PageRenderTime 28ms CodeModel.GetById 2ms app.highlight 23ms RepoModel.GetById 1ms app.codeStats 0ms

/ucengine/src/controllers/user_controller.erl

http://github.com/AF83/ucengine
Erlang | 210 lines | 166 code | 27 blank | 17 comment | 0 complexity | ea9965972b3c2dab31a9ecfac26e29f9 MD5 | raw file 
  1%%
  2%%  U.C.Engine - Unified Collaboration Engine
  3%%  Copyright (C) 2011 af83
  4%%
  5%%  This program is free software: you can redistribute it and/or modify
  6%%  it under the terms of the GNU Affero General Public License as published by
  7%%  the Free Software Foundation, either version 3 of the License, or
  8%%  (at your option) any later version.
  9%%
 10%%  This program is distributed in the hope that it will be useful,
 11%%  but WITHOUT ANY WARRANTY; without even the implied warranty of
 12%%  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 13%%  GNU Affero General Public License for more details.
 14%%
 15%%  You should have received a copy of the GNU Affero General Public License
 16%%  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 17%%
 18-module(user_controller).
 19
 20-export([init/0, add/4, update/4, get/4, find/4, list/4, delete/4, check_access/4, add_role/4, delete_role/4]).
 21
 22-include("uce.hrl").
 23
 24init() ->
 25    [#uce_route{method='POST',
 26                path=["user"],
 27                callback={?MODULE, add,
 28                          [{"uid", "", string},
 29                           {"sid", "", string},
 30                           {"name", required, string},
 31                           {"auth", required, string},
 32                           {"credential", required, string},
 33                           {"metadata", [], dictionary}]}},
 34
 35     #uce_route{method='GET',
 36                path=["user"],
 37                callback={?MODULE, list,
 38                          [{"uid", required, string},
 39                           {"sid", required, string}]}},
 40
 41     #uce_route{method='GET',
 42                path=["user", id],
 43                callback={?MODULE, get,
 44                          [{"uid", required, string},
 45                           {"sid", required, string}]}},
 46
 47     #uce_route{method='GET',
 48                path=["find","user"],
 49                callback={?MODULE, find,
 50                          [{"uid", required, string},
 51                           {"sid", required, string},
 52                           {"by_name", "", string},
 53                           {"by_uid", "", string}]}},
 54
 55     #uce_route{method='PUT',
 56                path=["user", id],
 57                callback={?MODULE, update,
 58                          [{"uid", required, string},
 59                           {"sid", required, string},
 60                           {"name", required, string},
 61                           {"auth", required, string},
 62                           {"credential", required, string},
 63                           {"metadata", [], dictionary}]}},
 64
 65     #uce_route{method='DELETE',
 66                path=["user", id],
 67                callback={?MODULE, delete,
 68                          [{"uid", required, string},
 69                           {"sid", required, string}]}},
 70
 71     #uce_route{method='GET',
 72                path=["user", id, "can", action, object, '...'],
 73                callback={?MODULE, check_access,
 74                          [{"uid", required, string},
 75                           {"sid", required, string},
 76                           {"conditions", [], dictionary}]}},
 77
 78     #uce_route{method='POST',
 79                path=["user", id, "roles"],
 80                callback={?MODULE, add_role,
 81                          [{"uid", required, string},
 82                           {"sid", required, string},
 83                           {"role", required, string},
 84                           {"location", "", string}]}},
 85
 86     #uce_route{method='DELETE',
 87                path=["user", id, "roles", role, '...'],
 88                callback={?MODULE, delete_role,
 89                          [{"uid", required, string},
 90                           {"sid", required, string}]}}].
 91
 92
 93add(Domain, [], [Uid, Sid, Name, Auth, Credential, Metadata], _) ->
 94    case config:get(Domain, register) of
 95        open ->
 96            create_user(Domain, [Name, Auth, Credential, Metadata]);
 97        restricted ->
 98            {ok, true} = uce_presence:assert(Domain, Uid, Sid),
 99            {ok, true} = uce_access:assert(Domain, Uid, "", "user", "add"),
100            create_user(Domain, [Name, Auth, Credential, Metadata])
101    end.
102
103create_user(Domain, [Name, Auth, Credential, Metadata]) ->
104    {ok, NewUserUid} = uce_user:add(Domain, #uce_user{id=none,
105                                                      name=Name,
106                                                      auth=Auth,
107                                                      credential=Credential,
108                                                      metadata=json_helpers:to_struct(Metadata)}),
109
110    {ok, _} = uce_event:add(Domain, #uce_event{id=none,
111                                               from=NewUserUid,
112                                               location="",
113                                               type="internal.user.add"}),
114    json_helpers:created(Domain, NewUserUid).
115
116list(Domain, [], [Uid, Sid], _) ->
117    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
118    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "list"),
119    {ok, Users} = uce_user:list(Domain),
120    json_helpers:json(Domain, Users).
121
122get(Domain, [{id, Id}], [Uid, Sid], _) ->
123    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
124    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", [{"user", Id}]),
125    {ok, User} = uce_user:get(Domain, Id),
126    json_helpers:json(Domain, User).
127
128find(Domain, [], [Uid, Sid, ByName, _ByUid], _ ) when ByName /= "" ->
129    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
130    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", []),
131    {ok, User} = uce_user:get_by_name(Domain, ByName),
132    json_helpers:json(Domain, User);
133
134find(Domain, [], [Uid, Sid, _ByName, ByUid], _ ) when ByUid /= "" ->
135    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
136    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "get", []),
137    {ok, User} = uce_user:get(Domain, ByUid),
138    json_helpers:json(Domain, User);
139
140find(_Domain, [], [_Uid, _Sid, _ByName, _ByUid], _ )->
141    throw({error, missing_parameter}).
142
143update(Domain, [{id, Id}], [Uid, Sid, Name, Auth, Credential, Metadata], _) ->
144    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
145    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "update", [{"user", Id},
146                                                                       {"auth", Auth}]),
147    {ok, Record} = uce_user:get(Domain, Id),
148    {ok, updated} = uce_user:update(Domain, Record#uce_user{name=Name,
149                                                            auth=Auth,
150                                                            credential=Credential,
151                                                            metadata=json_helpers:to_struct(Metadata)}),
152
153    {ok, _} = uce_event:add(Domain,
154                            #uce_event{id=none,
155                                       from=Id,
156                                       location="",
157                                       type="internal.user.update"}),
158
159    json_helpers:ok(Domain).
160
161delete(Domain, [{id, Id}], [Uid, Sid], _) ->
162    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
163    {ok, true} = uce_access:assert(Domain, Uid, "", "user", "delete", [{"user", Id}]),
164    {ok, deleted} = uce_user:delete(Domain, Id),
165    json_helpers:ok(Domain).
166
167check_access(Domain, [Name, Action, Object], [Uid, Sid, Conditions], Arg) ->
168    check_access(Domain, [Name, Action, Object, ""], [Uid, Sid, Conditions], Arg);
169check_access(Domain, [{id, Name}, {action, Action}, {object, Object}, Location], [Uid, Sid, Conditions], _Arg) ->
170    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
171    {ok, true} = uce_access:assert(Domain, Uid, "", "access", "check", [{"user", Name},
172                                                                        {"action", Action},
173                                                                        {"object", Object},
174                                                                        {"location", Location}]),
175    case uce_access:check(Domain, Name, Location, Object, Action, Conditions) of
176        {ok, true} ->
177            json_helpers:true(Domain);
178        {ok, false} ->
179            json_helpers:false(Domain)
180    end.
181
182add_role(Domain, [{id, Name}], [Uid, Sid, Role, Location], _) ->
183    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
184    {ok, true} = uce_access:assert(Domain, Uid, Location, "user.role", "add", [{"user", Name},
185                                                                               {"role", Role}]),
186    {ok, updated} = uce_user:add_role(Domain, Name, {Role, Location}),
187    {ok, _} = uce_event:add(Domain,
188                            #uce_event{id=none,
189                                       from=Uid,
190                                       location=Location,
191                                       type="internal.user.role.add",
192                                       metadata=[{"role", Role},
193                                                 {"user", Name}]}),
194    json_helpers:ok(Domain).
195
196delete_role(Domain, [User, Role], [Uid, Sid], Arg) ->
197    delete_role(Domain, [User, Role, ""], [Uid, Sid], Arg);
198delete_role(Domain, [{id, User}, {role, Role}, Location], [Uid, Sid], _Arg) ->
199    {ok, true} = uce_presence:assert(Domain, Uid, Sid),
200    {ok, true} = uce_access:assert(Domain, Uid, Location, "user.role", "delete", [{"user", User},
201                                                                                  {"role", Role}]),
202    {ok, updated} = uce_user:delete_role(Domain, User, {Role, Location}),
203    {ok, _} = uce_event:add(Domain,
204                            #uce_event{id=none,
205                                       from=Uid,
206                                       location=Location,
207                                       type="internal.user.role.delete",
208                                       metadata=[{"role", Role},
209                                                 {"user", User}]}),
210    json_helpers:ok(Domain).