-
Notifications
You must be signed in to change notification settings - Fork 688
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] : Multiple project owner backend. #4536
Merged
Saranya-jena
merged 20 commits into
litmuschaos:multiple-owner-support
from
aryan-bhokare:multiple-project-owner-backend
Apr 12, 2024
Merged
Changes from all commits
Commits
Show all changes
20 commits
Select commit
Hold shift + click to select a range
78b82ab
Modified db schema of Owner.
aryan-bhokare 962175b
Added new API GetProjectOwners.
aryan-bhokare 0c8528e
fix: return type error.
aryan-bhokare aeb1085
chore(deps): Bump golang.org/x/crypto in /chaoscenter/authentication …
dependabot[bot] 64867b8
chore(deps): Bump follow-redirects in /chaoscenter/web (#4529)
dependabot[bot] eacb880
chore(deps): Bump github.com/golang/protobuf (#4493)
dependabot[bot] 1de73da
Modified SendInvitation API.
aryan-bhokare 7c79813
Modified LeaveProject API.
aryan-bhokare 44ae3b9
RBAC modification `LeaveProject`.
aryan-bhokare 77bcd91
Added `UpdateMemberRole` API.
aryan-bhokare 43bd3b2
Fixed some syntax errors.
aryan-bhokare 2ac9f7d
Updated roles for owner.
aryan-bhokare 1860721
Added new API `DeleteProject`.
aryan-bhokare a2a27d4
Added mocks.
aryan-bhokare 4e8279a
Merge branch 'multiple-owner-support' into multiple-project-owner-bac…
aryan-bhokare 737c03f
modified go.sum
aryan-bhokare c1b2ed3
Added condition `UpdateMemberRole`.
aryan-bhokare 197aabd
made suggested changes.
aryan-bhokare 4a10fe3
Changed DeleteProject endpoint to have url parameter.
aryan-bhokare 33dec51
Minor fixes.
aryan-bhokare File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -195,6 +195,29 @@ func GetActiveProjectMembers(service services.ApplicationService) gin.HandlerFun | |
} | ||
} | ||
|
||
// GetActiveProjectOwners godoc | ||
// | ||
// @Summary Get active project Owners. | ||
// @Description Return list of active project owners. | ||
// @Tags ProjectRouter | ||
// @Param state path string true "State" | ||
// @Accept json | ||
// @Produce json | ||
// @Failure 500 {object} response.ErrServerError | ||
// @Success 200 {object} response.Response{} | ||
// @Router /get_project_owners/:project_id/:state [get] | ||
func GetActiveProjectOwners(service services.ApplicationService) gin.HandlerFunc { | ||
return func(c *gin.Context) { | ||
projectID := c.Param("project_id") | ||
owners, err := service.GetProjectOwners(projectID) | ||
if err != nil { | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) | ||
return | ||
} | ||
c.JSON(http.StatusOK, gin.H{"data": owners}) | ||
} | ||
} | ||
|
||
// getInvitation returns the Invitation status | ||
func getInvitation(service services.ApplicationService, member entities.MemberInput) (entities.Invitation, error) { | ||
project, err := service.GetProjectByProjectID(member.ProjectID) | ||
|
@@ -380,7 +403,7 @@ func SendInvitation(service services.ApplicationService) gin.HandlerFunc { | |
return | ||
} | ||
// Validating member role | ||
if member.Role == nil || (*member.Role != entities.RoleEditor && *member.Role != entities.RoleViewer) { | ||
if member.Role == nil || (*member.Role != entities.RoleEditor && *member.Role != entities.RoleViewer && *member.Role != entities.RoleOwner) { | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRole], presenter.CreateErrorResponse(utils.ErrInvalidRole)) | ||
return | ||
} | ||
|
@@ -568,7 +591,21 @@ func LeaveProject(service services.ApplicationService) gin.HandlerFunc { | |
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], presenter.CreateErrorResponse(utils.ErrInvalidRequest)) | ||
return | ||
} | ||
|
||
if member.Role != nil && *member.Role == entities.RoleOwner { | ||
owners, err := service.GetProjectOwners(member.ProjectID) | ||
if err != nil { | ||
log.Error(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) | ||
return | ||
} | ||
|
||
if len(owners) == 1 { | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], gin.H{"message": "Cannot leave project. There must be at least one owner."}) | ||
return | ||
} | ||
} | ||
|
||
err = validations.RbacValidator(c.MustGet("uid").(string), member.ProjectID, | ||
validations.MutationRbacRules["leaveProject"], | ||
string(entities.AcceptedInvitation), | ||
|
@@ -726,6 +763,68 @@ func UpdateProjectName(service services.ApplicationService) gin.HandlerFunc { | |
} | ||
} | ||
|
||
// UpdateMemberRole godoc | ||
// | ||
// @Summary Update member role. | ||
// @Description Return updated member role. | ||
// @Tags ProjectRouter | ||
// @Accept json | ||
// @Produce json | ||
// @Failure 400 {object} response.ErrInvalidRequest | ||
// @Failure 401 {object} response.ErrUnauthorized | ||
// @Failure 500 {object} response.ErrServerError | ||
// @Success 200 {object} response.Response{} | ||
// @Router /update_member_role [post] | ||
// | ||
// UpdateMemberRole is used to update a member role in the project | ||
func UpdateMemberRole(service services.ApplicationService) gin.HandlerFunc { | ||
return func(c *gin.Context) { | ||
var member entities.MemberInput | ||
err := c.BindJSON(&member) | ||
if err != nil { | ||
log.Warn(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRequest], presenter.CreateErrorResponse(utils.ErrInvalidRequest)) | ||
return | ||
} | ||
|
||
|
||
// Validating member role | ||
if member.Role == nil || (*member.Role != entities.RoleEditor && *member.Role != entities.RoleViewer && *member.Role != entities.RoleOwner) { | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrInvalidRole], presenter.CreateErrorResponse(utils.ErrInvalidRole)) | ||
return | ||
} | ||
|
||
err = validations.RbacValidator(c.MustGet("uid").(string), | ||
member.ProjectID, | ||
validations.MutationRbacRules["updateMemberRole"], | ||
string(entities.AcceptedInvitation), | ||
service) | ||
if err != nil { | ||
log.Warn(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrUnauthorized], | ||
presenter.CreateErrorResponse(utils.ErrUnauthorized)) | ||
return | ||
} | ||
|
||
uid := c.MustGet("uid").(string) | ||
if uid == member.UserID { | ||
c.JSON(http.StatusBadRequest, gin.H{"message": "User cannot change their own role."}) | ||
return | ||
} | ||
|
||
err = service.UpdateMemberRole(member.ProjectID, member.UserID, member.Role) | ||
if err != nil { | ||
log.Error(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) | ||
return | ||
} | ||
|
||
c.JSON(http.StatusOK, gin.H{ | ||
"message": "Successfully updated Role", | ||
}) | ||
} | ||
} | ||
|
||
// GetOwnerProjects godoc | ||
// | ||
// @Summary Get projects owner. | ||
|
@@ -796,3 +895,44 @@ func GetProjectRole(service services.ApplicationService) gin.HandlerFunc { | |
|
||
} | ||
} | ||
|
||
// DeleteProject godoc | ||
// | ||
// @Description Delete a project. | ||
// @Tags ProjectRouter | ||
// @Accept json | ||
// @Produce json | ||
// @Failure 400 {object} response.ErrProjectNotFound | ||
// @Failure 500 {object} response.ErrServerError | ||
// @Success 200 {object} response.Response{} | ||
// @Router /delete_project/{project_id} [post] | ||
// | ||
// DeleteProject is used to delete a project. | ||
func DeleteProject (service services.ApplicationService) gin.HandlerFunc { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. All the resources related to the deleted project should also be deleted. This change can go in a different PR There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Lets do that in different pr. |
||
return func(c *gin.Context) { | ||
projectID := c.Param("project_id") | ||
|
||
err := validations.RbacValidator(c.MustGet("uid").(string), | ||
projectID, | ||
validations.MutationRbacRules["deleteProject"], | ||
string(entities.AcceptedInvitation), | ||
service) | ||
if err != nil { | ||
log.Warn(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrUnauthorized], | ||
presenter.CreateErrorResponse(utils.ErrUnauthorized)) | ||
return | ||
} | ||
|
||
err = service.DeleteProject(projectID) | ||
if err != nil { | ||
log.Error(err) | ||
c.JSON(utils.ErrorStatusCodes[utils.ErrServerError], presenter.CreateErrorResponse(utils.ErrServerError)) | ||
return | ||
} | ||
|
||
c.JSON(http.StatusOK, gin.H{ | ||
"message": "Successfully deleted project.", | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should also add one more check for a case: There is only 1 owner and that owner is trying update their role to viewer/editor. In this case there will be no project owner. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sure I'll do that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about a check to not allow the logged in user to change their own project roles. This will cover all the conditions. Please check on feasibility of this approach and race conditions if any
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes that would be better. cc: @aryan-bhokare