github.com/mattyw/juju@v0.0.0-20140610034352-732aecd63861/state/apiserver/usermanager/usermanager.go (about) 1 // Copyright 2014 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package usermanager 5 6 import ( 7 "fmt" 8 9 "github.com/juju/errors" 10 "github.com/juju/loggo" 11 12 "github.com/juju/juju/state" 13 "github.com/juju/juju/state/api/params" 14 "github.com/juju/juju/state/apiserver/common" 15 ) 16 17 var logger = loggo.GetLogger("juju.state.apiserver.usermanager") 18 19 // UserManager defines the methods on the usermanager API end point. 20 type UserManager interface { 21 AddUser(arg params.ModifyUsers) (params.ErrorResults, error) 22 RemoveUser(arg params.Entities) (params.ErrorResults, error) 23 } 24 25 // UserManagerAPI implements the user manager interface and is the concrete 26 // implementation of the api end point. 27 type UserManagerAPI struct { 28 state *state.State 29 authorizer common.Authorizer 30 getCanWrite common.GetAuthFunc 31 } 32 33 var _ UserManager = (*UserManagerAPI)(nil) 34 35 func NewUserManagerAPI( 36 st *state.State, 37 authorizer common.Authorizer, 38 ) (*UserManagerAPI, error) { 39 if !authorizer.AuthClient() { 40 return nil, common.ErrPerm 41 } 42 43 // TODO(mattyw) - replace stub with real canWrite function 44 getCanWrite := common.AuthAlways(true) 45 return &UserManagerAPI{ 46 state: st, 47 authorizer: authorizer, 48 getCanWrite: getCanWrite}, 49 nil 50 } 51 52 func (api *UserManagerAPI) AddUser(args params.ModifyUsers) (params.ErrorResults, error) { 53 result := params.ErrorResults{ 54 Results: make([]params.ErrorResult, len(args.Changes)), 55 } 56 if len(args.Changes) == 0 { 57 return result, nil 58 } 59 canWrite, err := api.getCanWrite() 60 if err != nil { 61 result.Results[0].Error = common.ServerError(err) 62 return result, err 63 } 64 for i, arg := range args.Changes { 65 if !canWrite(arg.Tag) { 66 result.Results[0].Error = common.ServerError(common.ErrPerm) 67 continue 68 } 69 username := arg.Username 70 if username == "" { 71 username = arg.Tag 72 } 73 _, err := api.state.AddUser(username, arg.DisplayName, arg.Password) 74 if err != nil { 75 err = errors.Annotate(err, "failed to create user") 76 result.Results[i].Error = common.ServerError(err) 77 continue 78 } 79 } 80 return result, nil 81 } 82 83 func (api *UserManagerAPI) RemoveUser(args params.Entities) (params.ErrorResults, error) { 84 result := params.ErrorResults{ 85 Results: make([]params.ErrorResult, len(args.Entities)), 86 } 87 if len(args.Entities) == 0 { 88 return result, nil 89 } 90 canWrite, err := api.getCanWrite() 91 if err != nil { 92 return result, err 93 } 94 for i, arg := range args.Entities { 95 if !canWrite(arg.Tag) { 96 result.Results[i].Error = common.ServerError(common.ErrPerm) 97 continue 98 } 99 user, err := api.state.User(arg.Tag) 100 if err != nil { 101 result.Results[i].Error = common.ServerError(common.ErrPerm) 102 continue 103 } 104 err = user.Deactivate() 105 if err != nil { 106 result.Results[i].Error = common.ServerError(fmt.Errorf("Failed to remove user: %s", err)) 107 continue 108 } 109 } 110 return result, nil 111 }