Add accessTeams support to BOM upload auto-create#5856
Open
valentijnscholten wants to merge 2 commits intoDependencyTrack:masterfrom
Open
Add accessTeams support to BOM upload auto-create#5856valentijnscholten wants to merge 2 commits intoDependencyTrack:masterfrom
valentijnscholten wants to merge 2 commits intoDependencyTrack:masterfrom
Conversation
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Mimics createProject: when auto-creating a project during BOM upload, teams can be specified via accessTeams and are applied to the project ACL. Same resolution rules as Project API (principal must be member or have ACCESS_MANAGEMENT). - BomSubmitRequest: add accessTeams field (JSON) - BOM multipart: add accessTeams form param (JSON array) - Apply access teams before updateNewProjectACL Signed-off-by: Valentijn Scholten <valentijnscholten@gmail.com>
valentijnscholten
force-pushed
the
bom-upload-access-teams
branch
from
694d12d to
c9a51f1
Compare
Coverage summary from CodacySee diff coverage on Codacy
Coverage variation details
Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: Diff coverage details
Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: See your quality gate settings Change summary preferences |
Cover the branches added in the accessTeams PR that were not reached by the initial test: team lookup by UUID, admin path (ACCESS_MANAGEMENT), inaccessible team error, missing team identifier error, multipart form endpoint happy path, and invalid JSON in multipart accessTeams field. Signed-off-by: Valentijn Scholten <valentijnscholten@gmail.com>
valentijnscholten
force-pushed
the
bom-upload-access-teams
branch
from
15ea6b0 to
0a1c88d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add
accessTeamssupport when auto-creating projects during BOM upload. The behaviour mimicscreateProjectvia the Project API.Motivation
When creating a project explicitly via
PUT /v1/project, teams can be passed inaccessTeamsand are applied to the project's ACL. BOM upload withautoCreate=truedid not support this, so users could not assign teams when auto-creating via BOM upload. This change brings parity.Changes
accessTeamsfield. JSON upload acceptsaccessTeamsarray with{"name": "TeamName"}or{"uuid": "..."}.POST /v1/bom): AddedaccessTeamsform param (JSON array).ACCESS_MANAGEMENTpermission to assign any team.uploadBomAutoCreateWithAccessTeamsTestverifies the flow.