//sysadmin has all privileges to all projects func listRoles(userID int, projectID int64) ([]models.Role, error) { roles := make([]models.Role, 0, 1) isSysAdmin, err := dao.IsAdminRole(userID) if err != nil { log.Errorf("failed to determine whether the user %d is system admin: %v", userID, err) return roles, err } if isSysAdmin { role, err := dao.GetRoleByID(models.PROJECTADMIN) if err != nil { log.Errorf("failed to get role %d: %v", models.PROJECTADMIN, err) return roles, err } roles = append(roles, *role) return roles, nil } rs, err := dao.GetUserProjectRoles(userID, projectID) if err != nil { log.Errorf("failed to get user %d 's roles for project %d: %v", userID, projectID, err) return roles, err } roles = append(roles, rs...) return roles, nil }
func isProjectAdmin(userID int, pid int64) bool { isSysAdmin, err := dao.IsAdminRole(userID) if err != nil { log.Errorf("Error occurred in IsAdminRole, returning false, error: %v", err) return false } if isSysAdmin { return true } rolelist, err := dao.GetUserProjectRoles(userID, pid) if err != nil { log.Errorf("Error occurred in GetUserProjectRoles, returning false, error: %v", err) return false } hasProjectAdminRole := false for _, role := range rolelist { if role.RoleID == models.PROJECTADMIN { hasProjectAdminRole = true break } } return hasProjectAdminRole }
//sysadmin has all privileges to all projects func listRoles(userID int, projectID int64) ([]models.Role, error) { roles := make([]models.Role, 0, 1) isSysAdmin, err := dao.IsAdminRole(userID) if err != nil { return roles, err } if isSysAdmin { role, err := dao.GetRoleByID(models.PROJECTADMIN) if err != nil { return roles, err } roles = append(roles, *role) return roles, nil } rs, err := dao.GetUserProjectRoles(userID, projectID) if err != nil { return roles, err } roles = append(roles, rs...) return roles, nil }
// Post ... func (pma *ProjectMemberAPI) Post() { currentUserID := pma.currentUserID projectID := pma.project.ProjectID if !hasProjectAdminRole(currentUserID, projectID) { log.Warningf("Current user, id: %d does not have project admin role for project, id:", currentUserID, projectID) pma.RenderError(http.StatusForbidden, "") return } var req memberReq pma.DecodeJSONReq(&req) username := req.Username userID := checkUserExists(username) if userID <= 0 { log.Warningf("User does not exist, user name: %s", username) pma.RenderError(http.StatusNotFound, "User does not exist") return } rolelist, err := dao.GetUserProjectRoles(userID, projectID) if err != nil { log.Errorf("Error occurred in GetUserProjectRoles, error: %v", err) pma.CustomAbort(http.StatusInternalServerError, "Internal error.") } if len(rolelist) > 0 { log.Warningf("user is already added to project, user id: %d, project id: %d", userID, projectID) pma.RenderError(http.StatusConflict, "user is ready in project") return } for _, rid := range req.Roles { err = dao.AddProjectMember(projectID, userID, int(rid)) if err != nil { log.Errorf("Failed to update DB to add project user role, project id: %d, user id: %d, role id: %d", projectID, userID, rid) pma.RenderError(http.StatusInternalServerError, "Failed to update data in database") return } } }
// Put ... func (pma *ProjectMemberAPI) Put() { currentUserID := pma.currentUserID pid := pma.project.ProjectID if !hasProjectAdminRole(currentUserID, pid) { log.Warningf("Current user, id: %d does not have project admin role for project, id:", currentUserID, pid) pma.RenderError(http.StatusForbidden, "") return } mid := pma.memberID var req memberReq pma.DecodeJSONReq(&req) roleList, err := dao.GetUserProjectRoles(mid, pid) if len(roleList) == 0 { log.Warningf("User is not in project, user id: %d, project id: %d", mid, pid) pma.RenderError(http.StatusNotFound, "user not exist in project") return } //TODO: delete and insert should in one transaction //delete user project role record for the given user err = dao.DeleteProjectMember(pid, mid) if err != nil { log.Errorf("Failed to delete project roles for user, user id: %d, project id: %d, error: %v", mid, pid, err) pma.RenderError(http.StatusInternalServerError, "Failed to update data in DB") return } //insert roles in request for _, rid := range req.Roles { err = dao.AddProjectMember(pid, mid, int(rid)) if err != nil { log.Errorf("Failed to update DB to add project user role, project id: %d, user id: %d, role id: %d", pid, mid, rid) pma.RenderError(http.StatusInternalServerError, "Failed to update data in database") return } } }