fix(2858): Bitbucket - Users without access to a SCM repo can manage …

…the associated pipeline in Screwdriver (#87)
screwdriver-cd · Apr 11, 2023 · 3b6e773 · 3b6e773
1 parent d7a3280
commit 3b6e773
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 110 deletions.
diff --git a/index.js b/index.js
@@ -644,10 +644,10 @@ class BitbucketScm extends Scm {
      * @param  {String}   config.token      The token used to authenticate to the SCM
      * @return {Promise}                    Resolves to permissions object with admin, push, pull
      */
-    async _getPermissions({ scmUri }) {
+    async _getPermissions(config) {
+        const { scmUri, token } = config;
         const scm = getScmUriParts(scmUri);
         const [owner, uuid] = scm.repoId.split('/');
-        const token = await this._getToken();
 
         try {
             // First, check to see if the repository exists

diff --git a/test/index.test.js b/test/index.test.js
@@ -924,139 +924,64 @@ describe('index', function () {
     });
 
     describe('_getPermissions', () => {
-        const repos = [
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix1`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix2`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix3`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix/fake`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+        const baseRequestOptions = {
+            method: 'GET',
+            context: {
+                token
             }
+        };
+        const repos = [
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix1` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix2` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix/repoIdSuffix3` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix/fake` }
         ];
 
         const pull = {
-            url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22`,
-            method: 'GET',
-            context: {
-                token: systemToken
-            }
+            ...baseRequestOptions,
+            url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22`
         };
         const pulls = [
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            },
-            {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
-            }
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22` },
+            { ...baseRequestOptions, url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22` }
         ];
         const pushes = [
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22&role=contributor`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22&role=contributor`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22&role=contributor`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22&role=contributor`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22&role=contributor`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22&role=contributor`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22&role=contributor`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22&role=contributor`
             }
         ];
         const admins = [
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22&role=admin`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix%22&role=admin`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22&role=admin`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix1%22&role=admin`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22&role=admin`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix2%22&role=admin`
             },
             {
-                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22&role=admin`,
-                method: 'GET',
-                context: {
-                    token: systemToken
-                }
+                ...baseRequestOptions,
+                url: `${API_URL_V2}/repositories/repoIdPrefix?q=uuid%3D%22repoIdSuffix3%22&role=admin`
             }
         ];