harness-drone/server/handler/login.go

package handler

import (
	"log"
	"net/http"
	"time"

	"github.com/drone/drone/plugin/remote"
	"github.com/drone/drone/server/database"
	"github.com/drone/drone/server/session"
	"github.com/drone/drone/shared/model"
	"github.com/gorilla/pat"
)

type LoginHandler struct {
	users database.UserManager
	repos database.RepoManager
	perms database.PermManager
	//conf    database.ConfigManager
	sess    session.Session
	remotes database.RemoteManager
}

func NewLoginHandler(users database.UserManager, repos database.RepoManager, perms database.PermManager, sess session.Session /*conf database.ConfigManager,*/, remotes database.RemoteManager) *LoginHandler {
	return &LoginHandler{users, repos, perms /*conf,*/, sess, remotes}
}

// GetLogin gets the login to the 3rd party remote system.
// GET /login/:host
func (h *LoginHandler) GetLogin(w http.ResponseWriter, r *http.Request) error {
	var host = r.FormValue(":host")
	var redirect = "/"
	var remote = remote.Lookup(host)
	if remote == nil {
		return notFound{}
	}

	// authenticate the user
	login, err := remote.Authorize(w, r)
	if err != nil {
		return badRequest{err}
	} else if login == nil {
		// in this case we probably just redirected
		// the user, so we can exit with no error
		return nil
	}

	// get the user from the database
	u, err := h.users.FindLogin(host, login.Login)
	if err != nil {
		// if self-registration is disabled we should
		// return a notAuthorized error. the only exception
		// is if no users exist yet in the system we'll proceed.
		if h.users.Exist() {
			return notAuthorized{}
		}

		// create the user account
		u = model.NewUser(remote.GetKind(), login.Login, login.Email)
		u.Name = login.Name
		u.SetEmail(login.Email)

		// insert the user into the database
		if err := h.users.Insert(u); err != nil {
			return badRequest{err}
		}

		// if this is the first user, they
		// should be an admin.
		if u.ID == 1 {
			u.Admin = true
		}
	}

	// update the user access token
	// in case it changed in GitHub
	u.Access = login.Access
	u.Secret = login.Secret
	u.Name = login.Name
	u.SetEmail(login.Email)
	u.Syncing = true //u.IsStale() // todo (badrydzewski) should not always sync
	if err := h.users.Update(u); err != nil {
		return badRequest{err}
	}

	// look at the last synchronized date to determine if
	// we need to re-sync the account.
	//
	// todo(bradrydzewski) this should move to a server/sync package and
	//      should be injected into this struct, just like the database code.
	//
	// todo(bradrydzewski) this login should be a bit more intelligent
	//      than the current implementation.
	//
	// todo(bradrydzewski) the github implementation will only sync a
	//      maximum of 100 repositories due to the api pagination. need to fix.
	if u.Syncing {
		redirect = "/sync"
		log.Println("sync user account.", u.Login)

		// sync inside a goroutine. This should eventually be moved to
		// its own package / sync utility.
		go func() {
			repos, err := remote.GetRepos(u)
			if err != nil {
				log.Println("Error syncing user account, listing repositories", u.Login, err)
				return
			}

			// insert all repositories
			for _, repo := range repos {
				var role = repo.Role
				if err := h.repos.Insert(repo); err != nil {
					// typically we see a failure because the repository already exists
					// in which case, we can retrieve the existing record to get the ID.
					repo, err = h.repos.FindName(repo.Host, repo.Owner, repo.Name)
					if err != nil {
						log.Println("Error adding repo.", u.Login, repo.Name, err)
						continue
					}
				}

				// add user permissions
				if err := h.perms.Grant(u, repo, role.Read, role.Write, role.Admin); err != nil {
					log.Println("Error adding permissions.", u.Login, repo.Name, err)
					continue
				}

				log.Println("Successfully syced repo.", u.Login+"/"+repo.Name)
			}

			u.Synced = time.Now().UTC().Unix()
			u.Syncing = false
			if err := h.users.Update(u); err != nil {
				log.Println("Error syncing user account, updating sync date", u.Login, err)
				return
			}
		}()
	}

	// (re)-create the user session
	h.sess.SetUser(w, r, u)

	// redirect the user to their dashboard
	http.Redirect(w, r, redirect, http.StatusSeeOther)
	return nil
}

// GetLogout terminates the current user session
// GET /logout
func (h *LoginHandler) GetLogout(w http.ResponseWriter, r *http.Request) error {
	h.sess.Clear(w, r)
	http.Redirect(w, r, "/login", http.StatusSeeOther)
	return nil
}

func (h *LoginHandler) Register(r *pat.Router) {
	r.Get("/login/{host}", errorHandler(h.GetLogin))
	r.Post("/login/{host}", errorHandler(h.GetLogin))
	r.Get("/logout", errorHandler(h.GetLogout))
}
pushing my local branch 2014-06-04 21:25:38 +00:00			`package handler`

			`import (`
			`"log"`
			`"net/http"`
			`"time"`

integrated plugin model for remotes 2014-07-13 02:01:58 +00:00			`"github.com/drone/drone/plugin/remote"`
Refactored to use Model and Database folders 2014-06-12 23:41:04 +00:00			`"github.com/drone/drone/server/database"`
pushing my local branch 2014-06-04 21:25:38 +00:00			`"github.com/drone/drone/server/session"`
Refactored to use Model and Database folders 2014-06-12 23:41:04 +00:00			`"github.com/drone/drone/shared/model"`
pushing my local branch 2014-06-04 21:25:38 +00:00			`"github.com/gorilla/pat"`
			`)`

			`type LoginHandler struct {`
Refactored to use Model and Database folders 2014-06-12 23:41:04 +00:00			`users database.UserManager`
			`repos database.RepoManager`
			`perms database.PermManager`
integrated plugin model for remotes 2014-07-13 02:01:58 +00:00			`//conf database.ConfigManager`
			`sess session.Session`
			`remotes database.RemoteManager`
pushing my local branch 2014-06-04 21:25:38 +00:00			`}`

integrated plugin model for remotes 2014-07-13 02:01:58 +00:00			`func NewLoginHandler(users database.UserManager, repos database.RepoManager, perms database.PermManager, sess session.Session /conf database.ConfigManager,/, remotes database.RemoteManager) *LoginHandler {`
			`return &LoginHandler{users, repos, perms /conf,/, sess, remotes}`
pushing my local branch 2014-06-04 21:25:38 +00:00			`}`

			`// GetLogin gets the login to the 3rd party remote system.`
			`// GET /login/:host`
			`func (h LoginHandler) GetLogin(w http.ResponseWriter, r http.Request) error {`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`var host = r.FormValue(":host")`
			`var redirect = "/"`
			`var remote = remote.Lookup(host)`
			`if remote == nil {`
pushing my local branch 2014-06-04 21:25:38 +00:00			`return notFound{}`
			`}`

			`// authenticate the user`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`login, err := remote.Authorize(w, r)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`if err != nil {`
			`return badRequest{err}`
			`} else if login == nil {`
			`// in this case we probably just redirected`
			`// the user, so we can exit with no error`
			`return nil`
			`}`

			`// get the user from the database`
			`u, err := h.users.FindLogin(host, login.Login)`
			`if err != nil {`
added code to prevent user self-registration 2014-06-09 21:32:00 +00:00			`// if self-registration is disabled we should`
removed css files. designers will be providing removed amber files. replacing with angular removed queue package in favor or worker package removed channel package in favor of pubsub package 2014-06-21 21:22:38 +00:00			`// return a notAuthorized error. the only exception`
			`// is if no users exist yet in the system we'll proceed.`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`if h.users.Exist() {`
added code to prevent user self-registration 2014-06-09 21:32:00 +00:00			`return notAuthorized{}`
			`}`

pushing my local branch 2014-06-04 21:25:38 +00:00			`// create the user account`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`u = model.NewUser(remote.GetKind(), login.Login, login.Email)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`u.Name = login.Name`
			`u.SetEmail(login.Email)`

			`// insert the user into the database`
			`if err := h.users.Insert(u); err != nil {`
			`return badRequest{err}`
			`}`

			`// if this is the first user, they`
			`// should be an admin.`
			`if u.ID == 1 {`
			`u.Admin = true`
			`}`
			`}`

			`// update the user access token`
			`// in case it changed in GitHub`
			`u.Access = login.Access`
			`u.Secret = login.Secret`
removed parent_id from user table since not being used 2014-07-10 01:39:31 +00:00			`u.Name = login.Name`
added pages to add / edit / delete users from the system 2014-07-09 21:25:11 +00:00			`u.SetEmail(login.Email)`
for now, always load from cache on login. Improve logic later 2014-08-31 17:18:09 +00:00			`u.Syncing = true //u.IsStale() // todo (badrydzewski) should not always sync`
pushing my local branch 2014-06-04 21:25:38 +00:00			`if err := h.users.Update(u); err != nil {`
			`return badRequest{err}`
			`}`

			`// look at the last synchronized date to determine if`
			`// we need to re-sync the account.`
altered repo to track repo hostname (ie github.com) and multiple clone urls 2014-06-05 22:04:59 +00:00			`//`
added flag to indicate account is currently syncing 2014-07-11 20:45:32 +00:00			`// todo(bradrydzewski) this should move to a server/sync package and`
			`// should be injected into this struct, just like the database code.`
			`//`
			`// todo(bradrydzewski) this login should be a bit more intelligent`
			`// than the current implementation.`
			`//`
			`// todo(bradrydzewski) the github implementation will only sync a`
			`// maximum of 100 repositories due to the api pagination. need to fix.`
			`if u.Syncing {`
setup sync screen 2014-07-10 05:24:06 +00:00			`redirect = "/sync"`
pushing my local branch 2014-06-04 21:25:38 +00:00			`log.Println("sync user account.", u.Login)`

			`// sync inside a goroutine. This should eventually be moved to`
			`// its own package / sync utility.`
			`go func() {`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`repos, err := remote.GetRepos(u)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`if err != nil {`
			`log.Println("Error syncing user account, listing repositories", u.Login, err)`
			`return`
			`}`

			`// insert all repositories`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`for _, repo := range repos {`
			`var role = repo.Role`
pushing my local branch 2014-06-04 21:25:38 +00:00			`if err := h.repos.Insert(repo); err != nil {`
fixed issue where not correctly adding perm for existing repo 2014-08-12 06:15:38 +00:00			`// typically we see a failure because the repository already exists`
			`// in which case, we can retrieve the existing record to get the ID.`
			`repo, err = h.repos.FindName(repo.Host, repo.Owner, repo.Name)`
			`if err != nil {`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`log.Println("Error adding repo.", u.Login, repo.Name, err)`
fixed issue where not correctly adding perm for existing repo 2014-08-12 06:15:38 +00:00			`continue`
			`}`
pushing my local branch 2014-06-04 21:25:38 +00:00			`}`

			`// add user permissions`
refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`if err := h.perms.Grant(u, repo, role.Read, role.Write, role.Admin); err != nil {`
			`log.Println("Error adding permissions.", u.Login, repo.Name, err)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`continue`
			`}`

refactored plugin/remote and adapted @bugBugagazavr Gitlab code 2014-09-02 07:18:17 +00:00			`log.Println("Successfully syced repo.", u.Login+"/"+repo.Name)`
integrated plugin model for remotes 2014-07-13 02:01:58 +00:00			`}`
added flag to indicate account is currently syncing 2014-07-11 20:45:32 +00:00
integrated plugin model for remotes 2014-07-13 02:01:58 +00:00			`u.Synced = time.Now().UTC().Unix()`
			`u.Syncing = false`
			`if err := h.users.Update(u); err != nil {`
			`log.Println("Error syncing user account, updating sync date", u.Login, err)`
			`return`
pushing my local branch 2014-06-04 21:25:38 +00:00			`}`
			`}()`
			`}`

			`// (re)-create the user session`
			`h.sess.SetUser(w, r, u)`

			`// redirect the user to their dashboard`
setup sync screen 2014-07-10 05:24:06 +00:00			`http.Redirect(w, r, redirect, http.StatusSeeOther)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`return nil`
			`}`

			`// GetLogout terminates the current user session`
			`// GET /logout`
			`func (h LoginHandler) GetLogout(w http.ResponseWriter, r http.Request) error {`
			`h.sess.Clear(w, r)`
added flag to indicate account is currently syncing 2014-07-11 20:45:32 +00:00			`http.Redirect(w, r, "/login", http.StatusSeeOther)`
pushing my local branch 2014-06-04 21:25:38 +00:00			`return nil`
			`}`

			`func (h LoginHandler) Register(r pat.Router) {`
			`r.Get("/login/{host}", errorHandler(h.GetLogin))`
added POST handler for gitlab login 2014-09-03 08:12:03 +00:00			`r.Post("/login/{host}", errorHandler(h.GetLogin))`
pushing my local branch 2014-06-04 21:25:38 +00:00			`r.Get("/logout", errorHandler(h.GetLogout))`
			`}`