1 class Arvados::V1::RepositoriesController < ApplicationController
2 skip_before_filter :find_object_by_uuid, :only => :get_all_permissions
3 skip_before_filter :render_404_if_no_object, :only => :get_all_permissions
4 before_filter :admin_required, :only => :get_all_permissions
5 def get_all_permissions
7 User.includes(:authorized_keys).all.each do |u|
10 admins = @users.select { |k,v| v.is_admin }
13 @repos = Repository.includes(:permissions).all
15 gitolite_permissions = ''
17 repo.permissions.each do |perm|
18 if ArvadosModel::resource_class_for_uuid(perm.tail_uuid) == Group
19 @users.each do |user_uuid, user|
20 user.group_permissions.each do |group_uuid, perm_mask|
22 perms << {name: 'can_write', user_uuid: user_uuid}
23 elsif perm_mask[:read]
24 perms << {name: 'can_read', user_uuid: user_uuid}
29 perms << {name: perm.name, user_uuid: perm.tail_uuid}
32 # Owner of the repository, and all admins, can RW
33 ([repo.owner_uuid] + admins.keys).each do |user_uuid|
34 perms << {name: 'can_write', user_uuid: user_uuid}
37 user_uuid = perm[:user_uuid]
38 @user_aks[user_uuid] = @users[user_uuid].andand.authorized_keys.andand.
41 public_key: ak.public_key,
42 authorized_key_uuid: ak.uuid
45 if @user_aks[user_uuid].any?
46 @repo_info[repo.uuid] ||= {
49 push_url: repo.push_url,
50 fetch_url: repo.fetch_url,
53 ri = (@repo_info[repo.uuid][:user_permissions][user_uuid] ||= {})
54 ri[perm[:name]] = true
58 @repo_info.values.each do |repo_users|
59 repo_users[:user_permissions].each do |user_uuid,perms|
61 perms[:gitolite_permissions] = 'RW'
62 perms['can_read'] = true
63 elsif perms['can_read']
64 perms[:gitolite_permissions] = 'R'
69 kind: 'arvados#RepositoryPermissionSnapshot',
70 repositories: @repo_info.values,