services/api/app/controllers/arvados/v1/repositories_controller.rb

   1 class Arvados::V1::RepositoriesController < ApplicationController
   2   skip_before_filter :find_object_by_uuid, :only => :get_all_permissions
   3   skip_before_filter :render_404_if_no_object, :only => :get_all_permissions
   4   before_filter :admin_required, :only => :get_all_permissions
   5   def get_all_permissions
   6     @users = {}
   7     User.includes(:authorized_keys).all.each do |u|
   8       @users[u.uuid] = u
   9     end
  10     @user_aks = {}
  11     @repo_info = {}
  12     @repos = Repository.includes(:permissions).all
  13     @repos.each do |repo|
  14       gitolite_permissions = ''
  15       perms = []
  16       repo.permissions.each do |perm|
  17         if ArvadosModel::resource_class_for_uuid(perm.tail_uuid) == Group
  18           @users.each do |user_uuid, user|
  19             user.group_permissions.each do |group_uuid, perm_mask|
  20               if perm_mask[:write]
  21                 perms << {name: 'can_write', user_uuid: user_uuid}
  22               elsif perm_mask[:read]
  23                 perms << {name: 'can_read', user_uuid: user_uuid}
  24               end
  25             end
  26           end
  27         else
  28           perms << {name: perm.name, user_uuid: perm.tail_uuid}
  29         end
  30       end
  31       perms.each do |perm|
  32         user_uuid = perm[:user_uuid]
  33         @user_aks[user_uuid] = @users[user_uuid].andand.authorized_keys.andand.
  34           collect do |ak|
  35           {
  36             public_key: ak.public_key,
  37             authorized_key_uuid: ak.uuid
  38           }
  39         end || []
  40         if @user_aks[user_uuid].any?
  41           @repo_info[repo.uuid] ||= {
  42             uuid: repo.uuid,
  43             name: repo.name,
  44             push_url: repo.push_url,
  45             fetch_url: repo.fetch_url,
  46             user_permissions: {}
  47           }
  48           ri = (@repo_info[repo.uuid][:user_permissions][user_uuid] ||= {})
  49           ri[perm[:name]] = true
  50         end
  51       end
  52     end
  53     @repo_info.values.each do |repo_users|
  54       repo_users[:user_permissions].each do |user_uuid,perms|
  55         if perms['can_write']
  56           perms[:gitolite_permissions] = 'RW'
  57           perms['can_read'] = true
  58         elsif perms['can_read']
  59           perms[:gitolite_permissions] = 'R'
  60         end
  61       end
  62     end
  63     render json: {
  64       kind: 'arvados#RepositoryPermissionSnapshot',
  65       repositories: @repo_info.values,
  66       user_keys: @user_aks
  67     }
  68   end
  69 end