Skip to content

Add roles#1069

Merged
nscuro merged 48 commits into
DependencyTrack:mainfrom
ashearin:add-roles-model
Jun 4, 2025
Merged

Add roles#1069
nscuro merged 48 commits into
DependencyTrack:mainfrom
ashearin:add-roles-model

Conversation

@ashearin
Copy link
Copy Markdown
Contributor

@ashearin ashearin commented Feb 24, 2025
edited
Loading

Description

This PR adds Roles and related model classes as well as Query Manager Changes as part of the effort to enforce permissions at the Project level.

Additional context/conversation can be found in the issue below.

Addressed Issue

Resolves DependencyTrack/hyades#1632

Needed for Gitlab Integration (Proposed Change) #1052

Related Frontend PR: DependencyTrack/hyades-frontend#283

Additional Details

All changes within persistence-jooq were auto-generated.

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have updated the migration changelog accordingly
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@ashearin ashearin mentioned this pull request Feb 24, 2025
Closed
2 tasks
nscuro
nscuro reviewed Mar 17, 2025
View reviewed changes
Comment thread src/main/java/org/dependencytrack/persistence/jdbi/RoleDao.java Outdated
Comment thread src/main/resources/migration/procedures/function_has-project-access.sql Outdated
Comment thread src/main/java/org/dependencytrack/persistence/QueryManager.java Outdated
Comment thread src/main/resources/migration/procedures/function_has-project-access.sql Outdated
@jhoward-lm jhoward-lm mentioned this pull request Mar 24, 2025
Merged
5 tasks
@jhoward-lm jhoward-lm mentioned this pull request Apr 4, 2025
Closed
5 tasks
@ashearin ashearin mentioned this pull request May 7, 2025
Merged
2 tasks
@ashearin ashearin marked this pull request as ready for review May 20, 2025 15:30
ashearin added 4 commits May 23, 2025 14:19
@ashearin @jhoward-lm
refactor: add changeset for new tables
844807d 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@ashearin @jhoward-lm
feat: add role and mappedrole classes (#2)
3951a8d 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@ashearin @jhoward-lm
refactor: add changeset for new tables
a538ecf 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@ashearin @jhoward-lm
fix: changeset unique constraints
62aa1ea 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
jmayer-lm and others added 4 commits May 23, 2025 15:12
@jmayer-lm @ashearin
Define new Role permissisons & Initial creation of RoleResource.java (#5
7e7bf31 
)

Signed-off-by: jmayer-lm <johnny.w.mayer.iii@lmco.com>
@lmphil @ashearin
add roleQueryManager method stubs (#6)
d0cd774 
Signed-off-by: lmphil <126618132+lmphil@users.noreply.github.com>
@jmayer-lm @ashearin
Add /v1/user Endpoints & CRUD Method Stubs (#7)
63d8c2f 
Signed-off-by: jmayer-lm <johnny.w.mayer.iii@lmco.com>
@EphraimEM @ashearin
Add default roles and permissions for project management (#8)
0400b83 
Signed-off-by: EphraimEM <ephraim.e.mensah@lmco.com>
jhoward-lm and others added 13 commits May 23, 2025 15:25
@jhoward-lm @ashearin
fix: add role UUID field (#9)
53b42cf 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@jhoward-lm @ashearin
refactor: implement role endpoint methods (#10)
9959ada 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@lmphil @ashearin
feat: get user project permissions (wip) (#11)
1a0cc70 
Signed-off-by: lmphil <126618132+lmphil@users.noreply.github.com>
@jhoward-lm @ashearin
refactor: implement adding/removing users to/from roles (#13)
07aedbe 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@jhoward-lm @ashearin
refactor: flatten user role join tables (#14)
68cd5a8 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@jhoward-lm @ashearin
refactor: create view of project effective permissions for user (#15)
17a5210 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@jhoward-lm @ashearin
Role DAO fixes (#16)
894d799 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@ashearin
Revert "feat: get user project permissions (wip) (#11)" (#17)
02c3b03 
This reverts commit 44dd2a2.

Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@jhoward-lm @ashearin
refactor: add triggers to update effective permissions table with rol…
38dfe4f 
…e changes (#18)

Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@lmphil @ashearin
test: add unit tests for RoleQueryManager class (#19)
29a21fc 
Signed-off-by: lmphil <126618132+lmphil@users.noreply.github.com>
@lmphil @ashearin
test: add RoleResource unit tests (#20)
4dc0e77 
Signed-off-by: lmphil <126618132+lmphil@users.noreply.github.com>
@alamb-lm @ashearin
Update createRole API to create a new role with permissions (#22)
ba28c80 
Signed-off-by: Alexis Lamb <alexis.lamb@lmco.com>
@jhoward-lm @ashearin
Merge pull request #23 from jhoward-lm/roles-consolidate-user-tables
90bd768 
Signed-off-by: jhoward-lm <140011346+jhoward-lm@users.noreply.github.com>
@ashearin
refactor: renamed RoleProjectRequest to ModifyUserProjectRoleRequest
62a889b 
- chore: test cleanup
- chore: address PR comments

Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
ashearin
ashearin commented May 30, 2025
View reviewed changes
Comment thread apiserver/src/main/java/org/dependencytrack/model/UserProjectRole.java Outdated
jhoward-lm added 2 commits May 30, 2025 13:35
@jhoward-lm
refactor: change List<User> field to User
85b4379 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@jhoward-lm
chore: remove unused method
5e008f1 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 30, 2025
edited
Loading

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.15% (target: -1.00%) 93.63% (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (8b53629) 27248 22178 81.39%
Head commit (9325a10) 27521 (+273) 22442 (+264) 81.55% (+0.15%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#1069) 314 294 93.63%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

ashearin and others added 2 commits May 30, 2025 13:52
@ashearin
chore: redo test cleanup and name change
f377f15 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@jhoward-lm
style: fix codacy style issues
b6685d0 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
jhoward-lm
jhoward-lm reviewed May 31, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@jhoward-lm jhoward-lm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some minor nitpicky to-dos for later

Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/RoleResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/PermissionResource.java Outdated
jhoward-lm and others added 6 commits May 31, 2025 11:05
@jhoward-lm
Merge branch 'main' of https://github.com/DependencyTrack/hyades-apis…
4a76f33 
…erver into add-roles-model
@jhoward-lm
style: formatting
ffa2975 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@ashearin
tests: add additional unit tests
3bf1846 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@ashearin
tests: add additional unit test coverage
63f1690 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@ashearin
chore: cleanup merge duplication
eda79ac 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@ashearin
chore: remove unused imports
12e8d76 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@nscuro nscuro mentioned this pull request Jun 2, 2025
Merged
4 tasks
nscuro
nscuro reviewed Jun 2, 2025
View reviewed changes
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/RoleResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/persistence/jdbi/mapping/ProjectRowMapper.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/UserResource.java Outdated
Comment thread apiserver/src/main/java/org/dependencytrack/resources/v1/AccessControlResource.java Outdated
Comment thread persistence-migration/src/main/resources/migration/changelog-v5.6.0.xml Outdated
@nscuro nscuro added this to the 5.6.0 milestone Jun 2, 2025
ashearin and others added 3 commits June 2, 2025 08:33
@ashearin
chore: address PR comments
237b9c7 
- Deleted ununsed ProejctRowMapper class
- AccessControlResource response tweak, associated test updates
- log cleanup

Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
@jhoward-lm
fix: combine user project effective permissions triggers
b4006b5 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@ashearin
refactor: update addRoleToUser to check for existing role on project
4d0d0f0 
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
nscuro
nscuro requested changes Jun 3, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@nscuro nscuro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two tiny schema changes left, otherwise this is good to go.

Comment thread persistence-migration/src/main/resources/migration/changelog-v5.6.0.xml Outdated
Comment thread persistence-migration/src/main/resources/migration/changelog-v5.6.0.xml
@jhoward-lm
refactor: schema suggestions
40d69f5 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
nscuro
nscuro reviewed Jun 4, 2025
View reviewed changes
Comment thread persistence-migration/src/main/resources/migration/changelog-v5.6.0.xml Outdated
@jhoward-lm
fix: trigger function call
9325a10 
Signed-off-by: Jonathan Howard <jonathan.w.howard@lmco.com>
@nscuro nscuro merged commit 097001f into DependencyTrack:main Jun 4, 2025
9 checks passed
@jhoward-lm jhoward-lm deleted the add-roles-model branch June 4, 2025 14:04
@github-actions github-actions Bot locked as resolved and limited conversation to collaborators Jul 5, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@nscuro nscuro nscuro approved these changes

+1 more reviewer

@jhoward-lm jhoward-lm jhoward-lm left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

5.6.0

Development

Successfully merging this pull request may close these issues.

Project-level RBAC

8 participants

@ashearin @nscuro @jhoward-lm @jmayer-lm @lmphil @EphraimEM @alamb-lm @emeremikwu-lm