feat(desinger): endpoint to get UserRepositoryPermissions

Altinn · framitdavid · Jan 27, 2025 · Jan 9, 2025 · Jan 9, 2025 · Jan 9, 2025
commit e3d174521cd988358f4acbe28eaf2e161dafe850
diff --git a/backend/src/Designer/Controllers/UserController.cs b/backend/src/Designer/Controllers/UserController.cs
@@ -1,5 +1,6 @@
 using System.Collections.Generic;
 using System.Threading.Tasks;
+using Altinn.Studio.Designer.Models.Dto;
 using Altinn.Studio.Designer.Services.Interfaces;
 using Microsoft.AspNetCore.Antiforgery;
 using Microsoft.AspNetCore.Authorization;
@@ -17,16 +18,18 @@
     {
         private readonly IGitea _giteaApi;
         private readonly IAntiforgery _antiforgery;
+        private readonly IUserService _userService;
 
         /// <summary>
         /// Initializes a new instance of the <see cref="UserController"/> class.
         /// </summary>
         /// <param name="giteaWrapper">the gitea wrapper</param>
         /// <param name="antiforgery">Access to the antiforgery system in .NET Core</param>
-        public UserController(IGitea giteaWrapper, IAntiforgery antiforgery)
+        public UserController(IGitea giteaWrapper, IAntiforgery antiforgery, IUserService userService)
         {
             _giteaApi = giteaWrapper;
             _antiforgery = antiforgery;
+            _userService = userService;
         }
 
         /// <summary>
@@ -80,6 +83,14 @@
             return success ? NoContent() : StatusCode(418);
         }
 
+        [HttpGet]
+        [Route("org-permissions/{org}")]
+        public async Task<IActionResult> HasAccessToCreateRepository(string org)
+        {
+            UserRepositoryPermission userRepository = await _userService.GetUserRepositoryPermission(org);
+            return Ok(userRepository);
+        }
+
         /// <summary>
         /// Removes the star marking on the specified repository.
         /// </summary>

diff --git a/backend/src/Designer/Infrastructure/ServiceRegistration.cs b/backend/src/Designer/Infrastructure/ServiceRegistration.cs
@@ -54,6 +54,7 @@ public static IServiceCollection RegisterServiceImplementations(this IServiceCol
             services.AddScoped<IReleaseRepository, ORMReleaseRepository>();
             services.AddScoped<IDeploymentRepository, ORMDeploymentRepository>();
             services.AddScoped<IAppScopesRepository, AppScopesRepository>();
+            services.AddScoped<IUserService, UserService>();
             services.AddTransient<IReleaseService, ReleaseService>();
             services.AddTransient<IDeploymentService, DeploymentService>();
             services.AddTransient<IAppScopesService, AppScopesService>();

diff --git a/backend/src/Designer/Models/Dto/UserRepositoryPermission.cs b/backend/src/Designer/Models/Dto/UserRepositoryPermission.cs
@@ -0,0 +1,6 @@
+namespace Altinn.Studio.Designer.Models.Dto;
+
+public class UserRepositoryPermission
+{
+    public bool CanCreateOrgRepo { get; set; }
+}
diff --git a/backend/src/Designer/RepositoryClient/Model/Team.cs b/backend/src/Designer/RepositoryClient/Model/Team.cs
@@ -10,6 +10,8 @@ public class Team
         /// </summary>
         public string Name { get; set; }
 
+        public bool can_create_org_repo { get; set; }
+
         /// <summary>
         /// The organization that owns the team
         /// </summary>

diff --git a/backend/src/Designer/Services/Implementation/UserService.cs b/backend/src/Designer/Services/Implementation/UserService.cs
@@ -0,0 +1,44 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Threading.Tasks;
+using Altinn.Studio.Designer.Helpers;
+using Altinn.Studio.Designer.Models.Dto;
+using Altinn.Studio.Designer.RepositoryClient.Model;
+using Altinn.Studio.Designer.Services.Interfaces;
+using Microsoft.AspNetCore.Http;
+
+namespace Altinn.Studio.Designer.Services.Implementation;
+
+public class UserService : IUserService
+{
+    private readonly IHttpContextAccessor _httpContextAccessor;
+    private readonly IGitea _giteaApi;
+
+    public UserService(IHttpContextAccessor httpContextAccessor, IGitea giteaApi)
+    {
+        _httpContextAccessor = httpContextAccessor;
+        _giteaApi = giteaApi;
+    }
+
+    public async Task<UserRepositoryPermission> GetUserRepositoryPermission(string org)
+    {
+        bool canCreateOrgRepo = await HasPermissionToCreateOrgRepo(org);
+        return new UserRepositoryPermission() { CanCreateOrgRepo = canCreateOrgRepo };
+    }
+
+    private bool IsUserSelfOrg(string org)
+    {
+        return AuthenticationHelper.GetDeveloperUserName(_httpContextAccessor.HttpContext) == org;
+    }
+
+    private async Task<bool> HasPermissionToCreateOrgRepo(string org)
+    {
+        List<Team> teams = await _giteaApi.GetTeams();
+        return IsUserSelfOrg(org) || teams.Any(team => CheckPermissionToCreateOrgRepo(team, org));
+    }
+
+    private static bool CheckPermissionToCreateOrgRepo(Team team, string org)
+    {
+        return team.can_create_org_repo & team.Organization.Username == org;
+    }
+}
diff --git a/backend/src/Designer/Services/Interfaces/IUserService.cs b/backend/src/Designer/Services/Interfaces/IUserService.cs
@@ -0,0 +1,9 @@
+using System.Threading.Tasks;
+using Altinn.Studio.Designer.Models.Dto;
+
+namespace Altinn.Studio.Designer.Services.Interfaces;
+
+public interface IUserService
+{
+   public Task<UserRepositoryPermission> GetUserRepositoryPermission(string org);
+}