(ctx context.Context, req *adminv1.GetGithubRepoStatusRequest)
| 149 | } |
| 150 | |
| 151 | func (s *Server) GetGithubRepoStatus(ctx context.Context, req *adminv1.GetGithubRepoStatusRequest) (*adminv1.GetGithubRepoStatusResponse, error) { |
| 152 | observability.AddRequestAttributes(ctx, |
| 153 | attribute.String("args.remote", req.Remote), |
| 154 | ) |
| 155 | |
| 156 | // Backwards compatibility |
| 157 | req.Remote = normalizeGitRemote(req.Remote) |
| 158 | |
| 159 | // Check the request is made by an authenticated user |
| 160 | claims := auth.GetClaims(ctx) |
| 161 | if claims.OwnerType() != auth.OwnerTypeUser { |
| 162 | return nil, status.Error(codes.Unauthenticated, "not authenticated") |
| 163 | } |
| 164 | |
| 165 | // Check whether we have the access to the repo |
| 166 | installationID, err := s.admin.GetGithubInstallation(ctx, req.Remote) |
| 167 | if err != nil { |
| 168 | if !errors.Is(err, admin.ErrGithubInstallationNotFound) { |
| 169 | return nil, fmt.Errorf("failed to check Github access: %w", err) |
| 170 | } |
| 171 | |
| 172 | // If no access, return instructions for granting access |
| 173 | grantAccessURL := s.admin.URLs.GithubConnect(req.Remote) |
| 174 | |
| 175 | res := &adminv1.GetGithubRepoStatusResponse{ |
| 176 | HasAccess: false, |
| 177 | GrantAccessUrl: grantAccessURL, |
| 178 | } |
| 179 | return res, nil |
| 180 | } |
| 181 | |
| 182 | // we have access need to check if user is a collaborator and has authorised app on their account |
| 183 | userID := claims.OwnerID() |
| 184 | user, err := s.admin.DB.FindUser(ctx, userID) |
| 185 | if err != nil { |
| 186 | return nil, err |
| 187 | } |
| 188 | |
| 189 | // user has not authorized github app |
| 190 | if user.GithubUsername == "" { |
| 191 | res := &adminv1.GetGithubRepoStatusResponse{ |
| 192 | HasAccess: false, |
| 193 | GrantAccessUrl: s.admin.URLs.GithubAuth(req.Remote), |
| 194 | } |
| 195 | return res, nil |
| 196 | } |
| 197 | |
| 198 | // Get repo info for user and return. |
| 199 | repository, err := s.admin.LookupGithubRepoForUser(ctx, installationID, req.Remote, user.GithubUsername) |
| 200 | if err != nil { |
| 201 | if errors.Is(err, admin.ErrUserIsNotCollaborator) { |
| 202 | // may be user authorised from another username |
| 203 | res := &adminv1.GetGithubRepoStatusResponse{ |
| 204 | HasAccess: false, |
| 205 | GrantAccessUrl: s.admin.URLs.GithubRetryAuthUI(req.Remote, user.GithubUsername, ""), |
| 206 | } |
| 207 | return res, nil |
| 208 | } |
no test coverage detected