fluke/devops-service/app/api3/routes/user.rb

module Devops
  module API3
    module Routes
      module UserRoutes

        def self.registered(app)

          app.define_policy :read_users, "Read users list"
          app.define_policy :create_users, "Create new users"
          app.define_policy :delete_users, "Delete users"

          app.get_with_headers "/users" do
            check_policy(:read_users)
            json Devops::API3::Handler::User.new(request).users.map(&:to_hash)
          end

          app.post_with_headers "/user" do
            check_policy(:create_users)
            user = Devops::API3::Handler::User.new(request).create
            create_response("Created", {id: user.id}, 201)
          end

          app.post_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/roles/add\z} do |user|
            check_policy(:create_users)
            user = Devops::API3::Handler::User.new(request).add_roles(user)
            create_response("Updated", {id: user.id}, 200)
          end

          app.post_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/roles/delete\z} do |user|
            check_policy(:create_users)
            user = Devops::API3::Handler::User.new(request).delete_roles(user)
            create_response("Updated", {id: user.id}, 200)
          end

          hash = {}
          hash["DELETE"] = lambda {|user|
            check_policy(:delete_users)
            Devops::API3::Handler::User.new(request).delete(user)
            create_response("User '#{user}' has been deleted", {id: user})
          }

          hash["GET"] = lambda {|id|
            check_policy(:read_users)
            json Devops::API3::Handler::User.new(request).get_user(id).to_hash
          }
          hash["PUT"] = lambda {|id|
            check_policy(:create_users)
            Devops::API3::Handler::User.new(request).update_user(id)
            create_response("Updated", {id: id})
          }
          app.multi_routes %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})\z}, hash

          app.put_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/(email|password)\z} do |user, action|
            current_user = request.env['REMOTE_USER']
            check_policy(:create_users) unless current_user == user
            raise Devops::Exception::Unauthorized.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME
            Devops::API3::Handler::User.new(request).change(user, action)
            create_response("Updated", {id: user})
          end

          puts "User routes initialized"
        end

      end
    end
  end
end
v3 2018-04-04 22:44:39 +03:00			`module Devops`
			`module API3`
			`module Routes`
			`module UserRoutes`

			`def self.registered(app)`

			`app.define_policy :read_users, "Read users list"`
			`app.define_policy :create_users, "Create new users"`
			`app.define_policy :delete_users, "Delete users"`

			`app.get_with_headers "/users" do`
			`check_policy(:read_users)`
			`json Devops::API3::Handler::User.new(request).users.map(&:to_hash)`
			`end`

			`app.post_with_headers "/user" do`
			`check_policy(:create_users)`
			`user = Devops::API3::Handler::User.new(request).create`
			`create_response("Created", {id: user.id}, 201)`
			`end`

			`app.post_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/roles/add\z} do \|user\|`
			`check_policy(:create_users)`
			`user = Devops::API3::Handler::User.new(request).add_roles(user)`
			`create_response("Updated", {id: user.id}, 200)`
			`end`

			`app.post_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/roles/delete\z} do \|user\|`
			`check_policy(:create_users)`
			`user = Devops::API3::Handler::User.new(request).delete_roles(user)`
			`create_response("Updated", {id: user.id}, 200)`
			`end`

			`hash = {}`
			`hash["DELETE"] = lambda {\|user\|`
			`check_policy(:delete_users)`
			`Devops::API3::Handler::User.new(request).delete(user)`
			`create_response("User '#{user}' has been deleted", {id: user})`
			`}`

			`hash["GET"] = lambda {\|id\|`
			`check_policy(:read_users)`
			`json Devops::API3::Handler::User.new(request).get_user(id).to_hash`
			`}`
			`hash["PUT"] = lambda {\|id\|`
			`check_policy(:create_users)`
			`Devops::API3::Handler::User.new(request).update_user(id)`
			`create_response("Updated", {id: id})`
			`}`
			`app.multi_routes %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})\z}, hash`

			`app.put_with_headers %r{\A/user/(#{Devops::Model::User::USER_NAME_REGEX})/(email\|password)\z} do \|user, action\|`
			`current_user = request.env['REMOTE_USER']`
			`check_policy(:create_users) unless current_user == user`
			`raise Devops::Exception::Unauthorized.new("Access denied for '#{current_user}'") if user == Devops::Model::User::ROOT_USER_NAME and current_user != Devops::Model::User::ROOT_USER_NAME`
			`Devops::API3::Handler::User.new(request).change(user, action)`
			`create_response("Updated", {id: user})`
			`end`

			`puts "User routes initialized"`
			`end`

			`end`
			`end`
			`end`
			`end`