some fixes
This commit is contained in:
amartynov
parent
e3c501075b
commit
5ee2e2f714
@ -6,7 +6,6 @@ module Connectors
|
|||||||
Helpers::DeleteCommand,
|
Helpers::DeleteCommand,
|
||||||
Helpers::UpdateCommand
|
Helpers::UpdateCommand
|
||||||
|
|
||||||
|
|
||||||
def initialize(db)
|
def initialize(db)
|
||||||
self.collection = db.collection('users')
|
self.collection = db.collection('users')
|
||||||
end
|
end
|
||||||
|
|||||||
@ -14,7 +14,7 @@ class ReportRoutes < Sinatra::Base
|
|||||||
["project", "deploy_env", "type", "created_by", "date_from", "date_to", "sort", "status"].each do |k|
|
["project", "deploy_env", "type", "created_by", "date_from", "date_to", "sort", "status"].each do |k|
|
||||||
options[k] = params[k] unless params[k].nil?
|
options[k] = params[k] unless params[k].nil?
|
||||||
end
|
end
|
||||||
json DevopsService.mongo.reports(options).map{|r| r.to_hash}
|
json Devops::Db.connector.reports(options).map{|r| r.to_hash}
|
||||||
=begin
|
=begin
|
||||||
res = {}
|
res = {}
|
||||||
uri = URI.parse(request.url)
|
uri = URI.parse(request.url)
|
||||||
@ -39,7 +39,7 @@ class ReportRoutes < Sinatra::Base
|
|||||||
end
|
end
|
||||||
|
|
||||||
get "/:id" do
|
get "/:id" do
|
||||||
r = DevopsService.mongo.report(params[:id])
|
r = Devops::Db.connector.report(params[:id])
|
||||||
file = r.file
|
file = r.file
|
||||||
return [404, "Report '#{params[:id]}' does not exist"] unless File.exists? file
|
return [404, "Report '#{params[:id]}' does not exist"] unless File.exists? file
|
||||||
@text = File.read(file)
|
@text = File.read(file)
|
||||||
|
|||||||
@ -9,7 +9,7 @@ module Devops
|
|||||||
def self.get_users
|
def self.get_users
|
||||||
lambda {
|
lambda {
|
||||||
check_privileges("user", "r")
|
check_privileges("user", "r")
|
||||||
users = settings.mongo.users.map {|i| i.to_hash}
|
users = Devops::Db.connector.users.map {|i| i.to_hash}
|
||||||
users.each {|u| u.delete("password")}
|
users.each {|u| u.delete("password")}
|
||||||
json users
|
json users
|
||||||
}
|
}
|
||||||
@ -22,7 +22,7 @@ module Devops
|
|||||||
["username", "password", "email"].each do |p|
|
["username", "password", "email"].each do |p|
|
||||||
check_string(user[p], "Parameter '#{p}' must be a not empty string")
|
check_string(user[p], "Parameter '#{p}' must be a not empty string")
|
||||||
end
|
end
|
||||||
settings.mongo.user_insert User.new(user)
|
Devops::Db.connector.user_insert ::User.new(user)
|
||||||
create_response("Created", nil, 201)
|
create_response("Created", nil, 201)
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
@ -30,7 +30,7 @@ module Devops
|
|||||||
def self.delete_user
|
def self.delete_user
|
||||||
lambda {
|
lambda {
|
||||||
check_privileges("user", "w")
|
check_privileges("user", "w")
|
||||||
projects = settings.mongo.projects_by_user params[:user]
|
projects = Devops::Db.connector.projects_by_user params[:user]
|
||||||
if !projects.empty?
|
if !projects.empty?
|
||||||
str = ""
|
str = ""
|
||||||
projects.each do |p|
|
projects.each do |p|
|
||||||
@ -43,7 +43,7 @@ module Devops
|
|||||||
#return [400, "Deleting is forbidden: User is included in #{str}"]
|
#return [400, "Deleting is forbidden: User is included in #{str}"]
|
||||||
end
|
end
|
||||||
|
|
||||||
r = settings.mongo.user_delete params[:user]
|
r = Devops::Db.connector.user_delete params[:user]
|
||||||
create_response("User '#{params[:user]}' removed")
|
create_response("User '#{params[:user]}' removed")
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
@ -52,11 +52,11 @@ module Devops
|
|||||||
lambda {
|
lambda {
|
||||||
check_privileges("user", "w")
|
check_privileges("user", "w")
|
||||||
data = create_object_from_json_body
|
data = create_object_from_json_body
|
||||||
user = settings.mongo.user params[:user]
|
user = Devops::Db.connector.user params[:user]
|
||||||
cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) || ""
|
cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) || ""
|
||||||
privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) || ""
|
privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) || ""
|
||||||
user.grant(cmd, privileges)
|
user.grant(cmd, privileges)
|
||||||
settings.mongo.user_update user
|
Devops::Db.connector.user_update user
|
||||||
create_response("Updated")
|
create_response("Updated")
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
@ -66,15 +66,15 @@ module Devops
|
|||||||
check_privileges("user", "w")
|
check_privileges("user", "w")
|
||||||
action = File.basename(request.path)
|
action = File.basename(request.path)
|
||||||
u = File.basename(File.dirname(request.path))
|
u = File.basename(File.dirname(request.path))
|
||||||
raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == User::ROOT_USER_NAME and request.env['REMOTE_USER'] != User::ROOT_USER_NAME
|
raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == ::User::ROOT_USER_NAME and request.env['REMOTE_USER'] != ::User::ROOT_USER_NAME
|
||||||
|
|
||||||
check_privileges("user", "w") unless request.env['REMOTE_USER'] == u
|
check_privileges("user", "w") unless request.env['REMOTE_USER'] == u
|
||||||
|
|
||||||
body = create_object_from_json_body
|
body = create_object_from_json_body
|
||||||
p = check_string(body[action], "Parameter '#{action}' must be a not empty string")
|
p = check_string(body[action], "Parameter '#{action}' must be a not empty string")
|
||||||
user = settings.mongo.user u
|
user = Devops::Db.connector.user u
|
||||||
user.send("#{action}=", p)
|
user.send("#{action}=", p)
|
||||||
settings.mongo.user_update user
|
Devops::Db.connector.user_update user
|
||||||
create_response("Updated")
|
create_response("Updated")
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user