Semaphore/api/projects/users.go

169 lines
4.1 KiB
Go
Raw Normal View History

2016-04-02 14:40:07 +02:00
package projects
import (
"database/sql"
util2 "github.com/ansible-semaphore/semaphore/api/util"
"github.com/ansible-semaphore/semaphore/models"
2017-02-23 00:21:49 +01:00
"net/http"
2016-04-17 12:41:36 +02:00
"strconv"
log "github.com/Sirupsen/logrus"
2017-02-23 00:21:49 +01:00
"github.com/gorilla/context"
2016-04-02 14:40:07 +02:00
"github.com/masterminds/squirrel"
)
// UserMiddleware ensures a user exists and loads it to the context
func UserMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
project := context.Get(r, "project").(models.Project)
userID, err := util2.GetIntParam("user_id", w, r)
if err != nil {
return
}
var user models.User
if err := util2.GetStore(r).Sql().SelectOne(&user, "select u.* from project__user as pu join `user` as u on pu.user_id=u.id where pu.user_id=? and pu.project_id=?", userID, project.ID); err != nil {
if err == sql.ErrNoRows {
w.WriteHeader(http.StatusNotFound)
return
}
panic(err)
}
context.Set(r, "projectUser", user)
next.ServeHTTP(w, r)
})
2016-04-04 15:44:34 +02:00
}
// GetUsers returns all users in a project
func GetUsers(w http.ResponseWriter, r *http.Request) {
2020-11-03 21:56:22 +01:00
if user := context.Get(r, "projectUser"); user != nil {
util2.WriteJSON(w, http.StatusOK, user.(models.User))
2020-11-03 21:56:22 +01:00
return
}
project := context.Get(r, "project").(models.Project)
var users []models.User
sort := r.URL.Query().Get("sort")
order := r.URL.Query().Get("order")
if order != asc && order != desc {
order = asc
}
q := squirrel.Select("u.*").Column("pu.admin").
From("project__user as pu").
LeftJoin("user as u on pu.user_id=u.id").
Where("pu.project_id=?", project.ID)
switch sort {
case "name", "username", "email":
q = q.OrderBy("u." + sort + " " + order)
case "admin":
q = q.OrderBy("pu." + sort + " " + order)
default:
q = q.OrderBy("u.name " + order)
}
query, args, _ := q.ToSql()
if _, err := util2.GetStore(r).Sql().Select(&users, query, args...); err != nil {
panic(err)
}
util2.WriteJSON(w, http.StatusOK, users)
2016-04-02 14:40:07 +02:00
}
// AddUser adds a user to a projects team in the database
func AddUser(w http.ResponseWriter, r *http.Request) {
project := context.Get(r, "project").(models.Project)
var user struct {
UserID int `json:"user_id" binding:"required"`
Admin bool `json:"admin"`
}
err := util2.Bind(w, r, &user)
if err != nil {
w.WriteHeader(http.StatusBadRequest)
return
}
_, err = util2.GetStore(r).CreateProjectUser(models.ProjectUser{ProjectID: project.ID, UserID: user.UserID, Admin: user.Admin})
if err != nil {
w.WriteHeader(http.StatusConflict)
return
}
objType := "user"
desc := "User ID " + strconv.Itoa(user.UserID) + " added to team"
_, err = util2.GetStore(r).CreateEvent(models.Event{
ProjectID: &project.ID,
ObjectType: &objType,
ObjectID: &user.UserID,
Description: &desc,
})
if err != nil {
log.Error(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusNoContent)
2016-04-02 14:40:07 +02:00
}
// RemoveUser removes a user from a project team
func RemoveUser(w http.ResponseWriter, r *http.Request) {
project := context.Get(r, "project").(models.Project)
user := context.Get(r, "projectUser").(models.User)
err := util2.GetStore(r).DeleteProjectUser(project.ID, user.ID)
if err != nil {
log.Error(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
objType := "user"
desc := "User ID " + strconv.Itoa(user.ID) + " removed from team"
_, err = util2.GetStore(r).CreateEvent(models.Event{
ProjectID: &project.ID,
ObjectType: &objType,
ObjectID: &user.ID,
Description: &desc,
})
if err != nil {
log.Error(err)
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusNoContent)
2016-04-02 14:40:07 +02:00
}
2016-04-04 15:44:34 +02:00
// MakeUserAdmin writes the admin flag to the users account
func MakeUserAdmin(w http.ResponseWriter, r *http.Request) {
project := context.Get(r, "project").(models.Project)
user := context.Get(r, "projectUser").(models.User)
admin := 1
if r.Method == "DELETE" {
// strip admin
admin = 0
}
2016-04-04 15:44:34 +02:00
if _, err := util2.GetStore(r).Sql().Exec("update project__user set `admin`=? where user_id=? and project_id=?", admin, user.ID, project.ID); err != nil {
panic(err)
}
w.WriteHeader(http.StatusNoContent)
2016-04-04 15:44:34 +02:00
}