#3202

Committed 25 Jul 2025 04:52PM UTC coverage: 67.669% (-27.3%) from 94.935%

Build # #3202

Build Type

push

screwdriver

Committed by

web-flow

Commit Message

feat(3363): Update the existing endpoint to get admin for a pipeline from the specified SCM context (#3370)

Run Details

1284 of 2114 branches covered (60.74%)

Branch coverage included in aggregate %.

1 of 11 new or added lines in 1 file covered. (9.09%)

1235 existing lines in 49 files now uncovered.

3417 of 4833 relevant lines covered (70.7%)

50.53 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

16.22

/plugins/pipelines/updateAdmins.js

'use strict';

const boom = require('@hapi/boom');
const joi = require('joi');
const schema = require('screwdriver-data-schema');
const idSchema = schema.models.pipeline.base.extract('id');
const { updatePipelineAdmins } = require('./helper/updateAdmins');

module.exports = () => ({
    method: 'PUT',
    path: '/pipelines/{id}/updateAdmins',
    options: {
        description: 'Update admins of a pipeline',
        notes: 'Update the admins of a specific pipeline',
        tags: ['api', 'pipelines'],
        auth: {
            strategies: ['token'],
            scope: ['user', '!guest', 'pipeline']
        },
        handler: async (request, h) => {
            const { id } = request.params;
            const { scmContext, username, scmUserId, scope } = request.auth.credentials;
            const isPipeline = scope.includes('pipeline');

            const { usernames } = request.payload;
            const payloadScmContext = request.payload.scmContext;

            if (!Array.isArray(usernames) || usernames.length === 0) {
                throw boom.badRequest(`Payload must contain admin usernames`);
            } else if (!payloadScmContext) {
                throw boom.badRequest(`Payload must contain scmContext`);
            }

            const { bannerFactory } = request.server.app;

            // Check token permissions
            if (isPipeline) {
                if (username !== id) {
                    throw boom.forbidden(
                        `User ${username} is not authorized to update admins for the pipeline (id=${id})`
                    );
                }
            } else {
                // Only SD cluster admins can update the admins
                const scmDisplayName = bannerFactory.scm.getDisplayName({ scmContext });

                const adminDetails = request.server.plugins.banners.screwdriverAdminDetails(
                    username,
                    scmDisplayName,
                    scmUserId
                );

                if (!adminDetails.isAdmin) {
                    throw boom.forbidden(
                        `User ${username} does not have Screwdriver administrative privileges to update the admins for the pipeline (id=${id})`
                    );
                }
            }

            const updatedPipeline = await updatePipelineAdmins(
                {
                    id,
                    scmContext: payloadScmContext,
                    usernames
                },
                request.server
            );

            return h.response(updatedPipeline.toJson()).code(200);
        },
        validate: {
            params: joi.object({
                id: idSchema
            })
        }
    }
});

1	'use strict';
2
3	const boom = require('@hapi/boom');	1✔
4	const joi = require('joi');	1✔
5	const schema = require('screwdriver-data-schema');	1✔
6	const idSchema = schema.models.pipeline.base.extract('id');	1✔
7	const { updatePipelineAdmins } = require('./helper/updateAdmins');	1✔
8
9	module.exports = () => ({	434✔
10	method: 'PUT',
11	path: '/pipelines/{id}/updateAdmins',
12	options: {
13	description: 'Update admins of a pipeline',
14	notes: 'Update the admins of a specific pipeline',
15	tags: ['api', 'pipelines'],
16	auth: {
17	strategies: ['token'],
18	scope: ['user', '!guest', 'pipeline']
19	},
20	handler: async (request, h) => {
UNCOV 21	const { id } = request.params;	×
UNCOV 22	const { scmContext, username, scmUserId, scope } = request.auth.credentials;	×
UNCOV 23	const isPipeline = scope.includes('pipeline');	×
24
UNCOV 25	const { usernames } = request.payload;	×
UNCOV 26	const payloadScmContext = request.payload.scmContext;	×
27
UNCOV 28	if (!Array.isArray(usernames) \|\| usernames.length === 0) {	×
UNCOV 29	throw boom.badRequest(`Payload must contain admin usernames`);	×
UNCOV 30	} else if (!payloadScmContext) {	×
UNCOV 31	throw boom.badRequest(`Payload must contain scmContext`);	×
32	}
33
UNCOV 34	const { bannerFactory } = request.server.app;	×
35
36	// Check token permissions
UNCOV 37	if (isPipeline) {	×
UNCOV 38	if (username !== id) {	×
UNCOV 39	throw boom.forbidden(	×
40	`User ${username} is not authorized to update admins for the pipeline (id=${id})`
41	);
42	}
43	} else {
44	// Only SD cluster admins can update the admins
UNCOV 45	const scmDisplayName = bannerFactory.scm.getDisplayName({ scmContext });	×
46
UNCOV 47	const adminDetails = request.server.plugins.banners.screwdriverAdminDetails(	×
48	username,
49	scmDisplayName,
50	scmUserId
51	);
52
UNCOV 53	if (!adminDetails.isAdmin) {	×
UNCOV 54	throw boom.forbidden(	×
55	`User ${username} does not have Screwdriver administrative privileges to update the admins for the pipeline (id=${id})`
56	);
57	}
58	}
59
UNCOV 60	const updatedPipeline = await updatePipelineAdmins(	×
61	{
62	id,
63	scmContext: payloadScmContext,
64	usernames
65	},
66	request.server
67	);
68
UNCOV 69	return h.response(updatedPipeline.toJson()).code(200);	×
70	},
71	validate: {
72	params: joi.object({
73	id: idSchema
74	})
75	}
76	}
77	});

screwdriver-cd / screwdriver / #3202

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous