-
Notifications
You must be signed in to change notification settings - Fork 77
/
verify.js
75 lines (64 loc) · 2.35 KB
/
verify.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
const {isString, isPlainObject, isArray} = require('lodash');
const urlJoin = require('url-join');
const got = require('got');
const debug = require('debug')('semantic-release:gitlab');
const AggregateError = require('aggregate-error');
const resolveConfig = require('./resolve-config');
const getRepoId = require('./get-repo-id');
const getError = require('./get-error');
const isNonEmptyString = value => isString(value) && value.trim();
const isStringOrStringArray = value => isNonEmptyString(value) || (isArray(value) && value.every(isNonEmptyString));
const isArrayOf = validator => array => isArray(array) && array.every(value => validator(value));
const VALIDATORS = {
assets: isArrayOf(
asset => isStringOrStringArray(asset) || (isPlainObject(asset) && isStringOrStringArray(asset.path))
),
};
module.exports = async (pluginConfig, context) => {
const {
options: {repositoryUrl},
logger,
} = context;
const errors = [];
const {gitlabToken, gitlabUrl, gitlabApiUrl, assets} = resolveConfig(pluginConfig, context);
const repoId = getRepoId(context, gitlabUrl, repositoryUrl);
debug('apiUrl: %o', gitlabApiUrl);
debug('repoId: %o', repoId);
if (!repoId) {
errors.push(getError('EINVALIDGITLABURL'));
}
if (assets && !VALIDATORS.assets(assets)) {
errors.push(getError('EINVALIDASSETS'));
}
if (!gitlabToken) {
errors.push(getError('ENOGLTOKEN', {repositoryUrl}));
}
if (gitlabToken && repoId) {
let projectAccess;
let groupAccess;
logger.log('Verify GitLab authentication (%s)', gitlabApiUrl);
try {
({
permissions: {project_access: projectAccess, group_access: groupAccess},
} = await got
.get(urlJoin(gitlabApiUrl, `/projects/${encodeURIComponent(repoId)}`), {
headers: {'PRIVATE-TOKEN': gitlabToken},
})
.json());
if (!((projectAccess && projectAccess.access_level >= 30) || (groupAccess && groupAccess.access_level >= 30))) {
errors.push(getError('EGLNOPERMISSION', {repoId}));
}
} catch (error) {
if (error.response.statusCode === 401) {
errors.push(getError('EINVALIDGLTOKEN', {repoId}));
} else if (error.response.statusCode === 404) {
errors.push(getError('EMISSINGREPO', {repoId}));
} else {
throw error;
}
}
}
if (errors.length > 0) {
throw new AggregateError(errors);
}
};