line · minwoox · Dec 16, 2024 · Nov 14, 2024 · Nov 14, 2024 · Nov 14, 2024
@@ -31,6 +31,7 @@
 import com.fasterxml.jackson.core.JsonFactory;
 import com.fasterxml.jackson.core.JsonGenerator;
 import com.fasterxml.jackson.core.JsonParseException;
+import com.fasterxml.jackson.core.JsonParser;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.core.TreeNode;
 import com.fasterxml.jackson.core.io.JsonStringEncoder;
@@ -185,6 +186,10 @@ public static <T> T readValue(File file, TypeReference<T> typeReference) throws
         return compactMapper.readValue(file, typeReference);
     }
 
+    public static <T> T readValue(JsonParser jp, TypeReference<T> typeReference) throws IOException {
+        return compactMapper.readValue(jp, typeReference);
+    }
+
     public static JsonNode readTree(String data) throws JsonParseException {
         try {
             return compactMapper.readTree(data);

@@ -29,7 +29,6 @@
 
 import com.fasterxml.jackson.annotation.JsonCreator;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.core.type.TypeReference;
 import com.google.common.base.MoreObjects;
 
 import com.linecorp.armeria.common.util.Exceptions;
@@ -42,7 +41,6 @@
 import com.linecorp.centraldogma.common.Author;
 import com.linecorp.centraldogma.common.ProjectRole;
 import com.linecorp.centraldogma.common.Revision;
-import com.linecorp.centraldogma.internal.Jackson;
 import com.linecorp.centraldogma.internal.jsonpatch.JsonPatch;
 import com.linecorp.centraldogma.internal.jsonpatch.JsonPatchOperation;
 import com.linecorp.centraldogma.internal.jsonpatch.ReplaceOperation;
@@ -63,9 +61,6 @@
 @RequiresRole(roles = ProjectRole.OWNER)
 public class MetadataApiService extends AbstractService {
 
-    private static final TypeReference<Collection<Permission>> permissionsTypeRef =
-            new TypeReference<Collection<Permission>>() {};
-
     private final MetadataService mds;
     private final Function<String, String> loginNameNormalizer;
 
@@ -199,28 +194,6 @@ public CompletableFuture<Revision> addSpecificUserPermission(
                                         member, memberWithPermissions.permissions());
     }
 
-    /**
-     * PATCH /metadata/{projectName}/repos/{repoName}/perm/users/{memberId}
-     *
-     * <p>Updates {@link Permission}s for the specified {@code memberId} of the specified {@code repoName}
-     * in the specified {@code projectName}.
-     */
-    @Patch("/metadata/{projectName}/repos/{repoName}/perm/users/{memberId}")
-    @Consumes("application/json-patch+json")
-    public CompletableFuture<Revision> updateSpecificUserPermission(@Param String projectName,
-                                                                    @Param String repoName,
-                                                                    @Param String memberId,
-                                                                    JsonPatch jsonPatch,
-                                                                    Author author) {
-        final ReplaceOperation operation = ensureSingleReplaceOperation(jsonPatch, "/permissions");
-        final Collection<Permission> permissions = Jackson.convertValue(operation.value(), permissionsTypeRef);
-        final User member = new User(loginNameNormalizer.apply(urlDecode(memberId)));
-        return mds.findPermissions(projectName, repoName, member)
-                  .thenCompose(unused -> mds.updatePerUserPermission(author,
-                                                                     projectName, repoName, member,
-                                                                     permissions));
-    }
-
     /**
      * DELETE /metadata/{projectName}/repos/{repoName}/perm/users/{memberId}
      *
@@ -254,26 +227,6 @@ public CompletableFuture<Revision> addSpecificTokenPermission(
                                          tokenWithPermissions.id(), tokenWithPermissions.permissions());
     }
 
-    /**
-     * PATCH /metadata/{projectName}/repos/{repoName}/perm/tokens/{appId}
-     *
-     * <p>Updates {@link Permission}s for the specified {@code appId} of the specified {@code repoName}
-     * in the specified {@code projectName}.
-     */
-    @Patch("/metadata/{projectName}/repos/{repoName}/perm/tokens/{appId}")
-    @Consumes("application/json-patch+json")
-    public CompletableFuture<Revision> updateSpecificTokenPermission(@Param String projectName,
-                                                                     @Param String repoName,
-                                                                     @Param String appId,
-                                                                     JsonPatch jsonPatch,
-                                                                     Author author) {
-        final ReplaceOperation operation = ensureSingleReplaceOperation(jsonPatch, "/permissions");
-        final Collection<Permission> permissions = Jackson.convertValue(operation.value(), permissionsTypeRef);
-        return mds.findTokenByAppId(appId)
-                  .thenCompose(token -> mds.updatePerTokenPermission(
-                          author, projectName, repoName, appId, permissions));
-    }
-
     /**
      * DELETE /metadata/{projectName}/repos/{repoName}/perm/tokens/{appId}
      *

@@ -36,7 +36,7 @@
 /**
  * A default permission for a {@link Repository}.
  */
-public class PerRolePermissions {
+public final class PerRolePermissions {
 
     /**
      * {@link Permission}s for administrators.

@@ -20,6 +20,7 @@
 
 import java.util.Collection;
 import java.util.Map;
+import java.util.Objects;
 
 import javax.annotation.Nullable;
 
@@ -28,6 +29,7 @@
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonInclude.Include;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import com.google.common.base.MoreObjects;
 import com.google.common.collect.ImmutableMap;
 
@@ -39,7 +41,8 @@
  * Specifies details of a {@link Repository}.
  */
 @JsonIgnoreProperties(ignoreUnknown = true)
-@JsonInclude(Include.NON_NULL)
+@JsonInclude(Include.NON_NULL) // These are used when serializing.
+@JsonDeserialize(using = RepositoryMetadataDeserializer.class)
 public class RepositoryMetadata implements Identifiable {
 
     /**
@@ -174,6 +177,30 @@ public QuotaConfig writeQuota() {
         return writeQuota;
     }
 
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+
+        final RepositoryMetadata that = (RepositoryMetadata) o;
+        return name.equals(that.name) &&
+               perRolePermissions.equals(that.perRolePermissions) &&
+               perUserPermissions.equals(that.perUserPermissions) &&
+               perTokenPermissions.equals(that.perTokenPermissions) &&
+               creation.equals(that.creation) && Objects.equals(removal, that.removal) &&
+               Objects.equals(writeQuota, that.writeQuota);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(name, perRolePermissions, perUserPermissions, perTokenPermissions,
+                            creation, removal, writeQuota);
+    }
+
     @Override
     public String toString() {
         return MoreObjects.toStringHelper(this)

@@ -0,0 +1,104 @@
+/*
+ * Copyright 2024 LINE Corporation
+ *
+ * LINE Corporation licenses this file to you under the Apache License,
+ * version 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at:
+ *
+ *   https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package com.linecorp.centraldogma.server.metadata;
+
+import static com.google.common.collect.ImmutableMap.toImmutableMap;
+import static com.linecorp.centraldogma.server.metadata.PerRolePermissions.READ_WRITE;
+
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.annotation.Nullable;
+
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.type.TypeReference;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.deser.std.StdDeserializer;
+import com.google.common.collect.ImmutableList;
+
+import com.linecorp.centraldogma.internal.Jackson;
+import com.linecorp.centraldogma.server.QuotaConfig;
+
+final class RepositoryMetadataDeserializer extends StdDeserializer<RepositoryMetadata> {
+
+    private static final long serialVersionUID = 1173216371065909688L;
+
+    private static final TypeReference<Map<String, Collection<Permission>>> PER_PERMISSIONS_TYPE =
+            new TypeReference<Map<String, Collection<Permission>>>() {};
+
+    RepositoryMetadataDeserializer() {
+        super(RepositoryMetadata.class);
+    }
+
+    @Override
+    public RepositoryMetadata deserialize(JsonParser p, DeserializationContext ctxt)
+            throws IOException {
+        final JsonNode jsonNode = p.readValueAsTree();
+        final String name = jsonNode.get("name").textValue();
+        final JsonNode perRolePermissionsNode = jsonNode.get("perRolePermissions");
+
+        final PerRolePermissions perRolePermissions;
+        final Map<String, Collection<Permission>> perUserPermissions;
+        final Map<String, Collection<Permission>> perTokenPermissions;
+        if (perRolePermissionsNode != null)  {
+            // legacy format
+            perRolePermissions = Jackson.treeToValue(perRolePermissionsNode, PerRolePermissions.class);
+            perUserPermissions = Jackson.readValue(jsonNode.get("perUserPermissions").traverse(),
+                                                   PER_PERMISSIONS_TYPE);
+            perTokenPermissions = Jackson.readValue(jsonNode.get("perTokenPermissions").traverse(),
+                                                    PER_PERMISSIONS_TYPE);
+        } else {
+            // new format
+            final Roles roles = Jackson.treeToValue(jsonNode.get("roles"), Roles.class);
+            perRolePermissions = new PerRolePermissions(READ_WRITE, getPermissions(roles.projectMember()),
+                                                        getPermissions(roles.projectGuest()), null);
+            perUserPermissions = convert(roles.users());
+            perTokenPermissions = convert(roles.tokens());
+        }
+
+        final UserAndTimestamp creation = Jackson.treeToValue(jsonNode.get("creation"), UserAndTimestamp.class);
+        final JsonNode removalNode = jsonNode.get("removal");
+        final UserAndTimestamp removal =
+                removalNode == null ? null : Jackson.treeToValue(removalNode, UserAndTimestamp.class);
+
+        final JsonNode writeQuotaNode = jsonNode.get("writeQuota");
+        final QuotaConfig writeQuota =
+                writeQuotaNode == null ? null : Jackson.treeToValue(writeQuotaNode, QuotaConfig.class);
+
+        return new RepositoryMetadata(name, perRolePermissions, perUserPermissions, perTokenPermissions,
+                                      creation, removal, writeQuota);
+    }
+
+    private static Map<String, Collection<Permission>> convert(
+            Map<String, RepositoryRole> roles) {
+        return roles.entrySet().stream()
+                    .collect(toImmutableMap(Entry::getKey, entry -> getPermissions(entry.getValue())));
+    }
+
+    static Collection<Permission> getPermissions(@Nullable RepositoryRole repositoryRole) {
+        if (repositoryRole == null) {
+            return ImmutableList.of();
+        }
+        if (repositoryRole == RepositoryRole.READ) {
+            return ImmutableList.of(Permission.READ);
+        }
+        // WRITE or ADMIN RepositoryRole.
+        return ImmutableList.of(Permission.READ, Permission.WRITE);
+    }
+}
diff --git a/server/src/main/java/com/linecorp/centraldogma/server/metadata/RepositoryRole.java b/server/src/main/java/com/linecorp/centraldogma/server/metadata/RepositoryRole.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2024 LINE Corporation
+ *
+ * LINE Corporation licenses this file to you under the Apache License,
+ * version 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at:
+ *
+ *   https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+package com.linecorp.centraldogma.server.metadata;
+
+/**
+ * Roles for a repository.
+ */
+public enum RepositoryRole {
+    /**
+     * Able to read a file from a repository.
+     */
+    READ,
+    /**
+     * Able to write a file to a repository.
+     */
+    WRITE,
+    /**
+     * Able to manage a repository.
+     */
+    ADMIN
+}