Merge pull request #455 from jbonnet/450-build-user-api

Fix user missing method and adding Unknown/None authentication
sonata-nfv · Mar 7, 2017 · 73bd594 · 73bd594
2 parents 1ccf281 + 54138e9
commit 73bd594
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 50 deletions.
diff --git a/son-gtkapi/models/package_manager_service.rb b/son-gtkapi/models/package_manager_service.rb
@@ -47,42 +47,48 @@ def self.config(url:)
 
   def self.create(params)
     method = LOG_MESSAGE + "##{__method__}"
-    GtkApi.logger.debug(method) {'entered'}
+    GtkApi.logger.debug(method) {"entered with params #{params}"}
     uri = @@url+'/packages'
     raise ArgumentError.new('PackageManagerService can not be created without a user') unless params.key?(:user)
-
-    if User.authenticate!(params[:user])
-      GtkApi.logger.debug(method) {"User #{params[:user][:name]} authenticated"}
-      if User.authorized?(params[:user])
-        GtkApi.logger.debug(method) {"User #{params[:user][:name]} authorized"}
-        begin
-          # from http://www.rubydoc.info/gems/rest-client/1.6.7/frames#Result_handling
-          GtkApi.logger.debug(method) {"POSTing to "+uri+ " with params #{params}"}
-          RestClient.post(uri, params){ |response, request, result, &block|
-            GtkApi.logger.debug(method) {"response=#{response.inspect}"}
-            case response.code
-            when 201
-              { status: 201, count: 1, data: JSON.parse(response.body, :symbolize_names => true), message: 'Created'}
-            when 409
-              { status: 409, count: 0, data: JSON.parse(response.body, :symbolize_names => true), message: 'Conflict'}
-            when 400
-              { status: 400, count: 0, data: {}, message: "Bad Request: #{params}"}
-            else
-              { status: response.code, count: 0, data: {}, message: 'Unexpected code'}
-            end
-          }
-        rescue  => e #RestClient::Conflict
-          GtkApi.logger.error(method) {"Error during processing: #{$!}"}
-          GtkApi.logger.error(method) {"Backtrace:\n\t#{e.backtrace.join("\n\t")}"}
-          { status: 500, count: 0, data: {}, message: e.backtrace.join("\n\t")}
+    user_params = params.delete(:user)
+    user = User.find_by_name(user_params[:name])
+    if user
+      if user.authenticated?(user_params)
+        GtkApi.logger.debug(method) {"User #{user_params[:name]} authenticated"}
+        if user.authorized?(user_params)
+          GtkApi.logger.debug(method) {"User #{user_params[:name]} authorized"}
+          begin
+            # from http://www.rubydoc.info/gems/rest-client/1.6.7/frames#Result_handling
+            GtkApi.logger.debug(method) {"POSTing to "+uri+ " with params #{params}"}
+            RestClient.post(uri, params){ |response, request, result, &block|
+              GtkApi.logger.debug(method) {"response=#{response.inspect}"}
+              case response.code
+              when 201
+                { status: 201, count: 1, data: JSON.parse(response.body, :symbolize_names => true), message: 'Created'}
+              when 409
+                { status: 409, count: 0, data: JSON.parse(response.body, :symbolize_names => true), message: 'Conflict'}
+              when 400
+                { status: 400, count: 0, data: {}, message: "Bad Request: #{params}"}
+              else
+                { status: response.code, count: 0, data: {}, message: 'Unexpected code'}
+              end
+            }
+          rescue  => e #RestClient::Conflict
+            GtkApi.logger.error(method) {"Error during processing: #{$!}"}
+            GtkApi.logger.error(method) {"Backtrace:\n\t#{e.backtrace.join("\n\t")}"}
+            { status: 500, count: 0, data: {}, message: e.backtrace.join("\n\t")}
+          end
+        else
+          GtkApi.logger.debug(method) {"user #{params[:user][:name]} not authorized"}
+          { status: 403, count: 0, data: {}, message: 'Forbidden: user '+params[:user][:name]+' could not be authorized'}
         end
       else
-        GtkApi.logger.debug(method) {"user #{params[:user][:name]} not authorized"}
-        { status: 403, count: 0, data: {}, message: 'Forbidden: user '+params[:user][:name]+' could not be authorized'}
+        GtkApi.logger.debug(method) {"user #{params[:user][:name]} not authenticated"}
+        { status: 401, count: 0, data: {}, message: 'Unauthorized: user '+params[:user][:name]+' could not be authenticated'}
       end
     else
-      GtkApi.logger.debug(method) {"user #{params[:user][:name]} not authenticated"}
-      { status: 401, count: 0, data: {}, message: 'Unauthorized: user '+params[:user][:name]+' could not be authenticated'}
+      GtkApi.logger.debug(method) {"user #{params[:user][:name]} not found"}
+      { status: 404, count: 0, data: {}, message: 'User '+params[:user][:name]+' not found'}
     end
   end
 

diff --git a/son-gtkapi/models/user.rb b/son-gtkapi/models/user.rb
@@ -33,7 +33,7 @@ class User < ManagerService
   LOG_MESSAGE = 'GtkApi::' + self.name
   USERS_URL = '/users/'
 
-  attr_accessor :uuid, :name, :password, :session
+  attr_accessor :uuid, :name, :session
 
   def self.config(url:)
     method = LOG_MESSAGE + "#config(url=#{url})"
@@ -68,10 +68,11 @@ def self.create(params)
   end
 
   # TODO
-  def authenticate!(password)
+  def authenticated?(params)
     method = LOG_MESSAGE + "##{__method__}"
-    GtkApi.logger.debug(method) {"entered with password #{password}"}
+    GtkApi.logger.debug(method) {"entered with password #{params}"}
     @session = {began_at: Time.now.utc}
+    @name == params[:name] && @password == params[:password] ? self : nil
   end
 
   def logout!
@@ -81,7 +82,7 @@ def logout!
   end
 
   # TODO
-  def self.authorized?(params)
+  def authorized?(params)
     method = LOG_MESSAGE + "##{__method__}"
     GtkApi.logger.debug(method) {"entered with params #{params}"}
     true
@@ -95,27 +96,32 @@ def self.valid?(params)
   end
 
   def self.find_by_uuid(uuid)
+    method = LOG_MESSAGE + "##{__method__}(#{params})"
     user = find(url: @@url + USERS_URL + uuid, log_message: LOG_MESSAGE + "##{__method__}(#{uuid})")
     user ? User.new(user['data']) : nil
   end
 
   def self.find_by_name(name)
-    user=find(url: @@url + USERS_URL + name, log_message: LOG_MESSAGE + "##{__method__}(#{name})")
-    user ? User.new(user['data']) : nil
+    method = LOG_MESSAGE + "##{__method__}"
+    GtkApi.logger.debug(method) {"entered with name #{name}"}
+    #user=find(url: @@url + USERS_URL + name, log_message: LOG_MESSAGE + "##{__method__}(#{name})")
+    #user ? User.new(user['data']) : nil
+    name=='Unknown' ? User.new({name: 'Unknown', password: 'None'}) : nil
   end
 
   def self.find(params)
     method = LOG_MESSAGE + "##{__method__}(#{params})"
-    users = find(url: @@url + USERS_URL, params: params, log_message: LOG_MESSAGE + "##{__method__}(#{params})")
-    GtkApi.logger.debug(method) {"users=#{users}"}
-    case users[:status]
-    when 200
-      {status: 200, count: users[:items][:data][:licences].count, items: users[:items][:data][:licences], message: "OK"}
-    when 400
-    when 404
-      {status: 200, count: 0, items: [], message: "OK"}
-    else
-      {status: users[:status], count: 0, items: [], message: "Error"}
-    end
+    params[:name]=='Unknown' && params[:password]=='None' ? User.new(params) : nil
+    #users = find(url: @@url + USERS_URL, params: params, log_message: LOG_MESSAGE + "##{__method__}(#{params})")
+    #GtkApi.logger.debug(method) {"users=#{users}"}
+    #case users[:status]
+    #when 200
+    #  {status: 200, count: users[:items][:data][:licences].count, items: users[:items][:data][:licences], message: "OK"}
+    #when 400
+    #when 404
+    #  {status: 200, count: 0, items: [], message: "OK"}
+    #else
+    #  {status: users[:status], count: 0, items: [], message: "Error"}
+    #end
   end
 end
diff --git a/son-gtkpkg/routes/package.rb b/son-gtkpkg/routes/package.rb
@@ -41,10 +41,10 @@ class GtkPkg < Sinatra::Base
     if package 
       logger.debug(log_message) {"package=#{package.inspect}"}
       descriptor = package.from_file()
-      logger.info(log_message) {"descriptor is #{descriptor}"}
       if descriptor
+        logger.info(log_message) {"descriptor is #{descriptor}"}
         if descriptor.key?('uuid')
-          logger.info("Storing son-package in catalogue")
+          logger.debug("Storing son-package in catalogue")
           son_package = Package.new(catalogue: settings.son_packages_catalogue, logger: logger, params: {io: params[:package][:tempfile][:tempfile]})
           son_package = son_package.store_package_file()
           if son_package && son_package['uuid']
@@ -63,8 +63,9 @@ class GtkPkg < Sinatra::Base
             json_error 400, 'Error storing son-package.', log_message         
           end
         elsif descriptor.key?('name') && descriptor.key?('vendor') && descriptor.key?('version')
+          logger.debug(log_message) {"Package is duplicated"}
           error_message = "Version #{descriptor['version']} of package '#{descriptor['name']}' from vendor '#{descriptor['vendor']}' already exists"
-          halt 409, error_message, log_message
+          json_error 409, error_message, log_message
         else
           json_error 400, 'Oops.. something terribly wrong happened here!', log_message      
         end