func teamList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
rec.Log(t.GetUserName(), "list-teams")
permsForTeam := permission.PermissionRegistry.PermissionsWithContextType(permission.CtxTeam)
teams, err := auth.ListTeams()
if err != nil {
return err
}
teamsMap := map[string][]string{}
perms, err := t.Permissions()
if err != nil {
return err
}
for _, team := range teams {
teamCtx := permission.Context(permission.CtxTeam, team.Name)
var parent *permission.PermissionScheme
for _, p := range permsForTeam {
if parent != nil && parent.IsParent(p) {
continue
}
if permission.CheckFromPermList(perms, p, teamCtx) {
parent = p
teamsMap[team.Name] = append(teamsMap[team.Name], p.FullName())
}
}
}
if len(teamsMap) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
var result []map[string]interface{}
for name, permissions := range teamsMap {
result = append(result, map[string]interface{}{
"name": name,
"permissions": permissions,
})
}
w.Header().Set("Content-Type", "application/json")
b, err := json.Marshal(result)
if err != nil {
return err
}
n, err := w.Write(b)
if err != nil {
return err
}
if n != len(b) {
return &errors.HTTP{Code: http.StatusInternalServerError, Message: "Failed to write response body."}
}
return nil
}
// title: team list
// path: /teams
// method: GET
// produce: application/json
// responses:
// 200: List teams
// 204: No content
// 401: Unauthorized
func teamList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
permsForTeam := permission.PermissionRegistry.PermissionsWithContextType(permission.CtxTeam)
teams, err := auth.ListTeams()
if err != nil {
return err
}
teamsMap := map[string][]string{}
perms, err := t.Permissions()
if err != nil {
return err
}
for _, team := range teams {
teamCtx := permission.Context(permission.CtxTeam, team.Name)
var parent *permission.PermissionScheme
for _, p := range permsForTeam {
if parent != nil && parent.IsParent(p) {
continue
}
if permission.CheckFromPermList(perms, p, teamCtx) {
parent = p
teamsMap[team.Name] = append(teamsMap[team.Name], p.FullName())
}
}
}
if len(teamsMap) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
var result []map[string]interface{}
for name, permissions := range teamsMap {
result = append(result, map[string]interface{}{
"name": name,
"permissions": permissions,
})
}
w.Header().Set("Content-Type", "application/json")
return json.NewEncoder(w).Encode(result)
}
func Allowed(scheme *permission.PermissionScheme, contexts ...permission.PermissionContext) AllowedPermission {
return AllowedPermission{
Scheme: scheme.FullName(),
Contexts: contexts,
}
}