module Devops module API2_0 module Routes module UserRoutes def self.registered(app) # Get users list # # * *Request* # - method : GET # - headers : # - Accept: application/json # # * *Returns* : # [ # { # "email": "test@test.test", # "privileges": { # "flavor": "r", # "group": "r", # "image": "r", # "project": "r", # "server": "r", # "key": "r", # "user": "", # "filter": "r", # "network": "r", # "provider": "r", # "script": "r", # "templates": "r" # }, # "id": "test" # } # ] app.get_with_headers "/users", :headers => [:accept] do#, &Devops::API2_0::Handler::User.get_users check_privileges("user", "r") users = Devops::API2_0::Handler::User.new.users.map {|i| h = i.to_hash; h.delete("password"); h} json users end # Create user # # * *Request* # - method : POST # - headers : # - Accept: application/json # - Content-Type: application/json # - body : # { # "username": "user name", # "email": "user email", # "password": "user password" # } # # * *Returns* : # 201 - Created app.post_with_headers "/user", :headers => [:accept, :content_type] do#, &Devops::API2_0::Handler::User.create_user check_privileges("user", "w") user = create_object_from_json_body ["username", "password", "email"].each do |p| check_string(user[p], "Parameter '#{p}' must be a not empty string") end Devops::API2_0::Handler::User.new.create(user) create_response("Created", nil, 201) end hash = {} # Delete user # # * *Request* # - method : DELETE # - headers : # - Accept: application/json # # * *Returns* : # 200 - Deleted hash["DELETE"] = lambda { check_privileges("user", "w") projects = Devops::Db.connector.projects_by_user params[:user] if !projects.empty? str = "" projects.each do |p| p.deploy_envs.each do |e| str+="#{p.id}.#{e.identifier} " if e.users.include? params[:user] end end logger.info projects raise DependencyError.new "Deleting is forbidden: User is included in #{str}" #return [400, "Deleting is forbidden: User is included in #{str}"] end Devops::API2_0::Handler::User.new.delete(params[:user]) create_response("User '#{params[:user]}' removed") } # Change user privileges # # * *Request* # - method : PUT # - headers : # - Accept: application/json # - Content-Type: application/json # - body : # { # "cmd": "command or all", -> if empty, set default privileges # "privileges": "priv" -> 'rwx' or '' # } # # * *Returns* : # 200 - Updated hash["PUT"] = lambda { check_privileges("user", "w") data = create_object_from_json_body cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) || "" privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) || "" Devops::API2_0::Handler::User.new.change_user_privileges(params[:user], cmd, privileges) create_response("Updated") } app.multi_routes "/user/:user", {:headers => [:accept, :content_type]}, hash # Change user email/password # # * *Request* # - method : PUT # - headers : # - Accept: application/json # - Content-Type: application/json # - body : # { # "email/password": "new user email/password", # } # # * *Returns* : # 200 - Updated app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/(email|password)\z}, :headers => [:accept, :content_type] do#, &Devops::API2_0::Handler::User.change_user_email_or_password check_privileges("user", "w") action = File.basename(request.path) u = File.basename(File.dirname(request.path)) raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == Devops::Model::User::ROOT_USER_NAME and request.env['REMOTE_USER'] != Devops::Model::User::ROOT_USER_NAME check_privileges("user", "w") unless request.env['REMOTE_USER'] == u body = create_object_from_json_body p = check_string(body[action], "Parameter '#{action}' must be a not empty string") h = Devops::API2_0::Handler::User.new h.send("change_#{action}", body.merge('user_id' => u)) create_response("Updated") end puts "User routes initialized" end end end end end