services/api/app/controllers/arvados/v1/repositories_controller.rb

   1 class Arvados::V1::RepositoriesController < ApplicationController
   2   before_filter :admin_required, :only => :get_all_permissions
   3   def get_all_permissions
   4     @users = {}
   5     User.includes(:authorized_keys).all.each do |u|
   6       @users[u.uuid] = u
   7     end
   8     @user_aks = {}
   9     @repo_info = {}
  10     @repos = Repository.includes(:permissions).all
  11     @repos.each do |repo|
  12       gitolite_permissions = ''
  13       perms = []
  14       repo.permissions.each do |perm|
  15         if perm.tail_kind == 'arvados#group'
  16           @users.each do |user_uuid, user|
  17             user.group_permissions.each do |group_uuid, perm_mask|
  18               if perm_mask[:write]
  19                 perms << {name: 'can_write', user_uuid: user_uuid}
  20               elsif perm_mask[:read]
  21                 perms << {name: 'can_read', user_uuid: user_uuid}
  22               end
  23             end
  24           end
  25         else
  26           perms << {name: perm.name, user_uuid: perm.tail_uuid}
  27         end
  28       end
  29       perms.each do |perm|
  30         user_uuid = perm[:user_uuid]
  31         @user_aks[user_uuid] = @users[user_uuid].andand.authorized_keys.andand.
  32           collect do |ak|
  33           {
  34             public_key: ak.public_key,
  35             authorized_key_uuid: ak.uuid
  36           }
  37         end || []
  38         if @user_aks[user_uuid].any?
  39           @repo_info[repo.uuid] ||= {
  40             uuid: repo.uuid,
  41             name: repo.name,
  42             push_url: repo.push_url,
  43             fetch_url: repo.fetch_url,
  44             user_permissions: {}
  45           }
  46           ri = (@repo_info[repo.uuid][:user_permissions][user_uuid] ||= {})
  47           ri[perm[:name]] = true
  48         end
  49       end
  50     end
  51     @repo_info.values.each do |repo_users|
  52       repo_users[:user_permissions].each do |user_uuid,perms|
  53         if perms['can_write']
  54           perms[:gitolite_permissions] = 'RW'
  55           perms['can_read'] = true
  56         elsif perms['can_read']
  57           perms[:gitolite_permissions] = 'R'
  58         end
  59       end
  60     end
  61     render json: {
  62       kind: 'arvados#RepositoryPermissionSnapshot',
  63       repositories: @repo_info.values,
  64       user_keys: @user_aks
  65     }
  66   end
  67 end