github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e82833a363'
${ noResults }
portainer/api/http/handler/users/user_update.go

94 lines
3.4 KiB
Raw Normal View History Unescape

feat(stacks): support compose v2.0 stack (#1963)
7 years ago
package users
import (
"net/http"
feat(users): add the ability to rename a user (#3884) * feat(users): update username in server * feat(users): add username text field * fix(users): rename label and change buttons size * feat(users): change update message * feat(users): disable submit when not changed * feat(users): confirm updating username * feat(users): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
5 years ago
"github.com/asaskevich/govalidator"
refactor(api): introduce libhttp usage (#2263)
6 years ago
httperror "github.com/portainer/libhttp/error"
"github.com/portainer/libhttp/request"
"github.com/portainer/libhttp/response"
refactor(api): refactor base import path (#2788) * refactor(api): refactor base import path * fix(build-system): update build_binary_devops * fix(build-system): fix build_binary_devops for linux * fix(build-system): fix build_binary_devops for Windows
6 years ago
"github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/http/security"
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
)
type userUpdatePayload struct {
feat(users): add the ability to rename a user (#3884) * feat(users): update username in server * feat(users): add username text field * fix(users): rename label and change buttons size * feat(users): change update message * feat(users): disable submit when not changed * feat(users): confirm updating username * feat(users): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
5 years ago
Username string
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
Password string
Role int
}
func (payload *userUpdatePayload) Validate(r *http.Request) error {
feat(users): add the ability to rename a user (#3884) * feat(users): update username in server * feat(users): add username text field * fix(users): rename label and change buttons size * feat(users): change update message * feat(users): disable submit when not changed * feat(users): confirm updating username * feat(users): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
5 years ago
if govalidator.Contains(payload.Username, " ") {
return portainer.Error("Invalid username. Must not contain any whitespace")
}
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
if payload.Role != 0 && payload.Role != 1 && payload.Role != 2 {
return portainer.Error("Invalid role value. Value must be one of: 1 (administrator) or 2 (regular user)")
}
return nil
}
// PUT request on /api/users/:id
func (handler *Handler) userUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
userID, err := request.RetrieveNumericRouteVariableValue(r, "id")
if err != nil {
return &httperror.HandlerError{http.StatusBadRequest, "Invalid user identifier route variable", err}
}
tokenData, err := security.RetrieveTokenData(r)
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve user authentication token", err}
}
if tokenData.Role != portainer.AdministratorRole && tokenData.ID != portainer.UserID(userID) {
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to update user", portainer.ErrUnauthorized}
}
var payload userUpdatePayload
err = request.DecodeAndValidateJSONPayload(r, &payload)
if err != nil {
return &httperror.HandlerError{http.StatusBadRequest, "Invalid request payload", err}
}
if tokenData.Role != portainer.AdministratorRole && payload.Role != 0 {
return &httperror.HandlerError{http.StatusForbidden, "Permission denied to update user to administrator role", portainer.ErrResourceAccessDenied}
}
feat(api): introduce new datastore interface (#3802) * feat(api): introduce new datastore interface * refactor(api): refactor http and main layers * refactor(api): refactor http and bolt layers
5 years ago
user, err := handler.DataStore.User().User(portainer.UserID(userID))
refactor(api): restructure bolt package (#1981) * refactor(api): bolt package refactor * refactor(api): refactor bolt package
7 years ago
if err == portainer.ErrObjectNotFound {
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
return &httperror.HandlerError{http.StatusNotFound, "Unable to find a user with the specified identifier inside the database", err}
} else if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to find a user with the specified identifier inside the database", err}
}
feat(users): add the ability to rename a user (#3884) * feat(users): update username in server * feat(users): add username text field * fix(users): rename label and change buttons size * feat(users): change update message * feat(users): disable submit when not changed * feat(users): confirm updating username * feat(users): minor UI update Co-authored-by: Anthony Lapenna <lapenna.anthony@gmail.com>
5 years ago
if payload.Username != "" && payload.Username != user.Username {
sameNameUser, err := handler.DataStore.User().UserByUsername(payload.Username)
if err != nil && err != portainer.ErrObjectNotFound {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to retrieve users from the database", err}
}
if sameNameUser != nil && sameNameUser.ID != portainer.UserID(userID) {
return &httperror.HandlerError{http.StatusConflict, "Another user with the same username already exists", portainer.ErrUserAlreadyExists}
}
user.Username = payload.Username
}
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
if payload.Password != "" {
user.Password, err = handler.CryptoService.Hash(payload.Password)
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to hash user password", portainer.ErrCryptoHashFailure}
}
}
if payload.Role != 0 {
user.Role = portainer.UserRole(payload.Role)
}
feat(api): introduce new datastore interface (#3802) * feat(api): introduce new datastore interface * refactor(api): refactor http and main layers * refactor(api): refactor http and bolt layers
5 years ago
err = handler.DataStore.User().UpdateUser(user.ID, user)
feat(stacks): support compose v2.0 stack (#1963)
7 years ago
if err != nil {
return &httperror.HandlerError{http.StatusInternalServerError, "Unable to persist user changes inside the database", err}
}
return response.JSON(w, user)
}