forked from vmware-archive/atc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
set.go
126 lines (104 loc) · 3.03 KB
/
set.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package teamserver
import (
"encoding/json"
"errors"
"net/http"
"code.cloudfoundry.org/lager"
"github.com/concourse/atc"
"github.com/concourse/atc/api/present"
"github.com/concourse/atc/auth"
"github.com/concourse/atc/auth/provider"
"github.com/concourse/atc/db"
)
func (s *Server) SetTeam(w http.ResponseWriter, r *http.Request) {
hLog := s.logger.Session("set-team")
hLog.Debug("setting-team")
authTeam, authTeamFound := auth.GetTeam(r)
if !authTeamFound {
hLog.Error("failed-to-get-team-from-auth", errors.New("failed-to-get-team-from-auth"))
w.WriteHeader(http.StatusInternalServerError)
return
}
teamName := r.FormValue(":team_name")
var atcTeam atc.Team
err := json.NewDecoder(r.Body).Decode(&atcTeam)
if err != nil {
hLog.Error("malformed-request", err)
w.WriteHeader(http.StatusBadRequest)
return
}
atcTeam.Name = teamName
if !authTeam.IsAdmin() && !authTeam.IsAuthorized(teamName) {
w.WriteHeader(http.StatusForbidden)
return
}
hLog.Debug("configured-authentication", lager.Data{"BasicAuth": atcTeam.BasicAuth, "ProviderAuth": atcTeam.Auth})
if atcTeam.BasicAuth != nil {
if atcTeam.BasicAuth.BasicAuthUsername == "" || atcTeam.BasicAuth.BasicAuthPassword == "" {
hLog.Info("missing-basic-auth-username-or-password")
w.WriteHeader(http.StatusBadRequest)
return
}
}
providers := provider.GetProviders()
for providerName, config := range atcTeam.Auth {
p, found := providers[providerName]
if !found {
hLog.Error("failed-to-find-provider", err, lager.Data{"provider": providerName})
w.WriteHeader(http.StatusBadRequest)
return
}
authConfig, err := p.UnmarshalConfig(config)
if err != nil {
hLog.Error("failed-to-unmarshall-auth", err)
w.WriteHeader(http.StatusBadRequest)
return
}
err = authConfig.Validate()
if err != nil {
hLog.Error("request-body-validation-error", err)
w.WriteHeader(http.StatusBadRequest)
return
}
}
team, found, err := s.teamFactory.FindTeam(teamName)
if err != nil {
hLog.Error("failed-to-lookup-team", err, lager.Data{"teamName": teamName})
w.WriteHeader(http.StatusInternalServerError)
return
}
if found {
hLog.Debug("updating-credentials")
err = s.updateCredentials(atcTeam, team)
if err != nil {
hLog.Error("failed-to-update-team", err, lager.Data{"teamName": teamName})
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusOK)
} else if authTeam.IsAdmin() {
hLog.Debug("creating team")
team, err = s.teamFactory.CreateTeam(atcTeam)
if err != nil {
hLog.Error("failed-to-save-team", err, lager.Data{"teamName": teamName})
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusCreated)
} else {
w.WriteHeader(http.StatusForbidden)
return
}
json.NewEncoder(w).Encode(present.Team(team))
}
func (s *Server) updateCredentials(atcTeam atc.Team, team db.Team) error {
err := team.UpdateBasicAuth(atcTeam.BasicAuth)
if err != nil {
return err
}
err = team.UpdateProviderAuth(atcTeam.Auth)
if err != nil {
return err
}
return nil
}