Semaphore/api/projects/project.go

package projects

import (
	"github.com/ansible-semaphore/semaphore/api/helpers"
	"github.com/ansible-semaphore/semaphore/db"
	"github.com/gorilla/mux"
	"net/http"

	"github.com/gorilla/context"
)

// ProjectMiddleware ensures a project exists and loads it to the context
func ProjectMiddleware(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		user := context.Get(r, "user").(*db.User)

		projectID, err := helpers.GetIntParam("project_id", w, r)

		if err != nil {
			helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{
				"error": "Invalid project ID",
			})
			return
		}

		// check if user in project's team
		projectUser, err := helpers.Store(r).GetProjectUser(projectID, user.ID)

		if !user.Admin && err != nil {
			helpers.WriteError(w, err)
			return
		}

		project, err := helpers.Store(r).GetProject(projectID)

		if err != nil {
			helpers.WriteError(w, err)
			return
		}

		context.Set(r, "projectUserRole", projectUser.Role)
		context.Set(r, "project", project)
		next.ServeHTTP(w, r)
	})
}

// GetMustCanMiddleware ensures that the user has administrator rights
func GetMustCanMiddleware(permissions db.ProjectUserPermission) mux.MiddlewareFunc {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			me := context.Get(r, "user").(*db.User)
			myRole := context.Get(r, "projectUserRole").(db.ProjectUserRole)

			if !me.Admin && r.Method != "GET" && r.Method != "HEAD" && !myRole.Can(permissions) {
				w.WriteHeader(http.StatusForbidden)
				return
			}

			next.ServeHTTP(w, r)
		})
	}
}

// GetProject returns a project details
func GetProject(w http.ResponseWriter, r *http.Request) {
	helpers.WriteJSON(w, http.StatusOK, context.Get(r, "project"))
}

func GetUserRole(w http.ResponseWriter, r *http.Request) {
	var permissions struct {
		Role        db.ProjectUserRole       `json:"role"`
		Permissions db.ProjectUserPermission `json:"permissions"`
	}
	permissions.Role = context.Get(r, "projectUserRole").(db.ProjectUserRole)
	permissions.Permissions = permissions.Role.GetPermissions()
	helpers.WriteJSON(w, http.StatusOK, permissions)
}

// UpdateProject saves updated project details to the database
func UpdateProject(w http.ResponseWriter, r *http.Request) {
	project := context.Get(r, "project").(db.Project)
	var body db.Project

	if !helpers.Bind(w, r, &body) {
		return
	}

	if body.ID != project.ID {
		helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{
			"error": "Project ID in body and URL must be the same",
		})
		return
	}

	err := helpers.Store(r).UpdateProject(body)

	if err != nil {
		helpers.WriteError(w, err)
		return
	}

	w.WriteHeader(http.StatusNoContent)
}

// DeleteProject removes a project from the database
func DeleteProject(w http.ResponseWriter, r *http.Request) {
	project := context.Get(r, "project").(db.Project)

	err := helpers.Store(r).DeleteProject(project.ID)

	if err != nil {
		helpers.WriteError(w, err)
		return
	}

	w.WriteHeader(http.StatusNoContent)
}
Project ui, ws - [wip] ws support 2016-04-02 14:40:07 +02:00			`package projects`

			`import (`
refactor(be): template and environment endpoints use Store Rename util to helpers Bind returns bool instead of error 2020-12-03 14:51:15 +01:00			`"github.com/ansible-semaphore/semaphore/api/helpers"`
refactor(be): return models to db package 2020-12-04 23:41:26 +01:00			`"github.com/ansible-semaphore/semaphore/db"`
refactor(be): create middleware to check permissions 2023-07-08 23:35:39 +02:00			`"github.com/gorilla/mux"`
fix(be): delete global Mysql variable and add interface Store for dialect-independent communication with database. 2020-12-01 20:06:49 +01:00			`"net/http"`
Remove mulekick, move functions to util 2019-07-09 19:45:27 +02:00
🎉 gin -> net/http 2017-02-23 00:21:49 +01:00			`"github.com/gorilla/context"`
Project ui, ws - [wip] ws support 2016-04-02 14:40:07 +02:00			`)`

add gometalinter to tools and run it in circle. extract some error checking and logging in places where linting needed or errors not checked 2018-03-27 22:12:47 +02:00			`// ProjectMiddleware ensures a project exists and loads it to the context`
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00			`func ProjectMiddleware(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
refactor(be): return models to db package 2020-12-04 23:41:26 +01:00			`user := context.Get(r, "user").(*db.User)`
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00
refactor(be): template and environment endpoints use Store Rename util to helpers Bind returns bool instead of error 2020-12-03 14:51:15 +01:00			`projectID, err := helpers.GetIntParam("project_id", w, r)`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00			`if err != nil {`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{`
			`"error": "Invalid project ID",`
			`})`
Project ui, ws - [wip] ws support 2016-04-02 14:40:07 +02:00			`return`
			`}`

refactor(be): create middleware to check permissions 2023-07-08 23:35:39 +02:00			`// check if user in project's team`
test: check role permissions 2023-08-26 18:48:16 +02:00			`projectUser, err := helpers.Store(r).GetProjectUser(projectID, user.ID)`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00
feat: admin can all 2023-09-17 16:15:44 +02:00			`if !user.Admin && err != nil {`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`helpers.WriteError(w, err)`
			`return`
			`}`

			`project, err := helpers.Store(r).GetProject(projectID)`

			`if err != nil {`
			`helpers.WriteError(w, err)`
			`return`
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00			`}`
Project ui, ws - [wip] ws support 2016-04-02 14:40:07 +02:00
test: check role permissions 2023-08-26 18:48:16 +02:00			`context.Set(r, "projectUserRole", projectUser.Role)`
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00			`context.Set(r, "project", project)`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`next.ServeHTTP(w, r)`
Set version on windows taskfile It doesn't otherwise build on windows since by default it's `1`: ```powershell Taskfiles versions should match. First is "2" but second is "1" ``` backup 2019-07-09 09:21:49 +02:00			`})`
Project ui, ws - [wip] ws support 2016-04-02 14:40:07 +02:00			`}`

feat(fe): handle permissions on UI 2023-08-26 20:43:42 +02:00			`// GetMustCanMiddleware ensures that the user has administrator rights`
			`func GetMustCanMiddleware(permissions db.ProjectUserPermission) mux.MiddlewareFunc {`
refactor(be): create middleware to check permissions 2023-07-08 23:35:39 +02:00			`return func(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
feat: left project 2023-09-18 21:43:13 +02:00			`me := context.Get(r, "user").(*db.User)`
			`myRole := context.Get(r, "projectUserRole").(db.ProjectUserRole)`
refactor(be): create middleware to check permissions 2023-07-08 23:35:39 +02:00
feat: left project 2023-09-18 21:43:13 +02:00			`if !me.Admin && r.Method != "GET" && r.Method != "HEAD" && !myRole.Can(permissions) {`
test: check role permissions 2023-08-26 18:48:16 +02:00			`w.WriteHeader(http.StatusForbidden)`
			`return`
refactor(be): create middleware to check permissions 2023-07-08 23:35:39 +02:00			`}`

			`next.ServeHTTP(w, r)`
			`})`
			`}`
Improved UI - Fixes #94 - Fixes admin permissions (needed to manipulate users) 2016-06-17 22:16:46 +02:00			`}`

feat(be): add migration project__user.admin -> project_user.role 2023-07-07 23:15:30 +02:00			`// GetProject returns a project details`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`func GetProject(w http.ResponseWriter, r *http.Request) {`
feat(fe): handle permissions on UI 2023-08-26 20:43:42 +02:00			`helpers.WriteJSON(w, http.StatusOK, context.Get(r, "project"))`
			`}`

			`func GetUserRole(w http.ResponseWriter, r *http.Request) {`
			`var permissions struct {`
			Role db.ProjectUserRole `json:"role"`
			Permissions db.ProjectUserPermission `json:"permissions"`
test: check role permissions 2023-08-26 18:48:16 +02:00			`}`
feat(fe): handle permissions on UI 2023-08-26 20:43:42 +02:00			`permissions.Role = context.Get(r, "projectUserRole").(db.ProjectUserRole)`
			`permissions.Permissions = permissions.Role.GetPermissions()`
			`helpers.WriteJSON(w, http.StatusOK, permissions)`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`}`

add gometalinter to tools and run it in circle. extract some error checking and logging in places where linting needed or errors not checked 2018-03-27 22:12:47 +02:00			`// UpdateProject saves updated project details to the database`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`func UpdateProject(w http.ResponseWriter, r *http.Request) {`
refactor(be): return models to db package 2020-12-04 23:41:26 +01:00			`project := context.Get(r, "project").(db.Project)`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`var body db.Project`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00
refactor(be): template and environment endpoints use Store Rename util to helpers Bind returns bool instead of error 2020-12-03 14:51:15 +01:00			`if !helpers.Bind(w, r, &body) {`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`return`
			`}`

refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`if body.ID != project.ID {`
			`helpers.WriteJSON(w, http.StatusBadRequest, map[string]string{`
			`"error": "Project ID in body and URL must be the same",`
			`})`
			`return`
			`}`

fix(be): remove boltdb user 2021-05-16 23:44:42 +02:00			`err := helpers.Store(r).UpdateProject(body)`
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00
			`if err != nil {`
			`helpers.WriteError(w, err)`
			`return`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`}`

			`w.WriteHeader(http.StatusNoContent)`
Improved UI - Fixes #94 - Fixes admin permissions (needed to manipulate users) 2016-06-17 22:16:46 +02:00			`}`

add gometalinter to tools and run it in circle. extract some error checking and logging in places where linting needed or errors not checked 2018-03-27 22:12:47 +02:00			`// DeleteProject removes a project from the database`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`func DeleteProject(w http.ResponseWriter, r *http.Request) {`
refactor(be): return models to db package 2020-12-04 23:41:26 +01:00			`project := context.Get(r, "project").(db.Project)`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`err := helpers.Store(r).DeleteProject(project.ID)`
Improved UI - Fixes #94 - Fixes admin permissions (needed to manipulate users) 2016-06-17 22:16:46 +02:00
refactor(be): migrate projects to Store 2020-12-16 20:19:20 +01:00			`if err != nil {`
			`helpers.WriteError(w, err)`
			`return`
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`}`
Improved UI - Fixes #94 - Fixes admin permissions (needed to manipulate users) 2016-06-17 22:16:46 +02:00
mux != Koa, undo refactor before it gets worse 2019-07-09 18:11:01 +02:00			`w.WriteHeader(http.StatusNoContent)`
Improved UI - Fixes #94 - Fixes admin permissions (needed to manipulate users) 2016-06-17 22:16:46 +02:00			`}`