Release 2020-11-23

.env.local

@@ -1,5 +1,4 @@
 DJANGO_SECRET_KEY=GITRELLO_SECRET
-DJANGO_SETTINGS_MODULE=gitrello.settings_local
 DJANGO_DB_NAME=gitrello
 DJANGO_DB_USER=gitrello
 DJANGO_DB_PASSWORD=
@@ -11,6 +10,7 @@ GS_BUCKET_NAME=name
 GS_PROJECT_ID=id
 GS_CREDENTIALS=gcs_creds.json
 URL=http://127.0.0.1:8000
-GITHUB_INTEGRATION_SERVICE_URL=http://127.0.0.1:8001
+GITHUB_INTEGRATION_SERVICE_URL=http://0.0.0.0:8001
+GITHUB_INTEGRATION_SERVICE_TOKEN=CVb^3@1@3667nNGgK645VBnnM
 GITHUB_CLIENT_ID=id
 GITHUB_CLIENT_SECRET=secret

README.md

@@ -1,3 +1,113 @@
 # GITrello
 
 [![Build Status](https://gitrello.me/jenkins/buildStatus/icon?job=gitrello)](https://gitrello.me/jenkins/job/gitrello/)
+
+## How to run locally
+
+### Tested on
+
+* Linux Mint 19.3
+* Python 3.8.5
+* Poetry 1.1.4
+* Docker 19.03.14
+* Docker-Compose 1.26.0
+
+### 1. Install required libraries
+
+```
+$ sudo apt install libpq-dev git gcc libc6-dev
+```
+
+### 2. Clone repository
+
+```
+$ git clone https://github.com/FNSdev/gitrello.git
+$ cd gitrello
+```
+
+### 3. Create virtual environment
+
+Consider using `pyenv` and `pyenv-virtualenv`
+
+```
+$ pyenv virtualenv 3.8.5 gitrello
+$ pyenv local gitrello
+```
+
+### 4. Install dependencies
+
+```
+$ poetry install
+```
+
+### 5. Run database using Docker-Compose
+
+#### 5.1. Launch containers
+
+```
+$ docker-compose up
+```
+
+#### 5.2. Initialize cluster
+
+```
+$ docker exec -it roach_1 ./cockroach init --insecure
+```
+
+#### 5.3. Create database & user
+
+```
+$ docker exec -it roach_1 ./cockroach sql --insecure
+```
+
+```sql
+create database gitrello;
+create user gitrello;
+grant all on database gitrello to gitrello;
+grant admin to gitrello;
+```
+
+### 6. Create .env file
+
+It should be OK to use default values for now.
+
+```
+$ cp .env.local .env
+```
+
+### 7. Apply migrations
+
+```
+$ cd gitrello
+$ python manage.py migrate
+```
+
+### 8. [OPTIONAL] Run test
+
+```
+$ python manage.py test
+```
+
+### 9. Run server
+
+```
+$ python manage.py runserver
+```
+
+### 10. [OPTIONAL] Configure integration with GitHub
+
+#### 10.1. Set-up and run Gitrello-GitHub-Integration-Service
+
+Follow instructions in https://github.com/FNSdev/gitrello-github-integration-service
+
+#### 10.3. Create GitHub Oauth application
+
+Visit https://github.com/settings/developers to create a new Oauth application. 
+Remember it's `client_id` and `client_secret`.
+
+#### 10.2 Configure ENV variables
+
+* GITHUB_INTEGRATION_SERVICE_URL - http://0.0.0.0:8001 by default
+* GITHUB_INTEGRATION_SERVICE_TOKEN - Should be the same as GITRELLO_ACCESS_TOKEN in gitrello-github-integration-service
+* GITHUB_CLIENT_ID - use value from the previous step
+* GITHUB_CLIENT_SECRET - use value from the previous step

gitrello/authentication/api/views.py

@@ -21,7 +21,7 @@ class UsersView(views.APIView):
     @retry_on_transaction_serialization_error
     @atomic
     @gitrello_schema(
-        query_serializer=CreateUserSerializer,
+        request_body=CreateUserSerializer,
         responses={201: CreateUserResponseSerializer},
         security=[],
     )
@@ -100,7 +100,7 @@ class OauthStatesView(views.APIView):
     # TODO add tests
     @retry_on_transaction_serialization_error
     @atomic
-    @gitrello_schema(query_serializer=CreateOauthStateSerializer, responses={201: CreateOauthStateResponseSerializer})
+    @gitrello_schema(request_body=CreateOauthStateSerializer, responses={201: CreateOauthStateResponseSerializer})
     def post(self, request, *args, **kwargs):
         serializer = CreateOauthStateSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)

gitrello/authentication/exceptions.py

@@ -18,12 +18,3 @@ class UserAlreadyExistsException(GITRelloAuthenticationException):
 class OauthStateNotFoundException(GITRelloAuthenticationException):
     message = 'OauthState was not found'
     code = 211
-
-
-class GithubException(GITrelloException):
-    message = 'Something went wrong when using Github API'
-    code = 220
-
-    def __init__(self, error, error_description):
-        self.error = error
-        self.error_description = error_description

gitrello/authentication/services/permissions_service.py

@@ -61,28 +61,21 @@ def get_organization_membership_permissions(cls, organization_membership_id: int
         if not target_organization_membership:
             return Permissions.with_no_permissions()
 
-        if target_organization_membership.user_id == user_id:
-            return Permissions.with_all_permissions()
-
         membership = OrganizationMembership.objects \
             .filter(
                 organization_id=target_organization_membership.organization_id,
                 user_id=user_id,
             ) \
-            .values('role') \
             .first()
 
         if not membership:
             return Permissions.with_no_permissions()
 
-        if membership['role'] == OrganizationMemberRole.OWNER:
+        if membership.role == OrganizationMemberRole.OWNER:
             return Permissions.with_all_permissions()
 
-        if membership['role'] == OrganizationMemberRole.ADMIN:
-            if target_organization_membership.role == OrganizationMemberRole.MEMBER:
-                return Permissions.with_all_permissions()
-
-            return Permissions.with_read_permissions()
+        if membership.id == target_organization_membership.id:
+            return Permissions(can_read=True, can_mutate=False, can_delete=True)
 
         return Permissions.with_read_permissions()
 
@@ -179,16 +172,20 @@ def get_ticket_permissions(cls, ticket_id: int, user_id: int) -> Permissions:
         if not ticket:
             return Permissions.with_no_permissions()
 
-        is_board_member = BoardMembership.objects \
+        board_membership = BoardMembership.objects \
             .filter(
                 organization_membership__user_id=user_id,
                 board_id=ticket['category__board_id'],
             ) \
-            .exists()
+            .prefetch_related('organization_membership') \
+            .first()
 
-        if not is_board_member:
+        if not board_membership:
             return Permissions.with_no_permissions()
 
+        if board_membership.organization_membership.role == OrganizationMemberRole.MEMBER:
+            return Permissions.with_mutate_permissions()
+
         return Permissions.with_all_permissions()
 
     @classmethod

gitrello/authentication/tests/test_services/test_permissions_service.py

@@ -24,6 +24,11 @@ def _assert_has_mutate_permissions(self, permissions: Permissions):
         self.assertTrue(permissions.can_mutate)
         self.assertFalse(permissions.can_delete)
 
+    def _assert_has_read_and_delete_permissions(self, permissions: Permissions):
+        self.assertTrue(permissions.can_read)
+        self.assertTrue(permissions.can_delete)
+        self.assertFalse(permissions.can_mutate)
+
     def _assert_has_all_permissions(self, permissions: Permissions):
         self.assertTrue(permissions.can_read)
         self.assertTrue(permissions.can_mutate)
@@ -68,13 +73,23 @@ def test_organization_membership_permissions_for_owner(self):
         target_organization_membership = OrganizationMembershipFactory(
             organization_id=organization_membership.organization_id,
         )
+        target_admin_organization_membership = OrganizationMembershipFactory(
+            organization_id=organization_membership.organization_id,
+            role=OrganizationMemberRole.ADMIN,
+        )
 
         permissions = PermissionsService.get_organization_membership_permissions(
             organization_membership_id=target_organization_membership.id,
             user_id=organization_membership.user_id,
         )
         self._assert_has_all_permissions(permissions)
 
+        permissions = PermissionsService.get_organization_membership_permissions(
+            organization_membership_id=target_admin_organization_membership.id,
+            user_id=organization_membership.user_id,
+        )
+        self._assert_has_all_permissions(permissions)
+
         permissions = PermissionsService.get_organization_membership_permissions(
             organization_membership_id=organization_membership.id,
             user_id=organization_membership.user_id,
@@ -99,13 +114,13 @@ def test_organization_membership_permissions_for_admin(self):
             organization_membership_id=target_organization_membership.id,
             user_id=organization_membership.user_id,
         )
-        self._assert_has_all_permissions(permissions)
+        self._assert_has_read_permissions(permissions)
 
         permissions = PermissionsService.get_organization_membership_permissions(
             organization_membership_id=organization_membership.id,
             user_id=organization_membership.user_id,
         )
-        self._assert_has_all_permissions(permissions)
+        self._assert_has_read_and_delete_permissions(permissions)
 
         permissions = PermissionsService.get_organization_membership_permissions(
             organization_membership_id=target_organization_owner_membership.id,
@@ -143,7 +158,7 @@ def test_organization_membership_permissions_for_member(self):
             organization_membership_id=organization_membership.id,
             user_id=organization_membership.user_id,
         )
-        self._assert_has_all_permissions(permissions)
+        self._assert_has_read_and_delete_permissions(permissions)
 
         permissions = PermissionsService.get_organization_membership_permissions(
             organization_membership_id=target_organization_owner_membership.id,
@@ -391,7 +406,7 @@ def test_ticket_permissions_for_board_member(self):
             ticket_id=ticket.id,
             user_id=board_membership.organization_membership.user_id,
         )
-        self._assert_has_all_permissions(permissions)
+        self._assert_has_mutate_permissions(permissions)
 
     def test_ticket_permissions_for_not_a_board_member(self):
         ticket = TicketFactory()

gitrello/boards/api/views.py

@@ -21,7 +21,7 @@ class BoardsView(views.APIView):
 
     @retry_on_transaction_serialization_error
     @atomic
-    @gitrello_schema(query_serializer=CreateBoardSerializer, responses={201: CreateBoardResponseSerializer})
+    @gitrello_schema(request_body=CreateBoardSerializer, responses={201: CreateBoardResponseSerializer})
     def post(self, request, *args, **kwargs):
         serializer = CreateBoardSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)
@@ -49,7 +49,7 @@ class BoardMembershipsView(views.APIView):
     @retry_on_transaction_serialization_error
     @atomic
     @gitrello_schema(
-        query_serializer=CreateBoardMembershipSerializer,
+        request_body=CreateBoardMembershipSerializer,
         responses={201: CreateBoardMembershipResponseSerializer},
     )
     def post(self, request, *args, **kwargs):
@@ -99,6 +99,7 @@ class BoardPermissionsView(views.APIView):
         security=[],
     )
     def get(self, request, *args, **kwargs):
+        # TODO use query params instead of request.data
         serializer = GetBoardPermissionsSerializer(data=request.data)
         serializer.is_valid(raise_exception=True)
 

gitrello/core/templates/core/index.html

@@ -57,6 +57,13 @@
       window.GITHUB_REDIRECT_URL = "{{ GITHUB_REDIRECT_URL }}";
       window.GITHUB_DEFAULT_SCOPES = "{{ GITHUB_DEFAULT_SCOPES }}";
       window.GITHUB_INTEGRATION_SERVICE_URL = "{{ GITHUB_INTEGRATION_SERVICE_URL }}";
+
+      window.MESSAGES = [];
+      {% if messages %}
+        {% for message in messages %}
+          window.MESSAGES.push({"type": "{{ message.tags }}", "text": "{{ message }}"});
+        {% endfor %}
+      {% endif %}
     </script>
   </body>
 </html>

gitrello/github_integration/api/serializers.py

@@ -3,5 +3,5 @@
 
 class CreateTicketSerializer(serializers.Serializer):
     board_id = serializers.IntegerField()
-    title = serializers.CharField()
-    body = serializers.CharField()
+    title = serializers.CharField(allow_blank=True)
+    body = serializers.CharField(allow_blank=True)

gitrello/github_integration/exceptions.py

@@ -0,0 +1,15 @@
+from gitrello.exceptions import GITrelloException
+
+
+class GithubException(GITrelloException):
+    message = 'Something went wrong when using Github API'
+    code = 220
+
+    def __init__(self, error, error_description):
+        self.error = error
+        self.error_description = error_description
+
+
+class GithubAccountUsedByAnotherUserException(GITrelloException):
+    message = 'This GitHub account is being used by another GITrello user'
+    code = 230

gitrello/github_integration/services/github_integration_service_api_client.py

@@ -2,6 +2,7 @@
 from django.conf import settings
 
 from authentication.services import UserService
+from github_integration.exceptions import GithubAccountUsedByAnotherUserException
 from gitrello.exceptions import HttpRequestException
 from gitrello.handlers import safe_http_request
 
@@ -27,5 +28,12 @@ def create_github_profile(self, access_token: str):
             headers=self.headers,
         )
 
-        if not response.status_code == 201:
-            raise HttpRequestException
+        if response.status_code == 201:
+            return
+
+        if response.status_code == 400:
+            data = response.json()
+            if data['error_code'] == self.ALREADY_EXISTS:
+                raise GithubAccountUsedByAnotherUserException
+
+        raise HttpRequestException

gitrello/github_integration/services/github_oauth_service.py

@@ -1,7 +1,7 @@
 import requests
 from django.conf import settings
 
-from authentication.exceptions import GithubException
+from github_integration.exceptions import GithubException
 from gitrello.handlers import safe_http_request