Details
-
Suggestion
-
Resolution: Unresolved
-
None
Description
I would like to see the following:
- The ability to add Stash Projects into Fisheye so that all repositories created or removed within that project in stash will reflect in fisheye (synchronized)
- Have Fisheye's repository permissions synchronize with Stash.
Right now, I'm having to manually add repositories into fisheye each time a new one is created. It would be nice to have a feature that would synchronize actual Projects and have the ability to manage permissions the same way as in stash. It would be even better to have the permissions automatically synchronize. It does not make sense to have access to a repository in stash and not in fisheye. It also does not make sense to NOT have access in stash but have the ability to view source code in fisheye.
Workaround
Write a script using Bitbucket's and Fisheye's REST APIs to replicate repository permissions. For Bitbucket, use the following endpoint to read permissions:
http://example.com/rest/api/1.0/projects/(projectKey)/repos/(repositorySlug)/permissions
For Fisheye, you have to use an internal REST API to manage permissions:
/rest-service-fecru/admin/repository-permissions/(repository)/users/(username) /rest-service-fecru/admin/repository-permissions/(repository)/groups/(groupname)
Set Admin or Read permission
The PUT contains a JSON table with "IS_ADMIN" or "CAN_READ" strings. Example:
curl -X PUT 'http://host:port/context/rest-service-fecru/admin/repository-permissions/<REPO>/users/<USER>' -H 'Content-Type: application/json' --data-binary '["IS_ADMIN","CAN_READ"]' --user <USER>:<PASS>
Here some examples.
Add a group with read permission
curl -X PUT 'http://host:port/context/rest-service-fecru/admin/repository-permissions/<REPO>/groups/<GROUP>' -H 'Content-Type: application/json' --data-binary '["CAN_READ"]' --user <USER>:<PASS>
Add a group with admin permission
curl -X PUT 'http://host:port/context/rest-service-fecru/admin/repository-permissions/<REPO>/groups/<GROUP>' -H 'Content-Type: application/json' --data-binary '["IS_ADMIN"]' --user <USER>:<PASS>
Note: for users simply replace groups with users in the URL above
Removing Admin or Read permission
Note: once IS_ADMIN has been set, it cannot be removed by setting the value to CAN_READ
Removing Admin permissions (leaving Read only)
curl -X DELETE 'http://host:port/context/rest-service-fecru/admin/repository-permissions/<REPO>/groups/<GROUP>' -H 'Content-Type: application/json' --data-binary '["IS_ADMIN"]' --user <USER>:<PASS>
Removing both Admin and Read only permissions
curl -X DELETE 'http://host:port/context/rest-service-fecru/admin/repository-permissions/<REPO>/groups/<GROUP>' -H 'Content-Type: application/json' --data-binary '["IS_ADMIN", "CAN_READ"]' --user <USER>:<PASS>
Note: this request will be successful even if Admin permissions are not granted.
Listing permissions
Retrieving permissions for users
curl -H "Content-Type: application/json" -X GET <Fisheye_URL>/rest-service-fecru/admin/repository-permissions/<repository_name>/users --user <USER>:<PASS
Retrieving permissions for groups
curl -H "Content-Type: application/json" -X GET <Fisheye_URL>/rest-service-fecru/admin/repository-permissions/<repository_name>/groups --user <USER>:<PASS>