From f38b22b6fa7c54e7b79bf88c5d1e5f8976750ef2 Mon Sep 17 00:00:00 2001
From: Jean-Baptiste Vilain <jean-baptiste.vilain@sonarsource.com>
Date: Thu, 20 Jun 2013 14:57:27 +0200
Subject: [PATCH] SONAR-4411 Added a new WS to support create / update / delete
 operations on users

---
 .../app/controllers/api/users_controller.rb   | 112 +++++++++++++++++-
 .../main/webapp/WEB-INF/app/models/user.rb    |  19 +++
 .../413_add_dashboard_sharing_permission.rb   |   6 +
 3 files changed, 136 insertions(+), 1 deletion(-)

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/users_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/users_controller.rb
index 76f73e5b9d3..e17b69b9948 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/users_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/users_controller.rb
@@ -40,11 +40,121 @@ class Api::UsersController < Api::ApiController
       hash = {:users => users.map { |user| User.to_hash(user) }}
     end
 
-
     respond_to do |format|
       format.json { render :json => jsonp(hash) }
       format.xml { render :xml => hash.to_xml(:skip_types => true, :root => 'users') }
     end
   end
 
+  #
+  # POST /api/users/create
+  #
+  # -- Mandatory parameters
+  # 'login' is the user identifier
+  # 'password' is the user password
+  # 'password_confirmation' is the confirmed user password
+  #
+  # -- Optional parameters
+  # 'name' is the user display name
+  # 'email' is the user email
+  #
+  # -- Example
+  # curl -X POST -v -u admin:admin 'http://localhost:9000/api/users/create?login=user&password=user_pw&password_confirmation=user_pw'
+  #
+  def create
+    verify_post_request
+    access_denied unless has_role?(:admin)
+    require_parameters :login, :password, :password_confirmation
+
+    user = User.find_by_login(params[:login])
+
+    if user && user.active
+      render_bad_request('An active user with this login already exists')
+    else
+      if user
+        user.update_attributes!(params)
+        user.notify_creation_handlers
+      else
+        user = prepare_user
+        user.save!
+        user.notify_creation_handlers
+      end
+      hash = user.to_hash
+      respond_to do |format|
+        format.json { render :json => jsonp(hash) }
+        format.xml { render :xml => hash.to_xml(:skip_types => true, :root => 'users') }
+      end
+    end
+  end
+
+  #
+  # POST /api/users/update
+  #
+  # -- Mandatory parameters
+  # 'login' is the user identifier
+  #
+  # -- Optional parameters
+  # 'name' is the user display name
+  # 'email' is the user email
+  #
+  # -- Example
+  # curl -X POST -v -u admin:admin 'http://localhost:9000/api/users/update?login=user&email=new_email'
+  #
+  def update
+    verify_post_request
+    access_denied unless has_role?(:admin)
+    require_parameters :login
+
+    user = User.find_active_by_login(params[:login])
+
+    if user.nil?
+      render_bad_request("Could not find user with login #{params[:login]}")
+    elsif user.update_attributes!(params)
+      hash = user.to_hash
+      respond_to do |format|
+        format.json { render :json => jsonp(hash) }
+        format.xml { render :xml => hash.to_xml(:skip_types => true, :root => 'users') }
+      end
+    end
+  end
+
+
+  #
+  # POST /api/users/delete
+  #
+  # -- Mandatory parameters
+  # 'login' is the user identifier
+  #
+  # -- Example
+  # curl -X POST -v -u admin:admin 'http://localhost:9000/api/users/delete?login=user'
+  #
+  def delete
+    verify_post_request
+    access_denied unless has_role?(:admin)
+    require_parameters :login
+
+    user = User.find_active_by_login(params[:login])
+
+    if user.nil?
+      render_bad_request "Could not find user with login #{params[:login]}"
+    else
+      if user.destroy
+        render_success "Successfully deleted user #{params[:login]}"
+      else
+        render_error("Could not delete user #{params[:login]}")
+      end
+    end
+  end
+
+
+  private
+
+  def prepare_user
+    user = User.new(params)
+    default_group_name=java_facade.getSettings().getString('sonar.defaultGroup')
+    default_group=Group.find_by_name(default_group_name)
+    user.groups<<default_group if default_group
+    user
+  end
+
 end
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
index c63e48f7afe..0fe2c3bd403 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/models/user.rb
@@ -236,4 +236,23 @@ class User < ActiveRecord::Base
     hash[:email] = java_user.email if java_user.email
     hash
   end
+
+  def as_json(options={})
+    {
+      :login => login,
+      :name => name,
+      :email => email
+    }
+  end
+
+  def to_hash
+    hash = { :user => self }
+    if errors and !errors.empty?
+      hash[:errors] = errors.full_messages.map do |msg|
+        { :msg => msg }
+      end
+    end
+    hash
+  end
+
 end
diff --git a/sonar-server/src/main/webapp/WEB-INF/db/migrate/413_add_dashboard_sharing_permission.rb b/sonar-server/src/main/webapp/WEB-INF/db/migrate/413_add_dashboard_sharing_permission.rb
index 978f598220d..222d27aea29 100644
--- a/sonar-server/src/main/webapp/WEB-INF/db/migrate/413_add_dashboard_sharing_permission.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/db/migrate/413_add_dashboard_sharing_permission.rb
@@ -24,6 +24,12 @@
 
 class AddDashboardSharingPermission < ActiveRecord::Migration
 
+  class GroupRole < ActiveRecord::Base
+  end
+
+  class UserRole < ActiveRecord::Base
+  end
+
   def self.up
     group_roles=GroupRole.find(:all, :conditions => {:role => 'admin', :resource_id => nil})
     groups = group_roles.map { |ur| ur.group_id }
-- 
2.39.5