158 lines
5.5 KiB
Ruby
158 lines
5.5 KiB
Ruby
module Devops
|
|
module API2_0
|
|
module Routes
|
|
module UserRoutes
|
|
|
|
def self.registered(app)
|
|
|
|
# Get users list
|
|
#
|
|
# * *Request*
|
|
# - method : GET
|
|
# - headers :
|
|
# - Accept: application/json
|
|
#
|
|
# * *Returns* :
|
|
# [
|
|
# {
|
|
# "email": "test@test.test",
|
|
# "privileges": {
|
|
# "flavor": "r",
|
|
# "group": "r",
|
|
# "image": "r",
|
|
# "project": "r",
|
|
# "server": "r",
|
|
# "key": "r",
|
|
# "user": "",
|
|
# "filter": "r",
|
|
# "network": "r",
|
|
# "provider": "r",
|
|
# "script": "r",
|
|
# "templates": "r"
|
|
# },
|
|
# "id": "test"
|
|
# }
|
|
# ]
|
|
app.get_with_headers "/users", :headers => [:accept] do#, &Devops::API2_0::Handler::User.get_users
|
|
check_privileges("user", "r")
|
|
users = Devops::API2_0::Handler::User.new.users.map {|i| h = i.to_hash; h.delete("password"); h}
|
|
json users
|
|
end
|
|
|
|
# Create user
|
|
#
|
|
# * *Request*
|
|
# - method : POST
|
|
# - headers :
|
|
# - Accept: application/json
|
|
# - Content-Type: application/json
|
|
# - body :
|
|
# {
|
|
# "username": "user name",
|
|
# "email": "user email",
|
|
# "password": "user password"
|
|
# }
|
|
#
|
|
# * *Returns* :
|
|
# 201 - Created
|
|
app.post_with_headers "/user", :headers => [:accept, :content_type] do#, &Devops::API2_0::Handler::User.create_user
|
|
check_privileges("user", "w")
|
|
user = create_object_from_json_body
|
|
["username", "password", "email"].each do |p|
|
|
check_string(user[p], "Parameter '#{p}' must be a not empty string")
|
|
end
|
|
Devops::API2_0::Handler::User.new.create(user)
|
|
create_response("Created", nil, 201)
|
|
end
|
|
|
|
hash = {}
|
|
# Delete user
|
|
#
|
|
# * *Request*
|
|
# - method : DELETE
|
|
# - headers :
|
|
# - Accept: application/json
|
|
#
|
|
# * *Returns* :
|
|
# 200 - Deleted
|
|
hash["DELETE"] = lambda {
|
|
check_privileges("user", "w")
|
|
projects = Devops::Db.connector.projects_by_user params[:user]
|
|
if !projects.empty?
|
|
str = ""
|
|
projects.each do |p|
|
|
p.deploy_envs.each do |e|
|
|
str+="#{p.id}.#{e.identifier} " if e.users.include? params[:user]
|
|
end
|
|
end
|
|
logger.info projects
|
|
raise DependencyError.new "Deleting is forbidden: User is included in #{str}"
|
|
#return [400, "Deleting is forbidden: User is included in #{str}"]
|
|
end
|
|
|
|
Devops::API2_0::Handler::User.new.delete(params[:user])
|
|
create_response("User '#{params[:user]}' removed")
|
|
}
|
|
|
|
# Change user privileges
|
|
#
|
|
# * *Request*
|
|
# - method : PUT
|
|
# - headers :
|
|
# - Accept: application/json
|
|
# - Content-Type: application/json
|
|
# - body :
|
|
# {
|
|
# "cmd": "command or all", -> if empty, set default privileges
|
|
# "privileges": "priv" -> 'rwx' or ''
|
|
# }
|
|
#
|
|
# * *Returns* :
|
|
# 200 - Updated
|
|
hash["PUT"] = lambda {
|
|
check_privileges("user", "w")
|
|
data = create_object_from_json_body
|
|
cmd = check_string(data["cmd"], "Parameter 'cmd' should be a not empty string", true) || ""
|
|
privileges = check_string(data["privileges"], "Parameter 'privileges' should be a not empty string", true) || ""
|
|
Devops::API2_0::Handler::User.new.change_user_privileges(params[:user], cmd, privileges)
|
|
create_response("Updated")
|
|
}
|
|
app.multi_routes "/user/:user", {:headers => [:accept, :content_type]}, hash
|
|
|
|
# Change user email/password
|
|
#
|
|
# * *Request*
|
|
# - method : PUT
|
|
# - headers :
|
|
# - Accept: application/json
|
|
# - Content-Type: application/json
|
|
# - body :
|
|
# {
|
|
# "email/password": "new user email/password",
|
|
# }
|
|
#
|
|
# * *Returns* :
|
|
# 200 - Updated
|
|
app.put_with_headers %r{\A/user/#{DevopsConfig::OBJECT_NAME}/(email|password)\z}, :headers => [:accept, :content_type] do#, &Devops::API2_0::Handler::User.change_user_email_or_password
|
|
check_privileges("user", "w")
|
|
action = File.basename(request.path)
|
|
u = File.basename(File.dirname(request.path))
|
|
raise InvalidPrivileges.new("Access denied for '#{request.env['REMOTE_USER']}'") if u == Devops::Model::User::ROOT_USER_NAME and request.env['REMOTE_USER'] != Devops::Model::User::ROOT_USER_NAME
|
|
|
|
check_privileges("user", "w") unless request.env['REMOTE_USER'] == u
|
|
|
|
body = create_object_from_json_body
|
|
p = check_string(body[action], "Parameter '#{action}' must be a not empty string")
|
|
h = Devops::API2_0::Handler::User.new
|
|
h.send("change_#{action}=", p)
|
|
create_response("Updated")
|
|
end
|
|
|
|
puts "User routes initialized"
|
|
end
|
|
|
|
end
|
|
end
|
|
end
|
|
end
|