Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add enterprise actions permissions endpoints and reorg files #2920

Merged
merged 22 commits into from
Sep 29, 2023
Merged
Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
f1c331c
Add enterprise allowed actions
algorythmic Oct 25, 2022
5319263
Add enterprise actions permissions
algorythmic Oct 25, 2022
437c925
Add enterprise action permissions for orgs
algorythmic Oct 25, 2022
3eb4312
Move actions permissions out of action_runners.go
algorythmic Oct 25, 2022
7f8e2af
Update copyright
algorythmic Oct 25, 2022
c55315a
Update copyright
algorythmic Oct 25, 2022
e9b5264
Update copyright
algorythmic Oct 25, 2022
c2cd862
Update copyright
algorythmic Oct 25, 2022
33e666c
fixed tests with enterprise action permission endpoints
RickleAndMortimer Sep 14, 2023
1da39d7
formatting
RickleAndMortimer Sep 14, 2023
54e213a
reorganized urls for enterprise and orgs endpoints for action permiss…
RickleAndMortimer Sep 25, 2023
db1d21b
readded allowed permissions tests and copyright
RickleAndMortimer Sep 26, 2023
b64b8b8
linting
RickleAndMortimer Sep 26, 2023
dde3ba2
renaming to match original names prior to the PR
RickleAndMortimer Sep 26, 2023
18b5850
readded old orgs_actions_permissions as deprecated code
RickleAndMortimer Sep 26, 2023
055da67
file typo
RickleAndMortimer Sep 26, 2023
c9ce020
remove incorrectly named file
RickleAndMortimer Sep 26, 2023
324285e
readded org_actions tests
RickleAndMortimer Sep 26, 2023
b2f9d6c
Update github/orgs_actions_allowed.go
gmlewis Sep 29, 2023
11a21aa
Update github/orgs_actions_allowed.go
gmlewis Sep 29, 2023
ea8a460
Update github/orgs_actions_permissions.go
gmlewis Sep 29, 2023
0d02f81
Update github/orgs_actions_permissions.go
gmlewis Sep 29, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
152 changes: 152 additions & 0 deletions github/actions_permissions_enterprise.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,152 @@
// Copyright 2022 The go-github AUTHORS. All rights reserved.
RickleAndMortimer marked this conversation as resolved.
Show resolved Hide resolved
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package github

import (
"context"
"fmt"
)

// ActionsEnabledOnEnterpriseOrgs represents all the repositories in an enterprise for which Actions is enabled.
type ActionsEnabledOnEnterpriseOrgs struct {
TotalCount int `json:"total_count"`
Organizations []*Organization `json:"organizations"`
}

// ActionsPermissionsEnterprise represents a policy for allowed actions in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions
type ActionsPermissionsEnterprise struct {
EnabledOrganizations *string `json:"enabled_organizations,omitempty"`
AllowedActions *string `json:"allowed_actions,omitempty"`
SelectedActionsURL *string `json:"selected_actions_url,omitempty"`
}

func (a ActionsPermissionsEnterprise) String() string {
return Stringify(a)
}

// GetActionsPermissions gets the GitHub Actions permissions policy for an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#get-github-actions-permissions-for-an-enterprise
func (s *ActionsService) GetEnterpriseActionsPermissions(ctx context.Context, enterprise string) (*ActionsPermissionsEnterprise, *Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise)

req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

permissions := new(ActionsPermissionsEnterprise)
resp, err := s.client.Do(ctx, req, permissions)
if err != nil {
return nil, resp, err
}

return permissions, resp, nil
}

// EditActionsPermissions sets the permissions policy in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-github-actions-permissions-for-an-enterprise
func (s *ActionsService) EditEnterpriseActionsPermissions(ctx context.Context, enterprise string, actionsPermissionsEnterprise ActionsPermissionsEnterprise) (*ActionsPermissionsEnterprise, *Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions", enterprise)
req, err := s.client.NewRequest("PUT", u, actionsPermissionsEnterprise)
if err != nil {
return nil, nil, err
}

p := new(ActionsPermissionsEnterprise)
resp, err := s.client.Do(ctx, req, p)
if err != nil {
return nil, resp, err
}

return p, resp, nil
}

// ListEnabledOrgsInEnterprise lists the selected organizations that are enabled for GitHub Actions in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#list-selected-organizations-enabled-for-github-actions-in-an-enterprise
func (s *ActionsService) ListEnabledOrgsInEnterprise(ctx context.Context, owner string, opts *ListOptions) (*ActionsEnabledOnEnterpriseOrgs, *Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner)
u, err := addOptions(u, opts)
if err != nil {
return nil, nil, err
}

req, err := s.client.NewRequest("GET", u, nil)
if err != nil {
return nil, nil, err
}

orgs := &ActionsEnabledOnEnterpriseOrgs{}
resp, err := s.client.Do(ctx, req, orgs)
if err != nil {
return nil, resp, err
}

return orgs, resp, nil
}

// SetEnabledOrgsInEnterprise replaces the list of selected organizations that are enabled for GitHub Actions in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#set-selected-organizations-enabled-for-github-actions-in-an-enterprise
func (s *ActionsService) SetEnabledOrgsInEnterprise(ctx context.Context, owner string, organizationIDs []int64) (*Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations", owner)

req, err := s.client.NewRequest("PUT", u, struct {
IDs []int64 `json:"selected_organization_ids"`
}{IDs: organizationIDs})
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}

// AddEnabledOrgInEnterprise adds an organization to the list of selected organizations that are enabled for GitHub Actions in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#enable-a-selected-organization-for-github-actions-in-an-enterprise
func (s *ActionsService) AddEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID)

req, err := s.client.NewRequest("PUT", u, nil)
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}

// RemoveEnabledOrgInEnterprise removes an organization from the list of selected organizations that are enabled for GitHub Actions in an enterprise.
//
// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/actions/permissions#disable-a-selected-organization-for-github-actions-in-an-enterprise
func (s *ActionsService) RemoveEnabledOrgInEnterprise(ctx context.Context, owner string, organizationID int64) (*Response, error) {
u := fmt.Sprintf("enterprises/%v/actions/permissions/organizations/%v", owner, organizationID)

req, err := s.client.NewRequest("DELETE", u, nil)
if err != nil {
return nil, err
}

resp, err := s.client.Do(ctx, req, nil)
if err != nil {
return resp, err
}

return resp, nil
}
221 changes: 221 additions & 0 deletions github/actions_permissions_enterprise_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,221 @@
// Copyright 2022 The go-github AUTHORS. All rights reserved.
RickleAndMortimer marked this conversation as resolved.
Show resolved Hide resolved
//
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package github

import (
"context"
"encoding/json"
"fmt"
"net/http"
"testing"

"github.com/google/go-cmp/cmp"
)

func TestEnterpriseService_GetActionsPermissions(t *testing.T) {
RickleAndMortimer marked this conversation as resolved.
Show resolved Hide resolved
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "GET")
fmt.Fprint(w, `{"enabled_organizations": "all", "allowed_actions": "all"}`)
})

ctx := context.Background()
ent, _, err := client.Actions.GetEnterpriseActionsPermissions(ctx, "e")
if err != nil {
t.Errorf("Actions.GetActionsPermissions returned error: %v", err)
}
want := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("all")}
if !cmp.Equal(ent, want) {
t.Errorf("Actions.GetActionsPermissions returned %+v, want %+v", ent, want)
}

const methodName = "GetActionsPermissions"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Actions.GetEnterpriseActionsPermissions(ctx, "\n")
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Actions.GetEnterpriseActionsPermissions(ctx, "e")
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}

func TestEnterpriseService_EditActionsPermissions(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

input := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("selected")}

mux.HandleFunc("/enterprises/e/actions/permissions", func(w http.ResponseWriter, r *http.Request) {
v := new(ActionsPermissionsEnterprise)
assertNilError(t, json.NewDecoder(r.Body).Decode(v))

testMethod(t, r, "PUT")
if !cmp.Equal(v, input) {
t.Errorf("Request body = %+v, want %+v", v, input)
}

fmt.Fprint(w, `{"enabled_organizations": "all", "allowed_actions": "selected"}`)
})

ctx := context.Background()
ent, _, err := client.Actions.EditEnterpriseActionsPermissions(ctx, "e", *input)
if err != nil {
t.Errorf("Actions.EditActionsPermissions returned error: %v", err)
}

want := &ActionsPermissionsEnterprise{EnabledOrganizations: String("all"), AllowedActions: String("selected")}
if !cmp.Equal(ent, want) {
t.Errorf("Actions.EditActionsPermissions returned %+v, want %+v", ent, want)
}

const methodName = "EditActionsPermissions"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Actions.EditEnterpriseActionsPermissions(ctx, "\n", *input)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Actions.EditEnterpriseActionsPermissions(ctx, "e", *input)
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}

func TestActionsService_ListEnabledOrgsInEnterprise(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "GET")
testFormValues(t, r, values{
"page": "1",
})
fmt.Fprint(w, `{"total_count":2,"organizations":[{"id":2}, {"id":3}]}`)
})

ctx := context.Background()
opt := &ListOptions{
Page: 1,
}
got, _, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt)
if err != nil {
t.Errorf("Actions.ListEnabledOrgsInEnterprise returned error: %v", err)
}

want := &ActionsEnabledOnEnterpriseOrgs{TotalCount: int(2), Organizations: []*Organization{
{ID: Int64(2)},
{ID: Int64(3)},
}}
if !cmp.Equal(got, want) {
t.Errorf("Actions.ListEnabledOrgsInEnterprise returned %+v, want %+v", got, want)
}

const methodName = "ListEnabledOrgsInEnterprise"
testBadOptions(t, methodName, func() (err error) {
_, _, err = client.Actions.ListEnabledOrgsInEnterprise(ctx, "\n", opt)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
got, resp, err := client.Actions.ListEnabledOrgsInEnterprise(ctx, "e", opt)
if got != nil {
t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
}
return resp, err
})
}

func TestActionsService_SetEnabledOrgsInEnterprise(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions/organizations", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "PUT")
testHeader(t, r, "Content-Type", "application/json")
testBody(t, r, `{"selected_organization_ids":[123,1234]}`+"\n")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234})
if err != nil {
t.Errorf("Actions.SetEnabledOrgsInEnterprise returned error: %v", err)
}

const methodName = "SetEnabledOrgsInEnterprise"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.SetEnabledOrgsInEnterprise(ctx, "\n", []int64{123, 1234})
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.SetEnabledOrgsInEnterprise(ctx, "e", []int64{123, 1234})
})
}

func TestActionsService_AddEnabledOrgInEnterprise(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "PUT")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123)
if err != nil {
t.Errorf("Actions.AddEnabledOrgInEnterprise returned error: %v", err)
}

const methodName = "AddEnabledOrgInEnterprise"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.AddEnabledOrgInEnterprise(ctx, "\n", 123)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.AddEnabledOrgInEnterprise(ctx, "e", 123)
})
}

func TestActionsService_RemoveEnabledOrgInEnterprise(t *testing.T) {
client, mux, _, teardown := setup()
defer teardown()

mux.HandleFunc("/enterprises/e/actions/permissions/organizations/123", func(w http.ResponseWriter, r *http.Request) {
testMethod(t, r, "DELETE")
w.WriteHeader(http.StatusNoContent)
})

ctx := context.Background()
_, err := client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123)
if err != nil {
t.Errorf("Actions.RemoveEnabledOrgInEnterprise returned error: %v", err)
}

const methodName = "RemoveEnabledOrgInEnterprise"

testBadOptions(t, methodName, func() (err error) {
_, err = client.Actions.RemoveEnabledOrgInEnterprise(ctx, "\n", 123)
return err
})

testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
return client.Actions.RemoveEnabledOrgInEnterprise(ctx, "e", 123)
})
}
Loading
Loading