builder/components/builder-api/src/server/resources/settings.rs at 7f6678e931cf7f5df8fdd1134fc61ee55b4837eb · habitat-sh/builder · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
// Copyright (c) 2018-2025 Progress Software Corporation and/or its subsidiaries, affiliates or applicable contributors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

use actix_web::{body::BoxBody,
                http::StatusCode,
                web::{self,
                      Data,
                      Json,
                      Path,
                      ServiceConfig},
                HttpRequest,
                HttpResponse};

use builder_core::Error::PackageSettingDeleteError;

use crate::{db::models::{origin::*,
                         package::*,
                         settings::*},
            server::{authorize::authorize_session,
                     error::{Error,
                             Result},
                     helpers::req_state,
                     AppState}};

use bytes::Bytes;
use diesel::PgConnection;

#[derive(Clone, Serialize, Deserialize)]
pub struct UpdateOriginPackageSettingsReq {
    #[serde(default)]
    pub visibility: String,
}

pub struct Settings;

impl Settings {
    // Route registration
    //
    pub fn register(cfg: &mut ServiceConfig) {
        cfg.route("/settings/{origin}/{name}",
                  web::post().to(create_origin_package_settings))
           .route("/settings/{origin}/{name}",
                  web::get().to(get_origin_package_settings))
           .route("/settings/{origin}/{name}",
                  web::put().to(update_origin_package_settings))
           .route("/settings/{origin}/{name}",
                  web::delete().to(delete_origin_package_settings));
    }
}

// get_origin_package_settings
#[allow(clippy::needless_pass_by_value)]
async fn get_origin_package_settings(req: HttpRequest,
                                     path: Path<(String, String)>)
                                     -> HttpResponse {
    let (origin, pkg) = path.into_inner();

    if let Err(err) = authorize_session(&req, Some(&origin), None) {
        return err.into();
    }

    let mut conn = match req_state(&req).db.get_conn().map_err(Error::DbError) {
        Ok(conn_ref) => conn_ref,
        Err(err) => return err.into(),
    };

    let get_ops = &GetOriginPackageSettings { origin: &origin,
                                              name:   &pkg, };

    match OriginPackageSettings::get(get_ops, &mut conn).map_err(Error::DieselError) {
        Ok(ops) => HttpResponse::Ok().json(ops),
        Err(err) => {
            debug!("{}", err);
            err.into()
        }
    }
}

// create_origin_package_settings
#[allow(clippy::needless_pass_by_value)]
async fn create_origin_package_settings(req: HttpRequest,
                                        path: Path<(String, String)>,
                                        state: Data<AppState>)
                                        -> HttpResponse {
    let (origin, pkg) = path.into_inner();

    let account_id =
        match authorize_session(&req, Some(&origin), Some(OriginMemberRole::Maintainer)) {
            Ok(session) => session.get_id(),
            Err(err) => return err.into(),
        };

    let mut conn = match state.db.get_conn().map_err(Error::DbError) {
        Ok(conn_ref) => conn_ref,
        Err(err) => return err.into(),
    };

    // Validate that the origin exists before attempting to create pkg settings
    let (oname, pv) = match Origin::get(&origin, &mut conn).map_err(Error::DieselError) {
        Ok(origin) => (origin.name, origin.default_package_visibility),
        Err(err) => {
            debug!("{}", err);
            return err.into();
        }
    };

    match OriginPackageSettings::create(
        &NewOriginPackageSettings {
            origin: &oname,
            name: &pkg,
            visibility: &pv,
            owner_id: account_id as i64,
        },
        &mut conn,
    )
    .map_err(Error::DieselError)
    {
        Ok(ops) => HttpResponse::Created().json(ops),
        Err(err) => {
            debug!("{}", err);
            err.into()
        }
    }
}

#[allow(clippy::needless_pass_by_value)]
async fn update_origin_package_settings(req: HttpRequest,
                                        path: Path<(String, String)>,
                                        body: Json<UpdateOriginPackageSettingsReq>)
                                        -> HttpResponse {
    let (origin, pkg) = path.into_inner();

    let account_id =
        match authorize_session(&req, Some(&origin), Some(OriginMemberRole::Maintainer)) {
            Ok(session) => session.get_id(),
            Err(err) => return err.into(),
        };

    if body.0.visibility.is_empty() {
        let body = Bytes::from_static(b"Missing required package visibility");
        return HttpResponse::with_body(StatusCode::UNPROCESSABLE_ENTITY, BoxBody::new(body));
    }

    let mut conn = match req_state(&req).db.get_conn().map_err(Error::DbError) {
        Ok(conn_ref) => conn_ref,
        Err(err) => return err.into(),
    };

    let pv: PackageVisibility = match body.0.visibility.parse() {
        Ok(o) => o,
        Err(err) => {
            debug!("{:?}", err);
            return HttpResponse::new(StatusCode::BAD_REQUEST);
        }
    };

    match OriginPackageSettings::update(&UpdateOriginPackageSettings { origin:     &origin,
                                                                       name:       &pkg,
                                                                       visibility: &pv,
                                                                       owner_id:   account_id
                                                                                   as i64, },
                                        &mut conn).map_err(Error::DieselError)
    {
        Ok(ups) => HttpResponse::Ok().json(ups),
        Err(err) => {
            debug!("{}", err);
            err.into()
        }
    }
}

#[allow(clippy::needless_pass_by_value)]
async fn delete_origin_package_settings(req: HttpRequest,
                                        path: Path<(String, String)>)
                                        -> HttpResponse {
    let (origin, pkg) = path.into_inner();

    let account_id =
        match authorize_session(&req, Some(&origin), Some(OriginMemberRole::Maintainer)) {
            Ok(session) => session.get_id(),
            Err(err) => return err.into(),
        };

    let mut conn = match req_state(&req).db.get_conn().map_err(Error::DbError) {
        Ok(conn_ref) => conn_ref,
        Err(err) => return err.into(),
    };

    // Prior to passing the deletion request to the backend, we validate
    // that the user has already cleaned up any existing packages.
    match package_settings_delete_preflight(&origin, &pkg, &mut conn) {
        Ok(_) => {
            // Delete the package setting
            match OriginPackageSettings::delete(&DeleteOriginPackageSettings { origin:   &origin,
                                                                               name:     &pkg,
                                                                               owner_id: account_id
                                                                                         as i64, },
                                                &mut conn).map_err(Error::DieselError)
            {
                Ok(_) => HttpResponse::new(StatusCode::NO_CONTENT),
                Err(err) => {
                    debug!("{}", err);
                    err.into()
                }
            }
        }
        Err(err) => {
            debug!("Origin preflight determined that {} is not deletable, err = {}!",
                   origin, err);
            // Here we want to enrich the http response with a sanitized error
            // by returning a 409 with a helpful message in the body.
            let body = Bytes::from(format!("{}", err).into_bytes());
            let body = BoxBody::new(body);
            HttpResponse::with_body(StatusCode::CONFLICT, body)
        }
    }
}

fn package_settings_delete_preflight(origin: &str,
                                     pkg: &str,
                                     conn: &mut PgConnection)
                                     -> Result<()> {
    match OriginPackageSettings::count_packages_for_origin_package(origin, pkg, &mut *conn) {
        Ok(0) => {}
        Ok(count) => {
            let err = format!("There are {} packages remaining for setting {}/{}. Must be zero.",
                              count, origin, pkg);
            return Err(Error::BuilderCore(PackageSettingDeleteError(err)));
        }
        Err(e) => return Err(Error::DieselError(e)),
    };
    Ok(())
}