add initialize resource types

broadinstitute · Sep 9, 2019 · 92b887f · 92b887f
1 parent d7706d8
commit 92b887f
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 61 deletions.
diff --git a/src/main/resources/swagger/api-docs.yaml b/src/main/resources/swagger/api-docs.yaml
@@ -157,6 +157,22 @@ paths:
       tags:
         - Admin
 
+  /api/initializeResourceTypes:
+    put:
+      summary: TEMPORARY FOR MIGRATION - Initializes resource types and attendent roles and actions
+      responses:
+        204:
+          description: Successfully initialized resource types
+        403:
+          description: You do not have admin privileges
+        500:
+          description: Internal Server Error
+          schema:
+            $ref: '#/definitions/ErrorReport'
+      operationId: initializeResourceTypes
+      tags:
+        - Admin
+
   /api/config/v1/resourceTypes:
     get:
       responses:

diff --git a/src/main/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutes.scala b/src/main/scala/org/broadinstitute/dsde/workbench/sam/api/ResourceRoutes.scala
@@ -32,90 +32,101 @@ trait ResourceRoutes extends UserInfoDirectives with SecurityDirectives with Sam
     }
 
   def resourceRoutes: server.Route =
-    (pathPrefix("config" / "v1" / "resourceTypes") | pathPrefix("resourceTypes")) {
-      requireUserInfo { userInfo =>
-        pathEndOrSingleSlash {
-          get {
+    requireUserInfo { userInfo =>
+      asWorkbenchAdmin(userInfo) {
+        path("initializeResourceTypes") {
+          put {
             complete {
-              resourceService.getResourceTypes().map(typeMap => StatusCodes.OK -> typeMap.values.toSet)
+              resourceService.initResourceTypes()
             }
           }
         }
       }
     } ~
-      (pathPrefix("resources" / "v1") | pathPrefix("resource")) {
+    (pathPrefix("config" / "v1" / "resourceTypes") | pathPrefix("resourceTypes")) {
         requireUserInfo { userInfo =>
-          pathPrefix(Segment) { resourceTypeName =>
-            withResourceType(ResourceTypeName(resourceTypeName)) { resourceType =>
-              pathEndOrSingleSlash {
-                getUserPoliciesForResourceType(resourceType, userInfo) ~
-                  postResource(resourceType, userInfo)
-              } ~ pathPrefix(Segment) { resourceId =>
-                val resource = FullyQualifiedResourceId(resourceType.name, ResourceId(resourceId))
+          pathEndOrSingleSlash {
+            get {
+              complete {
+                resourceService.getResourceTypes().map(typeMap => StatusCodes.OK -> typeMap.values.toSet)
+              }
+            }
+          }
+        }
+    } ~
+    (pathPrefix("resources" / "v1") | pathPrefix("resource")) {
+      requireUserInfo { userInfo =>
+        pathPrefix(Segment) { resourceTypeName =>
+          withResourceType(ResourceTypeName(resourceTypeName)) { resourceType =>
+            pathEndOrSingleSlash {
+              getUserPoliciesForResourceType(resourceType, userInfo) ~
+                postResource(resourceType, userInfo)
+            } ~ pathPrefix(Segment) { resourceId =>
+              val resource = FullyQualifiedResourceId(resourceType.name, ResourceId(resourceId))
 
-                pathEndOrSingleSlash {
-                  deleteResource(resource, userInfo) ~
-                    postDefaultResource(resourceType, resource, userInfo)
-                } ~ pathPrefix("action") {
-                  pathPrefix(Segment) { action =>
-                    pathEndOrSingleSlash {
-                      getActionPermissionForUser(resource, userInfo, action)
-                    }
-                  }
-                } ~ pathPrefix("authDomain") {
+              pathEndOrSingleSlash {
+                deleteResource(resource, userInfo) ~
+                  postDefaultResource(resourceType, resource, userInfo)
+              } ~ pathPrefix("action") {
+                pathPrefix(Segment) { action =>
                   pathEndOrSingleSlash {
-                    getResourceAuthDomain(resource, userInfo)
+                    getActionPermissionForUser(resource, userInfo, action)
                   }
-                } ~ pathPrefix("policies") {
-                  pathEndOrSingleSlash {
-                    getResourcePolicies(resource, userInfo)
-                  } ~ pathPrefix(Segment) { policyName =>
-                    val policyId = FullyQualifiedPolicyId(resource, AccessPolicyName(policyName))
+                }
+              } ~ pathPrefix("authDomain") {
+                pathEndOrSingleSlash {
+                  getResourceAuthDomain(resource, userInfo)
+                }
+              } ~ pathPrefix("policies") {
+                pathEndOrSingleSlash {
+                  getResourcePolicies(resource, userInfo)
+                } ~ pathPrefix(Segment) { policyName =>
+                  val policyId = FullyQualifiedPolicyId(resource, AccessPolicyName(policyName))
 
+                  pathEndOrSingleSlash {
+                    getPolicy(policyId, userInfo) ~
+                      putPolicyOverwrite(resourceType, policyId, userInfo)
+                  } ~ pathPrefix("memberEmails") {
                     pathEndOrSingleSlash {
-                      getPolicy(policyId, userInfo) ~
-                        putPolicyOverwrite(resourceType, policyId, userInfo)
-                    } ~ pathPrefix("memberEmails") {
-                      pathEndOrSingleSlash {
-                        putPolicyMembershipOverwrite(resourceType, policyId, userInfo)
-                      } ~ pathPrefix(Segment) { email =>
-                        withSubject(WorkbenchEmail(email)) { subject =>
-                          pathEndOrSingleSlash {
-                            requireOneOfAction(
-                              resource,
-                              Set(SamResourceActions.alterPolicies, SamResourceActions.sharePolicy(policyId.accessPolicyName)),
-                              userInfo.userId) {
-                              putUserInPolicy(policyId, subject) ~
-                                deleteUserFromPolicy(policyId, subject)
-                            }
+                      putPolicyMembershipOverwrite(resourceType, policyId, userInfo)
+                    } ~ pathPrefix(Segment) { email =>
+                      withSubject(WorkbenchEmail(email)) { subject =>
+                        pathEndOrSingleSlash {
+                          requireOneOfAction(
+                            resource,
+                            Set(SamResourceActions.alterPolicies, SamResourceActions.sharePolicy(policyId.accessPolicyName)),
+                            userInfo.userId) {
+                            putUserInPolicy(policyId, subject) ~
+                              deleteUserFromPolicy(policyId, subject)
                           }
                         }
                       }
-                    } ~ pathPrefix("public") {
-                      pathEndOrSingleSlash {
-                        getPublicFlag(policyId, userInfo) ~
-                          putPublicFlag(policyId, userInfo)
-                      }
                     }
-                  }
-                } ~ pathPrefix("roles") {
-                  pathEndOrSingleSlash {
-                    getUserResourceRoles(resource, userInfo)
-                  }
-                } ~ pathPrefix("actions") {
-                  pathEndOrSingleSlash {
-                    listActionsForUser(resource, userInfo)
-                  }
-                } ~ pathPrefix("allUsers") {
-                  pathEndOrSingleSlash {
-                    getAllResourceUsers(resource, userInfo)
+                  } ~ pathPrefix("public") {
+                    pathEndOrSingleSlash {
+                      getPublicFlag(policyId, userInfo) ~
+                        putPublicFlag(policyId, userInfo)
+                    }
                   }
                 }
+              } ~ pathPrefix("roles") {
+                pathEndOrSingleSlash {
+                  getUserResourceRoles(resource, userInfo)
+                }
+              } ~ pathPrefix("actions") {
+                pathEndOrSingleSlash {
+                  listActionsForUser(resource, userInfo)
+                }
+              } ~ pathPrefix("allUsers") {
+                pathEndOrSingleSlash {
+                  getAllResourceUsers(resource, userInfo)
+                }
               }
             }
           }
         }
       }
+    }
 
   def getUserPoliciesForResourceType(resourceType: ResourceType, userInfo: UserInfo): server.Route =
     get {