1 class Arvados::V1::RepositoriesController < ApplicationController
2 skip_before_filter :find_object_by_uuid, :only => :get_all_permissions
3 skip_before_filter :render_404_if_no_object, :only => :get_all_permissions
4 before_filter :admin_required, :only => :get_all_permissions
5 def get_all_permissions
7 User.includes(:authorized_keys).all.each do |u|
10 admins = @users.select { |k,v| v.is_admin }
13 @repos = Repository.includes(:permissions).all
15 gitolite_permissions = ''
17 repo.permissions.each do |perm|
18 if ArvadosModel::resource_class_for_uuid(perm.tail_uuid) == Group
19 @users.each do |user_uuid, user|
20 user.group_permissions.each do |group_uuid, perm_mask|
22 perms << {name: 'can_manage', user_uuid: user_uuid}
23 elsif perm_mask[:write]
24 perms << {name: 'can_write', user_uuid: user_uuid}
25 elsif perm_mask[:read]
26 perms << {name: 'can_read', user_uuid: user_uuid}
31 perms << {name: perm.name, user_uuid: perm.tail_uuid}
34 # Owner of the repository, and all admins, can RW
35 ([repo.owner_uuid] + admins.keys).each do |user_uuid|
36 perms << {name: 'can_write', user_uuid: user_uuid}
39 user_uuid = perm[:user_uuid]
40 @user_aks[user_uuid] = @users[user_uuid].andand.authorized_keys.andand.
43 public_key: ak.public_key,
44 authorized_key_uuid: ak.uuid
47 if @user_aks[user_uuid].any?
48 @repo_info[repo.uuid] ||= {
51 push_url: repo.push_url,
52 fetch_url: repo.fetch_url,
55 ri = (@repo_info[repo.uuid][:user_permissions][user_uuid] ||= {})
56 ri[perm[:name]] = true
60 @repo_info.values.each do |repo_users|
61 repo_users[:user_permissions].each do |user_uuid,perms|
62 if perms['can_manage']
63 perms[:gitolite_permissions] = 'RW'
64 perms['can_write'] = true
65 perms['can_read'] = true
66 elsif perms['can_write']
67 perms[:gitolite_permissions] = 'RW'
68 perms['can_read'] = true
69 elsif perms['can_read']
70 perms[:gitolite_permissions] = 'R'
74 send_json(kind: 'arvados#RepositoryPermissionSnapshot',
75 repositories: @repo_info.values,
projects / arvados.git / blob