-
Notifications
You must be signed in to change notification settings - Fork 232
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drone and Bitbucket broken for write permission detection for drone build restart permission. #87
Comments
I've carved out some time on Monday to research this further ... I will post back here to share my analysis once complete. The reason we changed was because, according to bitbucket rest documentation, there is no |
I spent some time researching this issue and it seemed to work for me. I tried to be very detailed with my testing and methodology below. Can you can take a look and provide some feedback? Perhaps there are some edge cases or scenarios that my testing does not cover? First, I setup a project called Next, I made the an API call on behalf of the dummy user account using the curl command:
And received the results as expected indicating write access: {
"size": 1,
"limit": 1,
"isLastPage": true,
"values": [
{
"slug": "quux",
"id": 5,
"name": "quux",
"scmId": "git",
"state": "AVAILABLE",
"statusMessage": "Available",
"forkable": true,
"project": {
"key": "FOO",
"id": 3,
"name": "foo",
"public": false,
"type": "NORMAL"
},
"public": false
}
],
"start": 0
} Next, I decided to login to Drone as the dummy user and sync my account. I can see the repository in my list: Next I clicked on the repository. When you perform a repository sync, Drone purges its cache of repository access levels for the user, forcing Drone to fetch and update the access levels for each repository, on-demand. The results are cached in the database until the next time you re-sync your repository list. As part of our testing, we can confirm in the logs that Drone makes an API call to Bitbucket (using this go-smc library) which returns that the dummy user is granted write access to the repository: Finally, I checked to make sure write access was persisted in the database and returned from the API when the user attempts to request the repository resource: |
chore: Add a bunch of GitLab API functionality
Thank you for looking, I think I can see the issue and why it works for you and not us: Try changing your project name to be different from the key in bitbucket: { |
Anyone else who comes across this bug can work around it by renaming the project to start with the key: |
i've rolled back the drone server from 1.10.1 to 1.9.1 and it is working
With 1.9.1 i get the proper permissions. |
With #114 we have submitted a fix and are doing a release of the library, can you check it out. |
thanks for your patience @RichardTheHouse |
Since this commit:
802e265
Changing of
path := fmt.Sprintf("rest/api/1.0/repos?size=1000&permission=REPO_WRITE&project=%s&name=%s", namespace, name)
to
path := fmt.Sprintf("rest/api/1.0/repos?size=1000&permission=REPO_WRITE&projectname=%s&name=%s", namespace, name)
Has resulted in drone not allowing users with write permission to restart drone jobs or do drone deploys. As it is not detecting the user has write permission.
Admins still work using the webhook lookup but users with only write permission can not.
The text was updated successfully, but these errors were encountered: