[PRD] TCI/Assembla Handshake with SVN/P4 (#1282)

lib/travis/api/app/endpoint/authorization.rb

@@ -232,7 +232,8 @@ def vcs_handshake
             vcs_data = remote_vcs_user.authenticate(
               provider: params[:provider],
               code: params[:code],
-              redirect_uri: oauth_endpoint
+              redirect_uri: oauth_endpoint,
+              cluster: params[:cluster]
             )
 
             if vcs_data['redirect_uri'].present?

lib/travis/api/v3/models/repository.rb

@@ -21,6 +21,8 @@ class Models::Repository < Model
       primary_key: [:id,  :default_branch],
       class_name:  'Travis::API::V3::Models::Branch'.freeze
 
+    scope :by_server_type, ->(server_type) { where(server_type: server_type) }
+
     alias last_started_build current_build
 
     after_initialize do
@@ -198,5 +200,13 @@ def admin
     def allow_migration?
       Travis::Features.owner_active?(:allow_migration, self.owner)
     end
+
+    def perforce?
+      server_type == 'perforce'
+    end
+
+    def subversion?
+      server_type == 'subversion'
+    end
   end
 end

lib/travis/api/v3/queries/repository.rb

@@ -1,7 +1,7 @@
 module Travis::API::V3
   class Queries::Repository < Query
     setup_sidekiq(:repo_sync, queue: :sync, class_name: "Travis::GithubSync::Worker")
-    params :id, :slug
+    params :id, :slug, :server_type
 
     def find
       @find ||= find!
@@ -37,27 +37,30 @@ def update(attrs)
 
     def find!
       return by_slug if slug
-      return Models::Repository.find_by_id(id) if id
+      return Models::Repository.find_by_id(id) if id && !id.match(/\D/)
       raise WrongParams, 'missing repository.id'.freeze
     end
 
     def by_slug
       owner_name, repo_name = slug.split('/')
-      Models::Repository.where(
+      repos = Models::Repository.where(
         "(lower(repositories.vcs_slug) = ? "\
         "or (lower(repositories.owner_name) = ? and lower(repositories.name) = ?)) "\
         "and lower(repositories.vcs_type) = ? "\
         "and repositories.invalidated_at is null",
         slug.downcase,
         owner_name.downcase,
         repo_name.downcase,
-        provider.downcase + 'repository'
-      ).order("updated_at desc, vcs_slug asc, owner_name asc, name asc, vcs_type asc").first
+        "#{provider.downcase}repository"
+      )
+      repos = repos.by_server_type(server_type) if server_type && provider == 'assembla'
+
+      repos.order("updated_at desc, vcs_slug asc, owner_name asc, name asc, vcs_type asc")
+           .first
     end
 
     def provider
       params['provider'] || 'github'
     end
-
   end
 end

lib/travis/api/v3/queries/repository_vcs.rb

@@ -0,0 +1,32 @@
+module Travis::API::V3
+  class Queries::RepositoryVcs < Query
+    params :vcs_id
+
+    def find
+      @find ||= find!
+    end
+
+    private
+
+    def find!
+      return by_vcs_id if vcs_id
+      raise WrongParams, 'missing repository_vcs.vcs_id'.freeze
+    end
+
+    def by_vcs_id
+      Models::Repository.where(
+                          "repositories.vcs_id = ? "\
+                          "and lower(repositories.vcs_type) = ? "\
+                          "and repositories.invalidated_at is null",
+                          vcs_id,
+                          "#{provider.downcase}repository"
+                        )
+                        .order("updated_at desc, vcs_slug asc, owner_name asc, name asc, vcs_type asc")
+                        .first
+    end
+
+    def provider
+      params['provider'] || 'github'
+    end
+  end
+end

lib/travis/api/v3/result.rb

@@ -29,14 +29,19 @@ def render(params, env)
       href    = self.href
       href    = V3.location(env) if href.nil? and env['REQUEST_METHOD'.freeze] == 'GET'.freeze
       include = params.to_h['include'.freeze].to_s.split(?,.freeze)
-      add_info Renderer[type].render(resource,
+      result = Renderer[type].render(
+        resource,
         href:           href,
         script_name:    env['SCRIPT_NAME'.freeze],
         params:         params,
         include:        include,
         access_control: access_control,
         meta_data:      meta_data,
-        accept:         env.fetch('HTTP_ACCEPT'.freeze, 'application/json'.freeze))
+        accept:         env.fetch('HTTP_ACCEPT'.freeze, 'application/json'.freeze)
+      )
+      Travis.logger.error("#{self.class}#render: Render failed! type=#{type.inspect} resource=#{resource.inspect} href=#{href} params=#{params.inspect} env=#{env}") if result.nil?
+
+      add_info(result)
     end
 
     def add_info(payload)

lib/travis/api/v3/routes.rb

@@ -282,6 +282,11 @@ module Routes
       end
     end
 
+    hidden_resource :repository_vcs do
+      route '/repo_vcs/{provider}/{repository_vcs.vcs_id}'
+      get :find
+    end
+
     resource :scan_results do
       route '/scan_results'
       get :all

lib/travis/api/v3/services.rb

@@ -53,6 +53,7 @@ module Services
     Queues                = Module.new { extend Services }
     Repositories          = Module.new { extend Services }
     Repository            = Module.new { extend Services }
+    RepositoryVcs         = Module.new { extend Services }
     Request               = Module.new { extend Services }
     Requests              = Module.new { extend Services }
     SslKey                = Module.new { extend Services }

lib/travis/api/v3/services/repository/activate.rb

@@ -16,15 +16,26 @@ def run!
 
       repository.update_attributes(active: true)
 
-      if repository.private? || access_control.enterprise?
+      if repository.perforce?
+        remote_vcs_repository.create_perforce_group(
+          repository_id: repository.id,
+          user_id: admin.id
+        )
+
+        remote_vcs_repository.set_perforce_ticket(
+          repository_id: repository.id,
+          user_id: admin.id
+        )
+      elsif repository.private? || access_control.enterprise?
         remote_vcs_repository.upload_key(
           repository_id: repository.id,
           user_id: admin.id,
-          read_only: !Travis::Features.owner_active?(:read_write_github_keys, repository.owner)
+          read_only: !repository.subversion? && !Travis::Features.owner_active?(:read_write_github_keys, repository.owner)
         )
       end
 
       query.sync(access_control.user || access_control.admin_for(repository))
+      save_audit(repository)
       result repository
     end
 
@@ -33,7 +44,21 @@ def check_access(repository)
     end
 
     def check_repo_key(repository)
+      if repository.subversion? && repository.key.nil?
+        key = Travis::API::V3::Models::SslKey.new(repository: repository)
+        key.generate_keys!
+        key.save!
+
+        return
+      end
+
       raise RepoSshKeyMissing if repository.key.nil?
     end
+
+    def save_audit(repository)
+      app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token)&.app_id
+      change_source = (app_id.nil? || app_id == 2) ? 'admin-v2' : 'travis-api'
+      Travis::API::V3::Models::Audit.create!(owner: access_control.user, change_source: change_source, source: repository, source_changes: { active: [false, true] })
+    end
   end
 end

lib/travis/api/v3/services/repository/deactivate.rb

@@ -12,12 +12,49 @@ def run!(activate = false)
         user_id: admin.id,
         activate: activate
       )
+
+      if repository.perforce?
+        begin
+          remote_vcs_repository.delete_perforce_group(
+            repository_id: repository.id,
+            user_id: admin.id
+          )
+        rescue Travis::RemoteVCS::ResponseError
+          # Do nothing, the group is already removed
+        end
+
+        if repository.key.present?
+          repository.key.generate_keys!
+          repository.key.save!
+        end
+      elsif repository.key.present?
+        keys = remote_vcs_repository.keys(
+          repository_id: repository.id,
+          user_id: admin.id
+        )
+        fingerprint = PrivateKey.new(repository.key.private_key).fingerprint.gsub(':', '')
+        matched_key = keys.detect { |key| key['fingerprint'] == fingerprint }
+        remote_vcs_repository.delete_key(
+          repository_id: repository.id,
+          user_id: admin.id,
+          id: matched_key['id']
+        ) if matched_key.present?
+        repository.key.destroy if repository.subversion?
+      end
+
       repository.update_attributes(active: activate)
+      save_audit(repository)
       result repository
     end
 
     def check_access(repository)
       access_control.permissions(repository).deactivate!
     end
+
+    def save_audit(repository)
+      app_id = Travis::Api::App::AccessToken.find_by_token(access_control.token)&.app_id
+      change_source = (app_id.nil? || app_id == 2) ? 'admin-v2' : 'travis-api'
+      Travis::API::V3::Models::Audit.create!(owner: access_control.user, change_source: change_source, source: repository, source_changes: { active: [true, false] })
+    end
   end
 end

lib/travis/api/v3/services/repository/find.rb

@@ -1,5 +1,7 @@
 module Travis::API::V3
   class Services::Repository::Find < Service
+    params :server_type
+
     def run!
       result find
     end

lib/travis/api/v3/services/repository_vcs/find.rb

@@ -0,0 +1,7 @@
+module Travis::API::V3
+  class Services::RepositoryVcs::Find < Service
+    def run!
+      result find, type: :repository
+    end
+  end
+end

lib/travis/remote_vcs/repository.rb

@@ -15,7 +15,7 @@ def set_hook(repository_id:, user_id:, activate: true)
       end
 
       def keys(repository_id:, user_id:)
-        request(:get, __method__) do |req|
+        request(:get, __method__, false) do |req|
           req.url "repos/#{repository_id}/keys"
           req.params['user_id'] = user_id
         end
@@ -50,6 +50,29 @@ def show(repository_id:, admin_id: nil)
       rescue ResponseError
         nil
       end
+
+      def create_perforce_group(repository_id:, user_id:)
+        request(:post, __method__) do |req|
+          req.url "repos/#{repository_id}/perforce_groups"
+          req.params['user_id'] = user_id
+        end
+      end
+
+      def delete_perforce_group(repository_id:, user_id:)
+        request(:delete, __method__) do |req|
+          req.url "repos/#{repository_id}/perforce_groups"
+          req.params['user_id'] = user_id
+        end
+      end
+
+      def set_perforce_ticket(repository_id:, user_id:)
+        request(:post, __method__, false) do |req|
+          req.url "repos/#{repository_id}/perforce_ticket"
+          req.params['user_id'] = user_id
+        end
+      rescue ResponseError
+        {}
+      end
     end
   end
 end

lib/travis/remote_vcs/user.rb

@@ -16,12 +16,13 @@ def auth_request(provider: :github, redirect_uri:, state:, signup:)
         end
       end
 
-      def authenticate(provider: :github, code:, redirect_uri:)
+      def authenticate(provider: :github, code:, redirect_uri:, cluster: nil)
         request(:post, __method__) do |req|
           req.url 'users/session'
           req.params['provider'] = provider
           req.params['code'] = code
           req.params['redirect_uri'] = redirect_uri
+          req.params['cluster'] = cluster unless cluster.nil?
         end
       end
 

spec/lib/github/services/set_key_spec.rb

@@ -14,9 +14,7 @@
     WebMock.stub_request(:get, "http://vcsfake.travis-ci.com/repos/#{repo.id}/keys?user_id=#{owner.id}")
       .to_return(
         status: 200,
-        body: JSON.dump(
-          data: keys,
-        )
+        body: JSON.dump(keys)
       )
   end
   let!(:delete_request) do