update.go 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137
  1. package project_role
  2. import (
  3. "encoding/json"
  4. "errors"
  5. "fmt"
  6. "net/http"
  7. "github.com/porter-dev/porter/api/server/handlers"
  8. "github.com/porter-dev/porter/api/server/shared"
  9. "github.com/porter-dev/porter/api/server/shared/apierrors"
  10. "github.com/porter-dev/porter/api/server/shared/config"
  11. "github.com/porter-dev/porter/api/server/shared/requestutils"
  12. "github.com/porter-dev/porter/api/types"
  13. "github.com/porter-dev/porter/internal/models"
  14. "gorm.io/gorm"
  15. )
  16. type UpdateProjectRoleHandler struct {
  17. handlers.PorterHandlerReadWriter
  18. }
  19. func NewUpdateProjectRoleHandler(
  20. config *config.Config,
  21. decoderValidator shared.RequestDecoderValidator,
  22. writer shared.ResultWriter,
  23. ) *UpdateProjectRoleHandler {
  24. return &UpdateProjectRoleHandler{
  25. PorterHandlerReadWriter: handlers.NewDefaultPorterHandler(config, decoderValidator, writer),
  26. }
  27. }
  28. func (c *UpdateProjectRoleHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
  29. project, _ := r.Context().Value(types.ProjectScope).(*models.Project)
  30. roleUID, reqErr := requestutils.GetURLParamString(r, types.URLParamProjectRoleID)
  31. if reqErr != nil {
  32. c.HandleAPIError(w, r, reqErr)
  33. return
  34. }
  35. request := &types.UpdateProjectRoleRequest{}
  36. if ok := c.DecodeAndValidate(w, r, request); !ok {
  37. return
  38. }
  39. role, err := c.Repo().ProjectRole().ReadProjectRole(project.ID, roleUID)
  40. if err != nil {
  41. if errors.Is(err, gorm.ErrRecordNotFound) {
  42. c.HandleAPIError(w, r, apierrors.NewErrNotFound(fmt.Errorf("no such project role exists")))
  43. return
  44. }
  45. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  46. return
  47. }
  48. if role.IsDefaultRole() {
  49. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(
  50. fmt.Errorf("cannot update default project roles"), http.StatusBadRequest,
  51. ))
  52. return
  53. }
  54. if request.Name != "" && request.Name != role.Name {
  55. if request.Name == string(types.RoleAdmin) ||
  56. request.Name == string(types.RoleDeveloper) ||
  57. request.Name == string(types.RoleViewer) {
  58. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(
  59. fmt.Errorf("default role names admin, developer, viewer are not allowed"), http.StatusConflict,
  60. ))
  61. return
  62. }
  63. role.Name = request.Name
  64. role, err = c.Repo().ProjectRole().UpdateProjectRole(role)
  65. if err != nil {
  66. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  67. return
  68. }
  69. }
  70. if len(request.Users) == 0 {
  71. err = c.Repo().ProjectRole().ClearUsersInProjectRole(project.ID, roleUID)
  72. if err != nil {
  73. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  74. return
  75. }
  76. } else {
  77. for _, u := range request.Users {
  78. err := validateUserForProjectRole(c.Repo(), u, project.ID)
  79. if err != nil {
  80. c.HandleAPIError(w, r, err)
  81. return
  82. }
  83. }
  84. err = c.Repo().ProjectRole().UpdateUsersInProjectRole(project.ID, roleUID, request.Users)
  85. if err != nil {
  86. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  87. return
  88. }
  89. }
  90. if request.Policy != nil {
  91. policy, err := c.Repo().Policy().ReadPolicy(project.ID, role.PolicyUID)
  92. if err != nil {
  93. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  94. return
  95. }
  96. policyBytes, err := json.Marshal([]*types.PolicyDocument{request.Policy})
  97. if err != nil {
  98. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  99. return
  100. }
  101. policy.PolicyBytes = policyBytes
  102. _, err = c.Repo().Policy().UpdatePolicy(policy)
  103. if err != nil {
  104. c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
  105. return
  106. }
  107. }
  108. }