Merge remote-tracking branch 'origin/master' into origin-2608-websocket-event-bus...
[arvados.git] / services / api / app / controllers / arvados / v1 / virtual_machines_controller.rb
1 class Arvados::V1::VirtualMachinesController < ApplicationController
2   skip_before_filter :find_object_by_uuid, :only => :get_all_logins
3   skip_before_filter :render_404_if_no_object, :only => :get_all_logins
4   skip_before_filter(:require_auth_scope_all,
5                      :only => [:logins, :get_all_logins])
6   before_filter(:admin_required,
7                 :only => [:logins, :get_all_logins])
8   before_filter(:require_auth_scope_for_get_all_logins,
9                 :only => [:logins, :get_all_logins])
10
11   def logins
12     get_all_logins
13   end
14
15   def get_all_logins
16     @users = {}
17     User.includes(:authorized_keys).all.each do |u|
18       @users[u.uuid] = u
19     end
20     @response = []
21     @vms = VirtualMachine.includes(:login_permissions)
22     if @object
23       @vms = @vms.where('uuid=?', @object.uuid)
24     else
25       @vms = @vms.all
26     end
27     @vms.each do |vm|
28       vm.login_permissions.each do |perm|
29         user_uuid = perm.tail_uuid
30         @users[user_uuid].andand.authorized_keys.andand.each do |ak|
31           username = perm.properties.andand['username']
32           if username
33             @response << {
34               username: username,
35               hostname: vm.hostname,
36               public_key: ak.public_key,
37               user_uuid: user_uuid,
38               virtual_machine_uuid: vm.uuid,
39               authorized_key_uuid: ak.uuid
40             }
41           end
42         end
43       end
44     end
45     render json: { kind: "arvados#HashList", items: @response }
46   end
47
48   protected
49
50   def require_auth_scope_for_get_all_logins
51     if @object
52       # Client wants all logins for a single VM.
53       require_auth_scope(['all', arvados_v1_virtual_machine_url(@object.uuid)])
54     else
55       # ...for a non-existent VM, or all VMs.
56       require_auth_scope(['all'])
57     end
58   end
59 end