/ucengine/src/controllers/user_controller.erl

http://github.com/AF83/ucengine · Erlang · 210 lines · 166 code · 27 blank · 17 comment · 0 complexity · ea9965972b3c2dab31a9ecfac26e29f9 MD5 · raw file

  1. %%
  2. %% U.C.Engine - Unified Collaboration Engine
  3. %% Copyright (C) 2011 af83
  4. %%
  5. %% This program is free software: you can redistribute it and/or modify
  6. %% it under the terms of the GNU Affero General Public License as published by
  7. %% the Free Software Foundation, either version 3 of the License, or
  8. %% (at your option) any later version.
  9. %%
  10. %% This program is distributed in the hope that it will be useful,
  11. %% but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. %% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. %% GNU Affero General Public License for more details.
  14. %%
  15. %% You should have received a copy of the GNU Affero General Public License
  16. %% along with this program. If not, see <http://www.gnu.org/licenses/>.
  17. %%
  18. -module(user_controller).
  19. -export([init/0, add/4, update/4, get/4, find/4, list/4, delete/4, check_access/4, add_role/4, delete_role/4]).
  20. -include("uce.hrl").
  21. init() ->
  22. [#uce_route{method='POST',
  23. path=["user"],
  24. callback={?MODULE, add,
  25. [{"uid", "", string},
  26. {"sid", "", string},
  27. {"name", required, string},
  28. {"auth", required, string},
  29. {"credential", required, string},
  30. {"metadata", [], dictionary}]}},
  31. #uce_route{method='GET',
  32. path=["user"],
  33. callback={?MODULE, list,
  34. [{"uid", required, string},
  35. {"sid", required, string}]}},
  36. #uce_route{method='GET',
  37. path=["user", id],
  38. callback={?MODULE, get,
  39. [{"uid", required, string},
  40. {"sid", required, string}]}},
  41. #uce_route{method='GET',
  42. path=["find","user"],
  43. callback={?MODULE, find,
  44. [{"uid", required, string},
  45. {"sid", required, string},
  46. {"by_name", "", string},
  47. {"by_uid", "", string}]}},
  48. #uce_route{method='PUT',
  49. path=["user", id],
  50. callback={?MODULE, update,
  51. [{"uid", required, string},
  52. {"sid", required, string},
  53. {"name", required, string},
  54. {"auth", required, string},
  55. {"credential", required, string},
  56. {"metadata", [], dictionary}]}},
  57. #uce_route{method='DELETE',
  58. path=["user", id],
  59. callback={?MODULE, delete,
  60. [{"uid", required, string},
  61. {"sid", required, string}]}},
  62. #uce_route{method='GET',
  63. path=["user", id, "can", action, object, '...'],
  64. callback={?MODULE, check_access,
  65. [{"uid", required, string},
  66. {"sid", required, string},
  67. {"conditions", [], dictionary}]}},
  68. #uce_route{method='POST',
  69. path=["user", id, "roles"],
  70. callback={?MODULE, add_role,
  71. [{"uid", required, string},
  72. {"sid", required, string},
  73. {"role", required, string},
  74. {"location", "", string}]}},
  75. #uce_route{method='DELETE',
  76. path=["user", id, "roles", role, '...'],
  77. callback={?MODULE, delete_role,
  78. [{"uid", required, string},
  79. {"sid", required, string}]}}].
  80. add(Domain, [], [Uid, Sid, Name, Auth, Credential, Metadata], _) ->
  81. case config:get(Domain, register) of
  82. open ->
  83. create_user(Domain, [Name, Auth, Credential, Metadata]);
  84. restricted ->
  85. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  86. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "add"),
  87. create_user(Domain, [Name, Auth, Credential, Metadata])
  88. end.
  89. create_user(Domain, [Name, Auth, Credential, Metadata]) ->
  90. {ok, NewUserUid} = uce_user:add(Domain, #uce_user{id=none,
  91. name=Name,
  92. auth=Auth,
  93. credential=Credential,
  94. metadata=json_helpers:to_struct(Metadata)}),
  95. {ok, _} = uce_event:add(Domain, #uce_event{id=none,
  96. from=NewUserUid,
  97. location="",
  98. type="internal.user.add"}),
  99. json_helpers:created(Domain, NewUserUid).
  100. list(Domain, [], [Uid, Sid], _) ->
  101. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  102. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "list"),
  103. {ok, Users} = uce_user:list(Domain),
  104. json_helpers:json(Domain, Users).
  105. get(Domain, [{id, Id}], [Uid, Sid], _) ->
  106. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  107. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", [{"user", Id}]),
  108. {ok, User} = uce_user:get(Domain, Id),
  109. json_helpers:json(Domain, User).
  110. find(Domain, [], [Uid, Sid, ByName, _ByUid], _ ) when ByName /= "" ->
  111. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  112. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", []),
  113. {ok, User} = uce_user:get_by_name(Domain, ByName),
  114. json_helpers:json(Domain, User);
  115. find(Domain, [], [Uid, Sid, _ByName, ByUid], _ ) when ByUid /= "" ->
  116. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  117. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", []),
  118. {ok, User} = uce_user:get(Domain, ByUid),
  119. json_helpers:json(Domain, User);
  120. find(_Domain, [], [_Uid, _Sid, _ByName, _ByUid], _ )->
  121. throw({error, missing_parameter}).
  122. update(Domain, [{id, Id}], [Uid, Sid, Name, Auth, Credential, Metadata], _) ->
  123. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  124. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "update", [{"user", Id},
  125. {"auth", Auth}]),
  126. {ok, Record} = uce_user:get(Domain, Id),
  127. {ok, updated} = uce_user:update(Domain, Record#uce_user{name=Name,
  128. auth=Auth,
  129. credential=Credential,
  130. metadata=json_helpers:to_struct(Metadata)}),
  131. {ok, _} = uce_event:add(Domain,
  132. #uce_event{id=none,
  133. from=Id,
  134. location="",
  135. type="internal.user.update"}),
  136. json_helpers:ok(Domain).
  137. delete(Domain, [{id, Id}], [Uid, Sid], _) ->
  138. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  139. {ok, true} = uce_access:assert(Domain, Uid, "", "user", "delete", [{"user", Id}]),
  140. {ok, deleted} = uce_user:delete(Domain, Id),
  141. json_helpers:ok(Domain).
  142. check_access(Domain, [Name, Action, Object], [Uid, Sid, Conditions], Arg) ->
  143. check_access(Domain, [Name, Action, Object, ""], [Uid, Sid, Conditions], Arg);
  144. check_access(Domain, [{id, Name}, {action, Action}, {object, Object}, Location], [Uid, Sid, Conditions], _Arg) ->
  145. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  146. {ok, true} = uce_access:assert(Domain, Uid, "", "access", "check", [{"user", Name},
  147. {"action", Action},
  148. {"object", Object},
  149. {"location", Location}]),
  150. case uce_access:check(Domain, Name, Location, Object, Action, Conditions) of
  151. {ok, true} ->
  152. json_helpers:true(Domain);
  153. {ok, false} ->
  154. json_helpers:false(Domain)
  155. end.
  156. add_role(Domain, [{id, Name}], [Uid, Sid, Role, Location], _) ->
  157. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  158. {ok, true} = uce_access:assert(Domain, Uid, Location, "user.role", "add", [{"user", Name},
  159. {"role", Role}]),
  160. {ok, updated} = uce_user:add_role(Domain, Name, {Role, Location}),
  161. {ok, _} = uce_event:add(Domain,
  162. #uce_event{id=none,
  163. from=Uid,
  164. location=Location,
  165. type="internal.user.role.add",
  166. metadata=[{"role", Role},
  167. {"user", Name}]}),
  168. json_helpers:ok(Domain).
  169. delete_role(Domain, [User, Role], [Uid, Sid], Arg) ->
  170. delete_role(Domain, [User, Role, ""], [Uid, Sid], Arg);
  171. delete_role(Domain, [{id, User}, {role, Role}, Location], [Uid, Sid], _Arg) ->
  172. {ok, true} = uce_presence:assert(Domain, Uid, Sid),
  173. {ok, true} = uce_access:assert(Domain, Uid, Location, "user.role", "delete", [{"user", User},
  174. {"role", Role}]),
  175. {ok, updated} = uce_user:delete_role(Domain, User, {Role, Location}),
  176. {ok, _} = uce_event:add(Domain,
  177. #uce_event{id=none,
  178. from=Uid,
  179. location=Location,
  180. type="internal.user.role.delete",
  181. metadata=[{"role", Role},
  182. {"user", User}]}),
  183. json_helpers:ok(Domain).