func teamList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
rec.Log(t.GetUserName(), "list-teams")
permsForTeam := permission.PermissionRegistry.PermissionsWithContextType(permission.CtxTeam)
teams, err := auth.ListTeams()
if err != nil {
return err
}
teamsMap := map[string][]string{}
perms, err := t.Permissions()
if err != nil {
return err
}
for _, team := range teams {
teamCtx := permission.Context(permission.CtxTeam, team.Name)
var parent *permission.PermissionScheme
for _, p := range permsForTeam {
if parent != nil && parent.IsParent(p) {
continue
}
if permission.CheckFromPermList(perms, p, teamCtx) {
parent = p
teamsMap[team.Name] = append(teamsMap[team.Name], p.FullName())
}
}
}
if len(teamsMap) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
var result []map[string]interface{}
for name, permissions := range teamsMap {
result = append(result, map[string]interface{}{
"name": name,
"permissions": permissions,
})
}
w.Header().Set("Content-Type", "application/json")
b, err := json.Marshal(result)
if err != nil {
return err
}
n, err := w.Write(b)
if err != nil {
return err
}
if n != len(b) {
return &errors.HTTP{Code: http.StatusInternalServerError, Message: "Failed to write response body."}
}
return nil
}
func teamList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
u, err := t.User()
if err != nil {
return err
}
rec.Log(u.Email, "list-teams")
var teams []auth.Team
if u.IsAdmin() {
teams, err = auth.ListTeams()
} else {
teams, err = u.Teams()
}
if err != nil {
return err
}
if len(teams) > 0 {
var result []map[string]interface{}
for _, team := range teams {
result = append(result, map[string]interface{}{
"name": team.Name,
"member": team.ContainsUser(u),
})
}
w.Header().Set("Content-Type", "application/json")
b, err := json.Marshal(result)
if err != nil {
return err
}
n, err := w.Write(b)
if err != nil {
return err
}
if n != len(b) {
return &errors.HTTP{Code: http.StatusInternalServerError, Message: "Failed to write response body."}
}
} else {
w.WriteHeader(http.StatusNoContent)
}
return nil
}
// title: team list
// path: /teams
// method: GET
// produce: application/json
// responses:
// 200: List teams
// 204: No content
// 401: Unauthorized
func teamList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
permsForTeam := permission.PermissionRegistry.PermissionsWithContextType(permission.CtxTeam)
teams, err := auth.ListTeams()
if err != nil {
return err
}
teamsMap := map[string][]string{}
perms, err := t.Permissions()
if err != nil {
return err
}
for _, team := range teams {
teamCtx := permission.Context(permission.CtxTeam, team.Name)
var parent *permission.PermissionScheme
for _, p := range permsForTeam {
if parent != nil && parent.IsParent(p) {
continue
}
if permission.CheckFromPermList(perms, p, teamCtx) {
parent = p
teamsMap[team.Name] = append(teamsMap[team.Name], p.FullName())
}
}
}
if len(teamsMap) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
var result []map[string]interface{}
for name, permissions := range teamsMap {
result = append(result, map[string]interface{}{
"name": name,
"permissions": permissions,
})
}
w.Header().Set("Content-Type", "application/json")
return json.NewEncoder(w).Encode(result)
}
// title: app create
// path: /apps
// method: POST
// consume: application/x-www-form-urlencoded
// produce: application/json
// responses:
// 201: App created
// 400: Invalid data
// 401: Unauthorized
// 403: Quota exceeded
// 409: App already exists
func createApp(w http.ResponseWriter, r *http.Request, t auth.Token) (err error) {
err = r.ParseForm()
if err != nil {
return &errors.HTTP{Code: http.StatusBadRequest, Message: err.Error()}
}
var ia inputApp
dec := form.NewDecoder(nil)
dec.IgnoreCase(true)
dec.IgnoreUnknownKeys(true)
dec.DecodeValues(&ia, r.Form)
a := app.App{
TeamOwner: ia.TeamOwner,
Platform: ia.Platform,
Plan: app.Plan{Name: ia.Plan},
Name: ia.Name,
Description: ia.Description,
Pool: ia.Pool,
RouterOpts: ia.RouterOpts,
}
if a.TeamOwner == "" {
a.TeamOwner, err = permission.TeamForPermission(t, permission.PermAppCreate)
if err != nil {
if err != permission.ErrTooManyTeams {
return err
}
teams, listErr := auth.ListTeams()
if listErr != nil {
return listErr
}
if len(teams) != 1 {
return err
}
a.TeamOwner = teams[0].Name
}
}
canCreate := permission.Check(t, permission.PermAppCreate,
permission.Context(permission.CtxTeam, a.TeamOwner),
)
if !canCreate {
return permission.ErrUnauthorized
}
u, err := t.User()
if err != nil {
return err
}
platform, err := app.GetPlatform(a.Platform)
if err != nil {
return err
}
if platform.Disabled {
canUsePlat := permission.Check(t, permission.PermPlatformUpdate) ||
permission.Check(t, permission.PermPlatformCreate)
if !canUsePlat {
return &errors.HTTP{Code: http.StatusBadRequest, Message: app.InvalidPlatformError.Error()}
}
}
evt, err := event.New(&event.Opts{
Target: appTarget(a.Name),
Kind: permission.PermAppCreate,
Owner: t,
CustomData: event.FormToCustomData(r.Form),
Allowed: event.Allowed(permission.PermAppReadEvents, contextsForApp(&a)...),
})
if err != nil {
return err
}
defer func() { evt.Done(err) }()
err = app.CreateApp(&a, u)
if err != nil {
log.Errorf("Got error while creating app: %s", err)
if e, ok := err.(*errors.ValidationError); ok {
return &errors.HTTP{Code: http.StatusBadRequest, Message: e.Message}
}
if _, ok := err.(app.NoTeamsError); ok {
return &errors.HTTP{
Code: http.StatusBadRequest,
Message: "In order to create an app, you should be member of at least one team",
}
}
if e, ok := err.(*app.AppCreationError); ok {
if e.Err == app.ErrAppAlreadyExists {
return &errors.HTTP{Code: http.StatusConflict, Message: e.Error()}
}
if _, ok := e.Err.(*quota.QuotaExceededError); ok {
return &errors.HTTP{
Code: http.StatusForbidden,
Message: "Quota exceeded",
}
}
}
if err == app.InvalidPlatformError {
return &errors.HTTP{Code: http.StatusBadRequest, Message: err.Error()}
}
return err
}
repo, err := repository.Manager().GetRepository(a.Name)
if err != nil {
return err
}
msg := map[string]string{
"status": "success",
"repository_url": repo.ReadWriteURL,
"ip": a.Ip,
}
jsonMsg, err := json.Marshal(msg)
if err != nil {
return err
}
w.WriteHeader(http.StatusCreated)
w.Header().Set("Content-Type", "application/json")
w.Write(jsonMsg)
return nil
}
