summaryrefslogtreecommitdiffstats
path: root/ui/imports/api/accounts
diff options
context:
space:
mode:
authorKoren Lev <korenlev@gmail.com>2017-07-27 16:42:15 +0300
committerKoren Lev <korenlev@gmail.com>2017-07-27 16:42:15 +0300
commitb88c78e3cf2bef22aa2f1c4d0bf305e303bc15f0 (patch)
treeffa30a6e1511d72562d8772b8700cda52b2752a1 /ui/imports/api/accounts
parentb70483739d1f6f4f0d31987ed2e4d1e30d71d579 (diff)
adding calipso ui
Change-Id: Ifa6f63daebb07f45580f747341960e898fdb00c4 Signed-off-by: Koren Lev <korenlev@gmail.com>
Diffstat (limited to 'ui/imports/api/accounts')
-rw-r--r--ui/imports/api/accounts/methods.js196
-rw-r--r--ui/imports/api/accounts/server/publications.js29
2 files changed, 225 insertions, 0 deletions
diff --git a/ui/imports/api/accounts/methods.js b/ui/imports/api/accounts/methods.js
new file mode 100644
index 0000000..4e1c40a
--- /dev/null
+++ b/ui/imports/api/accounts/methods.js
@@ -0,0 +1,196 @@
+/////////////////////////////////////////////////////////////////////////////////////////
+// Copyright (c) 2017 Koren Lev (Cisco Systems), Yaron Yogev (Cisco Systems) and others /
+// /
+// All rights reserved. This program and the accompanying materials /
+// are made available under the terms of the Apache License, Version 2.0 /
+// which accompanies this distribution, and is available at /
+// http://www.apache.org/licenses/LICENSE-2.0 /
+/////////////////////////////////////////////////////////////////////////////////////////
+import { ValidatedMethod } from 'meteor/mdg:validated-method';
+import { SimpleSchema } from 'meteor/aldeed:simple-schema';
+import * as R from 'ramda';
+import { Roles } from 'meteor/alanning:roles';
+import { Environments } from '/imports/api/environments/environments';
+
+let userSchema = new SimpleSchema({
+ _id: { type: String },
+ username: { type: String },
+ password: { type: String },
+ viewEnvs: { type: [ String ] },
+ editEnvs: { type: [ String ] },
+});
+
+export const insert = new ValidatedMethod({
+ name: 'accounts.insert',
+ validate: userSchema
+ .pick([
+ 'username',
+ 'password',
+ 'viewEnvs',
+ 'viewEnvs.$',
+ 'editEnvs',
+ 'editEnvs.$',
+ ]).validator({ clean: true, filter: false }),
+ run({
+ username,
+ password,
+ viewEnvs,
+ editEnvs,
+ }) {
+ if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) {
+ throw new Meteor.Error('unauthorized for removing users');
+ }
+
+ let userId = Accounts.createUser({
+ username: username,
+ password: password
+ });
+
+ addRole(viewEnvs, 'view-env', userId);
+ addRole(editEnvs, 'edit-env', userId);
+ }
+});
+
+
+
+export const update = new ValidatedMethod({
+ name: 'accounts.update',
+ validate: userSchema
+ .pick([
+ '_id',
+ // 'password',
+ 'viewEnvs',
+ 'viewEnvs.$',
+ 'editEnvs',
+ 'editEnvs.$',
+ ]).validator({ clean: true, filter: false }),
+ run({
+ _id,
+ //_password,
+ viewEnvs,
+ editEnvs,
+ }) {
+ console.log('accounts - methods - update - start');
+ //throw new Meteor.Error('unimplemented');
+ if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) {
+ throw new Meteor.Error('unauthorized for updating users');
+ }
+
+ /*
+ let item = Meteor.users.findOne({ _id: _id });
+ console.log('user for update: ', item);
+
+ item = R.merge(R.pick([
+ 'password',
+ ], item), {
+ password
+ });
+ */
+
+ /*
+ let item = {
+ //password
+ };
+
+ Meteor.users.update({ _id: _id }, { $set: item });
+ */
+
+ let currentViewEnvs = R.map((env) => {
+ return env.name;
+ }, Environments.find({ 'auth.view-env': { $in: [ _id ] }}).fetch());
+
+ let viewEnvsForDelete = R.difference(currentViewEnvs, viewEnvs);
+ let viewEnvsForAdd = R.difference(viewEnvs, currentViewEnvs);
+
+ removeRole(viewEnvsForDelete, 'view-env', _id);
+ addRole(viewEnvsForAdd, 'view-env', _id);
+
+ //
+
+ let currentEditEnvs = R.map((env) => {
+ return env.name;
+ }, Environments.find({ 'auth.edit-env': { $in: [ _id ] }}).fetch());
+
+ let editEnvsForDelete = R.difference(currentEditEnvs, editEnvs);
+ let editEnvsForAdd = R.difference(editEnvs, currentEditEnvs);
+
+ removeRole(editEnvsForDelete, 'edit-env', _id);
+ addRole(editEnvsForAdd, 'edit-env', _id);
+
+ console.log('accounts - methods - update - end');
+ }
+});
+
+export const remove = new ValidatedMethod({
+ name: 'accounts.remove',
+ validate: userSchema
+ .pick([
+ '_id',
+ ]).validator({ clean: true, filter: false }),
+ run({
+ _id
+ }) {
+ if (! Roles.userIsInRole(Meteor.userId(), 'manage-users', Roles.GLOBAL_GROUP)) {
+ throw new Meteor.Error('unauthorized for removing users');
+ }
+
+ let user = Meteor.users.findOne({ _id: _id });
+ console.log('user for remove: ', user);
+
+ Meteor.users.remove({ _id: _id });
+ }
+});
+
+function removeRole(rolesForRemoval, roleName, userId) {
+ R.forEach((envName) => {
+ let env = Environments.findOne({ name: envName });
+ let auth = env.auth;
+ if (R.isNil(auth)) { auth = { }; }
+ if (R.isNil(R.path([roleName], auth))) {
+ auth = R.assoc(roleName, [], auth);
+ }
+ auth = R.assoc(roleName, R.reject(R.equals(userId), auth[roleName]), auth);
+
+ updateEnv(auth, env);
+ //let newEnv = R.merge(env, { auth: auth });
+
+ }, rolesForRemoval);
+}
+
+function addRole(rolesForAdd, roleName, userId) {
+ R.forEach((envName) => {
+ let env = Environments.findOne({ name: envName });
+ let auth = env.auth;
+ if (R.isNil(auth)) { auth = { }; }
+ if (R.isNil(R.path([roleName], auth))) {
+ auth = R.assoc(roleName, [], auth);
+ }
+ auth = R.assoc(roleName, R.append(userId, auth[roleName]), auth);
+
+ updateEnv(auth, env);
+ //let newEnv = R.merge(env, { auth: auth });
+
+ }, rolesForAdd);
+}
+
+function updateEnv(auth, env) {
+ console.log('update env. set: ' + R.toString(auth));
+ try {
+ Environments.update(env._id, {
+ $set: {
+ auth: auth,
+ configuration: env.configuration,
+ //distribution: distribution,
+ //name: name,
+ type_drivers: env.type_drivers,
+ mechanism_drivers: env.mechanism_drivers,
+ listen: env.listen,
+ enable_monitoring: env.enable_monitoring,
+ }
+ });
+ } catch(e) {
+ console.error('error in update: ' + R.toString(e));
+ throw new Meteor.Error('enviornment update error',
+ `unable to update ACL for environment - ${env.name}. Please check envrironment info. ${e.message}`);
+ }
+}
diff --git a/ui/imports/api/accounts/server/publications.js b/ui/imports/api/accounts/server/publications.js
new file mode 100644
index 0000000..47718d3
--- /dev/null
+++ b/ui/imports/api/accounts/server/publications.js
@@ -0,0 +1,29 @@
+/////////////////////////////////////////////////////////////////////////////////////////
+// Copyright (c) 2017 Koren Lev (Cisco Systems), Yaron Yogev (Cisco Systems) and others /
+// /
+// All rights reserved. This program and the accompanying materials /
+// are made available under the terms of the Apache License, Version 2.0 /
+// which accompanies this distribution, and is available at /
+// http://www.apache.org/licenses/LICENSE-2.0 /
+/////////////////////////////////////////////////////////////////////////////////////////
+import { Meteor } from 'meteor/meteor';
+//import * as R from 'ramda';
+//import { Environments } from '/imports/api/environments/environments';
+//import { Roles } from 'meteor/alanning:roles';
+
+Meteor.publish('users', function () {
+ console.log('server subscribtion to: users');
+ /*
+ let that = this;
+
+ let query = {};
+
+ if (! Roles.userIsInRole(that.userId, 'manage-users', 'default-group')) {
+ query = {
+ _id: that.userId
+ };
+ }
+ */
+
+ return Meteor.users.find({});
+});