2014-06-05 00:25:38 +03:00
|
|
|
package handler
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"net/http"
|
|
|
|
|
2014-09-29 04:36:24 +03:00
|
|
|
"github.com/drone/drone/server/datastore"
|
2014-07-10 00:25:11 +03:00
|
|
|
"github.com/drone/drone/shared/model"
|
2014-09-29 04:36:24 +03:00
|
|
|
"github.com/goji/context"
|
|
|
|
"github.com/zenazn/goji/web"
|
2014-06-05 00:25:38 +03:00
|
|
|
)
|
|
|
|
|
2014-09-29 04:36:24 +03:00
|
|
|
// GetUsers accepts a request to retrieve all users
|
|
|
|
// from the datastore and return encoded in JSON format.
|
|
|
|
//
|
|
|
|
// GET /api/users
|
|
|
|
//
|
|
|
|
func GetUserList(c web.C, w http.ResponseWriter, r *http.Request) {
|
|
|
|
var ctx = context.FromC(c)
|
|
|
|
var user = ToUser(c)
|
2014-08-16 23:52:33 +03:00
|
|
|
switch {
|
|
|
|
case user == nil:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
return
|
2014-08-16 23:52:33 +03:00
|
|
|
case user.Admin == false:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusForbidden)
|
|
|
|
return
|
2014-06-05 00:25:38 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
users, err := datastore.GetUserList(ctx)
|
2014-06-05 00:25:38 +03:00
|
|
|
if err != nil {
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
|
|
return
|
2014-06-05 00:25:38 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
json.NewEncoder(w).Encode(users)
|
2014-06-05 00:25:38 +03:00
|
|
|
}
|
|
|
|
|
2014-09-29 04:36:24 +03:00
|
|
|
// GetUser accepts a request to retrieve a user by hostname
|
|
|
|
// and login from the datastore and return encoded in JSON
|
|
|
|
// format.
|
|
|
|
//
|
|
|
|
// GET /api/users/:host/:login
|
|
|
|
//
|
|
|
|
func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
|
|
|
|
var ctx = context.FromC(c)
|
|
|
|
var (
|
|
|
|
user = ToUser(c)
|
|
|
|
host = c.URLParams["host"]
|
|
|
|
login = c.URLParams["login"]
|
|
|
|
)
|
2014-08-16 23:52:33 +03:00
|
|
|
switch {
|
|
|
|
case user == nil:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
return
|
2014-08-16 23:52:33 +03:00
|
|
|
case user.Admin == false:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusForbidden)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
user, err := datastore.GetUserLogin(ctx, host, login)
|
2014-07-10 00:25:11 +03:00
|
|
|
if err != nil {
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusNotFound)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
json.NewEncoder(w).Encode(user)
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
|
|
|
|
2014-09-29 04:36:24 +03:00
|
|
|
// PostUser accepts a request to create a new user in the
|
|
|
|
// system. The created user account is returned in JSON
|
|
|
|
// format if successful.
|
|
|
|
//
|
|
|
|
// POST /api/users/:host/:login
|
|
|
|
//
|
|
|
|
func PostUser(c web.C, w http.ResponseWriter, r *http.Request) {
|
|
|
|
var ctx = context.FromC(c)
|
|
|
|
var (
|
|
|
|
user = ToUser(c)
|
|
|
|
host = c.URLParams["host"]
|
|
|
|
login = c.URLParams["login"]
|
|
|
|
)
|
2014-08-16 23:52:33 +03:00
|
|
|
switch {
|
|
|
|
case user == nil:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
return
|
2014-08-16 23:52:33 +03:00
|
|
|
case user.Admin == false:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusForbidden)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
account := model.NewUser(host, login, "")
|
|
|
|
if err := datastore.PostUser(ctx, account); err != nil {
|
|
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
json.NewEncoder(w).Encode(account)
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
|
|
|
|
2014-09-29 04:36:24 +03:00
|
|
|
// DeleteUser accepts a request to delete the specified
|
|
|
|
// user account from the system. A successful request will
|
|
|
|
// respond with an OK 200 status.
|
2014-07-10 00:25:11 +03:00
|
|
|
//
|
2014-09-29 04:36:24 +03:00
|
|
|
// DELETE /api/users/:host/:login
|
|
|
|
//
|
|
|
|
func DelUser(c web.C, w http.ResponseWriter, r *http.Request) {
|
|
|
|
var ctx = context.FromC(c)
|
|
|
|
var (
|
|
|
|
user = ToUser(c)
|
|
|
|
host = c.URLParams["host"]
|
|
|
|
login = c.URLParams["login"]
|
|
|
|
)
|
2014-08-16 23:52:33 +03:00
|
|
|
switch {
|
|
|
|
case user == nil:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
return
|
2014-08-16 23:52:33 +03:00
|
|
|
case user.Admin == false:
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusForbidden)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
account, err := datastore.GetUserLogin(ctx, host, login)
|
2014-07-10 00:25:11 +03:00
|
|
|
if err != nil {
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusNotFound)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
|
|
|
if account.ID == user.ID {
|
2014-09-29 04:36:24 +03:00
|
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
2014-09-29 04:36:24 +03:00
|
|
|
if err := datastore.DelUser(ctx, account); err != nil {
|
|
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
|
|
return
|
2014-07-10 00:25:11 +03:00
|
|
|
}
|
|
|
|
w.WriteHeader(http.StatusOK)
|
2014-06-05 00:25:38 +03:00
|
|
|
}
|