Allow admin client to create API tokens for other users.
[arvados.git] / services / api / app / controllers / arvados / v1 / repositories_controller.rb
1 class Arvados::V1::RepositoriesController < ApplicationController
2   before_filter :admin_required, :only => :get_all_permissions
3   def get_all_permissions
4     @users = {}
5     User.includes(:authorized_keys).all.each do |u|
6       @users[u.uuid] = u
7     end
8     @user_aks = {}
9     @repo_info = {}
10     @repos = Repository.includes(:permissions).all
11     @repos.each do |repo|
12       gitolite_permissions = ''
13       perms = []
14       repo.permissions.each do |perm|
15         if perm.tail_kind == 'arvados#group'
16           @users.each do |user_uuid, user|
17             user.group_permissions.each do |group_uuid, perm_mask|
18               if perm_mask[:write]
19                 perms << {name: 'can_write', user_uuid: user_uuid}
20               elsif perm_mask[:read]
21                 perms << {name: 'can_read', user_uuid: user_uuid}
22               end
23             end
24           end
25         else
26           perms << {name: perm.name, user_uuid: perm.tail_uuid}
27         end
28       end
29       perms.each do |perm|
30         user_uuid = perm[:user_uuid]
31         @user_aks[user_uuid] = @users[user_uuid].andand.authorized_keys.andand.
32           collect do |ak|
33           {
34             public_key: ak.public_key,
35             authorized_key_uuid: ak.uuid
36           }
37         end || []
38         if @user_aks[user_uuid].any?
39           @repo_info[repo.uuid] ||= {
40             uuid: repo.uuid,
41             name: repo.name,
42             push_url: repo.push_url,
43             fetch_url: repo.fetch_url,
44             user_permissions: {}
45           }
46           ri = (@repo_info[repo.uuid][:user_permissions][user_uuid] ||= {})
47           ri[perm[:name]] = true
48         end
49       end
50     end
51     @repo_info.values.each do |repo_users|
52       repo_users[:user_permissions].each do |user_uuid,perms|
53         if perms['can_write']
54           perms[:gitolite_permissions] = 'RW'
55           perms['can_read'] = true
56         elsif perms['can_read']
57           perms[:gitolite_permissions] = 'R'
58         end
59       end
60     end
61     render json: {
62       kind: 'arvados#RepositoryPermissionSnapshot',
63       repositories: @repo_info.values,
64       user_keys: @user_aks
65     }
66   end
67 end