2016-04-02 14:40:07 +02:00
package projects
import (
"database/sql"
2017-02-23 00:21:49 +01:00
"net/http"
2016-04-02 14:40:07 +02:00
2017-02-23 06:12:16 +01:00
"github.com/ansible-semaphore/semaphore/db"
2019-07-09 09:21:49 +02:00
"github.com/ansible-semaphore/semaphore/mulekick"
2016-04-02 14:40:07 +02:00
"github.com/ansible-semaphore/semaphore/util"
2017-02-23 00:21:49 +01:00
"github.com/gorilla/context"
2016-04-02 14:40:07 +02:00
"github.com/masterminds/squirrel"
)
2018-03-27 22:12:47 +02:00
// ProjectMiddleware ensures a project exists and loads it to the context
2019-07-09 09:21:49 +02:00
func ProjectMiddleware ( next http . Handler ) http . Handler {
return http . HandlerFunc ( func ( w http . ResponseWriter , r * http . Request ) {
user := context . Get ( r , "user" ) . ( * db . User )
projectID , err := util . GetIntParam ( "project_id" , w , r )
if err != nil {
2016-04-02 14:40:07 +02:00
return
}
2019-07-09 09:21:49 +02:00
query , args , err := squirrel . Select ( "p.*" ) .
From ( "project as p" ) .
Join ( "project__user as pu on pu.project_id=p.id" ) .
Where ( "p.id=?" , projectID ) .
Where ( "pu.user_id=?" , user . ID ) .
ToSql ( )
util . LogWarning ( err )
var project db . Project
if err := db . Mysql . SelectOne ( & project , query , args ... ) ; err != nil {
if err == sql . ErrNoRows {
w . WriteHeader ( http . StatusNotFound )
return
}
panic ( err )
}
2016-04-02 14:40:07 +02:00
2019-07-09 09:21:49 +02:00
context . Set ( r , "project" , project )
2019-07-09 18:11:01 +02:00
next . ServeHTTP ( w , r )
2019-07-09 09:21:49 +02:00
} )
2016-04-02 14:40:07 +02:00
}
2018-03-27 22:12:47 +02:00
//GetProject returns a project details
2019-07-09 18:11:01 +02:00
func GetProject ( w http . ResponseWriter , r * http . Request ) {
mulekick . WriteJSON ( w , http . StatusOK , context . Get ( r , "project" ) )
2016-04-02 14:40:07 +02:00
}
2016-06-17 22:16:46 +02:00
2018-03-27 22:12:47 +02:00
// MustBeAdmin ensures that the user has administrator rights
2019-07-09 18:11:01 +02:00
func MustBeAdmin ( w http . ResponseWriter , r * http . Request ) {
project := context . Get ( r , "project" ) . ( db . Project )
user := context . Get ( r , "user" ) . ( * db . User )
userC , err := db . Mysql . SelectInt ( "select count(1) from project__user as pu join user as u on pu.user_id=u.id where pu.user_id=? and pu.project_id=? and pu.admin=1" , user . ID , project . ID )
if err != nil {
panic ( err )
}
if userC == 0 {
w . WriteHeader ( http . StatusForbidden )
return
}
2016-06-17 22:16:46 +02:00
}
2018-03-27 22:12:47 +02:00
// UpdateProject saves updated project details to the database
2019-07-09 18:11:01 +02:00
func UpdateProject ( w http . ResponseWriter , r * http . Request ) {
project := context . Get ( r , "project" ) . ( db . Project )
var body struct {
Name string ` json:"name" `
Alert bool ` json:"alert" `
AlertChat string ` json:"alert_chat" `
}
if err := mulekick . Bind ( w , r , & body ) ; err != nil {
return
}
if _ , err := db . Mysql . Exec ( "update project set name=?, alert=?, alert_chat=? where id=?" , body . Name , body . Alert , body . AlertChat , project . ID ) ; err != nil {
panic ( err )
}
w . WriteHeader ( http . StatusNoContent )
2016-06-17 22:16:46 +02:00
}
2018-03-27 22:12:47 +02:00
// DeleteProject removes a project from the database
2019-07-09 18:11:01 +02:00
func DeleteProject ( w http . ResponseWriter , r * http . Request ) {
project := context . Get ( r , "project" ) . ( db . Project )
tx , err := db . Mysql . Begin ( )
if err != nil {
panic ( err )
}
statements := [ ] string {
"delete tao from task__output as tao join task as t on t.id=tao.task_id join project__template as pt on pt.id=t.template_id where pt.project_id=?" ,
"delete t from task as t join project__template as pt on pt.id=t.template_id where pt.project_id=?" ,
"delete from project__template where project_id=?" ,
"delete from project__user where project_id=?" ,
"delete from project__repository where project_id=?" ,
"delete from project__inventory where project_id=?" ,
"delete from access_key where project_id=?" ,
"delete from project where id=?" ,
}
for _ , statement := range statements {
_ , err := tx . Exec ( statement , project . ID )
2016-06-17 22:16:46 +02:00
if err != nil {
2019-07-09 18:11:01 +02:00
err = tx . Rollback ( )
util . LogWarning ( err )
2016-06-17 22:16:46 +02:00
panic ( err )
}
2019-07-09 18:11:01 +02:00
}
2016-06-17 22:16:46 +02:00
2019-07-09 18:11:01 +02:00
if err := tx . Commit ( ) ; err != nil {
panic ( err )
}
2016-06-17 22:16:46 +02:00
2019-07-09 18:11:01 +02:00
w . WriteHeader ( http . StatusNoContent )
2016-06-17 22:16:46 +02:00
}