fluke/devops-service/routes/v2.0/handlers/user.rb

require "db/exceptions/invalid_record"
require "db/mongo/models/user"

module Devops
  module Version2_0
    module Handler
      class User

        def self.get_users
          lambda {
            check_privileges("user", "r")
            users = Devops::Db.connector.users.map {|i| i.to_hash}
            users.each {|u| u.delete("password")}
            json users
          }
        end

        def self.create_user
          lambda {
            check_privileges("user", "w")
            user = create_object_from_json_body
            ["username", "password", "email"].each do |p|
              check_string(user[p], "Parameter '#{p}' must be a not empty string")
            end
            Devops::Db.connector.user_insert Devops::Model::User.new(user)
            create_response("Created", nil, 201)
          }
        end

        def self.delete_user
          lambda {
            check_privileges("user", "w")
            projects = Devops::Db.connector.projects_by_user params[:user]
            if !projects.empty?
              str = ""
              projects.each do |p|
                p.deploy_envs.each do |e|
                  str+="#{p.id}.#{e.identifier} " if e.users.include? params[:user]
                end
              end
              logger.info projects
              raise DependencyError.new "Deleting is forbidden: User is included in #{str}"
              #return [400, "Deleting is forbidden: User is included in #{str}"]
            end

            r = Devops::Db.connector.user_delete params[:user]
            create_response("User '#{params[:user]}' removed")
          }
        end

        def self.change_user_privileges
          lambda {
            check_privileges("user", "w")
            data = create_object_from_json_body
            user = Devops::Db.connector.user params[:user]
            cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) || ""
            privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) || ""
            user.grant(cmd, privileges)
            Devops::Db.connector.user_update user
            create_response("Updated")
          }
        end

        def self.change_user_email_or_password
          lambda {
            check_privileges("user", "w")
            action = File.basename(request.path)
            u = File.basename(File.dirname(request.path))
            raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == Devops::Model::User::ROOT_USER_NAME and request.env['REMOTE_USER'] != Devops::Model::User::ROOT_USER_NAME

            check_privileges("user", "w") unless request.env['REMOTE_USER'] == u

            body = create_object_from_json_body
            p = check_string(body[action], "Parameter '#{action}' must be a not empty string")
            user = Devops::Db.connector.user u
            user.send("#{action}=", p)
            Devops::Db.connector.user_update user
            create_response("Updated")
          }
        end
      end
    end
  end
end
routes handlers 2014-12-22 14:22:04 +03:00			`require "db/exceptions/invalid_record"`
			`require "db/mongo/models/user"`

			`module Devops`
			`module Version2_0`
			`module Handler`
			`class User`

			`def self.get_users`
			`lambda {`
refactored 2015-02-19 11:27:56 +03:00			`check_privileges("user", "r")`
some fixes 2015-03-04 15:51:27 +03:00			`users = Devops::Db.connector.users.map {\|i\| i.to_hash}`
routes handlers 2014-12-22 14:22:04 +03:00			`users.each {\|u\| u.delete("password")}`
			`json users`
			`}`
			`end`

			`def self.create_user`
			`lambda {`
refactored 2015-02-19 11:27:56 +03:00			`check_privileges("user", "w")`
routes handlers 2014-12-22 14:22:04 +03:00			`user = create_object_from_json_body`
			`["username", "password", "email"].each do \|p\|`
			`check_string(user[p], "Parameter '#{p}' must be a not empty string")`
			`end`
models in Devops::Model module, auth 2015-03-06 12:20:30 +03:00			`Devops::Db.connector.user_insert Devops::Model::User.new(user)`
routes handlers 2014-12-22 14:22:04 +03:00			`create_response("Created", nil, 201)`
			`}`
			`end`

			`def self.delete_user`
			`lambda {`
refactored 2015-02-19 11:27:56 +03:00			`check_privileges("user", "w")`
some fixes 2015-03-04 15:51:27 +03:00			`projects = Devops::Db.connector.projects_by_user params[:user]`
routes handlers 2014-12-22 14:22:04 +03:00			`if !projects.empty?`
			`str = ""`
			`projects.each do \|p\|`
			`p.deploy_envs.each do \|e\|`
			`str+="#{p.id}.#{e.identifier} " if e.users.include? params[:user]`
			`end`
			`end`
			`logger.info projects`
			`raise DependencyError.new "Deleting is forbidden: User is included in #{str}"`
			`#return [400, "Deleting is forbidden: User is included in #{str}"]`
			`end`

some fixes 2015-03-04 15:51:27 +03:00			`r = Devops::Db.connector.user_delete params[:user]`
routes handlers 2014-12-22 14:22:04 +03:00			`create_response("User '#{params[:user]}' removed")`
			`}`
			`end`

			`def self.change_user_privileges`
			`lambda {`
refactored 2015-02-19 11:27:56 +03:00			`check_privileges("user", "w")`
routes handlers 2014-12-22 14:22:04 +03:00			`data = create_object_from_json_body`
some fixes 2015-03-04 15:51:27 +03:00			`user = Devops::Db.connector.user params[:user]`
routes handlers 2014-12-22 14:22:04 +03:00			`cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) \|\| ""`
			`privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) \|\| ""`
			`user.grant(cmd, privileges)`
some fixes 2015-03-04 15:51:27 +03:00			`Devops::Db.connector.user_update user`
routes handlers 2014-12-22 14:22:04 +03:00			`create_response("Updated")`
			`}`
			`end`

			`def self.change_user_email_or_password`
			`lambda {`
refactored 2015-02-19 11:27:56 +03:00			`check_privileges("user", "w")`
routes handlers 2014-12-22 14:22:04 +03:00			`action = File.basename(request.path)`
			`u = File.basename(File.dirname(request.path))`
models in Devops::Model module, auth 2015-03-06 12:20:30 +03:00			`raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == Devops::Model::User::ROOT_USER_NAME and request.env['REMOTE_USER'] != Devops::Model::User::ROOT_USER_NAME`
routes handlers 2014-12-22 14:22:04 +03:00
			`check_privileges("user", "w") unless request.env['REMOTE_USER'] == u`

			`body = create_object_from_json_body`
			`p = check_string(body[action], "Parameter '#{action}' must be a not empty string")`
some fixes 2015-03-04 15:51:27 +03:00			`user = Devops::Db.connector.user u`
routes handlers 2014-12-22 14:22:04 +03:00			`user.send("#{action}=", p)`
some fixes 2015-03-04 15:51:27 +03:00			`Devops::Db.connector.user_update user`
routes handlers 2014-12-22 14:22:04 +03:00			`create_response("Updated")`
			`}`
			`end`
			`end`
			`end`
			`end`
			`end`