workflow/client-go/controller/models/perms/perms.go at 3febf79413f8d2c5e13d447d4abbac2da2036860 · drycc/workflow · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package perms

import (
	"encoding/json"
	"errors"
	"fmt"

	"github.com/deis/deis/client-go/controller/api"
	"github.com/deis/deis/client-go/controller/client"
)

// List users that can access an app.
func List(c *client.Client, appID string) ([]string, error) {
	body, err := doList(c, fmt.Sprintf("/v1/apps/%s/perms/", appID))

	if err != nil {
		return []string{}, err
	}

	users := api.PermsAppResponse{}
	if err = json.Unmarshal([]byte(body), &users); err != nil {
		return []string{}, err
	}

	return users.Users, nil
}

// ListAdmins lists administrators.
func ListAdmins(c *client.Client) ([]string, error) {
	body, err := doList(c, "/v1/admin/perms/")

	if err != nil {
		return []string{}, err
	}

	users := api.PermsAdminResponse{}
	if err = json.Unmarshal([]byte(body), &users); err != nil {
		return []string{}, err
	}

	usersList := []string{}

	for _, user := range users.Users {
		usersList = append(usersList, user.Username)
	}

	return usersList, nil
}

func doList(c *client.Client, u string) (string, error) {
	body, status, err := c.BasicRequest("GET", u, nil)

	if err != nil {
		return "", err
	}

	if status != 200 {
		return "", errors.New(body)
	}

	return body, nil
}

// New adds a user to an app.
func New(c *client.Client, appID string, username string) error {
	return doNew(c, fmt.Sprintf("/v1/apps/%s/perms/", appID), username)
}

// NewAdmin makes a user an administrator.
func NewAdmin(c *client.Client, username string) error {
	return doNew(c, "/v1/admin/perms/", username)
}

func doNew(c *client.Client, u string, username string) error {
	req := api.PermsRequest{Username: username}

	reqBody, err := json.Marshal(req)

	if err != nil {
		return err
	}

	body, status, err := c.BasicRequest("POST", u, reqBody)

	if err != nil {
		return err
	}

	if status != 201 {
		return errors.New(body)
	}

	return nil
}

// Delete removes a user from an app.
func Delete(c *client.Client, appID string, username string) error {
	return doDelete(c, fmt.Sprintf("/v1/apps/%s/perms/%s", appID, username))
}

// DeleteAdmin removes administrative privilages from a user.
func DeleteAdmin(c *client.Client, username string) error {
	return doDelete(c, fmt.Sprintf("/v1/admin/perms/%s", username))
}

func doDelete(c *client.Client, u string) error {
	body, status, err := c.BasicRequest("DELETE", u, nil)

	if err != nil {
		return err
	}

	if status != 204 {
		return errors.New(body)
	}

	return nil
}