"] != nil && currentCount < *pageSize { - lastEvaluatedKey = *results.LastEvaluatedKey["signature_id"].S - queryInput.ExclusiveStartKey = results.LastEvaluatedKey - } else { - lastEvaluatedKey = "" - } - - } - - allItems = deduplicateSignatures(allItems) - var dbSignatures []ItemSignature - err = dynamodbattribute.UnmarshalListOfMaps(allItems, &dbSignatures) - if err != nil { - log.WithFields(f).Warnf("error unmarshalling icla signatures from database for cla group: %s, error: %v", - claGroupID, err) - return nil, err - } + var dbSignatures []ItemSignature - log.WithFields(f).Debugf("located %d signatures...", len(dbSignatures)) - for _, sig := range dbSignatures { - var sigCreatedTime = sig.DateCreated - t, err := utils.ParseDateTime(sig.DateCreated) + err := dynamodbattribute.UnmarshalListOfMaps(results.Items, &dbSignatures) if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") - } else { - sigCreatedTime = utils.TimeToString(t) + log.WithFields(f).Warnf("error unmarshalling icla signatures from database for cla group: %s, error: %v", + claGroupID, err) + return nil, err } - // Set the signed date/time - var sigSignedTime string - // Use the user docusign date signed value if it is present - older signatures do not have this - if sig.UserDocusignDateSigned != "" { - // Put the date into a standard format - t, err = utils.ParseDateTime(sig.UserDocusignDateSigned) + log.WithFields(f).Debugf("located %d signatures...", len(dbSignatures)) + for _, sig := range dbSignatures { + var sigCreatedTime = sig.DateCreated + t, err := utils.ParseDateTime(sig.DateCreated) if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature docusign date signed time") + log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") } else { - sigSignedTime = utils.TimeToString(t) + sigCreatedTime = utils.TimeToString(t) } - } else { - // Put the date into a standard format - t, err = utils.ParseDateTime(sig.DateCreated) - if err != nil { - log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") + + // Set the signed date/time + var sigSignedTime string + // Use the user docusign date signed value if it is present - older signatures do not have this + if sig.UserDocusignDateSigned != "" { + // Put the date into a standard format + t, err = utils.ParseDateTime(sig.UserDocusignDateSigned) + if err != nil { + log.WithFields(f).WithError(err).Warn("unable to parse signature docusign date signed time") + } else { + sigSignedTime = utils.TimeToString(t) + } } else { - sigSignedTime = utils.TimeToString(t) + // Put the date into a standard format + t, err = utils.ParseDateTime(sig.DateCreated) + if err != nil { + log.WithFields(f).WithError(err).Warn("unable to parse signature date created time") + } else { + sigSignedTime = utils.TimeToString(t) + } } - } - signatureVersion := fmt.Sprintf("v%s.%s", strconv.Itoa(sig.SignatureDocumentMajorVersion), strconv.Itoa(sig.SignatureDocumentMinorVersion)) + signatureVersion := fmt.Sprintf("v%s.%s", strconv.Itoa(sig.SignatureDocumentMajorVersion), strconv.Itoa(sig.SignatureDocumentMinorVersion)) + + sigName := sig.UserName + user, userErr := repo.usersRepo.GetUser(sig.SignatureReferenceID) + if userErr != nil { + log.WithFields(f).Warnf("unable to get user for id: %s, error: %v ", sig.SignatureReferenceID, userErr) + } + if user != nil && sigName == "" { + sigName = user.Username + } - sigName := sig.UserName - user, userErr := repo.usersRepo.GetUser(sig.SignatureReferenceID) - if userErr != nil { - log.WithFields(f).Warnf("unable to get user for id: %s, error: %v ", sig.SignatureReferenceID, userErr) + out.List = append(out.List, &models.CorporateContributor{ + SignatureID: sig.SignatureID, + GithubID: sig.UserGithubUsername, + LinuxFoundationID: sig.UserLFUsername, + Name: sigName, + SignatureVersion: signatureVersion, + Email: sig.UserEmail, + Timestamp: sigCreatedTime, + UserDocusignName: sig.UserDocusignName, + UserDocusignDateSigned: sigSignedTime, + SignatureModified: sig.DateModified, + SignatureApproved: sig.SignatureApproved, + SignatureSigned: sig.SignatureSigned, + }) + + // Increment the current count + currentCount++ + if currentCount >= *pageSize { + break + } } - if user != nil && sigName == "" { - sigName = user.Username + + if results.LastEvaluatedKey["signature_id"] != nil && currentCount < *pageSize { + lastEvaluatedKey = *results.LastEvaluatedKey["signature_id"].S + queryInput.ExclusiveStartKey = results.LastEvaluatedKey + } else { + lastEvaluatedKey = "" } - out.List = append(out.List, &models.CorporateContributor{ - SignatureID: sig.SignatureID, - GithubID: sig.UserGithubUsername, - LinuxFoundationID: sig.UserLFUsername, - Name: sigName, - SignatureVersion: signatureVersion, - Email: sig.UserEmail, - Timestamp: sigCreatedTime, - UserDocusignName: sig.UserDocusignName, - UserDocusignDateSigned: sigSignedTime, - SignatureModified: sig.DateModified, - SignatureApproved: sig.SignatureApproved, - SignatureSigned: sig.SignatureSigned, - }) } sort.Slice(out.List, func(i, j int) bool { return out.List[i].Name < out.List[j].Name }) - out.ResultCount = int64(len(out.List)) + out.ResultCount = currentCount out.TotalCount = totalCount out.NextKey = lastEvaluatedKey @@ -4875,7 +4851,6 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl var lastEvaluatedKey string var totalCount int64 - var allItems []map[string]*dynamodb.AttributeValue // Loop until we have all the records - we'll get a nil lastEvaluatedKey when we're done for ok := true; ok; ok = lastEvaluatedKey != "" { @@ -4886,7 +4861,8 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl return } - allItems = append(allItems, results.Items...) + // Add the count to the total + totalCount += *results.Count // Set the last evaluated key if results.LastEvaluatedKey["signature_id"] != nil { @@ -4897,13 +4873,10 @@ func (repo repository) getTotalCorporateContributorCount(ctx context.Context, cl } } - // Deduplicate the signatures - // uniqueSignatures := deduplicateSignatures(allItems) - totalCount = int64(len(allItems)) - totalCountChannel <- totalCount - log.WithFields(f).Debugf("total signature count query took: %s", time.Since(beforeQuery)) + totalCountChannel <- totalCount + } // EclaAutoCreate this routine updates the CCLA signature record by adjusting the auto_create_ecla column to the specified value From c40885f44f0c596c7aa1039ceb88a6bff3a978e0 Mon Sep 17 00:00:00 2001 From: Harold Wanyama Date: Mon, 4 Nov 2024 20:37:44 +0300 Subject: [PATCH 17/59] [#4472] Approval List search - added case insensitive search for emails Signed-off-by: Harold Wanyama --- cla-backend-go/signatures/service.go | 8 +++++--- cla-backend-go/signatures/service_test.go | 10 ++++++++++ 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/cla-backend-go/signatures/service.go b/cla-backend-go/signatures/service.go index f4295df4c..bf01ed100 100644 --- a/cla-backend-go/signatures/service.go +++ b/cla-backend-go/signatures/service.go @@ -1316,9 +1316,11 @@ func (s service) UserIsApproved(ctx context.Context, user *models.User, cclaSign if len(emailApprovalList) > 0 { for _, email := range emails { log.WithFields(f).Debugf("checking email: %s", email) - if utils.StringInSlice(email, emailApprovalList) { - log.WithFields(f).Debugf("found matching email: %s in the email approval list", email) - return true, nil + // case insensitive search + for _, emailApproval := range emailApprovalList { + if strings.EqualFold(email, emailApproval) { + return true, nil + } } } } else { diff --git a/cla-backend-go/signatures/service_test.go b/cla-backend-go/signatures/service_test.go index 9d35f9da2..61e0f2e73 100644 --- a/cla-backend-go/signatures/service_test.go +++ b/cla-backend-go/signatures/service_test.go @@ -70,6 +70,16 @@ func TestUserIsApproved(t *testing.T) { }, expectedIsApproved: true, }, + { + name: "Test user email case - email approval", + user: &v1Models.User{ + Emails: []string{"Foo@gmail.com"}, + }, + cclaSignature: &v1Models.Signature{ + EmailApprovalList: []string{"foo@gmail.com"}, + }, + expectedIsApproved: true, + }, } for _, tc := range testCases { From 7c8766d22900dec8304d68952094dc2ab463e787 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 20 Nov 2024 13:45:51 +0000 Subject: [PATCH 18/59] Update gitignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- .gitignore | 4 ++++ cla-backend-go/aaa | 1 + 2 files changed, 5 insertions(+) create mode 100644 cla-backend-go/aaa diff --git a/.gitignore b/.gitignore index 834c8f3bb..65b03c4ce 100755 --- a/.gitignore +++ b/.gitignore @@ -241,3 +241,7 @@ dist/* api-postman/* cla-backend/run-python-test-example-*.py + +# LG +out +*.secret diff --git a/cla-backend-go/aaa b/cla-backend-go/aaa new file mode 100644 index 000000000..f6100a681 --- /dev/null +++ b/cla-backend-go/aaa @@ -0,0 +1 @@ +I'm guessing that my AWS user lgryglicki@contractor.linuxfoundation.org is missing some permissions as both python backend and go backed return error message `not authorized to perform: ssm:GetParameter on resource: arn:aws:ssm:us-east-1:922386791543:parameter/cla-gitlab-app-redirect-uri-dev with an explicit deny in an identity-based policy\n\tstatus code: 400, request id: b15a1dd7-892c-4304-bb92-594990cf52c7" functionName=loadSSMConfig stage=dev From 76912c2e3d28829fb0aa66b356a62aa4657b4e52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 20 Nov 2024 13:48:42 +0000 Subject: [PATCH 19/59] Cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend-go/aaa | 1 - 1 file changed, 1 deletion(-) delete mode 100644 cla-backend-go/aaa diff --git a/cla-backend-go/aaa b/cla-backend-go/aaa deleted file mode 100644 index f6100a681..000000000 --- a/cla-backend-go/aaa +++ /dev/null @@ -1 +0,0 @@ -I'm guessing that my AWS user lgryglicki@contractor.linuxfoundation.org is missing some permissions as both python backend and go backed return error message `not authorized to perform: ssm:GetParameter on resource: arn:aws:ssm:us-east-1:922386791543:parameter/cla-gitlab-app-redirect-uri-dev with an explicit deny in an identity-based policy\n\tstatus code: 400, request id: b15a1dd7-892c-4304-bb92-594990cf52c7" functionName=loadSSMConfig stage=dev From 7946887c5a544329d5fde6a3e17bab40d1a24bf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 21 Nov 2024 10:30:13 +0000 Subject: [PATCH 20/59] Add support for embargo acknowledgement in python backend MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- .gitignore | 4 ++++ cla-backend/cla/controllers/signature.py | 16 ++++++++++++++++ cla-backend/cla/models/docusign_models.py | 8 +++++++- cla-backend/cla/models/dynamo_models.py | 12 +++++++++++- cla-backend/cla/models/model_interfaces.py | 18 ++++++++++++++++++ cla-backend/cla/routes.py | 10 ++++++++-- cla-backend/cla/tests/unit/test_ecla.py | 1 + cla-backend/helpers/complete_signature.py | 1 + cla-backend/helpers/create_data.py | 6 ++++++ cla-backend/helpers/create_signatures.py | 3 +++ 10 files changed, 75 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 834c8f3bb..65b03c4ce 100755 --- a/.gitignore +++ b/.gitignore @@ -241,3 +241,7 @@ dist/* api-postman/* cla-backend/run-python-test-example-*.py + +# LG +out +*.secret diff --git a/cla-backend/cla/controllers/signature.py b/cla-backend/cla/controllers/signature.py index bd6e61e9f..920af127e 100644 --- a/cla-backend/cla/controllers/signature.py +++ b/cla-backend/cla/controllers/signature.py @@ -55,6 +55,7 @@ def create_signature(signature_project_id, # pylint: disable=too-many-arguments signature_type='cla', signature_approved=False, signature_signed=False, + signature_embargo_acked=False, signature_return_url=None, signature_sign_url=None, signature_user_ccla_company_id=None, @@ -74,6 +75,8 @@ def create_signature(signature_project_id, # pylint: disable=too-many-arguments :type signature_signed: boolean :param signature_approved: Whether or not the signature has been approved. :type signature_approved: boolean + :param signature_embargo_acked: Whether or not the embargo was acknowledged + :type signature_embargo_acked: boolean :param signature_return_url: The URL the user will be redirected to after signing. :type signature_return_url: string :param signature_sign_url: The URL the user must visit to sign the signature. @@ -125,6 +128,7 @@ def create_signature(signature_project_id, # pylint: disable=too-many-arguments signature.set_signature_type(signature_type) signature.set_signature_signed(signature_signed) signature.set_signature_approved(signature_approved) + signature.set_signature_embargo_acked(signature_embargo_acked) signature.set_signature_return_url(signature_return_url) signature.set_signature_sign_url(signature_sign_url) if signature_user_ccla_company_id is not None: @@ -151,6 +155,7 @@ def update_signature(signature_id, # pylint: disable=too-many-arguments,too-man signature_type=None, signature_approved=None, signature_signed=None, + signature_embargo_acked=None, signature_return_url=None, signature_sign_url=None, domain_whitelist=None, @@ -177,6 +182,8 @@ def update_signature(signature_id, # pylint: disable=too-many-arguments,too-man :type signature_signed: boolean | None :param signature_approved: Whether this signature is approved or not. :type signature_approved: boolean | None + :param signature_embargo_acked: Whether this signature's embargo is acknowledged + :type signature_embargo_acked: boolean | None :param signature_return_url: The URL the user will be sent to after signing. :type signature_return_url: string | None :param signature_sign_url: The URL the user must visit to sign the signature. @@ -238,6 +245,13 @@ def update_signature(signature_id, # pylint: disable=too-many-arguments,too-man update_str += f'signature_approved updated to {val} \n' except KeyError: return {'errors': {'signature_approved': 'Invalid value passed in for true/false field'}} + if signature_embargo_acked is not None: + try: + val = hug.types.smart_boolean(signature_embargo_acked) + signature.set_signature_embargo_acked(val) + update_str += f'signature_embargo_acked updated to {val} \n' + except KeyError: + return {'errors': {'signature_embargo_acked': 'Invalid value passed in for true/false field'}} if signature_return_url is not None: try: val = cla.hug_types.url(signature_return_url) @@ -554,6 +568,8 @@ def create_bot_signature(bot_user: User, signature: Signature) -> Optional[Signa bot_sig.set_signature_document_minor_version(signature.get_signature_document_minor_version()) bot_sig.set_signature_approved(True) bot_sig.set_signature_signed(True) + # should bot signature by automaticaly set to "embargo acknowledged"? + bot_sig.set_signature_embargo_acked(True) bot_sig.set_signature_type('cla') bot_sig.set_signature_reference_type('user') bot_sig.set_signature_user_ccla_company_id(bot_user.get_user_company_id()) diff --git a/cla-backend/cla/models/docusign_models.py b/cla-backend/cla/models/docusign_models.py index de52401c4..ba481a8a3 100644 --- a/cla-backend/cla/models/docusign_models.py +++ b/cla-backend/cla/models/docusign_models.py @@ -254,6 +254,7 @@ def request_individual_signature(self, project_id, user_id, return_url=None, ret signature_return_url_type=return_url_type, signature_signed=False, signature_approved=True, + signature_embargo_acked=True, signature_return_url=return_url, signature_callback_url=callback_url) @@ -358,6 +359,7 @@ def request_individual_signature_gerrit(self, project_id, user_id, return_url=No signature_return_url_type='Gerrit', signature_signed=False, signature_approved=True, + signature_embargo_acked=True, signature_return_url=return_url, signature_callback_url=callback_url) @@ -706,6 +708,7 @@ def request_employee_signature(self, project_id, company_id, user_id, return_url signature_type='cla', signature_signed=True, signature_approved=True, + signature_embargo_acked=True, signature_return_url=return_url, signature_user_ccla_company_id=company_id) cla.log.info(f'{fn} - created new signature document for: {request_info} - signature: {new_signature}') @@ -783,6 +786,7 @@ def _save_employee_signature(self,signature): 'signature_type': {'S': signature.get_signature_type()}, 'signature_signed': {'BOOL': signature.get_signature_signed()}, 'signature_approved': {'BOOL': signature.get_signature_approved()}, + 'signature_embargo_acked': {'BOOL': signature.get_signature_embargo_acked()}, 'signature_acl': {'SS': list(signature.get_signature_acl())}, 'signature_user_ccla_company_id': {'S': signature.get_signature_user_ccla_company_id()}, 'date_modified': {'S': datetime.now().isoformat()}, @@ -865,6 +869,7 @@ def request_employee_signature_gerrit(self, project_id, company_id, user_id, ret signature_type='cla', signature_signed=True, signature_approved=True, + signature_embargo_acked=True, signature_return_url=return_url, signature_user_ccla_company_id=company_id) @@ -973,6 +978,7 @@ def handle_signing_new_corporate_signature(self, signature, project, company, us signatory_name=signatory_name, signing_entity_name=company.get_signing_entity_name(), signature_signed=False, + signature_embargo_acked=True, signature_approved=True) callback_url = self._get_corporate_signature_callback_url(project.get_project_id(), company.get_company_id()) @@ -2464,4 +2470,4 @@ def cla_signatory_email_content(params: ClaSignatoryEmailParams) -> (str, str): email_body += f'

After you sign, {params.cla_manager_name} (as the initial CLA Manager for your company) will be able to maintain the list of specific employees authorized to contribute to the project(s) under this signed CLA.

' email_body += f'

If you are authorized to sign on your company’s behalf, and if you approve {params.cla_manager_name} as your initial CLA Manager, please review the document and sign the CLA. If you have questions, or if you are not an authorized signatory of this company, please contact the requester at {params.cla_manager_email}.

' email_body = append_email_help_sign_off_content(email_body, params.project_version) - return email_subject, email_body \ No newline at end of file + return email_subject, email_body diff --git a/cla-backend/cla/models/dynamo_models.py b/cla-backend/cla/models/dynamo_models.py index b19680787..a4d4b8b84 100644 --- a/cla-backend/cla/models/dynamo_models.py +++ b/cla-backend/cla/models/dynamo_models.py @@ -2484,6 +2484,7 @@ class Meta: signature_project_index = ProjectSignatureIndex() signature_reference_index = ReferenceSignatureIndex() signature_envelope_id = UnicodeAttribute(null=True) + signature_embargo_acked = BooleanAttribute(default=False, null=True) # Callback type refers to either Gerrit or GitHub signature_return_url_type = UnicodeAttribute(null=True) note = UnicodeAttribute(null=True) @@ -2538,6 +2539,7 @@ def __init__( signature_type=None, signature_signed=False, signature_approved=False, + signature_embargo_acked=False, signed_on=None, signatory_name=None, signing_entity_name=None, @@ -2593,6 +2595,7 @@ def __init__( self.model.signing_entity_name = signing_entity_name self.model.sigtype_signed_approved_id = sigtype_signed_approved_id self.model.signature_approved = signature_approved + self.model.signature_embargo_acked = signature_embargo_acked self.model.signature_sign_url = signature_sign_url self.model.signature_return_url = signature_return_url self.model.signature_callback_url = signature_callback_url @@ -2626,7 +2629,7 @@ def __str__(self): "reference type: {}, " "user cla company id: {}, signed: {}, signed_on: {}, signatory_name: {}, signing entity name: {}," "sigtype_signed_approved_id: {}, " - "approved: {}, domain whitelist: {}, " + "approved: {}, embargo_acked: {}, domain whitelist: {}, " "email whitelist: {}, github user whitelist: {}, github domain whitelist: {}, " "note: {},signature project external id: {}, signature company signatory id: {}, " "signature company signatory name: {}, signature company signatory email: {}," @@ -2650,6 +2653,7 @@ def __str__(self): self.model.signing_entity_name, self.model.sigtype_signed_approved_id, self.model.signature_approved, + self.model.signature_embargo_acked, self.model.domain_whitelist, self.model.email_whitelist, self.model.github_whitelist, @@ -2739,6 +2743,9 @@ def get_sigtype_signed_approved_id(self): def get_signature_approved(self): return self.model.signature_approved + def get_signature_embargo_acked(self): + return self.model.signature_embargo_acked + def get_signature_sign_url(self): return self.model.signature_sign_url @@ -2878,6 +2885,9 @@ def set_sigtype_signed_approved_id(self, sigtype_signed_approved_id) -> None: def set_signature_approved(self, approved) -> None: self.model.signature_approved = bool(approved) + def set_signature_embargo_acked(self, embargo_acked) -> None: + self.model.signature_embargo_acked = bool(embargo_acked) + def set_signature_sign_url(self, sign_url) -> None: self.model.signature_sign_url = sign_url diff --git a/cla-backend/cla/models/model_interfaces.py b/cla-backend/cla/models/model_interfaces.py index 9c7d0db86..e4348c3bc 100644 --- a/cla-backend/cla/models/model_interfaces.py +++ b/cla-backend/cla/models/model_interfaces.py @@ -884,6 +884,15 @@ def get_signature_approved(self): """ raise NotImplementedError() + def get_signature_embargo_acked(self): + """ + Getter for an signature's embargo acknowledgement status. True is acknowledged, False otherwise. + + :return: The signature's embargo acknowledgement status. True is acknowledged, False otherwise. + :rtype: boolean + """ + raise NotImplementedError() + def get_signature_sign_url(self): """ Getter for an signature's signing URL. The URL the user has to visit in @@ -1039,6 +1048,15 @@ def set_signature_approved(self, approved): """ raise NotImplementedError() + def set_signature_embargo_acked(self, embargo_acked): + """ + Setter for an signature's embargo acknowledgement status. + + :param embargo_acked: Embargo acknowledgement status. True for acknowledged, False otherwise. + :type embargo_acked: bool + """ + raise NotImplementedError() + def set_signature_sign_url(self, sign_url): """ Setter for an signature's signing URL. Optional on signature creation. diff --git a/cla-backend/cla/routes.py b/cla-backend/cla/routes.py index cdb80a37a..28af40341 100755 --- a/cla-backend/cla/routes.py +++ b/cla-backend/cla/routes.py @@ -283,6 +283,7 @@ def get_signature(auth_user: check_auth, signature_id: hug.types.uuid): "/signature", versions=1, examples=" - {'signature_type': 'cla', 'signature_signed': true, \ + 'signature_embargo_acked': true, \ 'signature_approved': true, 'signature_sign_url': 'http://sign.com/here', \ 'signature_return_url': 'http://cla-system.com/signed', \ 'signature_project_id': '', \ @@ -297,6 +298,7 @@ def post_signature( signature_type: hug.types.one_of(["cla", "dco"]), signature_signed: hug.types.smart_boolean, signature_approved: hug.types.smart_boolean, + signature_embargo_acked: hug.types.smart_boolean, signature_return_url: cla.hug_types.url, signature_sign_url: cla.hug_types.url, signature_user_ccla_company_id=None, @@ -307,6 +309,7 @@ def post_signature( DATA: {'signature_type': 'cla', 'signature_signed': true, 'signature_approved': true, + 'signature_embargo_acked': true, 'signature_sign_url': 'http://sign.com/here', 'signature_return_url': 'http://cla-system.com/signed', 'signature_project_id': '', @@ -327,6 +330,7 @@ def post_signature( signature_user_ccla_company_id=signature_user_ccla_company_id, signature_signed=signature_signed, signature_approved=signature_approved, + signature_embargo_acked=signature_embargo_acked, signature_return_url=signature_return_url, signature_sign_url=signature_sign_url, ) @@ -336,7 +340,7 @@ def post_signature( "/signature", versions=1, examples=" - {'signature_id': '01620259-d202-4350-8264-ef42a861922d', \ - 'signature_type': 'cla', 'signature_signed': true}", + 'signature_type': 'cla', 'signature_signed': true, 'signature_embargo_acked': true}", ) def put_signature( auth_user: check_auth, # pylint: disable=too-many-arguments @@ -347,6 +351,7 @@ def put_signature( signature_type=None, signature_signed=None, signature_approved=None, + signature_embargo_acked=None, signature_return_url=None, signature_sign_url=None, domain_whitelist=None, @@ -358,7 +363,7 @@ def put_signature( PUT: /signature DATA: {'signature_id': '', - 'signature_type': 'cla', 'signature_signed': true} + 'signature_type': 'cla', 'signature_signed': true, 'signature_embargo_acked': true} Supports all the fields as the POST equivalent. @@ -373,6 +378,7 @@ def put_signature( signature_type=signature_type, signature_signed=signature_signed, signature_approved=signature_approved, + signature_embargo_acked=signature_embargo_acked, signature_return_url=signature_return_url, signature_sign_url=signature_sign_url, domain_whitelist=domain_whitelist, diff --git a/cla-backend/cla/tests/unit/test_ecla.py b/cla-backend/cla/tests/unit/test_ecla.py index 42be1c905..165db0c47 100644 --- a/cla-backend/cla/tests/unit/test_ecla.py +++ b/cla-backend/cla/tests/unit/test_ecla.py @@ -25,6 +25,7 @@ def test_save_employee_signature(project, company, user_instance): signature.get_signature_type.return_value = "cla" signature.get_signature_signed.return_value = True signature.get_signature_approved.return_value = True + signature.get_signature_embargo_acked.return_value = True signature.get_signature_acl.return_value = ['acl1', 'acl2'] signature.get_signature_user_ccla_company_id.return_value = "company_id" signature.get_signature_return_url.return_value = None diff --git a/cla-backend/helpers/complete_signature.py b/cla-backend/helpers/complete_signature.py index 9e38df6b8..960ca7f21 100644 --- a/cla-backend/helpers/complete_signature.py +++ b/cla-backend/helpers/complete_signature.py @@ -31,6 +31,7 @@ signature = get_signature_instance() signature.load(SIGNATURE_ID) signature.set_signature_signed(True) +signature.set_signature_embargo_acked(True) signature.save() if signature.get_signature_reference_type() != 'user': cla.log.error('Trying to handle CCLA as a ICLA - not implemented yet') diff --git a/cla-backend/helpers/create_data.py b/cla-backend/helpers/create_data.py index 709e5b4fa..274465f54 100644 --- a/cla-backend/helpers/create_data.py +++ b/cla-backend/helpers/create_data.py @@ -95,6 +95,7 @@ corporate_signature.set_signature_project_id(project.get_project_id()) corporate_signature.set_signature_signed(True) corporate_signature.set_signature_approved(True) +corporate_signature.set_signature_embargo_acked(True) corporate_signature.set_signature_type('cla') corporate_signature.set_signature_reference_id(company.get_company_id()) corporate_signature.set_signature_reference_type('company') @@ -140,6 +141,7 @@ individual_signature.set_signature_project_id(project.get_project_id()) individual_signature.set_signature_signed(True) individual_signature.set_signature_approved(True) +individual_signature.set_signature_embargo_acked(True) individual_signature.set_signature_type('cla') individual_signature.set_signature_reference_id(individual.get_user_id()) individual_signature.set_signature_reference_type('user') @@ -155,6 +157,7 @@ individual_signature.set_signature_project_id(project.get_project_id()) individual_signature.set_signature_signed(True) individual_signature.set_signature_approved(True) +individual_signature.set_signature_embargo_acked(True) individual_signature.set_signature_type('cla') individual_signature.set_signature_reference_id(individual.get_user_id()) individual_signature.set_signature_reference_type('user') @@ -170,6 +173,7 @@ individual_signature.set_signature_project_id(project.get_project_id()) individual_signature.set_signature_signed(True) individual_signature.set_signature_approved(True) +individual_signature.set_signature_embargo_acked(True) individual_signature.set_signature_type('cla') individual_signature.set_signature_reference_id(individual.get_user_id()) individual_signature.set_signature_reference_type('user') @@ -194,6 +198,7 @@ individual_b_signature.set_signature_project_id(project.get_project_id()) individual_b_signature.set_signature_signed(True) individual_b_signature.set_signature_approved(True) +individual_b_signature.set_signature_embargo_acked(True) individual_b_signature.set_signature_type('cla') individual_b_signature.set_signature_reference_id(individual_b.get_user_id()) individual_b_signature.set_signature_reference_type('user') @@ -210,6 +215,7 @@ employee_signature.set_signature_project_id(project.get_project_id()) employee_signature.set_signature_signed(True) employee_signature.set_signature_approved(True) +employee_signature.set_signature_embargo_acked(True) employee_signature.set_signature_type('cla') employee_signature.set_signature_reference_id(individual.get_user_id()) employee_signature.set_signature_reference_type('user') diff --git a/cla-backend/helpers/create_signatures.py b/cla-backend/helpers/create_signatures.py index 347b4222b..e0da5ab9d 100644 --- a/cla-backend/helpers/create_signatures.py +++ b/cla-backend/helpers/create_signatures.py @@ -34,6 +34,7 @@ signature.set_signature_project_id(project1.get_project_id()) signature.set_signature_signed(True) signature.set_signature_approved(True) +signature.set_signature_embargo_acked(True) signature.set_signature_type('cla') signature.set_signature_reference_id(user.get_user_id()) signature.set_signature_reference_type('user') @@ -50,6 +51,7 @@ signature.set_signature_project_id(project1.get_project_id()) signature.set_signature_signed(True) signature.set_signature_approved(True) +signature.set_signature_embargo_acked(True) signature.set_signature_type('cla') signature.set_signature_reference_id(company.get_company_id()) signature.set_signature_reference_type('company') @@ -66,6 +68,7 @@ signature.set_signature_project_id(project2.get_project_id()) signature.set_signature_signed(True) signature.set_signature_approved(True) +signature.set_signature_embargo_acked(True) signature.set_signature_type('cla') signature.set_signature_reference_id(company.get_company_id()) signature.set_signature_reference_type('company') From dc8e946013baad10e7d1e6d19f2a751528585305 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Tue, 26 Nov 2024 13:53:06 +0000 Subject: [PATCH 21/59] Update dev.md - linux special case MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- dev.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/dev.md b/dev.md index 7f818c9a5..dcf5183b8 100644 --- a/dev.md +++ b/dev.md @@ -133,6 +133,38 @@ locally and simply point to the DEV environment. The `STAGE` environment variable controls where we point. Make sure you export/provide/setup the AWS properties in order to connect. + +When running on Linux it looks like `.venv` sets $HOME to /tmp, and then python backend is looking for the AWS config file in `~/.aws/config` +This means it ends up in `/tmp/.aws/config`. You can use the following scritp to activate your environment (`setenv.secret`) via: `source setenv.secret`: +``` +#!/bin/bash +rm -rf /tmp/aws +cp -R ~/.aws /tmp/.aws +export AWS_SDK_LOAD_CONFIG=1 +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +export AWS_ACCESS_KEY_ID='[redacted]' +export AWS_SECRET_ACCESS_KEY='[redacted]' +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +``` + +And the following one to unset the environment: +``` +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +``` + ## Run the Python Backend ```bash From 33073f440c9e54873412bd3971c899f11252e6a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Tue, 26 Nov 2024 14:05:00 +0000 Subject: [PATCH 22/59] One more typo fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- dev.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dev.md b/dev.md index dcf5183b8..3462f5c9d 100644 --- a/dev.md +++ b/dev.md @@ -363,9 +363,9 @@ First build and setup the environment. Then simply run it: ```bash # Mac -./cla-mac +./bin/cla-mac # or linux -./cla +./bin/cla ``` You should see the typical diagnostic details on startup indicating that it From f73c4d11bfc18035ee562327d18f9448f74ddf96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 06:08:25 +0000 Subject: [PATCH 23/59] Update docs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- aws_env.md | 130 ++++++++++++++++++++++++++++++++++++++++++++++++++++ dev.md | 12 ++++- setenv.sh | 27 +++++++++++ unsetenv.sh | 21 +++++++++ 4 files changed, 188 insertions(+), 2 deletions(-) create mode 100644 aws_env.md create mode 100644 setenv.sh create mode 100644 unsetenv.sh diff --git a/aws_env.md b/aws_env.md new file mode 100644 index 000000000..4e53960f3 --- /dev/null +++ b/aws_env.md @@ -0,0 +1,130 @@ +# Setting up AWS environment + +You need to have MFA enabled for your AWS user, your `~/.aws/config` shoudl look like this: +``` +[profile lfproduct-dev] +role_arn = arn:aws:iam::395594542180:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-test] +role_arn = arn:aws:iam::726224182707:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-staging] +role_arn = arn:aws:iam::844390194980:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-prod] +role_arn = arn:aws:iam::716487311010:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[default] +region = us-east-1 +output = json +``` + +It defines 4 profiles to use: `dev`, `staging`, `test` and `prod`. + +You will be using one of them. + + +Your `~/.aws/credentials` file shoudl initially look like this (replace `redacted`): +``` +[lfproduct-long-term] +aws_secret_access_key = [access_key_redacted] +aws_access_key_id = [key_id_redacted] +aws_mfa_device = arn:aws:iam::[arn_number_redacted]:mfa/[your_aws_user_redacted] + +[default] +aws_access_key_id = [key_id_redacted] +aws_secret_access_key = [access_key_redacted] +``` + +Now every 36 hours or less you need to refresh your MFA key by calling: `aws-mfa --force --duration 129600 --profile lfproduct`. + +When called it adds or replaces the following section (`[lfproduct]` which is used as a source profile for `dev`, `test`, `staging` or `prod` in aws config) in `~/.aws/credentials`: +``` +[lfproduct] +assumed_role = False +aws_access_key_id = [key_id_redacted] +aws_secret_access_key = [secret_access_key_redacted] +aws_session_token = [session_token_redacted] +aws_security_token = [session_token_redacted] +expiration = 2024-11-28 16:54:59 [now + 36 hours] + +``` + + +Once you have all of this, you must set a correct set of environment variables to run either `python` or `golang` backends. + +To do so you need to get credentials for a specific profile `lfproduct-`: `dev`, `test`, `staging`, `prod`. To see full one-time set of credentials you can call: +- for `dev`: `` aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session ``. +- for `prod`: `` aws sts assume-role --role-arn arn:aws:iam::716487311010:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-prod-session ``. + +Note - just replace the iam::[number] depending on environment type (`[stage]`) and update `lfproduct-[stage]-name`. + +You can set up a script like `setenv.sh` which will set all required variables, example for `dev`: +``` +#!/bin/bash + +rm -rf /tmp/aws +cp -R /root/.aws /tmp/.aws + +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" + +export AWS_SDK_LOAD_CONFIG=true +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +export AWS_DEFAULT_REGION='us-east-1' +export DYNAMODB_AWS_REGION='us-east-1' +export REGION='us-east-1' + +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +# export STAGE='local' +export GH_ORG_VALIDATION=false +export DISABLE_LOCAL_PERMISSION_CHECKS=true +export COMPANY_USER_VALIDATION=false +export CLA_SIGNATURE_FILES_BUCKET=cla-signature-files-dev +``` + +Call it via `` . ./setenv.sh `` or `` source setenv.sh `` to execute in the current shell. + +You can reset environment variables by exiting the shell session or calling the following `unsetenv.sh` in the current shell via: `` . ./unsetenv.sh `` or `` source unsetenv.sh ``: +``` +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN +unset GH_ORG_VALIDATION +unset DISABLE_LOCAL_PERMISSION_CHECKS +unset COMPANY_USER_VALIDATION +unset CLA_SIGNATURE_FILES_BUCKET +unset DYNAMODB_AWS_REGION +unset REGION +unset AWS_ROLE_ARN +unset AWS_TOKEN_SERIAL +unset AWS_SDK_LOAD_CONFIG +``` diff --git a/dev.md b/dev.md index 3462f5c9d..819cb6b2e 100644 --- a/dev.md +++ b/dev.md @@ -143,8 +143,11 @@ cp -R ~/.aws /tmp/.aws export AWS_SDK_LOAD_CONFIG=1 export AWS_PROFILE='lfproduct-dev' export AWS_REGION='us-east-1' -export AWS_ACCESS_KEY_ID='[redacted]' -export AWS_SECRET_ACCESS_KEY='[redacted]' +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export PRODUCT_DOMAIN='dev.lfcla.com' export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' export PORT='5000' @@ -155,16 +158,21 @@ And the following one to unset the environment: ``` #!/bin/bash rm -rf /tmp/.aws +unset AWS_SDK_LOAD_CONFIG=1 unset AWS_PROFILE unset AWS_REGION unset AWS_ACCESS_KEY_ID unset AWS_SECRET_ACCESS_KEY +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN unset PRODUCT_DOMAIN unset ROOT_DOMAIN unset PORT unset STAGE ``` +Please refer to [aws_env.md](aws_env.md) for more details. + ## Run the Python Backend ```bash diff --git a/setenv.sh b/setenv.sh new file mode 100644 index 000000000..3b9f507ed --- /dev/null +++ b/setenv.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +rm -rf /tmp/aws +cp -R /root/.aws /tmp/.aws + +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" + +export AWS_SDK_LOAD_CONFIG=true +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +export AWS_DEFAULT_REGION='us-east-1' +export DYNAMODB_AWS_REGION='us-east-1' +export REGION='us-east-1' + +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +# export STAGE='local' +export GH_ORG_VALIDATION=false +export DISABLE_LOCAL_PERMISSION_CHECKS=true +export COMPANY_USER_VALIDATION=false +export CLA_SIGNATURE_FILES_BUCKET=cla-signature-files-dev diff --git a/unsetenv.sh b/unsetenv.sh new file mode 100644 index 000000000..7d627b33b --- /dev/null +++ b/unsetenv.sh @@ -0,0 +1,21 @@ +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN +unset GH_ORG_VALIDATION +unset DISABLE_LOCAL_PERMISSION_CHECKS +unset COMPANY_USER_VALIDATION +unset CLA_SIGNATURE_FILES_BUCKET +unset DYNAMODB_AWS_REGION +unset REGION +unset AWS_ROLE_ARN +unset AWS_TOKEN_SERIAL +unset AWS_SDK_LOAD_CONFIG From 1c0db12214519d83d3d1391e3790a204442ce0ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 06:14:50 +0000 Subject: [PATCH 24/59] Sync with AWS env updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- aws_env.md | 130 ++++++++++++++++++++++++++++++++++++++++++++++++++++ dev.md | 44 +++++++++++++++++- setenv.sh | 27 +++++++++++ unsetenv.sh | 21 +++++++++ 4 files changed, 220 insertions(+), 2 deletions(-) create mode 100644 aws_env.md create mode 100644 setenv.sh create mode 100644 unsetenv.sh diff --git a/aws_env.md b/aws_env.md new file mode 100644 index 000000000..4e53960f3 --- /dev/null +++ b/aws_env.md @@ -0,0 +1,130 @@ +# Setting up AWS environment + +You need to have MFA enabled for your AWS user, your `~/.aws/config` shoudl look like this: +``` +[profile lfproduct-dev] +role_arn = arn:aws:iam::395594542180:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-test] +role_arn = arn:aws:iam::726224182707:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-staging] +role_arn = arn:aws:iam::844390194980:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[profile lfproduct-prod] +role_arn = arn:aws:iam::716487311010:role/product-contractors-role +source_profile = lfproduct +region = us-east-1 +output = json + +[default] +region = us-east-1 +output = json +``` + +It defines 4 profiles to use: `dev`, `staging`, `test` and `prod`. + +You will be using one of them. + + +Your `~/.aws/credentials` file shoudl initially look like this (replace `redacted`): +``` +[lfproduct-long-term] +aws_secret_access_key = [access_key_redacted] +aws_access_key_id = [key_id_redacted] +aws_mfa_device = arn:aws:iam::[arn_number_redacted]:mfa/[your_aws_user_redacted] + +[default] +aws_access_key_id = [key_id_redacted] +aws_secret_access_key = [access_key_redacted] +``` + +Now every 36 hours or less you need to refresh your MFA key by calling: `aws-mfa --force --duration 129600 --profile lfproduct`. + +When called it adds or replaces the following section (`[lfproduct]` which is used as a source profile for `dev`, `test`, `staging` or `prod` in aws config) in `~/.aws/credentials`: +``` +[lfproduct] +assumed_role = False +aws_access_key_id = [key_id_redacted] +aws_secret_access_key = [secret_access_key_redacted] +aws_session_token = [session_token_redacted] +aws_security_token = [session_token_redacted] +expiration = 2024-11-28 16:54:59 [now + 36 hours] + +``` + + +Once you have all of this, you must set a correct set of environment variables to run either `python` or `golang` backends. + +To do so you need to get credentials for a specific profile `lfproduct-`: `dev`, `test`, `staging`, `prod`. To see full one-time set of credentials you can call: +- for `dev`: `` aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session ``. +- for `prod`: `` aws sts assume-role --role-arn arn:aws:iam::716487311010:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-prod-session ``. + +Note - just replace the iam::[number] depending on environment type (`[stage]`) and update `lfproduct-[stage]-name`. + +You can set up a script like `setenv.sh` which will set all required variables, example for `dev`: +``` +#!/bin/bash + +rm -rf /tmp/aws +cp -R /root/.aws /tmp/.aws + +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" + +export AWS_SDK_LOAD_CONFIG=true +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +export AWS_DEFAULT_REGION='us-east-1' +export DYNAMODB_AWS_REGION='us-east-1' +export REGION='us-east-1' + +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +# export STAGE='local' +export GH_ORG_VALIDATION=false +export DISABLE_LOCAL_PERMISSION_CHECKS=true +export COMPANY_USER_VALIDATION=false +export CLA_SIGNATURE_FILES_BUCKET=cla-signature-files-dev +``` + +Call it via `` . ./setenv.sh `` or `` source setenv.sh `` to execute in the current shell. + +You can reset environment variables by exiting the shell session or calling the following `unsetenv.sh` in the current shell via: `` . ./unsetenv.sh `` or `` source unsetenv.sh ``: +``` +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN +unset GH_ORG_VALIDATION +unset DISABLE_LOCAL_PERMISSION_CHECKS +unset COMPANY_USER_VALIDATION +unset CLA_SIGNATURE_FILES_BUCKET +unset DYNAMODB_AWS_REGION +unset REGION +unset AWS_ROLE_ARN +unset AWS_TOKEN_SERIAL +unset AWS_SDK_LOAD_CONFIG +``` diff --git a/dev.md b/dev.md index 7f818c9a5..819cb6b2e 100644 --- a/dev.md +++ b/dev.md @@ -133,6 +133,46 @@ locally and simply point to the DEV environment. The `STAGE` environment variable controls where we point. Make sure you export/provide/setup the AWS properties in order to connect. + +When running on Linux it looks like `.venv` sets $HOME to /tmp, and then python backend is looking for the AWS config file in `~/.aws/config` +This means it ends up in `/tmp/.aws/config`. You can use the following scritp to activate your environment (`setenv.secret`) via: `source setenv.secret`: +``` +#!/bin/bash +rm -rf /tmp/aws +cp -R ~/.aws /tmp/.aws +export AWS_SDK_LOAD_CONFIG=1 +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +``` + +And the following one to unset the environment: +``` +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_SDK_LOAD_CONFIG=1 +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +``` + +Please refer to [aws_env.md](aws_env.md) for more details. + ## Run the Python Backend ```bash @@ -331,9 +371,9 @@ First build and setup the environment. Then simply run it: ```bash # Mac -./cla-mac +./bin/cla-mac # or linux -./cla +./bin/cla ``` You should see the typical diagnostic details on startup indicating that it diff --git a/setenv.sh b/setenv.sh new file mode 100644 index 000000000..3b9f507ed --- /dev/null +++ b/setenv.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +rm -rf /tmp/aws +cp -R /root/.aws /tmp/.aws + +data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" +export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" +export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" + +export AWS_SDK_LOAD_CONFIG=true +export AWS_PROFILE='lfproduct-dev' +export AWS_REGION='us-east-1' +export AWS_DEFAULT_REGION='us-east-1' +export DYNAMODB_AWS_REGION='us-east-1' +export REGION='us-east-1' + +export PRODUCT_DOMAIN='dev.lfcla.com' +export ROOT_DOMAIN='lfcla.dev.platform.linuxfoundation.org' +export PORT='5000' +export STAGE='dev' +# export STAGE='local' +export GH_ORG_VALIDATION=false +export DISABLE_LOCAL_PERMISSION_CHECKS=true +export COMPANY_USER_VALIDATION=false +export CLA_SIGNATURE_FILES_BUCKET=cla-signature-files-dev diff --git a/unsetenv.sh b/unsetenv.sh new file mode 100644 index 000000000..7d627b33b --- /dev/null +++ b/unsetenv.sh @@ -0,0 +1,21 @@ +#!/bin/bash +rm -rf /tmp/.aws +unset AWS_PROFILE +unset AWS_REGION +unset AWS_ACCESS_KEY_ID +unset AWS_SECRET_ACCESS_KEY +unset PRODUCT_DOMAIN +unset ROOT_DOMAIN +unset PORT +unset STAGE +unset AWS_SESSION_TOKEN +unset AWS_SECURITY_TOKEN +unset GH_ORG_VALIDATION +unset DISABLE_LOCAL_PERMISSION_CHECKS +unset COMPANY_USER_VALIDATION +unset CLA_SIGNATURE_FILES_BUCKET +unset DYNAMODB_AWS_REGION +unset REGION +unset AWS_ROLE_ARN +unset AWS_TOKEN_SERIAL +unset AWS_SDK_LOAD_CONFIG From 247a9f8b9f7840549a0220e29bb2e06ce8aa0a2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 06:33:57 +0000 Subject: [PATCH 25/59] ngrok details MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/scripts/health.sh | 7 +++++++ dev.md | 3 +++ ngrok.sh | 2 ++ 3 files changed, 12 insertions(+) create mode 100755 cla-backend/scripts/health.sh create mode 100755 ngrok.sh diff --git a/cla-backend/scripts/health.sh b/cla-backend/scripts/health.sh new file mode 100755 index 000000000..22788414d --- /dev/null +++ b/cla-backend/scripts/health.sh @@ -0,0 +1,7 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi +curl -s "${API_URL}/v2/health" | jq -r '.' diff --git a/dev.md b/dev.md index 819cb6b2e..736a3525b 100644 --- a/dev.md +++ b/dev.md @@ -202,6 +202,9 @@ open http://localhost:5000/v2/health open http://localhost:5000/v2/user/ ``` +To expose service running on the localhost to the outside world use: `` ./ngrok.sh ``. +And then tets via: `` API_URL='https://[redacted].ngrok-free.app' ./scripts/health.sh `` from another host (anywhere in the world). + ## Building and Running the Go Backend Current Endpoints: diff --git a/ngrok.sh b/ngrok.sh new file mode 100755 index 000000000..829abad2f --- /dev/null +++ b/ngrok.sh @@ -0,0 +1,2 @@ +#!/bin/bash +ngrok http http://localhost:5000 From 8e02cb1f9005641a09f136280f87cce72d64d48e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 07:04:22 +0000 Subject: [PATCH 26/59] Testing POST '/v1/signature' API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/scripts/signature_post.sh | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100755 cla-backend/scripts/signature_post.sh diff --git a/cla-backend/scripts/signature_post.sh b/cla-backend/scripts/signature_post.sh new file mode 100755 index 000000000..4002284ea --- /dev/null +++ b/cla-backend/scripts/signature_post.sh @@ -0,0 +1,15 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# TOKEN='...' - Auth0 JWT bearer token +# BODY='{...}' - signature body + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v1/signature' -d '${BODY}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v1/signature" -d "${BODY}" | jq -r '.' From 3eeaf1f57f117bfd81047f4cc6e63ee6763f39fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 09:13:56 +0000 Subject: [PATCH 27/59] WIP 'request_individual_signature' API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/cla/models/docusign_models.py | 1 - cla-backend/scripts/describe_table.sh | 2 + cla-backend/scripts/lookup_project.sh | 2 + cla-backend/scripts/lookup_user.sh | 2 + .../request_individual_signature_post.sh | 45 +++++++++++++++++++ cla-backend/scripts/scan_projects.sh | 2 + cla-backend/scripts/scan_signatures.sh | 2 + setenv.sh | 1 + unsetenv.sh | 1 + 9 files changed, 57 insertions(+), 1 deletion(-) create mode 100755 cla-backend/scripts/describe_table.sh create mode 100644 cla-backend/scripts/lookup_project.sh create mode 100644 cla-backend/scripts/lookup_user.sh create mode 100755 cla-backend/scripts/request_individual_signature_post.sh create mode 100644 cla-backend/scripts/scan_projects.sh create mode 100644 cla-backend/scripts/scan_signatures.sh diff --git a/cla-backend/cla/models/docusign_models.py b/cla-backend/cla/models/docusign_models.py index ba481a8a3..723d80957 100644 --- a/cla-backend/cla/models/docusign_models.py +++ b/cla-backend/cla/models/docusign_models.py @@ -257,7 +257,6 @@ def request_individual_signature(self, project_id, user_id, return_url=None, ret signature_embargo_acked=True, signature_return_url=return_url, signature_callback_url=callback_url) - # Set signature ACL if return_url_type.lower() == "github": acl = user.get_user_github_id() diff --git a/cla-backend/scripts/describe_table.sh b/cla-backend/scripts/describe_table.sh new file mode 100755 index 000000000..61251770c --- /dev/null +++ b/cla-backend/scripts/describe_table.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb describe-table --table-name cla-dev-signatures diff --git a/cla-backend/scripts/lookup_project.sh b/cla-backend/scripts/lookup_project.sh new file mode 100644 index 000000000..68e84f2ae --- /dev/null +++ b/cla-backend/scripts/lookup_project.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-projects --index-name project-name-lower-search-index --key-condition-expression "project_name_lower = :name" --expression-attribute-values '{":name":{"S":"child group earths"}}' diff --git a/cla-backend/scripts/lookup_user.sh b/cla-backend/scripts/lookup_user.sh new file mode 100644 index 000000000..230809fb6 --- /dev/null +++ b/cla-backend/scripts/lookup_user.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-users --index-name github-username-index --key-condition-expression "user_github_username = :name" --expression-attribute-values '{":name":{"S":"lukaszgryglicki"}}' diff --git a/cla-backend/scripts/request_individual_signature_post.sh b/cla-backend/scripts/request_individual_signature_post.sh new file mode 100755 index 000000000..3eb871b29 --- /dev/null +++ b/cla-backend/scripts/request_individual_signature_post.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 2 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 3 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 4 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/cla-backend/scripts/scan_projects.sh b/cla-backend/scripts/scan_projects.sh new file mode 100644 index 000000000..109422e8e --- /dev/null +++ b/cla-backend/scripts/scan_projects.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-projects --max-items 3 diff --git a/cla-backend/scripts/scan_signatures.sh b/cla-backend/scripts/scan_signatures.sh new file mode 100644 index 000000000..478bed2af --- /dev/null +++ b/cla-backend/scripts/scan_signatures.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-signatures --max-items 1 diff --git a/setenv.sh b/setenv.sh index 3b9f507ed..dbe0d5532 100644 --- a/setenv.sh +++ b/setenv.sh @@ -8,6 +8,7 @@ export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export GITHUB_OAUTH_TOKEN="$(cat /etc/github/oauth)" export AWS_SDK_LOAD_CONFIG=true export AWS_PROFILE='lfproduct-dev' diff --git a/unsetenv.sh b/unsetenv.sh index 7d627b33b..6a6eb3b73 100644 --- a/unsetenv.sh +++ b/unsetenv.sh @@ -19,3 +19,4 @@ unset REGION unset AWS_ROLE_ARN unset AWS_TOKEN_SERIAL unset AWS_SDK_LOAD_CONFIG +unset GITHUB_OAUTH_TOKEN From c925764ec8202fc8cb9cf880b7bf89a7f34f6f12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 10:34:18 +0000 Subject: [PATCH 28/59] Handle employee_signature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/scripts/lookup_company.sh | 2 + cla-backend/scripts/lookup_project.sh | 0 cla-backend/scripts/lookup_user.sh | 0 .../request_employee_signature_post.sh | 54 +++++++++++++++++++ cla-backend/scripts/scan_projects.sh | 0 cla-backend/scripts/scan_signatures.sh | 0 6 files changed, 56 insertions(+) create mode 100755 cla-backend/scripts/lookup_company.sh mode change 100644 => 100755 cla-backend/scripts/lookup_project.sh mode change 100644 => 100755 cla-backend/scripts/lookup_user.sh create mode 100755 cla-backend/scripts/request_employee_signature_post.sh mode change 100644 => 100755 cla-backend/scripts/scan_projects.sh mode change 100644 => 100755 cla-backend/scripts/scan_signatures.sh diff --git a/cla-backend/scripts/lookup_company.sh b/cla-backend/scripts/lookup_company.sh new file mode 100755 index 000000000..ff7ce8c8f --- /dev/null +++ b/cla-backend/scripts/lookup_company.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-companies --index-name company-name-index --key-condition-expression "company_name = :name" --expression-attribute-values '{":name":{"S":"Google LLC"}}' diff --git a/cla-backend/scripts/lookup_project.sh b/cla-backend/scripts/lookup_project.sh old mode 100644 new mode 100755 diff --git a/cla-backend/scripts/lookup_user.sh b/cla-backend/scripts/lookup_user.sh old mode 100644 new mode 100755 diff --git a/cla-backend/scripts/request_employee_signature_post.sh b/cla-backend/scripts/request_employee_signature_post.sh new file mode 100755 index 000000000..a170dd273 --- /dev/null +++ b/cla-backend/scripts/request_employee_signature_post.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./scripts/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify company_id as a 2nd parameter" + exit 2 +fi +export company_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify project_id as a 3rd parameter" + exit 3 +fi +export project_id="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url_type as a 4th parameter: github|gitlab|gerrit" + exit 4 +fi +export return_url_type="$4" + +if [ -z "$5" ] +then + echo "$0: you need to specify return_url as a 5th parameter" + exit 5 +fi +export return_url="$5" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/cla-backend/scripts/scan_projects.sh b/cla-backend/scripts/scan_projects.sh old mode 100644 new mode 100755 diff --git a/cla-backend/scripts/scan_signatures.sh b/cla-backend/scripts/scan_signatures.sh old mode 100644 new mode 100755 From e6df63d6108b82a44d8244292425cd35dfaab3bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 10:46:08 +0000 Subject: [PATCH 29/59] Reorganized scripts/utils MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/cla/models/docusign_models.py | 1 - dev.md | 2 +- {cla-backend/scripts => utils}/describe_table.sh | 0 .../scripts/health.sh => utils/health_python_v2.sh | 0 {cla-backend/scripts => utils}/lookup_company.sh | 0 {cla-backend/scripts => utils}/lookup_project.sh | 0 {cla-backend/scripts => utils}/lookup_user.sh | 0 ngrok.sh => utils/ngrok.sh | 0 .../request_employee_signature_post.sh | 2 +- .../request_individual_signature_post.sh | 1 + {cla-backend/scripts => utils}/scan_projects.sh | 0 {cla-backend/scripts => utils}/scan_signatures.sh | 0 {cla-backend/scripts => utils}/signature_post.sh | 11 +++++++++++ 13 files changed, 14 insertions(+), 3 deletions(-) rename {cla-backend/scripts => utils}/describe_table.sh (100%) rename cla-backend/scripts/health.sh => utils/health_python_v2.sh (100%) rename {cla-backend/scripts => utils}/lookup_company.sh (100%) rename {cla-backend/scripts => utils}/lookup_project.sh (100%) rename {cla-backend/scripts => utils}/lookup_user.sh (100%) rename ngrok.sh => utils/ngrok.sh (100%) rename {cla-backend/scripts => utils}/request_employee_signature_post.sh (89%) rename {cla-backend/scripts => utils}/request_individual_signature_post.sh (90%) rename {cla-backend/scripts => utils}/scan_projects.sh (100%) rename {cla-backend/scripts => utils}/scan_signatures.sh (100%) rename {cla-backend/scripts => utils}/signature_post.sh (78%) diff --git a/cla-backend/cla/models/docusign_models.py b/cla-backend/cla/models/docusign_models.py index 723d80957..b54126da8 100644 --- a/cla-backend/cla/models/docusign_models.py +++ b/cla-backend/cla/models/docusign_models.py @@ -8,7 +8,6 @@ https://developers.docusign.com/esign-rest-api/guides/post-go-live """ - import io import json import boto3 diff --git a/dev.md b/dev.md index 736a3525b..4fcfec0f5 100644 --- a/dev.md +++ b/dev.md @@ -202,7 +202,7 @@ open http://localhost:5000/v2/health open http://localhost:5000/v2/user/ ``` -To expose service running on the localhost to the outside world use: `` ./ngrok.sh ``. +To expose service running on the localhost to the outside world use: `` ./utils/ngrok.sh ``. And then tets via: `` API_URL='https://[redacted].ngrok-free.app' ./scripts/health.sh `` from another host (anywhere in the world). ## Building and Running the Go Backend diff --git a/cla-backend/scripts/describe_table.sh b/utils/describe_table.sh similarity index 100% rename from cla-backend/scripts/describe_table.sh rename to utils/describe_table.sh diff --git a/cla-backend/scripts/health.sh b/utils/health_python_v2.sh similarity index 100% rename from cla-backend/scripts/health.sh rename to utils/health_python_v2.sh diff --git a/cla-backend/scripts/lookup_company.sh b/utils/lookup_company.sh similarity index 100% rename from cla-backend/scripts/lookup_company.sh rename to utils/lookup_company.sh diff --git a/cla-backend/scripts/lookup_project.sh b/utils/lookup_project.sh similarity index 100% rename from cla-backend/scripts/lookup_project.sh rename to utils/lookup_project.sh diff --git a/cla-backend/scripts/lookup_user.sh b/utils/lookup_user.sh similarity index 100% rename from cla-backend/scripts/lookup_user.sh rename to utils/lookup_user.sh diff --git a/ngrok.sh b/utils/ngrok.sh similarity index 100% rename from ngrok.sh rename to utils/ngrok.sh diff --git a/cla-backend/scripts/request_employee_signature_post.sh b/utils/request_employee_signature_post.sh similarity index 89% rename from cla-backend/scripts/request_employee_signature_post.sh rename to utils/request_employee_signature_post.sh index a170dd273..d872e7c51 100755 --- a/cla-backend/scripts/request_employee_signature_post.sh +++ b/utils/request_employee_signature_post.sh @@ -5,7 +5,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./scripts/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 ./utils/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then diff --git a/cla-backend/scripts/request_individual_signature_post.sh b/utils/request_individual_signature_post.sh similarity index 90% rename from cla-backend/scripts/request_individual_signature_post.sh rename to utils/request_individual_signature_post.sh index 3eb871b29..28aa6b5c5 100755 --- a/cla-backend/scripts/request_individual_signature_post.sh +++ b/utils/request_individual_signature_post.sh @@ -4,6 +4,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' +# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then diff --git a/cla-backend/scripts/scan_projects.sh b/utils/scan_projects.sh similarity index 100% rename from cla-backend/scripts/scan_projects.sh rename to utils/scan_projects.sh diff --git a/cla-backend/scripts/scan_signatures.sh b/utils/scan_signatures.sh similarity index 100% rename from cla-backend/scripts/scan_signatures.sh rename to utils/scan_signatures.sh diff --git a/cla-backend/scripts/signature_post.sh b/utils/signature_post.sh similarity index 78% rename from cla-backend/scripts/signature_post.sh rename to utils/signature_post.sh index 4002284ea..d0c81c75e 100755 --- a/cla-backend/scripts/signature_post.sh +++ b/utils/signature_post.sh @@ -8,6 +8,17 @@ then export API_URL="http://localhost:5000" fi +if [ -z "$TOKEN" ] +then + source ./auth0_token.secret +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + if [ ! -z "$DEBUG" ] then echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v1/signature' -d '${BODY}' | jq -r '.'" From 4f5ebf576d3e55a524ff9a916bcb7f0d34578cb1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 11:24:15 +0000 Subject: [PATCH 30/59] WIP golang API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/request_corporate_signature_post.sh | 46 +++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100755 utils/request_corporate_signature_post.sh diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh new file mode 100755 index 000000000..7f054b87a --- /dev/null +++ b/utils/request_corporate_signature_post.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify company_id as a 1st parameter" + exit 1 +fi +export company_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 2 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 3 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 4 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' From 135774c6a5f90a76466b7b7acea47a651c49fc9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 11:44:13 +0000 Subject: [PATCH 31/59] Update script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/request_corporate_signature_post.sh | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh index 7f054b87a..1487eba1a 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_post.sh @@ -4,7 +4,19 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# TOKEN='...' - Auth0 JWT bearer token +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$TOKEN" ] +then + source ./auth0_token.secret +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi if [ -z "$1" ] then From 823dbde84c5ce5fe59bf5249d10f6357bc8ff909 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 27 Nov 2024 12:56:00 +0000 Subject: [PATCH 32/59] update golang API endpoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- .../cmd/functional_tests/approval_list/approval_list.go | 8 ++++++++ .../cmd/functional_tests/cla_manager/cla_manager.go | 2 ++ cla-backend-go/signatures/converters.go | 2 ++ cla-backend-go/signatures/dbmodels.go | 1 + cla-backend-go/signatures/models.go | 1 + cla-backend-go/signatures/repository.go | 3 +++ cla-backend-go/swagger/common/corporate-contributor.yaml | 5 +++++ cla-backend-go/swagger/common/corporate-signature.yaml | 5 +++++ cla-backend-go/swagger/common/icla-signature.yaml | 5 +++++ cla-backend-go/swagger/common/signature-summary.yaml | 5 +++++ cla-backend-go/swagger/common/signature.yaml | 5 +++++ cla-backend-go/v2/company/service.go | 1 + cla-backend-go/v2/company/service_test.go | 7 +++++++ cla-backend-go/v2/dynamo_events/cla_manager.go | 1 + cla-backend-go/v2/dynamo_events/signatures.go | 3 +++ cla-backend-go/v2/sign/service.go | 6 ++++++ utils/request_corporate_signature_post.sh | 1 + 17 files changed, 61 insertions(+) diff --git a/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go b/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go index f63879840..e8a51bc91 100644 --- a/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go +++ b/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go @@ -308,6 +308,7 @@ func (t *TestBehaviour) RunUpdateApprovalListAddEmail(testData InputTestValues) ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -352,6 +353,7 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveEmail(testData InputTestValue ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -396,6 +398,7 @@ func (t *TestBehaviour) RunUpdateApprovalListAddDomain(testData InputTestValues) ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -440,6 +443,7 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveDomain(testData InputTestValu ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -484,6 +488,7 @@ func (t *TestBehaviour) RunUpdateApprovalListAddGitHubUsername(testData InputTes ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -528,6 +533,7 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveGitHubUsername(testData Input ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -572,6 +578,7 @@ func (t *TestBehaviour) RunUpdateApprovalListAddGitHubOrg(testData InputTestValu ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -616,6 +623,7 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveGitHubOrg(testData InputTestV ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). diff --git a/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go b/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go index ec71d9dac..787979997 100644 --- a/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go +++ b/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go @@ -472,6 +472,7 @@ func (t *TestBehaviour) RunAddCLAManager() { ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("signatureSigned", reflect.Bool). ExpectJsonType("signatureApproved", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureReferenceType", reflect.String). ExpectJsonType("signatureReferenceID", reflect.String). ExpectJsonType("signatureReferenceName", reflect.String). @@ -540,6 +541,7 @@ func (t *TestBehaviour) RunRemoveCLAManager() { ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("signatureSigned", reflect.Bool). ExpectJsonType("signatureApproved", reflect.Bool). + // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureReferenceType", reflect.String). ExpectJsonType("signatureReferenceID", reflect.String). ExpectJsonType("signatureReferenceName", reflect.String). diff --git a/cla-backend-go/signatures/converters.go b/cla-backend-go/signatures/converters.go index 5b731bb36..6b58735a2 100644 --- a/cla-backend-go/signatures/converters.go +++ b/cla-backend-go/signatures/converters.go @@ -75,6 +75,7 @@ func (repo repository) buildProjectSignatureModels(ctx context.Context, results SignatureReferenceNameLower: dbSignature.SignatureReferenceNameLower, SignatureSigned: dbSignature.SignatureSigned, SignatureApproved: dbSignature.SignatureApproved, + SignatureEmbargoAcked: dbSignature.SignatureEmbargoAcked, SignatureDocumentMajorVersion: strconv.Itoa(dbSignature.SignatureDocumentMajorVersion), SignatureDocumentMinorVersion: strconv.Itoa(dbSignature.SignatureDocumentMinorVersion), Version: strconv.Itoa(dbSignature.SignatureDocumentMajorVersion) + "." + strconv.Itoa(dbSignature.SignatureDocumentMinorVersion), @@ -237,6 +238,7 @@ func (repo repository) buildProjectSignatureSummaryModels(ctx context.Context, r SignatureReferenceNameLower: dbSignature.SignatureReferenceNameLower, SignatureSigned: dbSignature.SignatureSigned, SignatureApproved: dbSignature.SignatureApproved, + SignatureEmbargoAcked: dbSignature.SignatureEmbargoAcked, SignatureReferenceType: dbSignature.SignatureReferenceType, ProjectID: dbSignature.SignatureProjectID, SignedOn: dbSignature.SignedOn, diff --git a/cla-backend-go/signatures/dbmodels.go b/cla-backend-go/signatures/dbmodels.go index 262acfff2..9ca7f4877 100644 --- a/cla-backend-go/signatures/dbmodels.go +++ b/cla-backend-go/signatures/dbmodels.go @@ -10,6 +10,7 @@ type ItemSignature struct { DateModified string `json:"date_modified,omitempty"` SignatureApproved bool `json:"signature_approved,omitempty"` SignatureSigned bool `json:"signature_signed"` + SignatureEmbargoAcked bool `json:"signature_embargo_acked"` SignatureDocumentMajorVersion int `json:"signature_document_major_version,omitempty"` SignatureDocumentMinorVersion int `json:"signature_document_minor_version,omitempty"` SignatureSignURL string `json:"signature_sign_url,omitempty"` diff --git a/cla-backend-go/signatures/models.go b/cla-backend-go/signatures/models.go index 006aedade..a66012131 100644 --- a/cla-backend-go/signatures/models.go +++ b/cla-backend-go/signatures/models.go @@ -97,6 +97,7 @@ type SignatureDynamoDB struct { SignatureACL []string `json:"signature_acl"` // [github:1234567] SignatureApproved bool `json:"signature_approved"` // true if the signature is approved, false if revoked/invalidated SignatureSigned bool `json:"signature_signed"` // true if the signature has been signed + SignatureEmbargoAcked bool `json:"signature_embargo_acked"` // true if the signature's embargo was acknowledged SignatureReferenceType string `json:"signature_reference_type"` // one of: user, company SignatureReferenceName string `json:"signature_reference_name"` // John Doe SignatureReferenceNameLower string `json:"signature_reference_name_lower"` // john doe diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index 48db47aa4..3875e2c55 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -2527,6 +2527,7 @@ func (repo repository) CreateProjectCompanyEmployeeSignature(ctx context.Context SignatureReferenceID: employeeUserModel.UserID, SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureDocumentMajorVersion: 2, SignatureDocumentMinorVersion: 0, SigTypeSignedApprovedID: fmt.Sprintf("ecla#true#true#%s", companyModel.CompanyID), @@ -4545,6 +4546,7 @@ func (repo repository) getIntermediateICLAResponse(f logrus.Fields, dbSignatures LfUsername: sig.UserLFUsername, SignatureApproved: sig.SignatureApproved, SignatureSigned: sig.SignatureSigned, + SignatureEmbargoAcked: sig.SignatureEmbargoAcked, SignatureModified: sig.DateModified, SignatureID: sig.SignatureID, SignedOn: sigSignedTime, @@ -4774,6 +4776,7 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla SignatureModified: sig.DateModified, SignatureApproved: sig.SignatureApproved, SignatureSigned: sig.SignatureSigned, + // SignatureEmbargoAcked: sig.SignatureEmbargoAcked, }) // Increment the current count diff --git a/cla-backend-go/swagger/common/corporate-contributor.yaml b/cla-backend-go/swagger/common/corporate-contributor.yaml index 24e35b46c..9e6425306 100644 --- a/cla-backend-go/swagger/common/corporate-contributor.yaml +++ b/cla-backend-go/swagger/common/corporate-contributor.yaml @@ -48,3 +48,8 @@ properties: type: boolean description: the flag for contributor that has not yet been approved x-omitempty: false +# signatureEmbargoAcked: +# type: boolean +# description: the signature embargo acknowledged flag - true or false value +# example: true +# # x-omitempty: false diff --git a/cla-backend-go/swagger/common/corporate-signature.yaml b/cla-backend-go/swagger/common/corporate-signature.yaml index 0e9db3594..0ed18c6b5 100644 --- a/cla-backend-go/swagger/common/corporate-signature.yaml +++ b/cla-backend-go/swagger/common/corporate-signature.yaml @@ -38,6 +38,11 @@ properties: description: the signature approved flag - true or false value example: true x-omitempty: false + signatureEmbargoAcked: + type: boolean + description: the signature embargo acknowledged flag - true or false value + example: true + # x-omitempty: false signatureReferenceType: type: string description: the signature reference type - either user or company diff --git a/cla-backend-go/swagger/common/icla-signature.yaml b/cla-backend-go/swagger/common/icla-signature.yaml index 39662700c..cf1649284 100644 --- a/cla-backend-go/swagger/common/icla-signature.yaml +++ b/cla-backend-go/swagger/common/icla-signature.yaml @@ -52,6 +52,11 @@ properties: description: the signature signed flag - true or false value example: true x-omitempty: false + signatureEmbargoAcked: + type: boolean + description: the signature embargo acknowledged flag - true or false value + example: true + # x-omitempty: false signatureModified: type: string description: the signature modified created time diff --git a/cla-backend-go/swagger/common/signature-summary.yaml b/cla-backend-go/swagger/common/signature-summary.yaml index 69290d7bb..06fdb0983 100644 --- a/cla-backend-go/swagger/common/signature-summary.yaml +++ b/cla-backend-go/swagger/common/signature-summary.yaml @@ -29,6 +29,11 @@ properties: description: the signature approved flag - true or false value example: true x-omitempty: false + signatureEmbargoAcked: + type: boolean + description: the signature embargo acknowledged flag - true or false value + example: true + # x-omitempty: false signatureReferenceType: type: string description: the signature reference type - either user or company diff --git a/cla-backend-go/swagger/common/signature.yaml b/cla-backend-go/swagger/common/signature.yaml index 707d36f97..d3a8b13ce 100644 --- a/cla-backend-go/swagger/common/signature.yaml +++ b/cla-backend-go/swagger/common/signature.yaml @@ -38,6 +38,11 @@ properties: description: the signature approved flag - true or false value example: true x-omitempty: false + signatureEmbargoAcked: + type: boolean + description: the signature embargo acknowledged flag - true or false value + example: true + # x-omitempty: false signatureReferenceType: type: string description: the signature reference type - either user or company diff --git a/cla-backend-go/v2/company/service.go b/cla-backend-go/v2/company/service.go index 373daaa36..2c5606530 100644 --- a/cla-backend-go/v2/company/service.go +++ b/cla-backend-go/v2/company/service.go @@ -1520,6 +1520,7 @@ func fillCorporateContributorModel(wg *sync.WaitGroup, usersRepo users.UserRepos contributor.LinuxFoundationID = user.LfUsername contributor.SignatureApproved = sig.SignatureApproved contributor.SignatureSigned = sig.SignatureSigned + // contributor.SignatureEmbargoAcked = sig.SignatureEmbargoAcked contributor.Name = user.Username t, err := utils.ParseDateTime(sig.SignatureCreated) if err != nil { diff --git a/cla-backend-go/v2/company/service_test.go b/cla-backend-go/v2/company/service_test.go index de5cea1d4..0a3a11405 100644 --- a/cla-backend-go/v2/company/service_test.go +++ b/cla-backend-go/v2/company/service_test.go @@ -39,6 +39,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-13T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -48,6 +49,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-15T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -57,6 +59,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-14T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -76,6 +79,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-13T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -85,6 +89,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-15T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -94,6 +99,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "2021-09-14T11:59:00.981612+0000", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id", @@ -103,6 +109,7 @@ func TestGetCompanyProjectContributors(t *testing.T) { SignatureCreated: "", SignatureApproved: true, SignatureSigned: true, + SignatureEmbargoAcked: true, SignatureMajorVersion: "1", SignatureMinorVersion: "0", SignatureReferenceID: "signature_reference_id_empty", diff --git a/cla-backend-go/v2/dynamo_events/cla_manager.go b/cla-backend-go/v2/dynamo_events/cla_manager.go index 3e489ee1c..8a99de4cc 100644 --- a/cla-backend-go/v2/dynamo_events/cla_manager.go +++ b/cla-backend-go/v2/dynamo_events/cla_manager.go @@ -40,6 +40,7 @@ func (s *service) SetInitialCLAManagerACSPermissions(ctx context.Context, signat f["projectID"] = sig.ProjectID f["signed"] = sig.SignatureSigned f["approved"] = sig.SignatureApproved + // f["embargo_acked"] = sig.SignatureEmbargoAcked f["companyName"] = sig.CompanyName f["claType"] = sig.ClaType diff --git a/cla-backend-go/v2/dynamo_events/signatures.go b/cla-backend-go/v2/dynamo_events/signatures.go index c40a8e263..fe39379fc 100644 --- a/cla-backend-go/v2/dynamo_events/signatures.go +++ b/cla-backend-go/v2/dynamo_events/signatures.go @@ -41,6 +41,7 @@ type Signature struct { DateModified string `json:"date_modified"` SignatureApproved bool `json:"signature_approved"` SignatureSigned bool `json:"signature_signed"` + SignatureEmbargoAcked bool `json:"signature_embargo_acked"` SignatureDocumentMajorVersion string `json:"signature_document_major_version"` SignatureDocumentMinorVersion string `json:"signature_document_minor_version"` SignatureReferenceID string `json:"signature_reference_id"` @@ -95,6 +96,7 @@ func (s *service) SignatureAssignContributorEvent(event events.DynamoDBEventReco f["projectID"] = newSignature.SignatureProjectID f["approved"] = newSignature.SignatureApproved f["signed"] = newSignature.SignatureSigned + f["embargo_acked"] = newSignature.SignatureEmbargoAcked if !oldSignature.SignatureSigned && newSignature.SignatureSigned { log.WithFields(f).Debug("signature is now signed - assigning contributor...") @@ -138,6 +140,7 @@ func (s *service) SignatureSignedEvent(event events.DynamoDBEventRecord) error { f["projectID"] = newSignature.SignatureProjectID f["approved"] = newSignature.SignatureApproved f["signed"] = newSignature.SignatureSigned + f["embargo_acked"] = newSignature.SignatureEmbargoAcked // check if signature signed event is received if !oldSignature.SignatureSigned && newSignature.SignatureSigned { diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index 57ed40787..2ecd15144 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -1371,6 +1371,7 @@ func (s *service) RequestIndividualSignature(ctx context.Context, input *models. SignatureProjectID: latestSignature.ProjectID, SignatureApproved: latestSignature.SignatureApproved, SignatureSigned: latestSignature.SignatureSigned, + SignatureEmbargoAcked: latestSignature.SignatureEmbargoAcked, SignatureReferenceName: latestSignature.SignatureReferenceName, SignatureReferenceNameLower: latestSignature.SignatureReferenceNameLower, SignedOn: latestSignature.SignedOn, @@ -1443,6 +1444,7 @@ func (s *service) RequestIndividualSignature(ctx context.Context, input *models. DateModified: currentTime, SignatureSigned: false, SignatureApproved: true, + SignatureEmbargoAcked: true, SignatureDocumentMajorVersion: majorVersion, SignatureDocumentMinorVersion: minorVersion, SignatureReferenceID: *input.UserID, @@ -2359,6 +2361,7 @@ func (s *service) RequestIndividualSignatureGerrit(ctx context.Context, input *m SignatureProjectID: latestSignature.ProjectID, SignatureApproved: latestSignature.SignatureApproved, SignatureSigned: latestSignature.SignatureSigned, + SignatureEmbargoAcked: latestSignature.SignatureEmbargoAcked, SignatureReferenceName: latestSignature.SignatureReferenceName, SignatureReferenceNameLower: latestSignature.SignatureReferenceNameLower, SignedOn: latestSignature.SignedOn, @@ -2397,6 +2400,7 @@ func (s *service) RequestIndividualSignatureGerrit(ctx context.Context, input *m SignatureReferenceType: utils.SignatureReferenceTypeUser, SignatureSigned: false, SignatureApproved: true, + SignatureEmbargoAcked: true, SignatureType: utils.SignatureTypeCLA, SignatureReferenceID: *input.UserID, SignatureReturnURLType: input.ReturnURLType, @@ -2571,6 +2575,7 @@ func (s *service) requestCorporateSignature(ctx context.Context, apiURL string, SignatoryName: signatoryName, SignatureSigned: companySignature.SignatureSigned, SignatureApproved: companySignature.SignatureApproved, + SignatureEmbargoAcked: companySignature.SignatureEmbargoAcked, DateCreated: companySignature.Created, SignatureDocumentMajorVersion: majorVersion, SignatureDocumentMinorVersion: minorVersion, @@ -2611,6 +2616,7 @@ func (s *service) requestCorporateSignature(ctx context.Context, apiURL string, SignatoryName: signatoryName, SignatureSigned: false, SignatureApproved: true, + SignatureEmbargoAcked: true, SignatureCallbackURL: callbackURL, SignatureReturnURL: input.ReturnURL, SigtypeSignedApprovedID: fmt.Sprintf("%s#%v#%v#%s", utils.SignatureTypeCCLA, signed, approved, signatureID), diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh index 1487eba1a..58d00533f 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_post.sh @@ -6,6 +6,7 @@ # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token # DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# TODO: this is WIP atm if [ -z "$TOKEN" ] then From f2c3294a40aa784c056e8d92b0bd481bd4792c7f Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Wed, 27 Nov 2024 20:35:50 +0300 Subject: [PATCH 33/59] [#3498] Project Name - Used CLA Group Name in the add/remove CLA Manager notification email Signed-off-by: Nick Mango --- .../emails/cla_manager_templates.go | 20 +++++++++---------- .../emails/cla_manager_templates_test.go | 14 ++++++------- 2 files changed, 16 insertions(+), 18 deletions(-) diff --git a/cla-backend-go/emails/cla_manager_templates.go b/cla-backend-go/emails/cla_manager_templates.go index 4c7b85e45..085047ccd 100644 --- a/cla-backend-go/emails/cla_manager_templates.go +++ b/cla-backend-go/emails/cla_manager_templates.go @@ -218,12 +218,12 @@ const ( //ClaManagerAddedEToUserTemplate email template for cla manager v2 ClaManagerAddedEToUserTemplate = `

Hello {{.RecipientName}},

-

This is a notification email from EasyCLA regarding the project {{.Project.ExternalProjectName}} and CLA Group {{.CLAGroupName}}.

-

You have been added as a CLA Manager for the organization {{.CompanyName}} and the project {{.Project.ExternalProjectName}}. This means that you can now maintain the -list of employees allowed to contribute to the project {{.Project.ExternalProjectName}} on behalf of your company, as well as view and manage the list of your +

This is a notification email from EasyCLA regarding the CLA Group {{.CLAGroupName}}.

+

You have been added as a CLA Manager for the organization {{.CompanyName}} and the CLAGroup {{.CLAGroupName}}. This means that you can now maintain the +list of employees allowed to contribute to the CLA Group {{.CLAGroupName}} on behalf of your company, as well as view and manage the list of your company’s CLA Managers for the CLA Group {{.CLAGroupName}}.

To get started, please log into the EasyCLA Corporate Console, and select your -company and then the project {{.Project.ExternalProjectName}}. From here you will be able to edit the list of approved employees and CLA Managers.

+company and then the project {{.CLAGroupName}}. From here you will be able to edit the list of approved employees and CLA Managers.

` ) @@ -252,10 +252,10 @@ const ( // ClaManagerAddedToCLAManagersTemplate is email template for ClaManagerAddedToCLAManagersTemplate = `

Hello {{.RecipientName}},

-

This is a notification email from EasyCLA regarding the project {{.Project.ExternalProjectName}} associated with the CLA Group {{.CLAGroupName}}.

-

The following user has been added as a CLA Manager from {{.CompanyName}} for the project {{.Project.ExternalProjectName}}. This means that they can now -maintain the list of employees allowed to contribute to {{.Project.ExternalProjectName}} on behalf of your company, as well as view and manage the -list of company’s CLA Managers for {{.Project.ExternalProjectName}}.

+

This is a notification email from EasyCLA regarding the CLA Group {{.CLAGroupName}}.

+

The following user has been added as a CLA Manager from {{.CompanyName}} for the CLA Group {{.CLAGroupName}}. This means that they can now +maintain the list of employees allowed to contribute to {{.CLAGroupName}} on behalf of your company, as well as view and manage the +list of company’s CLA Managers for CLA Group {{.CLAGroupName}}.

  • {{.Name}} ({{.Email}})
@@ -287,8 +287,8 @@ const ( // ClaManagerDeletedToCLAManagersTemplate is template for ClaManagerDeletedToCLAManagersTemplate = `

Hello {{.RecipientName}},

-

This is a notification email from EasyCLA regarding the project {{.Project.ExternalProjectName}}.

-

{{.Name}} ({{.Email}}) has been removed as a CLA Manager from {{.CompanyName}} for the project {{.Project.ExternalProjectName}}.

+

This is a notification email from EasyCLA regarding the CLA Group {{.CLAGroupName}}.

+

{{.Name}} ({{.Email}}) has been removed as a CLA Manager from {{.CompanyName}} for CLA Group {{.CLAGroupName}}.

` ) diff --git a/cla-backend-go/emails/cla_manager_templates_test.go b/cla-backend-go/emails/cla_manager_templates_test.go index f401af7dc..77927b784 100644 --- a/cla-backend-go/emails/cla_manager_templates_test.go +++ b/cla-backend-go/emails/cla_manager_templates_test.go @@ -198,9 +198,9 @@ func TestClaManagerAddedEToUserTemplate(t *testing.T) { params) assert.NoError(t, err) assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "regarding the project JohnsProjectExternal") - assert.Contains(t, result, "CLA Manager for the organization JohnsCompany and the project JohnsProjectExternal") - assert.Contains(t, result, "allowed to contribute to the project JohnsProjectExternal") + assert.Contains(t, result, "the CLA Group JohnsProject.") + assert.Contains(t, result, "organization JohnsCompany and the CLAGroup JohnsProject") + assert.Contains(t, result, "allowed to contribute to the CLA Group JohnsProject") assert.Contains(t, result, "CLA Managers for the CLA Group JohnsProject") assert.Contains(t, result, "") assert.Contains(t, result, "and then the project JohnsProject") @@ -224,10 +224,9 @@ func TestClaManagerAddedToCLAManagersTemplate(t *testing.T) { params) assert.NoError(t, err) assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "regarding the project JohnsProjectExternal associated with the CLA Group JohnsProject") - assert.Contains(t, result, "CLA Manager from JohnsCompany for the project JohnsProjectExternal") - assert.Contains(t, result, "contribute to JohnsProjectExternal") - assert.Contains(t, result, "CLA Managers for JohnsProjectExternal") + assert.Contains(t, result, "regarding the CLA Group JohnsProject") + assert.Contains(t, result, "contribute to JohnsProject") + assert.Contains(t, result, "CLA Managers for CLA Group JohnsProject") assert.Contains(t, result, "
  • John (john@example.com)
    • ") } @@ -250,7 +249,6 @@ func TestClaManagerDeletedToCLAManagersTemplate(t *testing.T) { params) assert.NoError(t, err) assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "regarding the project JohnsProject") assert.Contains(t, result, "John (john@example.com) has been removed") } From b18d8958b7bd1eb0b075e8a53ae7bed05fb22b92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 28 Nov 2024 06:54:48 +0000 Subject: [PATCH 34/59] Uopdate docs and util scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- dev.md | 3 ++ setenv.sh | 1 + unsetenv.sh | 1 + utils/describe_table.sh | 2 + utils/health_python_v2.sh | 7 +++ utils/lookup_company.sh | 2 + utils/lookup_project.sh | 2 + utils/lookup_user.sh | 2 + utils/ngrok.sh | 2 + utils/request_corporate_signature_post.sh | 59 ++++++++++++++++++++++ utils/request_employee_signature_post.sh | 54 ++++++++++++++++++++ utils/request_individual_signature_post.sh | 46 +++++++++++++++++ utils/scan_projects.sh | 2 + utils/scan_signatures.sh | 2 + utils/signature_post.sh | 26 ++++++++++ 15 files changed, 211 insertions(+) create mode 100755 utils/describe_table.sh create mode 100755 utils/health_python_v2.sh create mode 100755 utils/lookup_company.sh create mode 100755 utils/lookup_project.sh create mode 100755 utils/lookup_user.sh create mode 100755 utils/ngrok.sh create mode 100755 utils/request_corporate_signature_post.sh create mode 100755 utils/request_employee_signature_post.sh create mode 100755 utils/request_individual_signature_post.sh create mode 100755 utils/scan_projects.sh create mode 100755 utils/scan_signatures.sh create mode 100755 utils/signature_post.sh diff --git a/dev.md b/dev.md index 819cb6b2e..4fcfec0f5 100644 --- a/dev.md +++ b/dev.md @@ -202,6 +202,9 @@ open http://localhost:5000/v2/health open http://localhost:5000/v2/user/ ``` +To expose service running on the localhost to the outside world use: `` ./utils/ngrok.sh ``. +And then tets via: `` API_URL='https://[redacted].ngrok-free.app' ./scripts/health.sh `` from another host (anywhere in the world). + ## Building and Running the Go Backend Current Endpoints: diff --git a/setenv.sh b/setenv.sh index 3b9f507ed..dbe0d5532 100644 --- a/setenv.sh +++ b/setenv.sh @@ -8,6 +8,7 @@ export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" +export GITHUB_OAUTH_TOKEN="$(cat /etc/github/oauth)" export AWS_SDK_LOAD_CONFIG=true export AWS_PROFILE='lfproduct-dev' diff --git a/unsetenv.sh b/unsetenv.sh index 7d627b33b..6a6eb3b73 100644 --- a/unsetenv.sh +++ b/unsetenv.sh @@ -19,3 +19,4 @@ unset REGION unset AWS_ROLE_ARN unset AWS_TOKEN_SERIAL unset AWS_SDK_LOAD_CONFIG +unset GITHUB_OAUTH_TOKEN diff --git a/utils/describe_table.sh b/utils/describe_table.sh new file mode 100755 index 000000000..61251770c --- /dev/null +++ b/utils/describe_table.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb describe-table --table-name cla-dev-signatures diff --git a/utils/health_python_v2.sh b/utils/health_python_v2.sh new file mode 100755 index 000000000..22788414d --- /dev/null +++ b/utils/health_python_v2.sh @@ -0,0 +1,7 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi +curl -s "${API_URL}/v2/health" | jq -r '.' diff --git a/utils/lookup_company.sh b/utils/lookup_company.sh new file mode 100755 index 000000000..ff7ce8c8f --- /dev/null +++ b/utils/lookup_company.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-companies --index-name company-name-index --key-condition-expression "company_name = :name" --expression-attribute-values '{":name":{"S":"Google LLC"}}' diff --git a/utils/lookup_project.sh b/utils/lookup_project.sh new file mode 100755 index 000000000..68e84f2ae --- /dev/null +++ b/utils/lookup_project.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-projects --index-name project-name-lower-search-index --key-condition-expression "project_name_lower = :name" --expression-attribute-values '{":name":{"S":"child group earths"}}' diff --git a/utils/lookup_user.sh b/utils/lookup_user.sh new file mode 100755 index 000000000..230809fb6 --- /dev/null +++ b/utils/lookup_user.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb query --table-name cla-dev-users --index-name github-username-index --key-condition-expression "user_github_username = :name" --expression-attribute-values '{":name":{"S":"lukaszgryglicki"}}' diff --git a/utils/ngrok.sh b/utils/ngrok.sh new file mode 100755 index 000000000..829abad2f --- /dev/null +++ b/utils/ngrok.sh @@ -0,0 +1,2 @@ +#!/bin/bash +ngrok http http://localhost:5000 diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh new file mode 100755 index 000000000..58d00533f --- /dev/null +++ b/utils/request_corporate_signature_post.sh @@ -0,0 +1,59 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# TOKEN='...' - Auth0 JWT bearer token +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# TODO: this is WIP atm + +if [ -z "$TOKEN" ] +then + source ./auth0_token.secret +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + +if [ -z "$1" ] +then + echo "$0: you need to specify company_id as a 1st parameter" + exit 1 +fi +export company_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 2 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 3 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 4 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_employee_signature_post.sh b/utils/request_employee_signature_post.sh new file mode 100755 index 000000000..d872e7c51 --- /dev/null +++ b/utils/request_employee_signature_post.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify company_id as a 2nd parameter" + exit 2 +fi +export company_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify project_id as a 3rd parameter" + exit 3 +fi +export project_id="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url_type as a 4th parameter: github|gitlab|gerrit" + exit 4 +fi +export return_url_type="$4" + +if [ -z "$5" ] +then + echo "$0: you need to specify return_url as a 5th parameter" + exit 5 +fi +export return_url="$5" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_post.sh b/utils/request_individual_signature_post.sh new file mode 100755 index 000000000..28aa6b5c5 --- /dev/null +++ b/utils/request_individual_signature_post.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 2 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 3 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 4 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/scan_projects.sh b/utils/scan_projects.sh new file mode 100755 index 000000000..109422e8e --- /dev/null +++ b/utils/scan_projects.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-projects --max-items 3 diff --git a/utils/scan_signatures.sh b/utils/scan_signatures.sh new file mode 100755 index 000000000..478bed2af --- /dev/null +++ b/utils/scan_signatures.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-signatures --max-items 1 diff --git a/utils/signature_post.sh b/utils/signature_post.sh new file mode 100755 index 000000000..d0c81c75e --- /dev/null +++ b/utils/signature_post.sh @@ -0,0 +1,26 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# TOKEN='...' - Auth0 JWT bearer token +# BODY='{...}' - signature body + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ -z "$TOKEN" ] +then + source ./auth0_token.secret +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v1/signature' -d '${BODY}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v1/signature" -d "${BODY}" | jq -r '.' From 3370bda6128b56659cc8b3b2c30b08a52907a805 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Fri, 29 Nov 2024 06:26:17 +0000 Subject: [PATCH 35/59] Update util scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- setenv.sh | 3 ++- utils/health_python_v2.sh | 2 +- utils/request_corporate_signature_post.sh | 4 ++-- utils/signature_post.sh | 2 +- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/setenv.sh b/setenv.sh index dbe0d5532..d8601eb6f 100644 --- a/setenv.sh +++ b/setenv.sh @@ -3,7 +3,8 @@ rm -rf /tmp/aws cp -R /root/.aws /tmp/.aws -data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +dev_arn="$(cat ./product-contractors-role.dev.secret)" +data="$(aws sts assume-role --role-arn ${dev_arn} --profile lfproduct --role-session-name lfproduct-dev-session)" export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" diff --git a/utils/health_python_v2.sh b/utils/health_python_v2.sh index 22788414d..03c73f08f 100755 --- a/utils/health_python_v2.sh +++ b/utils/health_python_v2.sh @@ -1,5 +1,5 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000) if [ -z "$API_URL" ] then export API_URL="http://localhost:5000" diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh index 58d00533f..e01904277 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_post.sh @@ -1,12 +1,12 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000) # company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token # DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' -# TODO: this is WIP atm +# TODO: this is WIP atm (due to AUTH0 token and X-ACL missing) if [ -z "$TOKEN" ] then diff --git a/utils/signature_post.sh b/utils/signature_post.sh index d0c81c75e..d803c9983 100755 --- a/utils/signature_post.sh +++ b/utils/signature_post.sh @@ -1,5 +1,5 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[token].ngrok-free.app (defaults to localhost:5000) # TOKEN='...' - Auth0 JWT bearer token # BODY='{...}' - signature body From 1d107c8480616f18c16e14f1d32f096351bc18b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Fri, 29 Nov 2024 06:27:30 +0000 Subject: [PATCH 36/59] Update util scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- setenv.sh | 3 ++- utils/health_python_v2.sh | 2 +- utils/request_corporate_signature_post.sh | 4 ++-- utils/signature_post.sh | 2 +- 4 files changed, 6 insertions(+), 5 deletions(-) diff --git a/setenv.sh b/setenv.sh index dbe0d5532..d8601eb6f 100644 --- a/setenv.sh +++ b/setenv.sh @@ -3,7 +3,8 @@ rm -rf /tmp/aws cp -R /root/.aws /tmp/.aws -data="$(aws sts assume-role --role-arn arn:aws:iam::395594542180:role/product-contractors-role --profile lfproduct --role-session-name lfproduct-dev-session)" +dev_arn="$(cat ./product-contractors-role.dev.secret)" +data="$(aws sts assume-role --role-arn ${dev_arn} --profile lfproduct --role-session-name lfproduct-dev-session)" export AWS_ACCESS_KEY_ID="$(echo "${data}" | jq -r '.Credentials.AccessKeyId')" export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAccessKey')" export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" diff --git a/utils/health_python_v2.sh b/utils/health_python_v2.sh index 22788414d..03c73f08f 100755 --- a/utils/health_python_v2.sh +++ b/utils/health_python_v2.sh @@ -1,5 +1,5 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000) if [ -z "$API_URL" ] then export API_URL="http://localhost:5000" diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_post.sh index 58d00533f..e01904277 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_post.sh @@ -1,12 +1,12 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000) # company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token # DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' -# TODO: this is WIP atm +# TODO: this is WIP atm (due to AUTH0 token and X-ACL missing) if [ -z "$TOKEN" ] then diff --git a/utils/signature_post.sh b/utils/signature_post.sh index d0c81c75e..d803c9983 100755 --- a/utils/signature_post.sh +++ b/utils/signature_post.sh @@ -1,5 +1,5 @@ #!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# API_URL=https://[token].ngrok-free.app (defaults to localhost:5000) # TOKEN='...' - Auth0 JWT bearer token # BODY='{...}' - signature body From f753f22cb24b148ff834a18bc1f6651ec951cb17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Fri, 29 Nov 2024 12:01:39 +0000 Subject: [PATCH 37/59] Run tests locally - added util script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/run_tests.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100755 utils/run_tests.sh diff --git a/utils/run_tests.sh b/utils/run_tests.sh new file mode 100755 index 000000000..cedf22f97 --- /dev/null +++ b/utils/run_tests.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# PY=1 +# GO=1 +if [ ! -z "$PY" ] +then + cd cla-backend && pytest "cla/tests" -p no:warnings + cd .. +else + echo "$0: skipping python backend tests, specify PY=1 to run them" +fi + +if [ ! -z "$GO" ] +then + cd cla-backend-go && make test + cd .. +else + echo "$0: skipping golang backend tests, specify GO=1 to run them" +fi + From 5fa2e021c98e05a848c7cb7202f616955673d4f6 Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Tue, 3 Dec 2024 18:42:31 +0300 Subject: [PATCH 38/59] [#3498] Bug/Email Template - Updated CLA Group update Signed-off-by: Nick Mango --- cla-backend-go/cla_manager/service.go | 115 +++++++++--------- .../emails/cla_manager_templates.go | 26 ++-- .../emails/cla_manager_templates_test.go | 13 +- cla-backend-go/emails/prefill.go | 2 + .../mocks/mock_repository.go | 15 +++ .../projects_cla_groups/repository.go | 21 ++++ cla-backend-go/v2/cla_manager/service.go | 2 +- 7 files changed, 108 insertions(+), 86 deletions(-) diff --git a/cla-backend-go/cla_manager/service.go b/cla-backend-go/cla_manager/service.go index 00961bae2..0eaa6a1dc 100644 --- a/cla-backend-go/cla_manager/service.go +++ b/cla-backend-go/cla_manager/service.go @@ -39,7 +39,7 @@ type IService interface { PendingRequest(companyID, claGroupID, requestID string) (*models.ClaManagerRequest, error) DeleteRequest(requestID string) error - AddClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFName string) (*models.Signature, error) + AddClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFID string) (*models.Signature, error) RemoveClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFName string) (*models.Signature, error) } @@ -193,7 +193,7 @@ func (s service) DeleteRequest(requestID string) error { } // AddClaManager Adds LFID to Signature Access Control list -func (s service) AddClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFName string) (*models.Signature, error) { +func (s service) AddClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFID string) (*models.Signature, error) { f := logrus.Fields{ "functionName": "v1.cla_manager.AddClaManager", @@ -201,9 +201,9 @@ func (s service) AddClaManager(ctx context.Context, authUser *auth.User, company "companyID": companyID, "claGroupID": claGroupID, "LFID": LFID, - "projectName": projectSFName, + "projectSFID": projectSFID, } - + var projectSFName string userModel, userErr := s.usersService.GetUserByLFUserName(LFID) if userErr != nil || userModel == nil { return nil, userErr @@ -218,11 +218,6 @@ func (s service) AddClaManager(ctx context.Context, authUser *auth.User, company return nil, projectErr } - // if projectSFName is empty, we can set clagroup project name. - if projectSFName == "" { - projectSFName = claGroupModel.ProjectName - } - // Look up signature ACL to ensure the user can add cla manager signed := true @@ -258,8 +253,9 @@ func (s service) AddClaManager(ctx context.Context, authUser *auth.User, company RecipientAddress: manager.LfEmail.String(), CompanyName: companyModel.CompanyName, }, - Name: userModel.Username, - Email: userModel.LfEmail.String(), + Name: userModel.Username, + Email: userModel.LfEmail.String(), + ProjectSFID: projectSFID, }, claGroupModel) } // Notify the added user @@ -267,7 +263,7 @@ func (s service) AddClaManager(ctx context.Context, authUser *auth.User, company RecipientName: userModel.Username, RecipientAddress: userModel.LfEmail.String(), CompanyName: companyModel.CompanyName, - }, claGroupModel) + }, claGroupModel, projectSFID) // Send an event s.eventsService.LogEventWithContext(ctx, &events.LogEventArgs{ @@ -317,7 +313,7 @@ func (s service) getCompanySignature(ctx context.Context, companyID string, claG } // RemoveClaManager removes lfid from signature acl with given company and project -func (s service) RemoveClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFName string) (*models.Signature, error) { +func (s service) RemoveClaManager(ctx context.Context, authUser *auth.User, companyID string, claGroupID string, LFID string, projectSFID string) (*models.Signature, error) { f := logrus.Fields{ "functionName": "v1.cla_manager.RemoveClaManager", @@ -327,6 +323,7 @@ func (s service) RemoveClaManager(ctx context.Context, authUser *auth.User, comp "companyID": companyID, } + var projectSFName string userModel, userErr := s.usersService.GetUserByLFUserName(LFID) if userErr != nil || userModel == nil { return nil, userErr @@ -341,11 +338,6 @@ func (s service) RemoveClaManager(ctx context.Context, authUser *auth.User, comp return nil, projectErr } - // if projectSFName is empty, we can set clagroup project name. - if projectSFName == "" { - projectSFName = claGroupModel.ProjectName - } - signed := true approved := true sigModel, sigErr := s.sigService.GetProjectCompanySignature(ctx, companyID, claGroupID, &signed, &approved, nil, aws.Int64(5)) @@ -420,50 +412,56 @@ func (s service) RemoveClaManager(ctx context.Context, authUser *auth.User, comp type ProjectDetails struct { ProjectName string - ProjectSFID string + ProjectSFID []string } -func (s service) getProjectDetails(ctx context.Context, claGroupModel *models.ClaGroup) ProjectDetails { - f := logrus.Fields{ - "functionName": "v1.cla_manager.getProjectDetails", - utils.XREQUESTID: ctx.Value(utils.XREQUESTID), - "claGroupID": claGroupModel.ProjectID, - } +// func (s service) getProjectDetails(ctx context.Context, claGroupModel *models.ClaGroup) ProjectDetails { +// f := logrus.Fields{ +// "functionName": "v1.cla_manager.getProjectDetails", +// utils.XREQUESTID: ctx.Value(utils.XREQUESTID), +// "claGroupID": claGroupModel.ProjectID, +// } +// projectSFIDs := make([]string, 0) - projectDetails := ProjectDetails{ - ProjectName: claGroupModel.ProjectName, - ProjectSFID: claGroupModel.ProjectExternalID, - } - signedAtFoundation := false +// projectDetails := ProjectDetails{ +// ProjectName: claGroupModel.ProjectName, +// } +// signedAtFoundation := false +// var err error - pcg, err := s.projectClaRepository.GetCLAGroup(ctx, claGroupModel.ProjectID) - if err != nil { - log.WithFields(f).Warnf("unable to fetch project cla group by project id: %s, error: %+v", claGroupModel.ProjectID, err) - } +// pcg, pcgErr := s.projectClaRepository.GetCLAGroup(ctx, claGroupModel.ProjectID) +// if pcgErr != nil { +// log.WithFields(f).WithError(err).Debug("unable too get pcg record") +// } - // check if cla group is signed at foundation level - if pcg != nil && pcg.FoundationSFID != "" { - signedAtFoundation, err = s.projectClaRepository.IsExistingFoundationLevelCLAGroup(ctx, pcg.FoundationSFID) - if err != nil { - log.WithFields(f).Warnf("unable to fetch foundation level cla group by foundation id: %s, error: %+v", pcg.FoundationSFID, err) - } +// signedAtFoundation, err = s.projectClaRepository.SignedAtFoundation(ctx, claGroupModel.ProjectID) +// if err != nil { +// log.WithFields(f).WithError(err).Debug("unable to get status of cla signed at foundation") +// } - if signedAtFoundation { - log.WithFields(f).Debugf("cla group is signed at foundation level...") - projectDetails.ProjectName = pcg.FoundationName - projectDetails.ProjectSFID = pcg.FoundationSFID - } - } +// if signedAtFoundation && pcg != nil && err != nil { +// log.WithFields(f).Debug("cla group is signed at foundation level...") +// projectDetails.ProjectName = pcg.FoundationName +// projectSFIDs = append(projectSFIDs, pcg.FoundationSFID) - return projectDetails -} +// } else { +// log.WithFields(f).Debug("cla group is signed at project level ...") + +// } -func (s service) sendClaManagerAddedEmailToUser(emailSvc emails.EmailTemplateService, emailParams emails.CommonEmailParams, claGroupModel *models.ClaGroup) { - projectDetails := s.getProjectDetails(context.Background(), claGroupModel) - projectName := projectDetails.ProjectName - projectSFID := projectDetails.ProjectSFID +// projectDetails.ProjectSFID = projectSFIDs + +// return projectDetails +// } + +func (s service) sendClaManagerAddedEmailToUser(emailSvc emails.EmailTemplateService, emailParams emails.CommonEmailParams, claGroupModel *models.ClaGroup, projectSFID string) { + f := logrus.Fields{ + "functionName": "sendClaManagerAddedEmailToUser", + "projectSFID": projectSFID, + } + log.WithFields(f).Info("Sending email to user") // subject string, body string, recipients []string - subject := fmt.Sprintf("EasyCLA: Added as CLA Manager for Project :%s", projectName) + subject := fmt.Sprintf("EasyCLA: Added as CLA Manager for Project :%s", claGroupModel.ProjectName) recipients := []string{emailParams.RecipientAddress} body, err := emails.RenderClaManagerAddedEToUserTemplate(emailSvc, claGroupModel.Version, projectSFID, emails.ClaManagerAddedEToUserTemplateParams{ CommonEmailParams: emailParams, @@ -553,10 +551,12 @@ func sendRemovedClaManagerEmailToRecipient(emailSvc emails.EmailTemplateService, body, err := emails.RenderRemovedCLAManagerTemplate( emailSvc, claGroupModel.Version, - claGroupModel.ProjectExternalID, emails.RemovedCLAManagerTemplateParams{ CommonEmailParams: emailParams, CLAManagers: emailCLAManagerParams, + CLAGroupTemplateParams: emails.CLAGroupTemplateParams{ + CLAGroupName: projectName, + }, }) if err != nil { @@ -573,14 +573,11 @@ func sendRemovedClaManagerEmailToRecipient(emailSvc emails.EmailTemplateService, } func (s service) sendClaManagerDeleteEmailToCLAManagers(emailSvc emails.EmailTemplateService, emailParams emails.ClaManagerDeletedToCLAManagersTemplateParams, claGroupModel *models.ClaGroup) { - projectDetails := s.getProjectDetails(context.Background(), claGroupModel) - projectName := projectDetails.ProjectName - projectSFID := projectDetails.ProjectSFID // subject string, body string, recipients []string - subject := fmt.Sprintf("EasyCLA: CLA Manager Removed Notice for %s", projectName) + subject := fmt.Sprintf("EasyCLA: CLA Manager Removed Notice for %s", claGroupModel.ProjectName) recipients := []string{emailParams.RecipientAddress} - body, err := emails.RenderClaManagerDeletedToCLAManagersTemplate(emailSvc, claGroupModel.Version, projectSFID, emailParams) + body, err := emails.RenderClaManagerDeletedToCLAManagersTemplate(emailSvc, claGroupModel.Version, claGroupModel.ProjectName) if err != nil { log.Warnf("email template render : %s failed : %v", emails.ClaManagerDeletedToCLAManagersTemplateName, err) diff --git a/cla-backend-go/emails/cla_manager_templates.go b/cla-backend-go/emails/cla_manager_templates.go index 085047ccd..ca66dbe06 100644 --- a/cla-backend-go/emails/cla_manager_templates.go +++ b/cla-backend-go/emails/cla_manager_templates.go @@ -16,8 +16,8 @@ const ( // RemovedCLAManagerTemplate includes the email template for email when user is removed as CLA Manager RemovedCLAManagerTemplate = `

    Hello {{.RecipientName}},

    -

    This is a notification email from EasyCLA regarding the project {{.GetProjectNameOrFoundation}} and CLA Group {{.CLAGroupName}}.

    -

    You have been removed as a CLA Manager from {{.CompanyName}} for the project {{.Project.ExternalProjectName}}.

    +

    This is a notification email from EasyCLA regarding the CLA Group {{.CLAGroupName}}.

    +

    You have been removed as a CLA Manager from {{.CompanyName}} for the CLA Group {{.CLAGroupName}}.

    If you have further questions about this, please contact one of the existing managers from {{.CompanyName}}:

      @@ -29,13 +29,7 @@ const ( ) // RenderRemovedCLAManagerTemplate renders the RemovedCLAManagerTemplate -func RenderRemovedCLAManagerTemplate(svc EmailTemplateService, claGroupModelVersion, projectSFID string, params RemovedCLAManagerTemplateParams) (string, error) { - claGroupParams, err := svc.GetCLAGroupTemplateParamsFromProjectSFID(claGroupModelVersion, projectSFID) - if err != nil { - return "", err - } - params.CLAGroupTemplateParams = claGroupParams - +func RenderRemovedCLAManagerTemplate(svc EmailTemplateService, claGroupModelVersion string, params RemovedCLAManagerTemplateParams) (string, error) { return RenderTemplate(claGroupModelVersion, RemovedCLAManagerTemplateName, RemovedCLAManagerTemplate, params) } @@ -242,8 +236,9 @@ func RenderClaManagerAddedEToUserTemplate(svc EmailTemplateService, claGroupMode type ClaManagerAddedToCLAManagersTemplateParams struct { CommonEmailParams CLAGroupTemplateParams - Name string - Email string + Name string + Email string + ProjectSFID string } const ( @@ -293,12 +288,11 @@ const ( ) // RenderClaManagerDeletedToCLAManagersTemplate renders the RemovedCLAManagerTemplate -func RenderClaManagerDeletedToCLAManagersTemplate(svc EmailTemplateService, claGroupModelVersion, projectSFID string, params ClaManagerDeletedToCLAManagersTemplateParams) (string, error) { - claGroupParams, err := svc.GetCLAGroupTemplateParamsFromProjectSFID(claGroupModelVersion, projectSFID) - if err != nil { - return "", err +func RenderClaManagerDeletedToCLAManagersTemplate(svc EmailTemplateService, claGroupModelVersion, claGroupName string) (string, error) { + + params := CLAGroupTemplateParams{ + CLAGroupName: claGroupName, } - params.CLAGroupTemplateParams = claGroupParams return RenderTemplate(claGroupModelVersion, ClaManagerDeletedToCLAManagersTemplateName, ClaManagerDeletedToCLAManagersTemplate, params) } diff --git a/cla-backend-go/emails/cla_manager_templates_test.go b/cla-backend-go/emails/cla_manager_templates_test.go index 77927b784..2d2aa7cf4 100644 --- a/cla-backend-go/emails/cla_manager_templates_test.go +++ b/cla-backend-go/emails/cla_manager_templates_test.go @@ -30,8 +30,8 @@ func TestRemovedCLAManagerTemplate(t *testing.T) { params) assert.NoError(t, err) assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "regarding the project JohnsProject") - assert.Contains(t, result, "CLA Manager from JohnsCompany for the project JohnsProject") + assert.Contains(t, result, "regarding the CLA Group JohnsProject") + assert.Contains(t, result, "CLA Manager from JohnsCompany for the CLA Group JohnsProject") assert.Contains(t, result, "
    • LFUserName LFEmail
      • ") // even if the foundation is set we should show the project name @@ -41,15 +41,8 @@ func TestRemovedCLAManagerTemplate(t *testing.T) { params) assert.NoError(t, err) assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "for the project JohnsProject") + assert.Contains(t, result, "for the CLA Group JohnsProject") - // then we increase the child project count so we should get the FoundationName instead of project name - params.ChildProjectCount = 2 - result, err = RenderTemplate(utils.V1, RemovedCLAManagerTemplateName, RemovedCLAManagerTemplate, - params) - assert.NoError(t, err) - assert.Contains(t, result, "Hello JohnsClaManager") - assert.Contains(t, result, "regarding the project CNCF") } func TestRequestAccessToCLAManagersTemplate(t *testing.T) { diff --git a/cla-backend-go/emails/prefill.go b/cla-backend-go/emails/prefill.go index 501df2e0d..d304d5730 100644 --- a/cla-backend-go/emails/prefill.go +++ b/cla-backend-go/emails/prefill.go @@ -89,6 +89,8 @@ func (s *emailTemplateServiceProvider) PrefillV2CLAProjectParams(projectSFIDs [] claProjectParams = append(claProjectParams, params) } + log.Debugf("claProjectParams: %+v", claProjectParams) + return claProjectParams, nil } diff --git a/cla-backend-go/projects_cla_groups/mocks/mock_repository.go b/cla-backend-go/projects_cla_groups/mocks/mock_repository.go index 9035fdf63..f3950ce47 100644 --- a/cla-backend-go/projects_cla_groups/mocks/mock_repository.go +++ b/cla-backend-go/projects_cla_groups/mocks/mock_repository.go @@ -186,6 +186,21 @@ func (mr *MockRepositoryMockRecorder) RemoveProjectAssociatedWithClaGroup(ctx, c return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RemoveProjectAssociatedWithClaGroup", reflect.TypeOf((*MockRepository)(nil).RemoveProjectAssociatedWithClaGroup), ctx, claGroupID, projectSFIDList, all) } +// SignedAtFoundation mocks base method. +func (m *MockRepository) SignedAtFoundation(ctx context.Context, claGroupID string) (bool, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "SignedAtFoundation", ctx, claGroupID) + ret0, _ := ret[0].(bool) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// SignedAtFoundation indicates an expected call of SignedAtFoundation. +func (mr *MockRepositoryMockRecorder) SignedAtFoundation(ctx, claGroupID interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignedAtFoundation", reflect.TypeOf((*MockRepository)(nil).SignedAtFoundation), ctx, claGroupID) +} + // UpdateClaGroupName mocks base method. func (m *MockRepository) UpdateClaGroupName(ctx context.Context, projectSFID, claGroupName string) error { m.ctrl.T.Helper() diff --git a/cla-backend-go/projects_cla_groups/repository.go b/cla-backend-go/projects_cla_groups/repository.go index 55efa5b9d..98e686a29 100644 --- a/cla-backend-go/projects_cla_groups/repository.go +++ b/cla-backend-go/projects_cla_groups/repository.go @@ -56,6 +56,7 @@ type Repository interface { IsAssociated(ctx context.Context, projectSFID string, claGroupID string) (bool, error) UpdateRepositoriesCount(ctx context.Context, projectSFID string, diff int64, reset bool) error UpdateClaGroupName(ctx context.Context, projectSFID string, claGroupName string) error + SignedAtFoundation(ctx context.Context, claGroupID string) (bool, error) } type repo struct { @@ -124,6 +125,26 @@ func (repo *repo) queryClaGroupsProjects(ctx context.Context, keyCondition expre return projectClaGroups, nil } +func (repo *repo) SignedAtFoundation(ctx context.Context, claGroupID string) (bool, error) { + f := logrus.Fields{ + "functionName": "SignedAtFoundation", + "claGroupID": claGroupID, + } + pcgs, err := repo.GetProjectsIdsForClaGroup(ctx, claGroupID) + if err != nil { + return false, err + } + + log.WithFields(f).Info("checking if claGroup is signed at foundation level..") + for _, pcg := range pcgs { + if pcg.FoundationSFID == pcg.ProjectSFID { + return true, nil + } + } + + return false, nil +} + // GetClaGroupIDForProject retrieves the CLA Group ID for the project func (repo *repo) GetClaGroupIDForProject(ctx context.Context, projectSFID string) (*ProjectClaGroup, error) { f := logrus.Fields{ diff --git a/cla-backend-go/v2/cla_manager/service.go b/cla-backend-go/v2/cla_manager/service.go index 6664c853f..1e1cbac34 100644 --- a/cla-backend-go/v2/cla_manager/service.go +++ b/cla-backend-go/v2/cla_manager/service.go @@ -239,7 +239,7 @@ func (s *service) CreateCLAManager(ctx context.Context, authUser *auth.User, cla } // Add CLA Manager to Database - signature, addErr := s.managerService.AddClaManager(ctx, authUser, v1CompanyModel.CompanyID, claGroupID, user.Username, projectSF.Name) + signature, addErr := s.managerService.AddClaManager(ctx, authUser, v1CompanyModel.CompanyID, claGroupID, user.Username, params.ProjectSFID) if addErr != nil { msg := buildErrorMessageCreate(params, addErr) log.WithFields(f).Warn(msg) From 2e02f2148df906a2ba7d94c689eecfa7efc4337b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 05:18:55 +0000 Subject: [PATCH 39/59] Update scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/example_pytest.sh | 2 ++ utils/signatures_to_json.sh | 2 ++ 2 files changed, 4 insertions(+) create mode 100755 utils/example_pytest.sh create mode 100755 utils/signatures_to_json.sh diff --git a/utils/example_pytest.sh b/utils/example_pytest.sh new file mode 100755 index 000000000..f50d37b0c --- /dev/null +++ b/utils/example_pytest.sh @@ -0,0 +1,2 @@ +#!/bin/bash +pytest -vvv -s cla/tests/unit/test_docusign_models.py -p no:warnings -k test_request_individual_signature diff --git a/utils/signatures_to_json.sh b/utils/signatures_to_json.sh new file mode 100755 index 000000000..32615a660 --- /dev/null +++ b/utils/signatures_to_json.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-signatures --select ALL_ATTRIBUTES --page-size 500 --max-items 100000 --output json > cla-dev-signatures.json.secret From f2594aadd95b0a11a9ceea8a89d087b91aef9426 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 05:20:37 +0000 Subject: [PATCH 40/59] Update scripts MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/example_pytest.sh | 2 ++ utils/signatures_to_json.sh | 2 ++ 2 files changed, 4 insertions(+) create mode 100755 utils/example_pytest.sh create mode 100755 utils/signatures_to_json.sh diff --git a/utils/example_pytest.sh b/utils/example_pytest.sh new file mode 100755 index 000000000..f50d37b0c --- /dev/null +++ b/utils/example_pytest.sh @@ -0,0 +1,2 @@ +#!/bin/bash +pytest -vvv -s cla/tests/unit/test_docusign_models.py -p no:warnings -k test_request_individual_signature diff --git a/utils/signatures_to_json.sh b/utils/signatures_to_json.sh new file mode 100755 index 000000000..32615a660 --- /dev/null +++ b/utils/signatures_to_json.sh @@ -0,0 +1,2 @@ +#!/bin/bash +aws --profile lfproduct-dev dynamodb scan --table-name cla-dev-signatures --select ALL_ATTRIBUTES --page-size 500 --max-items 100000 --output json > cla-dev-signatures.json.secret From 1c6777531cc6ad96fd649ed38490d87088311647 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 05:54:19 +0000 Subject: [PATCH 41/59] Handle py/go APIs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- ...=> request_corporate_signature_go_post.sh} | 2 +- ... => request_employee_signature_go_post.sh} | 2 +- utils/request_employee_signature_py_post.sh | 54 +++++++++++++++++++ utils/request_individual_signature_go_post.sh | 46 ++++++++++++++++ ...> request_individual_signature_py_post.sh} | 2 +- 5 files changed, 103 insertions(+), 3 deletions(-) rename utils/{request_corporate_signature_post.sh => request_corporate_signature_go_post.sh} (93%) rename utils/{request_employee_signature_post.sh => request_employee_signature_go_post.sh} (89%) create mode 100755 utils/request_employee_signature_py_post.sh create mode 100755 utils/request_individual_signature_go_post.sh rename utils/{request_individual_signature_post.sh => request_individual_signature_py_post.sh} (90%) diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_go_post.sh similarity index 93% rename from utils/request_corporate_signature_post.sh rename to utils/request_corporate_signature_go_post.sh index e01904277..eccb101a4 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_go_post.sh @@ -5,7 +5,7 @@ # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token -# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' # TODO: this is WIP atm (due to AUTH0 token and X-ACL missing) if [ -z "$TOKEN" ] diff --git a/utils/request_employee_signature_post.sh b/utils/request_employee_signature_go_post.sh similarity index 89% rename from utils/request_employee_signature_post.sh rename to utils/request_employee_signature_go_post.sh index d872e7c51..b610d1a90 100755 --- a/utils/request_employee_signature_post.sh +++ b/utils/request_employee_signature_go_post.sh @@ -5,7 +5,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 ./utils/request_employee_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then diff --git a/utils/request_employee_signature_py_post.sh b/utils/request_employee_signature_py_post.sh new file mode 100755 index 000000000..b610d1a90 --- /dev/null +++ b/utils/request_employee_signature_py_post.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_employee_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify company_id as a 2nd parameter" + exit 2 +fi +export company_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify project_id as a 3rd parameter" + exit 3 +fi +export project_id="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url_type as a 4th parameter: github|gitlab|gerrit" + exit 4 +fi +export return_url_type="$4" + +if [ -z "$5" ] +then + echo "$0: you need to specify return_url as a 5th parameter" + exit 5 +fi +export return_url="$5" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_go_post.sh b/utils/request_individual_signature_go_post.sh new file mode 100755 index 000000000..fede90038 --- /dev/null +++ b/utils/request_individual_signature_go_post.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_individual_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 2 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 3 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 4 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_post.sh b/utils/request_individual_signature_py_post.sh similarity index 90% rename from utils/request_individual_signature_post.sh rename to utils/request_individual_signature_py_post.sh index 28aa6b5c5..ce3973415 100755 --- a/utils/request_individual_signature_post.sh +++ b/utils/request_individual_signature_py_post.sh @@ -4,7 +4,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 ./utils/request_individual_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then From ab386de2a3dc6e4f22e4c5a9dba66b7a245f2cb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 06:33:28 +0000 Subject: [PATCH 42/59] Updaste util script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/request_individual_signature_go_post.sh | 39 +++++++++++++++---- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/utils/request_individual_signature_go_post.sh b/utils/request_individual_signature_go_post.sh index fede90038..cf3ec5712 100755 --- a/utils/request_individual_signature_go_post.sh +++ b/utils/request_individual_signature_go_post.sh @@ -4,33 +4,58 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_individual_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# TOKEN='...' - Auth0 JWT bearer token +# XACL='...' - X-ACL header +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" XACL="$(cat ./x-acl.secret)" ./utils/request_individual_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$TOKEN" ] +then + # source ./auth0_token.secret + TOKEN="$(cat ./auth0.token.secret)" +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + +if [ -z "$XACL" ] +then + XACL="$(cat ./x-acl.secret)" +fi + +if [ -z "$XACL" ] +then + echo "$0: XACL not specified and unable to obtain one" + exit 2 +fi if [ -z "$1" ] then echo "$0: you need to specify user_id as a 1st parameter" - exit 1 + exit 3 fi export user_id="$1" if [ -z "$2" ] then echo "$0: you need to specify project_id as a 2nd parameter" - exit 2 + exit 4 fi export project_id="$2" if [ -z "$3" ] then echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" - exit 3 + exit 5 fi export return_url_type="$3" if [ -z "$4" ] then echo "$0: you need to specify return_url as a 4th parameter" - exit 4 + exit 6 fi export return_url="$4" @@ -41,6 +66,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' From f2184be21009e80588bc9207232432b36b85778f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 06:39:30 +0000 Subject: [PATCH 43/59] Sync MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- ...=> request_corporate_signature_go_post.sh} | 2 +- ... => request_employee_signature_go_post.sh} | 2 +- utils/request_employee_signature_py_post.sh | 54 ++++++++++++++ utils/request_individual_signature_go_post.sh | 71 +++++++++++++++++++ ...> request_individual_signature_py_post.sh} | 2 +- utils/run_tests.sh | 19 +++++ 6 files changed, 147 insertions(+), 3 deletions(-) rename utils/{request_corporate_signature_post.sh => request_corporate_signature_go_post.sh} (93%) rename utils/{request_employee_signature_post.sh => request_employee_signature_go_post.sh} (89%) create mode 100755 utils/request_employee_signature_py_post.sh create mode 100755 utils/request_individual_signature_go_post.sh rename utils/{request_individual_signature_post.sh => request_individual_signature_py_post.sh} (90%) create mode 100755 utils/run_tests.sh diff --git a/utils/request_corporate_signature_post.sh b/utils/request_corporate_signature_go_post.sh similarity index 93% rename from utils/request_corporate_signature_post.sh rename to utils/request_corporate_signature_go_post.sh index e01904277..eccb101a4 100755 --- a/utils/request_corporate_signature_post.sh +++ b/utils/request_corporate_signature_go_post.sh @@ -5,7 +5,7 @@ # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token -# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' # TODO: this is WIP atm (due to AUTH0 token and X-ACL missing) if [ -z "$TOKEN" ] diff --git a/utils/request_employee_signature_post.sh b/utils/request_employee_signature_go_post.sh similarity index 89% rename from utils/request_employee_signature_post.sh rename to utils/request_employee_signature_go_post.sh index d872e7c51..b610d1a90 100755 --- a/utils/request_employee_signature_post.sh +++ b/utils/request_employee_signature_go_post.sh @@ -5,7 +5,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_employee_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 ./utils/request_employee_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then diff --git a/utils/request_employee_signature_py_post.sh b/utils/request_employee_signature_py_post.sh new file mode 100755 index 000000000..b610d1a90 --- /dev/null +++ b/utils/request_employee_signature_py_post.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# DEBUG=1 ./utils/request_employee_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 1 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify company_id as a 2nd parameter" + exit 2 +fi +export company_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify project_id as a 3rd parameter" + exit 3 +fi +export project_id="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url_type as a 4th parameter: github|gitlab|gerrit" + exit 4 +fi +export return_url_type="$4" + +if [ -z "$5" ] +then + echo "$0: you need to specify return_url as a 5th parameter" + exit 5 +fi +export return_url="$5" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_go_post.sh b/utils/request_individual_signature_go_post.sh new file mode 100755 index 000000000..cf3ec5712 --- /dev/null +++ b/utils/request_individual_signature_go_post.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) +# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' +# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# return_url_type='github' +# return_url='http://localhost' +# TOKEN='...' - Auth0 JWT bearer token +# XACL='...' - X-ACL header +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" XACL="$(cat ./x-acl.secret)" ./utils/request_individual_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$TOKEN" ] +then + # source ./auth0_token.secret + TOKEN="$(cat ./auth0.token.secret)" +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + +if [ -z "$XACL" ] +then + XACL="$(cat ./x-acl.secret)" +fi + +if [ -z "$XACL" ] +then + echo "$0: XACL not specified and unable to obtain one" + exit 2 +fi + +if [ -z "$1" ] +then + echo "$0: you need to specify user_id as a 1st parameter" + exit 3 +fi +export user_id="$1" + +if [ -z "$2" ] +then + echo "$0: you need to specify project_id as a 2nd parameter" + exit 4 +fi +export project_id="$2" + +if [ -z "$3" ] +then + echo "$0: you need to specify return_url_type as a 3rd parameter: github|gitlab|gerrit" + exit 5 +fi +export return_url_type="$3" + +if [ -z "$4" ] +then + echo "$0: you need to specify return_url as a 4th parameter" + exit 6 +fi +export return_url="$4" + +if [ -z "$API_URL" ] +then + export API_URL="http://localhost:5000" +fi + +if [ ! -z "$DEBUG" ] +then + echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" +fi +curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_post.sh b/utils/request_individual_signature_py_post.sh similarity index 90% rename from utils/request_individual_signature_post.sh rename to utils/request_individual_signature_py_post.sh index 28aa6b5c5..ce3973415 100755 --- a/utils/request_individual_signature_post.sh +++ b/utils/request_individual_signature_py_post.sh @@ -4,7 +4,7 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_individual_signature_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 ./utils/request_individual_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$1" ] then diff --git a/utils/run_tests.sh b/utils/run_tests.sh new file mode 100755 index 000000000..cedf22f97 --- /dev/null +++ b/utils/run_tests.sh @@ -0,0 +1,19 @@ +#!/bin/bash +# PY=1 +# GO=1 +if [ ! -z "$PY" ] +then + cd cla-backend && pytest "cla/tests" -p no:warnings + cd .. +else + echo "$0: skipping python backend tests, specify PY=1 to run them" +fi + +if [ ! -z "$GO" ] +then + cd cla-backend-go && make test + cd .. +else + echo "$0: skipping golang backend tests, specify GO=1 to run them" +fi + From 143221b7e5ab2de9f2958c23638a11565da6a2c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 07:00:10 +0000 Subject: [PATCH 44/59] Add docusign envs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- setenv.sh | 5 +++++ unsetenv.sh | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/setenv.sh b/setenv.sh index d8601eb6f..00bf366e8 100644 --- a/setenv.sh +++ b/setenv.sh @@ -10,6 +10,11 @@ export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAcces export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export GITHUB_OAUTH_TOKEN="$(cat /etc/github/oauth)" +export DOCUSIGN_INTEGRATOR_KEY="$(cat ./DOCUSIGN_INTEGRATOR_KEY.secret)" +export DOCUSIGN_USER_ID="$(cat ./DOCUSIGN_USER_ID.secret)" +export DOCUSIGN_AUTH_SERVER="$(cat ./DOCUSIGN_AUTH_SERVER.secret)" +export DOCUSIGN_ROOT_URL="$(cat ./DOCUSIGN_ROOT_URL.secret)" +export DOCUSIGN_ACCOUNT_ID="$(cat ./DOCUSIGN_ACCOUNT_ID.secret)" export AWS_SDK_LOAD_CONFIG=true export AWS_PROFILE='lfproduct-dev' diff --git a/unsetenv.sh b/unsetenv.sh index 6a6eb3b73..6786d186c 100644 --- a/unsetenv.sh +++ b/unsetenv.sh @@ -20,3 +20,8 @@ unset AWS_ROLE_ARN unset AWS_TOKEN_SERIAL unset AWS_SDK_LOAD_CONFIG unset GITHUB_OAUTH_TOKEN +unset DOCUSIGN_INTEGRATOR_KEY +unset DOCUSIGN_USER_ID +unset DOCUSIGN_AUTH_SERVER +unset DOCUSIGN_ROOT_URL +unset DOCUSIGN_ACCOUNT_ID From 2d3bf285cbef0208d7e13f7b2f3845987e240d86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 07:00:41 +0000 Subject: [PATCH 45/59] Add docusign envs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- setenv.sh | 5 +++++ unsetenv.sh | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/setenv.sh b/setenv.sh index d8601eb6f..00bf366e8 100644 --- a/setenv.sh +++ b/setenv.sh @@ -10,6 +10,11 @@ export AWS_SECRET_ACCESS_KEY="$(echo "${data}" | jq -r '.Credentials.SecretAcces export AWS_SESSION_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export AWS_SECURITY_TOKEN="$(echo "${data}" | jq -r '.Credentials.SessionToken')" export GITHUB_OAUTH_TOKEN="$(cat /etc/github/oauth)" +export DOCUSIGN_INTEGRATOR_KEY="$(cat ./DOCUSIGN_INTEGRATOR_KEY.secret)" +export DOCUSIGN_USER_ID="$(cat ./DOCUSIGN_USER_ID.secret)" +export DOCUSIGN_AUTH_SERVER="$(cat ./DOCUSIGN_AUTH_SERVER.secret)" +export DOCUSIGN_ROOT_URL="$(cat ./DOCUSIGN_ROOT_URL.secret)" +export DOCUSIGN_ACCOUNT_ID="$(cat ./DOCUSIGN_ACCOUNT_ID.secret)" export AWS_SDK_LOAD_CONFIG=true export AWS_PROFILE='lfproduct-dev' diff --git a/unsetenv.sh b/unsetenv.sh index 6a6eb3b73..6786d186c 100644 --- a/unsetenv.sh +++ b/unsetenv.sh @@ -20,3 +20,8 @@ unset AWS_ROLE_ARN unset AWS_TOKEN_SERIAL unset AWS_SDK_LOAD_CONFIG unset GITHUB_OAUTH_TOKEN +unset DOCUSIGN_INTEGRATOR_KEY +unset DOCUSIGN_USER_ID +unset DOCUSIGN_AUTH_SERVER +unset DOCUSIGN_ROOT_URL +unset DOCUSIGN_ACCOUNT_ID From 359e54b1d1fd5ddeb578dfc3d1f2addc8c73fcc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 07:17:09 +0000 Subject: [PATCH 46/59] Example tests in comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/run_tests.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils/run_tests.sh b/utils/run_tests.sh index cedf22f97..6d7d17992 100755 --- a/utils/run_tests.sh +++ b/utils/run_tests.sh @@ -4,6 +4,7 @@ if [ ! -z "$PY" ] then cd cla-backend && pytest "cla/tests" -p no:warnings + # pytest -vvv -s cla/tests/unit/test_docusign_models.py -p no:warnings -k test_request_individual_signature cd .. else echo "$0: skipping python backend tests, specify PY=1 to run them" @@ -12,6 +13,7 @@ fi if [ ! -z "$GO" ] then cd cla-backend-go && make test + # go test github.com/communitybridge/easycla/cla-backend-go/signatures cd .. else echo "$0: skipping golang backend tests, specify GO=1 to run them" From cde4b8717667c9e93f4e353cd704fa336cb22138 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 07:42:29 +0000 Subject: [PATCH 47/59] Add sign-flow.md MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- sign-flow.md | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 sign-flow.md diff --git a/sign-flow.md b/sign-flow.md new file mode 100644 index 000000000..c2533e844 --- /dev/null +++ b/sign-flow.md @@ -0,0 +1,62 @@ +EasyCLA Sign Flow: Sequence Overview + +1. *User Creates a Pull Request (PR)* + ◦ A contributor initiates a PR in the repository hosted on GitHub, Gerrit, or GitLab. +2. *Repository Triggers Activity Endpoint* +• The repository platform sends a request to EasyCLA’s Python endpoint: + ◦ v2/repository-provider/{provider}/activity +3. *EasyCLA Checks User Authorization* + ◦ EasyCLA internally verifies if the users involved in the PR are authorized to contribute to the repository. +4. *Update Repository with User Status* + ◦ EasyCLA communicates back to the repository provider, updating the status of each user as either *signed* or *not signed*. +5. *User Initiates Sign Process* + ◦ If a user is marked as *not signed*, they are prompted to begin the signing process and are redirected to the EasyCLA Contributor Console. +6. *Contributor Chooses Sign Type* +• Upon reaching the Contributor Console, the user selects one of two options: + ▪︎ *Individual Contributor* + ◦ *Corporate Contributor* +7. *Individual Contributor Flow* +• *a. Initiate Individual Signature Request* +• The system invokes the Go-based endpoint: + ▪︎ v4/request-individual-signature + ◦ This action creates a new signature record with `signed = false` and initiates the signing process. +• *a1. Redirect to DocuSign* + ◦ The API handles the integration with DocuSign, preparing a callback and redirect URL, and redirects the user to DocuSign for signing. +• *a2. Completion of Signing* +• Once the user completes the signing on DocuSign, a callback is triggered to: + ▪︎ v4/signed/individual/{installation_id}/{github_repository_id}/{change_request_id} + ◦ This endpoint updates the signature record’s `signed` flag to `true`, completing the process. +8. *Corporate Contributor Flow* +• *b. Initiate Corporate Signature Process* +9. *Redirect to Company Search* + ▪︎ The user is redirected to a company search interface within the Contributor Console. +10. *Search for Company* +• Upon selecting a company, the system calls the Go-based search endpoint: + • v3/organization/search?companyName=Info&include-signing-entity-name=false + ▪︎ This retrieves the relevant company information. +11. *Check and Prepare Employee Signature* +• The system invokes the Python endpoint: + • v2/check-prepare-employee-signature + • This checks whether the company follows a Corporate CLA (CCLA) or an Entity CLA (ECLA) flow. +• *i. If Company Has a CCLA:* + ◦ The system verifies if the user is authorized. + ◦ If *not authorized*, it prompts the user to contact the existing CLA manager for authorization. +• The Go-based endpoint sends a notification to CLA managers: + ◦ v4/notify-cla-managers + • An email is sent to the CLA managers, and the process ends. +• *ii. If Company Does Not Have a CCLA:* + ◦ The system checks if the user is a CLA manager. +• *A. User is a CLA Manager:* +• Assigns CLA manager designee permissions via: + ◦ v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/is-cla-manager-designee +• Verifies the assigned role: + ◦ v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/is-cla-manager-designee +• If the role is confirmed, it calls the endpoint to request a corporate signature: + ◦ v4/request-corporate-signature + ◦ This creates the signature record, completing the process. +• *B. User is Not a CLA Manager:* +• Fetches company administrators using: + ◦ v4/company/{companySFID}/admin +• Sends an invitation to become a company admin via: + ◦ /user/{userID}/invite-company-admin + ◦ An email is sent to the user to invite them as a company admin, concluding the process. From c6b39a18527dcbfc70d1a237042b71b2dab71456 Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Wed, 4 Dec 2024 13:40:42 +0300 Subject: [PATCH 48/59] Feature/Contributor Sequence flow - Added markdown for sequence flow for a contributor who is gated Signed-off-by: Nick Mango --- docs/contributor-api.md | 118 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100644 docs/contributor-api.md diff --git a/docs/contributor-api.md b/docs/contributor-api.md new file mode 100644 index 000000000..c004f6678 --- /dev/null +++ b/docs/contributor-api.md @@ -0,0 +1,118 @@ +``` +# EasyCLA Sign Flow: Sequence Overview + +## 1. User Creates a Pull Request (PR) +- A contributor initiates a PR in the repository hosted on GitHub, Gerrit, or GitLab. + +## 2. Repository Triggers Activity Endpoint +- The repository platform sends a request to EasyCLA's Python endpoint: + ``` + v2/repository-provider/{provider}/activity + ``` + +## 3. EasyCLA Checks User Authorization +- EasyCLA internally verifies if the users involved in the PR are authorized to contribute to the repository. + +## 4. Update Repository with User Status +- EasyCLA communicates back to the repository provider, updating the status of each user as either **signed** or **not signed**. + +## 5. User Initiates Sign Process +- If a user is marked as **not signed**, they are prompted to begin the signing process and are redirected to the **EasyCLA Contributor Console**. + +## 6. Contributor Chooses Sign Type +- Upon reaching the Contributor Console, the user selects one of two options: + - **Individual Contributor** + - **Corporate Contributor** + +--- + +## 7. Individual Contributor Flow + +### a. Initiate Individual Signature Request +- The system invokes the Go-based endpoint: + ``` + v4/request-individual-signature + ``` +- This action creates a new signature record with `signed = false` and initiates the signing process. + +### a1. Redirect to DocuSign +- The API handles the integration with DocuSign, preparing a callback and redirect URL, and redirects the user to DocuSign for signing. + +### a2. Completion of Signing +- Once the user completes the signing on DocuSign, a callback is triggered to: + ``` + v4/signed/individual/{installation_id}/{github_repository_id}/{change_request_id} + ``` +- This endpoint updates the signature record's `signed` flag to **true**, completing the process. + +--- + +## 8. Corporate Contributor Flow + +### b. Initiate Corporate Signature Process + +#### 1. Redirect to Company Search +- The user is redirected to a company search interface within the Contributor Console. + +#### 2. Search for Company +- Upon selecting a company, the system calls the Go-based search endpoint: + ``` + v3/organization/search?companyName=&include-signing-entity-name=false + ``` +- This retrieves the relevant company information. + +#### 3. Check and Prepare Employee Signature +- The system invokes the Python endpoint: + ``` + v2/check-prepare-employee-signature + ``` +- This checks whether the company follows a **Corporate CLA (CCLA)** or an **Entity CLA (ECLA)** flow. + +--- + +### i. If Company Has a CCLA: +- The system verifies if the user is authorized: + - **If not authorized:** + - Prompts the user to contact the existing CLA manager for authorization. + - Sends a notification to CLA managers via the Go-based endpoint: + ``` + v4/notify-cla-managers + ``` + - An email is sent to the CLA managers, and the process ends. + - **If authorized:** + - Calls: + ``` + v4/request-employee-signature + ``` + +--- + +### ii. If Company Does Not Have a CCLA: +- The system checks if the user is a CLA manager: + - **A. User is a CLA Manager:** + - Assigns CLA manager designee permissions via: + ``` + v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/cla-manager-designee + ``` + - Verifies the assigned role: + ``` + v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/is-cla-manager-designee + ``` + - Redirects to the corporate console where the user can see the **Sign** button. + - Calls the endpoint to request a corporate signature: + ``` + v4/request-corporate-signature + ``` + - This creates the signature record, completing the process. + + - **B. User is Not a CLA Manager:** + - Fetches company administrators using: + ``` + v4/company/{companySFID}/admin + ``` + - Sends an invitation to become a company admin via: + ``` + /user/{userID}/invite-company-admin + ``` + - An email is sent to the user to invite them as a company admin, concluding the process. +``` \ No newline at end of file From 73a1685d83bd9eb57949822941add53f38dbc24f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 4 Dec 2024 11:00:23 +0000 Subject: [PATCH 49/59] No longer needed MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- sign-flow.md | 62 ---------------------------------------------------- 1 file changed, 62 deletions(-) delete mode 100644 sign-flow.md diff --git a/sign-flow.md b/sign-flow.md deleted file mode 100644 index 672eedaf8..000000000 --- a/sign-flow.md +++ /dev/null @@ -1,62 +0,0 @@ -EasyCLA Sign Flow: Sequence Overview - -1. *User Creates a Pull Request (PR)* - ◦ A contributor initiates a PR in the repository hosted on GitHub, Gerrit, or GitLab. -2. *Repository Triggers Activity Endpoint* -• The repository platform sends a request to EasyCLA’s Python endpoint: - ◦ v2/repository-provider/{provider}/activity -3. *EasyCLA Checks User Authorization* - ◦ EasyCLA internally verifies if the users involved in the PR are authorized to contribute to the repository. -4. *Update Repository with User Status* - ◦ EasyCLA communicates back to the repository provider, updating the status of each user as either *signed* or *not signed*. -5. *User Initiates Sign Process* - ◦ If a user is marked as *not signed*, they are prompted to begin the signing process and are redirected to the EasyCLA Contributor Console. -6. *Contributor Chooses Sign Type* -• Upon reaching the Contributor Console, the user selects one of two options: - ▪︎ *Individual Contributor* - ◦ *Corporate Contributor* -7. *Individual Contributor Flow* -• *a. Initiate Individual Signature Request* -• The system invokes the Go-based endpoint: - ▪︎ v4/request-individual-signature - ◦ This action creates a new signature record with `signed = false` and initiates the signing process. -• *a1. Redirect to DocuSign* - ◦ The API handles the integration with DocuSign, preparing a callback and redirect URL, and redirects the user to DocuSign for signing. -• *a2. Completion of Signing* -• Once the user completes the signing on DocuSign, a callback is triggered to: - ▪︎ v4/signed/individual/{installation_id}/{github_repository_id}/{change_request_id} - ◦ This endpoint updates the signature record’s `signed` flag to `true`, completing the process. -8. *Corporate Contributor Flow* -• *b. Initiate Corporate Signature Process* -9. *Redirect to Company Search* - ▪︎ The user is redirected to a company search interface within the Contributor Console. -10. *Search for Company* -• Upon selecting a company, the system calls the Go-based search endpoint: - • v3/organization/search?companyName=Info&include-signing-entity-name=false - ▪︎ This retrieves the relevant company information. -11. *Check and Prepare Employee Signature* -• The system invokes the Python endpoint: - • v2/check-prepare-employee-signature - • This checks whether the company follows a Corporate CLA (CCLA) or an Entity CLA (ECLA) flow. -• *i. If Company Has a CCLA:* - ◦ The system verifies if the user is authorized. - ◦ If *not authorized*, it prompts the user to contact the existing CLA manager for authorization. -• The Go-based endpoint sends a notification to CLA managers: - ◦ v4/notify-cla-managers - • An email is sent to the CLA managers, and the process ends. -• *ii. If Company Does Not Have a CCLA:* - ◦ The system checks if the user is a CLA manager. -• *A. User is a CLA Manager:* -• Assigns CLA manager designee permissions via: - ◦ v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/cla-manager-designee -• Verifies the assigned role: - ◦ v4/company/{companySFID}/user/{userLFID}/claGroupID/{claGroupID}/is-cla-manager-designee -• If the role is confirmed, it calls the endpoint to request a corporate signature: - ◦ v4/request-corporate-signature - ◦ This creates the signature record, completing the process. -• *B. User is Not a CLA Manager:* -• Fetches company administrators using: - ◦ v4/company/{companySFID}/admin -• Sends an invitation to become a company admin via: - ◦ /user/{userID}/invite-company-admin - ◦ An email is sent to the user to invite them as a company admin, concluding the process. From 82beebf4433684aa03d9469f1b287c6c190f5828 Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Wed, 4 Dec 2024 21:03:25 +0300 Subject: [PATCH 50/59] Updated markdown header and footer tag Signed-off-by: Nick Mango --- docs/contributor-api.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/contributor-api.md b/docs/contributor-api.md index c004f6678..5b120ecf4 100644 --- a/docs/contributor-api.md +++ b/docs/contributor-api.md @@ -1,4 +1,3 @@ -``` # EasyCLA Sign Flow: Sequence Overview ## 1. User Creates a Pull Request (PR) @@ -115,4 +114,3 @@ /user/{userID}/invite-company-admin ``` - An email is sent to the user to invite them as a company admin, concluding the process. -``` \ No newline at end of file From ceb204f1d433e42c36ed8bfddd9a09b66790f405 Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Wed, 4 Dec 2024 21:26:31 +0300 Subject: [PATCH 51/59] [#3498]Bug/CLA Manager Email - Updated email params on cla group for cla managers Signed-off-by: Nick Mango --- cla-backend-go/cla_manager/service.go | 2 +- cla-backend-go/emails/cla_manager_templates.go | 13 ++++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/cla-backend-go/cla_manager/service.go b/cla-backend-go/cla_manager/service.go index 0eaa6a1dc..e13bbf276 100644 --- a/cla-backend-go/cla_manager/service.go +++ b/cla-backend-go/cla_manager/service.go @@ -485,7 +485,7 @@ func sendClaManagerAddedEmailToCLAManagers(emailSvc emails.EmailTemplateService, // subject string, body string, recipients []string subject := fmt.Sprintf("EasyCLA: CLA Manager Added Notice for %s", projectName) recipients := []string{emailParams.RecipientAddress} - body, err := emails.RenderClaManagerAddedToCLAManagersTemplate(emailSvc, claGroupModel.Version, claGroupModel.ProjectExternalID, emailParams) + body, err := emails.RenderClaManagerAddedToCLAManagersTemplate(emailSvc, claGroupModel.Version, projectName, emailParams) if err != nil { log.Warnf("email template render : %s failed : %v", emails.ClaManagerAddedToCLAManagersTemplate, err) return diff --git a/cla-backend-go/emails/cla_manager_templates.go b/cla-backend-go/emails/cla_manager_templates.go index ca66dbe06..d8f5d2dbc 100644 --- a/cla-backend-go/emails/cla_manager_templates.go +++ b/cla-backend-go/emails/cla_manager_templates.go @@ -258,12 +258,15 @@ list of company’s CLA Managers for CLA Group {{.CLAGroupName}}.

      ) // RenderClaManagerAddedToCLAManagersTemplate renders the ClaManagerAddedToCLAManagersTemplate -func RenderClaManagerAddedToCLAManagersTemplate(svc EmailTemplateService, claGroupModelVersion, projectSFID string, params ClaManagerAddedToCLAManagersTemplateParams) (string, error) { - claGroupParams, err := svc.GetCLAGroupTemplateParamsFromProjectSFID(claGroupModelVersion, projectSFID) - if err != nil { - return "", err +func RenderClaManagerAddedToCLAManagersTemplate(svc EmailTemplateService, claGroupModelVersion, claGroupName string, params ClaManagerAddedToCLAManagersTemplateParams) (string, error) { + // claGroupParams, err := svc.GetCLAGroupTemplateParamsFromProjectSFID(claGroupModelVersion, projectSFID) + // if err != nil { + // return "", err + // } + // params.CLAGroupTemplateParams = claGroupParams + params.CLAGroupTemplateParams = CLAGroupTemplateParams{ + CLAGroupName: claGroupName, } - params.CLAGroupTemplateParams = claGroupParams return RenderTemplate(claGroupModelVersion, ClaManagerAddedToCLAManagersTemplateName, ClaManagerAddedToCLAManagersTemplate, params) } From 3213897667a7e27267ee3d5f0420dd149b1e1dce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 5 Dec 2024 06:31:09 +0000 Subject: [PATCH 52/59] Python APIs update to also set embargo_acked flag on existing signatures when updating them MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/cla/controllers/signature.py | 4 ++-- cla-backend/cla/models/docusign_models.py | 15 ++++++++++++++- cla-backend/cla/models/dynamo_models.py | 4 ++-- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/cla-backend/cla/controllers/signature.py b/cla-backend/cla/controllers/signature.py index 920af127e..b1178d5c2 100644 --- a/cla-backend/cla/controllers/signature.py +++ b/cla-backend/cla/controllers/signature.py @@ -55,7 +55,7 @@ def create_signature(signature_project_id, # pylint: disable=too-many-arguments signature_type='cla', signature_approved=False, signature_signed=False, - signature_embargo_acked=False, + signature_embargo_acked=True, signature_return_url=None, signature_sign_url=None, signature_user_ccla_company_id=None, @@ -155,7 +155,7 @@ def update_signature(signature_id, # pylint: disable=too-many-arguments,too-man signature_type=None, signature_approved=None, signature_signed=None, - signature_embargo_acked=None, + signature_embargo_acked=True, signature_return_url=None, signature_sign_url=None, domain_whitelist=None, diff --git a/cla-backend/cla/models/docusign_models.py b/cla-backend/cla/models/docusign_models.py index b54126da8..37982bbd1 100644 --- a/cla-backend/cla/models/docusign_models.py +++ b/cla-backend/cla/models/docusign_models.py @@ -197,6 +197,9 @@ def request_individual_signature(self, project_id, user_id, return_url=None, ret cla.log.debug('Individual Signature - user already has a signatures with this project: {}'. format(latest_signature.get_signature_id())) + # Set embargo acknowledged flag also for the existing signature + latest_signature.set_signature_embargo_acked(True) + # Re-generate and set the signing url - this will update the signature record self.populate_sign_url(latest_signature, callback_url, default_values=default_cla_values, preferred_email=preferred_email) @@ -313,6 +316,9 @@ def request_individual_signature_gerrit(self, project_id, user_id, return_url=No last_document.get_document_major_version() == latest_signature.get_signature_document_major_version(): cla.log.info('User already has a signatures with this project: %s', latest_signature.get_signature_id()) + # Set embargo acknowledged flag also for the existing signature + latest_signature.set_signature_embargo_acked(True) + # Re-generate and set the signing url - this will update the signature record self.populate_sign_url(latest_signature, callback_url, default_values=default_cla_values) @@ -784,7 +790,7 @@ def _save_employee_signature(self,signature): 'signature_type': {'S': signature.get_signature_type()}, 'signature_signed': {'BOOL': signature.get_signature_signed()}, 'signature_approved': {'BOOL': signature.get_signature_approved()}, - 'signature_embargo_acked': {'BOOL': signature.get_signature_embargo_acked()}, + 'signature_embargo_acked': {'BOOL': True}, 'signature_acl': {'SS': list(signature.get_signature_acl())}, 'signature_user_ccla_company_id': {'S': signature.get_signature_user_ccla_company_id()}, 'date_modified': {'S': datetime.now().isoformat()}, @@ -990,6 +996,9 @@ def handle_signing_new_corporate_signature(self, signature, project, company, us # Set signature ACL signature.set_signature_acl(user.get_lf_username()) + # Set embargo acknowledged flag also for the existing signature + signature.set_signature_embargo_acked(True) + self.populate_sign_url(signature, callback_url, signatory_name, signatory_email, send_as_email, @@ -1510,6 +1519,7 @@ def signed_individual_callback(self, content, installation_id, github_repository cla.log.info(f'{fn} - ICLA signature signed ({signature_id}) - ' 'Notifying repository service provider') signature.set_signature_signed(True) + signature.set_signature_embargo_acked(True) populate_signature_from_icla_callback(content, tree, signature) # Save signature signature.save() @@ -1604,6 +1614,7 @@ def signed_individual_callback_gerrit(self, content, user_id): cla.log.debug(f'{fn} - updating signature in database - setting signed=true...') # Save signature before adding user to LDAP Groups. signature.set_signature_signed(True) + signature.set_signature_embargo_acked(True) signature.save() # Load the Project by ID and send audit event @@ -1715,6 +1726,7 @@ def signed_individual_callback_gitlab(self, content, user_id, organization_id, g cla.log.debug(f'{fn} - updating signature in database - setting signed=true...') signature.set_signature_signed(True) + signature.set_signature_embargo_acked(True) populate_signature_from_icla_callback(content, tree, signature) signature.save() @@ -1859,6 +1871,7 @@ def signed_corporate_callback(self, content, project_id, company_id): # Note: cla-manager role assignment and cla-manager-designee cleanup is handled in the DB trigger handler # upon save with the signature signed flag transition to true... signature.set_signature_signed(True) + signature.set_signature_embargo_acked(True) populate_signature_from_ccla_callback(content, tree, signature) signature.save() diff --git a/cla-backend/cla/models/dynamo_models.py b/cla-backend/cla/models/dynamo_models.py index a4d4b8b84..5e6311470 100644 --- a/cla-backend/cla/models/dynamo_models.py +++ b/cla-backend/cla/models/dynamo_models.py @@ -2484,7 +2484,7 @@ class Meta: signature_project_index = ProjectSignatureIndex() signature_reference_index = ReferenceSignatureIndex() signature_envelope_id = UnicodeAttribute(null=True) - signature_embargo_acked = BooleanAttribute(default=False, null=True) + signature_embargo_acked = BooleanAttribute(default=True, null=True) # Callback type refers to either Gerrit or GitHub signature_return_url_type = UnicodeAttribute(null=True) note = UnicodeAttribute(null=True) @@ -2539,7 +2539,7 @@ def __init__( signature_type=None, signature_signed=False, signature_approved=False, - signature_embargo_acked=False, + signature_embargo_acked=True, signed_on=None, signatory_name=None, signing_entity_name=None, From 22de891e2c122d07e6a12da778928b63da72c0b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 5 Dec 2024 07:39:52 +0000 Subject: [PATCH 53/59] Handle golang APIs signatures embargo acknowledgemet falgs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend-go/signatures/dbmodels.go | 2 +- cla-backend-go/signatures/repository.go | 26 ++++++++++------ cla-backend-go/v2/company/service.go | 1 - .../v2/dynamo_events/cla_manager.go | 2 +- cla-backend-go/v2/sign/service.go | 16 ++++++---- utils/request_corporate_signature_go_post.sh | 22 ++++++++++--- utils/request_employee_signature_go_post.sh | 31 +++++++++++++++++-- utils/request_employee_signature_py_post.sh | 4 +-- utils/request_individual_signature_py_post.sh | 4 +-- 9 files changed, 78 insertions(+), 30 deletions(-) diff --git a/cla-backend-go/signatures/dbmodels.go b/cla-backend-go/signatures/dbmodels.go index 9ca7f4877..86c043b58 100644 --- a/cla-backend-go/signatures/dbmodels.go +++ b/cla-backend-go/signatures/dbmodels.go @@ -10,7 +10,7 @@ type ItemSignature struct { DateModified string `json:"date_modified,omitempty"` SignatureApproved bool `json:"signature_approved,omitempty"` SignatureSigned bool `json:"signature_signed"` - SignatureEmbargoAcked bool `json:"signature_embargo_acked"` + SignatureEmbargoAcked bool `json:"signature_embargo_acked,omitempty"` SignatureDocumentMajorVersion int `json:"signature_document_major_version,omitempty"` SignatureDocumentMinorVersion int `json:"signature_document_minor_version,omitempty"` SignatureSignURL string `json:"signature_sign_url,omitempty"` diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index 3875e2c55..ad6e32db8 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -2126,6 +2126,11 @@ func (repo repository) ValidateProjectRecord(ctx context.Context, signatureID, n expressionAttributeValues[":a"] = &dynamodb.AttributeValue{BOOL: aws.Bool(true)} updateExpression = updateExpression + " #A = :a," + // Set embago acknowledged flag + // expressionAttributeNames["#E"] = aws.String("signature_embargo_acked") + // expressionAttributeValues[":e"] = &dynamodb.AttributeValue{BOOL: aws.Bool(true)} + // updateExpression = updateExpression + " #E = :e," + expressionAttributeNames["#S"] = aws.String("note") expressionAttributeValues[":s"] = &dynamodb.AttributeValue{S: aws.String(note)} updateExpression = updateExpression + " #S = :s" @@ -4540,13 +4545,14 @@ func (repo repository) getIntermediateICLAResponse(f logrus.Fields, dbSignatures intermediateResponse = append(intermediateResponse, &iclaSignatureWithDetails{ IclaSignature: &models.IclaSignature{ - GithubUsername: sig.UserGithubUsername, - GitlabUsername: sig.UserGitlabUsername, - UserID: sig.SignatureReferenceID, - LfUsername: sig.UserLFUsername, - SignatureApproved: sig.SignatureApproved, - SignatureSigned: sig.SignatureSigned, - SignatureEmbargoAcked: sig.SignatureEmbargoAcked, + GithubUsername: sig.UserGithubUsername, + GitlabUsername: sig.UserGitlabUsername, + UserID: sig.SignatureReferenceID, + LfUsername: sig.UserLFUsername, + SignatureApproved: sig.SignatureApproved, + SignatureSigned: sig.SignatureSigned, + // SignatureEmbargoAcked: sig.SignatureEmbargoAcked, + SignatureEmbargoAcked: true, SignatureModified: sig.DateModified, SignatureID: sig.SignatureID, SignedOn: sigSignedTime, @@ -4776,7 +4782,6 @@ func (repo repository) GetClaGroupCorporateContributors(ctx context.Context, cla SignatureModified: sig.DateModified, SignatureApproved: sig.SignatureApproved, SignatureSigned: sig.SignatureSigned, - // SignatureEmbargoAcked: sig.SignatureEmbargoAcked, }) // Increment the current count @@ -4931,7 +4936,10 @@ func (repo repository) ActivateSignature(ctx context.Context, signatureID string } // Build the expression - expressionUpdate := expression.Set(expression.Name("signature_approved"), expression.Value(true)).Set(expression.Name("signature_signed"), expression.Value(false)) + expressionUpdate := expression. + Set(expression.Name("signature_approved"), expression.Value(true)). + Set(expression.Name("signature_signed"), expression.Value(false)). + Set(expression.Name("signature_embargo_acked"), expression.Value(true)) expr, err := expression.NewBuilder().WithUpdate(expressionUpdate).Build() if err != nil { diff --git a/cla-backend-go/v2/company/service.go b/cla-backend-go/v2/company/service.go index 2c5606530..373daaa36 100644 --- a/cla-backend-go/v2/company/service.go +++ b/cla-backend-go/v2/company/service.go @@ -1520,7 +1520,6 @@ func fillCorporateContributorModel(wg *sync.WaitGroup, usersRepo users.UserRepos contributor.LinuxFoundationID = user.LfUsername contributor.SignatureApproved = sig.SignatureApproved contributor.SignatureSigned = sig.SignatureSigned - // contributor.SignatureEmbargoAcked = sig.SignatureEmbargoAcked contributor.Name = user.Username t, err := utils.ParseDateTime(sig.SignatureCreated) if err != nil { diff --git a/cla-backend-go/v2/dynamo_events/cla_manager.go b/cla-backend-go/v2/dynamo_events/cla_manager.go index 8a99de4cc..914326d80 100644 --- a/cla-backend-go/v2/dynamo_events/cla_manager.go +++ b/cla-backend-go/v2/dynamo_events/cla_manager.go @@ -40,7 +40,7 @@ func (s *service) SetInitialCLAManagerACSPermissions(ctx context.Context, signat f["projectID"] = sig.ProjectID f["signed"] = sig.SignatureSigned f["approved"] = sig.SignatureApproved - // f["embargo_acked"] = sig.SignatureEmbargoAcked + f["embargo_acked"] = sig.SignatureEmbargoAcked f["companyName"] = sig.CompanyName f["claType"] = sig.ClaType diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index 2ecd15144..cab9ba3a3 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -422,6 +422,7 @@ func (s *service) SignedIndividualCallbackGithub(ctx context.Context, payload [] log.WithFields(f).Debugf("envelope signed - status: %s", status) updates := map[string]interface{}{ "signature_signed": true, + "signature_embargo_acked": true, "date_modified": currentTime, "signed_on": currentTime, "user_docusign_raw_xml": string(payload), @@ -657,6 +658,7 @@ func (s *service) SignedIndividualCallbackGitlab(ctx context.Context, payload [] log.WithFields(f).Debugf("envelope signed - status: %s", status) updates := map[string]interface{}{ "signature_signed": true, + "signature_embargo_acked": true, "date_modified": currentTime, "signed_on": currentTime, "user_docusign_raw_xml": string(payload), @@ -890,6 +892,7 @@ func (s *service) SignedIndividualCallbackGerrit(ctx context.Context, payload [] log.WithFields(f).Debugf("envelope signed - status: %s", status) updates := map[string]interface{}{ "signature_signed": true, + "signature_embargo_acked": true, "date_modified": currentTime, "signed_on": currentTime, "user_docusign_raw_xml": string(payload), @@ -1138,9 +1141,10 @@ func (s *service) SignedCorporateCallback(ctx context.Context, payload []byte, c if status == DocusignCompleted && !signature.SignatureSigned { _, currentTime := utils.CurrentTime() updates := map[string]interface{}{ - "signature_signed": true, - "date_modified": currentTime, - "signed_on": currentTime, + "signature_signed": true, + "signature_embargo_acked": true, + "date_modified": currentTime, + "signed_on": currentTime, } userSignedDate := info.EnvelopeStatus.RecipientStatuses[0].Signed @@ -1371,7 +1375,7 @@ func (s *service) RequestIndividualSignature(ctx context.Context, input *models. SignatureProjectID: latestSignature.ProjectID, SignatureApproved: latestSignature.SignatureApproved, SignatureSigned: latestSignature.SignatureSigned, - SignatureEmbargoAcked: latestSignature.SignatureEmbargoAcked, + SignatureEmbargoAcked: true, SignatureReferenceName: latestSignature.SignatureReferenceName, SignatureReferenceNameLower: latestSignature.SignatureReferenceNameLower, SignedOn: latestSignature.SignedOn, @@ -2361,7 +2365,7 @@ func (s *service) RequestIndividualSignatureGerrit(ctx context.Context, input *m SignatureProjectID: latestSignature.ProjectID, SignatureApproved: latestSignature.SignatureApproved, SignatureSigned: latestSignature.SignatureSigned, - SignatureEmbargoAcked: latestSignature.SignatureEmbargoAcked, + SignatureEmbargoAcked: true, SignatureReferenceName: latestSignature.SignatureReferenceName, SignatureReferenceNameLower: latestSignature.SignatureReferenceNameLower, SignedOn: latestSignature.SignedOn, @@ -2575,7 +2579,7 @@ func (s *service) requestCorporateSignature(ctx context.Context, apiURL string, SignatoryName: signatoryName, SignatureSigned: companySignature.SignatureSigned, SignatureApproved: companySignature.SignatureApproved, - SignatureEmbargoAcked: companySignature.SignatureEmbargoAcked, + SignatureEmbargoAcked: true, DateCreated: companySignature.Created, SignatureDocumentMajorVersion: majorVersion, SignatureDocumentMinorVersion: minorVersion, diff --git a/utils/request_corporate_signature_go_post.sh b/utils/request_corporate_signature_go_post.sh index eccb101a4..dfeebb8c1 100755 --- a/utils/request_corporate_signature_go_post.sh +++ b/utils/request_corporate_signature_go_post.sh @@ -5,12 +5,13 @@ # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token -# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' -# TODO: this is WIP atm (due to AUTH0 token and X-ACL missing) +# XACL='...' - X-ACL +# DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' if [ -z "$TOKEN" ] then - source ./auth0_token.secret + # source ./auth0_token.secret + TOKEN="$(cat ./auth0.token.secret)" fi if [ -z "$TOKEN" ] @@ -19,6 +20,17 @@ then exit 1 fi +if [ -z "$XACL" ] +then + XACL="$(cat ./x-acl.secret)" +fi + +if [ -z "$XACL" ] +then + echo "$0: XACL not specified and unable to obtain one" + exit 2 +fi + if [ -z "$1" ] then echo "$0: you need to specify company_id as a 1st parameter" @@ -54,6 +66,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_employee_signature_go_post.sh b/utils/request_employee_signature_go_post.sh index b610d1a90..92eec3f9d 100755 --- a/utils/request_employee_signature_go_post.sh +++ b/utils/request_employee_signature_go_post.sh @@ -5,7 +5,32 @@ # project_id='88ee12de-122b-4c46-9046-19422054ed8d' # return_url_type='github' # return_url='http://localhost' -# DEBUG=1 ./utils/request_employee_signature_py_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# TOKEN='...' - Auth0 JWT bearer token +# XACL='...' - X-ACL +# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" XACL="$(cat ./x-acl.secret)" ./utils/request_employee_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' + +if [ -z "$TOKEN" ] +then + # source ./auth0_token.secret + TOKEN="$(cat ./auth0.token.secret)" +fi + +if [ -z "$TOKEN" ] +then + echo "$0: TOKEN not specified and unable to obtain one" + exit 1 +fi + +if [ -z "$XACL" ] +then + XACL="$(cat ./x-acl.secret)" +fi + +if [ -z "$XACL" ] +then + echo "$0: XACL not specified and unable to obtain one" + exit 2 +fi if [ -z "$1" ] then @@ -49,6 +74,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_employee_signature_py_post.sh b/utils/request_employee_signature_py_post.sh index b610d1a90..d07ffc138 100755 --- a/utils/request_employee_signature_py_post.sh +++ b/utils/request_employee_signature_py_post.sh @@ -49,6 +49,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'Content-Type: application/json' '${API_URL}/v2/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "Content-Type: application/json" "${API_URL}/v2/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_individual_signature_py_post.sh b/utils/request_individual_signature_py_post.sh index ce3973415..b547fa49d 100755 --- a/utils/request_individual_signature_py_post.sh +++ b/utils/request_individual_signature_py_post.sh @@ -41,6 +41,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v2/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'Content-Type: application/json' '${API_URL}/v2/request-individual-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v2/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "Content-Type: application/json" "${API_URL}/v2/request-individual-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' From 32c9f1d5e13f85e5fc5c93660c84e3a46a3c97b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 5 Dec 2024 08:00:28 +0000 Subject: [PATCH 54/59] go fmt MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- .../cmd/functional_tests/approval_list/approval_list.go | 8 -------- .../cmd/functional_tests/cla_manager/cla_manager.go | 2 -- cla-backend-go/swagger/common/corporate-contributor.yaml | 5 ----- 3 files changed, 15 deletions(-) diff --git a/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go b/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go index e8a51bc91..f63879840 100644 --- a/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go +++ b/cla-backend-go/cmd/functional_tests/approval_list/approval_list.go @@ -308,7 +308,6 @@ func (t *TestBehaviour) RunUpdateApprovalListAddEmail(testData InputTestValues) ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -353,7 +352,6 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveEmail(testData InputTestValue ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -398,7 +396,6 @@ func (t *TestBehaviour) RunUpdateApprovalListAddDomain(testData InputTestValues) ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -443,7 +440,6 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveDomain(testData InputTestValu ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -488,7 +484,6 @@ func (t *TestBehaviour) RunUpdateApprovalListAddGitHubUsername(testData InputTes ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -533,7 +528,6 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveGitHubUsername(testData Input ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -578,7 +572,6 @@ func (t *TestBehaviour) RunUpdateApprovalListAddGitHubOrg(testData InputTestValu ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). @@ -623,7 +616,6 @@ func (t *TestBehaviour) RunUpdateApprovalListRemoveGitHubOrg(testData InputTestV ExpectJsonType("signatureType", reflect.String). ExpectJsonType("signatureApproved", reflect.Bool). ExpectJsonType("signatureSigned", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureCreated", reflect.String). ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("version", reflect.String). diff --git a/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go b/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go index 787979997..ec71d9dac 100644 --- a/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go +++ b/cla-backend-go/cmd/functional_tests/cla_manager/cla_manager.go @@ -472,7 +472,6 @@ func (t *TestBehaviour) RunAddCLAManager() { ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("signatureSigned", reflect.Bool). ExpectJsonType("signatureApproved", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureReferenceType", reflect.String). ExpectJsonType("signatureReferenceID", reflect.String). ExpectJsonType("signatureReferenceName", reflect.String). @@ -541,7 +540,6 @@ func (t *TestBehaviour) RunRemoveCLAManager() { ExpectJsonType("signatureModified", reflect.String). ExpectJsonType("signatureSigned", reflect.Bool). ExpectJsonType("signatureApproved", reflect.Bool). - // ExpectJsonType("signatureEmbargoAcked", reflect.Bool). ExpectJsonType("signatureReferenceType", reflect.String). ExpectJsonType("signatureReferenceID", reflect.String). ExpectJsonType("signatureReferenceName", reflect.String). diff --git a/cla-backend-go/swagger/common/corporate-contributor.yaml b/cla-backend-go/swagger/common/corporate-contributor.yaml index 9e6425306..24e35b46c 100644 --- a/cla-backend-go/swagger/common/corporate-contributor.yaml +++ b/cla-backend-go/swagger/common/corporate-contributor.yaml @@ -48,8 +48,3 @@ properties: type: boolean description: the flag for contributor that has not yet been approved x-omitempty: false -# signatureEmbargoAcked: -# type: boolean -# description: the signature embargo acknowledged flag - true or false value -# example: true -# # x-omitempty: false From 7aa75a87e8a554512a7adc0d3421b140885eb86b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 5 Dec 2024 10:49:09 +0000 Subject: [PATCH 55/59] Ready for review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- utils/request_corporate_signature_go_post.sh | 22 +++--- utils/request_employee_signature_go_post.sh | 79 -------------------- 2 files changed, 11 insertions(+), 90 deletions(-) delete mode 100755 utils/request_employee_signature_go_post.sh diff --git a/utils/request_corporate_signature_go_post.sh b/utils/request_corporate_signature_go_post.sh index dfeebb8c1..49f83779b 100755 --- a/utils/request_corporate_signature_go_post.sh +++ b/utils/request_corporate_signature_go_post.sh @@ -1,12 +1,12 @@ #!/bin/bash # API_URL=https://[xyz].ngrok-free.app (defaults to localhost:5000) -# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' -# project_id='88ee12de-122b-4c46-9046-19422054ed8d' +# company_sfid='0016s000006Uq9VAAS' +# project_sfid='a092h000004wx1DAAQ' # return_url_type='github' # return_url='http://localhost' # TOKEN='...' - Auth0 JWT bearer token # XACL='...' - X-ACL -# DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' +# DEBUG=1 XACL="$(cat ./x-acl.secret)" TOKEN="$(cat ./auth0.token.secret)" ./utils/request_corporate_signature_go_post.sh 0016s000006Uq9VAAS a092h000004wx1DAAQ github 'http://localhost' if [ -z "$TOKEN" ] then @@ -15,7 +15,7 @@ then fi if [ -z "$TOKEN" ] -then +then echo "$0: TOKEN not specified and unable to obtain one" exit 1 fi @@ -33,17 +33,17 @@ fi if [ -z "$1" ] then - echo "$0: you need to specify company_id as a 1st parameter" + echo "$0: you need to specify company_sfid as a 1st parameter" exit 1 fi -export company_id="$1" +export company_sfid="$1" if [ -z "$2" ] then - echo "$0: you need to specify project_id as a 2nd parameter" + echo "$0: you need to specify project_sfid as a 2nd parameter" exit 2 fi -export project_id="$2" +export project_sfid="$2" if [ -z "$3" ] then @@ -54,7 +54,7 @@ export return_url_type="$3" if [ -z "$4" ] then - echo "$0: you need to specify return_url as a 4th parameter" + echo "$0: you need to specify return_urlas a 4th parameter" exit 4 fi export return_url="$4" @@ -66,6 +66,6 @@ fi if [ ! -z "$DEBUG" ] then - echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" + echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-corporate-signature' -d '{\"project_sfid\":\"${project_sfid}\",\"company_sfid\":\"${company_sfid}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" fi -curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_id\":\"${project_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' +curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-corporate-signature" -d "{\"project_sfid\":\"${project_sfid}\",\"company_sfid\":\"${company_sfid}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' diff --git a/utils/request_employee_signature_go_post.sh b/utils/request_employee_signature_go_post.sh deleted file mode 100755 index 92eec3f9d..000000000 --- a/utils/request_employee_signature_go_post.sh +++ /dev/null @@ -1,79 +0,0 @@ -#!/bin/bash -# API_URL=https://3f13-147-75-85-27.ngrok-free.app (defaults to localhost:5000) -# user_id='9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5' -# company_id='862ff296-6508-4f10-9147-2bc2dd7bfe80' -# project_id='88ee12de-122b-4c46-9046-19422054ed8d' -# return_url_type='github' -# return_url='http://localhost' -# TOKEN='...' - Auth0 JWT bearer token -# XACL='...' - X-ACL -# DEBUG=1 TOKEN="$(cat ./auth0.token.secret)" XACL="$(cat ./x-acl.secret)" ./utils/request_employee_signature_go_post.sh 9dcf5bbc-2492-11ed-97c7-3e2a23ea20b5 862ff296-6508-4f10-9147-2bc2dd7bfe80 88ee12de-122b-4c46-9046-19422054ed8d github 'http://localhost' - -if [ -z "$TOKEN" ] -then - # source ./auth0_token.secret - TOKEN="$(cat ./auth0.token.secret)" -fi - -if [ -z "$TOKEN" ] -then - echo "$0: TOKEN not specified and unable to obtain one" - exit 1 -fi - -if [ -z "$XACL" ] -then - XACL="$(cat ./x-acl.secret)" -fi - -if [ -z "$XACL" ] -then - echo "$0: XACL not specified and unable to obtain one" - exit 2 -fi - -if [ -z "$1" ] -then - echo "$0: you need to specify user_id as a 1st parameter" - exit 1 -fi -export user_id="$1" - -if [ -z "$2" ] -then - echo "$0: you need to specify company_id as a 2nd parameter" - exit 2 -fi -export company_id="$2" - -if [ -z "$3" ] -then - echo "$0: you need to specify project_id as a 3rd parameter" - exit 3 -fi -export project_id="$3" - -if [ -z "$4" ] -then - echo "$0: you need to specify return_url_type as a 4th parameter: github|gitlab|gerrit" - exit 4 -fi -export return_url_type="$4" - -if [ -z "$5" ] -then - echo "$0: you need to specify return_url as a 5th parameter" - exit 5 -fi -export return_url="$5" - -if [ -z "$API_URL" ] -then - export API_URL="http://localhost:5000" -fi - -if [ ! -z "$DEBUG" ] -then - echo "curl -s -XPOST -H 'X-ACL: ${XACL}' -H 'Authorization: Bearer ${TOKEN}' -H 'Content-Type: application/json' '${API_URL}/v4/request-employee-signature' -d '{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}' | jq -r '.'" -fi -curl -s -XPOST -H "X-ACL: ${XACL}" -H "Authorization: Bearer ${TOKEN}" -H "Content-Type: application/json" "${API_URL}/v4/request-employee-signature" -d "{\"project_id\":\"${project_id}\",\"user_id\":\"${user_id}\",\"company_id\":\"${company_id}\",\"return_url_type\":\"${return_url_type}\",\"return_url\":\"${return_url}\"}" | jq -r '.' From 9442e3a9c245e3d0f29b0a97d1b40e0711e8177c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Thu, 5 Dec 2024 10:54:39 +0000 Subject: [PATCH 56/59] Ready for Review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend-go/signatures/repository.go | 13 ++++++------- utils/request_corporate_signature_go_post.sh | 2 +- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/cla-backend-go/signatures/repository.go b/cla-backend-go/signatures/repository.go index ad6e32db8..842be6a9b 100644 --- a/cla-backend-go/signatures/repository.go +++ b/cla-backend-go/signatures/repository.go @@ -4545,13 +4545,12 @@ func (repo repository) getIntermediateICLAResponse(f logrus.Fields, dbSignatures intermediateResponse = append(intermediateResponse, &iclaSignatureWithDetails{ IclaSignature: &models.IclaSignature{ - GithubUsername: sig.UserGithubUsername, - GitlabUsername: sig.UserGitlabUsername, - UserID: sig.SignatureReferenceID, - LfUsername: sig.UserLFUsername, - SignatureApproved: sig.SignatureApproved, - SignatureSigned: sig.SignatureSigned, - // SignatureEmbargoAcked: sig.SignatureEmbargoAcked, + GithubUsername: sig.UserGithubUsername, + GitlabUsername: sig.UserGitlabUsername, + UserID: sig.SignatureReferenceID, + LfUsername: sig.UserLFUsername, + SignatureApproved: sig.SignatureApproved, + SignatureSigned: sig.SignatureSigned, SignatureEmbargoAcked: true, SignatureModified: sig.DateModified, SignatureID: sig.SignatureID, diff --git a/utils/request_corporate_signature_go_post.sh b/utils/request_corporate_signature_go_post.sh index 49f83779b..04a0e9484 100755 --- a/utils/request_corporate_signature_go_post.sh +++ b/utils/request_corporate_signature_go_post.sh @@ -15,7 +15,7 @@ then fi if [ -z "$TOKEN" ] -then +then echo "$0: TOKEN not specified and unable to obtain one" exit 1 fi From c6abdc2393913c4940a03f2a91c0cecea815974f Mon Sep 17 00:00:00 2001 From: Nick Mango Date: Thu, 12 Dec 2024 18:14:10 +0300 Subject: [PATCH 57/59] Bug/Gerrit Return URL - Used input return url value for post signing ICLA Signed-off-by: Nick Mango --- cla-backend-go/v2/sign/service.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index cab9ba3a3..b14b84767 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -2343,8 +2343,8 @@ func (s *service) RequestIndividualSignatureGerrit(ctx context.Context, input *m return nil, errors.New("no gerrits found for project") } - returnURL := gerrits.List[0].GerritURL - log.WithFields(f).Debugf("returnURL: %s", returnURL) + returnURL := input.ReturnURL + log.WithFields(f).Debugf("returnURL: %s", input.ReturnURL) if latestSignature != nil { log.WithFields(f).Debugf("comparing latest signature document version: %s to latest document version: %s", latestSignature.SignatureDocumentMajorVersion, latestDocument.DocumentMajorVersion) From 69dfbc4ff9a3bb2e0a9e3e1f0a1af811b23d5e6e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 8 Jan 2025 08:21:04 +0100 Subject: [PATCH 58/59] Revert "Bug/Gerrit Return URL" --- cla-backend-go/v2/sign/service.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cla-backend-go/v2/sign/service.go b/cla-backend-go/v2/sign/service.go index b14b84767..cab9ba3a3 100644 --- a/cla-backend-go/v2/sign/service.go +++ b/cla-backend-go/v2/sign/service.go @@ -2343,8 +2343,8 @@ func (s *service) RequestIndividualSignatureGerrit(ctx context.Context, input *m return nil, errors.New("no gerrits found for project") } - returnURL := input.ReturnURL - log.WithFields(f).Debugf("returnURL: %s", input.ReturnURL) + returnURL := gerrits.List[0].GerritURL + log.WithFields(f).Debugf("returnURL: %s", returnURL) if latestSignature != nil { log.WithFields(f).Debugf("comparing latest signature document version: %s to latest document version: %s", latestSignature.SignatureDocumentMajorVersion, latestDocument.DocumentMajorVersion) From 780badfe88e2ada2b41570a5948111c91c12583b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Gryglicki?= Date: Wed, 8 Jan 2025 08:41:43 +0000 Subject: [PATCH 59/59] Fix missing license header MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Łukasz Gryglicki --- cla-backend/cla/tests/unit/test_ecla.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cla-backend/cla/tests/unit/test_ecla.py b/cla-backend/cla/tests/unit/test_ecla.py index 165db0c47..5b6f9a3c4 100644 --- a/cla-backend/cla/tests/unit/test_ecla.py +++ b/cla-backend/cla/tests/unit/test_ecla.py @@ -1,3 +1,6 @@ +# Copyright The Linux Foundation and each contributor to CommunityBridge. +# SPDX-License-Identifier: MIT + import unittest from unittest.mock import Mock, patch import datetime