Esempio n. 1
0
// CreateApp creates a new app.
//
// Creating a new app is a process composed of the following steps:
//
//       1. Save the app in the database
//       2. Create the git repository using the repository manager
//       3. Provision the app using the provisioner
func CreateApp(app *App, user *auth.User) error {
	teams, err := user.Teams()
	if err != nil {
		return err
	}
	if len(teams) == 0 {
		return NoTeamsError{}
	}
	platform, err := getPlatform(app.Platform)
	if err != nil {
		return err
	}
	if platform.Disabled && !user.IsAdmin() {
		return InvalidPlatformError{}
	}
	var plan *Plan
	if app.Plan.Name == "" {
		plan, err = DefaultPlan()
	} else {
		plan, err = findPlanByName(app.Plan.Name)
	}
	if err != nil {
		return err
	}
	if app.TeamOwner == "" {
		if len(teams) > 1 {
			return ManyTeamsError{}
		}
		app.TeamOwner = teams[0].Name
	}
	err = app.ValidateTeamOwner(user)
	if err != nil {
		return err
	}
	app.Plan = *plan
	err = app.SetPool()
	if err != nil {
		return err
	}
	app.Teams = []string{app.TeamOwner}
	app.Owner = user.Email
	err = app.validate()
	if err != nil {
		return err
	}
	actions := []*action.Action{
		&reserveUserApp,
		&insertApp,
		&exportEnvironmentsAction,
		&createRepository,
		&provisionApp,
		&setAppIp,
	}
	pipeline := action.NewPipeline(actions...)
	err = pipeline.Execute(app, user)
	if err != nil {
		return &AppCreationError{app: app.Name, Err: err}
	}
	return nil
}
Esempio n. 2
0
// List returns the list of apps that the given user has access to.
//
// If the user does not have access to any app, this function returns an empty
// list and a nil error.
//
// The list can be filtered through the filter parameter.
func List(u *auth.User, filter *Filter) ([]App, error) {
	var apps []App
	conn, err := db.Conn()
	if err != nil {
		return nil, err
	}
	defer conn.Close()
	query := filter.Query()
	if u == nil || u.IsAdmin() {
		if err = conn.Apps().Find(query).All(&apps); err != nil {
			return []App{}, err
		}
		return apps, nil
	}
	ts, err := u.Teams()
	if err != nil {
		return []App{}, err
	}
	teams := auth.GetTeamsNames(ts)
	query["teams"] = bson.M{"$in": teams}
	if err := conn.Apps().Find(query).All(&apps); err != nil {
		return []App{}, err
	}
	return apps, nil
}
Esempio n. 3
0
func GetServiceInstancesByServicesAndTeams(services []Service, u *auth.User, appName string) ([]ServiceInstance, error) {
	var instances []ServiceInstance
	teams, err := u.Teams()
	if err != nil {
		return nil, err
	}
	if len(teams) == 0 {
		return nil, nil
	}
	conn, err := db.Conn()
	if err != nil {
		return nil, err
	}
	defer conn.Close()
	var teamNames []string
	if !u.IsAdmin() {
		teamNames = auth.GetTeamsNames(teams)
	}
	query := genericServiceInstancesFilter(services, teamNames)
	if appName != "" {
		query["apps"] = appName
	}
	err = conn.ServiceInstances().Find(query).All(&instances)
	return instances, err
}
Esempio n. 4
0
func getApp(name string, u *auth.User) (*app.App, error) {
	a, err := app.GetByName(name)
	if err != nil {
		return nil, &errors.HTTP{Code: http.StatusNotFound, Message: fmt.Sprintf("App %s not found.", name)}
	}
	if u == nil || u.IsAdmin() {
		return a, nil
	}
	if !auth.CheckUserAccess(a.Teams, u) {
		return a, &errors.HTTP{Code: http.StatusForbidden, Message: "User does not have access to this app"}
	}
	return a, nil
}
Esempio n. 5
0
func getApp(name string, u *auth.User, r *http.Request) (app.App, error) {
	var err error
	a := context.GetApp(r)
	if a == nil {
		a, err = app.GetByName(name)
		if err != nil {
			return app.App{}, &errors.HTTP{Code: http.StatusNotFound, Message: fmt.Sprintf("App %s not found.", name)}
		}
		context.SetApp(r, a)
	}
	if u == nil || u.IsAdmin() {
		return *a, nil
	}
	if !auth.CheckUserAccess(a.Teams, u) {
		return *a, &errors.HTTP{Code: http.StatusForbidden, Message: "user does not have access to this app"}
	}
	return *a, nil
}
Esempio n. 6
0
func (app *App) ValidateTeamOwner(user *auth.User) error {
	if _, err := auth.GetTeam(app.TeamOwner); err == auth.ErrTeamNotFound {
		return err
	}
	if user.IsAdmin() {
		return nil
	}
	teams, err := user.Teams()
	if err != nil {
		return err
	}
	for _, t := range teams {
		if t.Name == app.TeamOwner {
			return nil
		}
	}
	errorMsg := fmt.Sprintf("You can not set %s team as app's owner. Please set one of your teams as app's owner.", app.TeamOwner)
	return stderr.New(errorMsg)
}
Esempio n. 7
0
// List returns the list of apps that the given user has access to.
//
// If the user does not have acces to any app, this function returns an empty
// list and a nil error.
func List(u *auth.User) ([]App, error) {
	var apps []App
	conn, err := db.Conn()
	if err != nil {
		return nil, err
	}
	defer conn.Close()
	if u.IsAdmin() {
		if err := conn.Apps().Find(nil).All(&apps); err != nil {
			return []App{}, err
		}
		return apps, nil
	}
	ts, err := u.Teams()
	if err != nil {
		return []App{}, err
	}
	teams := auth.GetTeamsNames(ts)
	if err := conn.Apps().Find(bson.M{"teams": bson.M{"$in": teams}}).All(&apps); err != nil {
		return []App{}, err
	}
	return apps, nil
}