New setting delegated_qa to store QA managers

2023-07-25 09:04:31 +02:00 · 2023-07-25 09:04:31 +02:00 · d2f409db7a
commit d2f409db7a
parent e000778696
11 changed files with 148 additions and 20 deletions
--- a/qa/api/auth.go
+++ b/qa/api/auth.go
@ -10,8 +10,11 @@ import (
 	"github.com/gin-gonic/gin"
 )

-var Simulator string
-var TeamsDir string
+var (
+	Simulator    string
+	TeamsDir     string
+	ManagerUsers []string
+)

 func authMiddleware(access ...func(string, int64, *gin.Context) bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
@ -50,6 +53,7 @@ func authMiddleware(access ...func(string, int64, *gin.Context) bool) gin.Handle
 		c.Set("LoggedTeam", teamid)

 		// We are now ready to continue
+
 		c.Next()
 	}
 }
--- a/qa/api/router.go
+++ b/qa/api/router.go
@ -1,6 +1,8 @@
 package api

 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 )

@ -13,4 +15,18 @@ func DeclareRoutes(router *gin.RouterGroup) {
 	declareThemesRoutes(apiRoutes)
 	declareTodoRoutes(apiRoutes)
 	declareVersionRoutes(apiRoutes)
+
+	apiManagerRoutes := router.Group("/api")
+	apiManagerRoutes.Use(authMiddleware(func(ficteam string, teamid int64, c *gin.Context) bool {
+		for _, manager := range ManagerUsers {
+			if manager == ficteam {
+				return true
+			}
+		}
+
+		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"errmsg": "Not authorized."})
+		return false
+	}))
+
+	declareTodoManagerRoutes(apiManagerRoutes)
 }
--- a/qa/api/todo.go
+++ b/qa/api/todo.go
@ -12,8 +12,11 @@ func declareTodoRoutes(router *gin.RouterGroup) {
 	router.GET("/qa_exercices.json", getExerciceTested)
 	router.GET("/qa_mywork.json", getQAWork)
 	router.GET("/qa_myexercices.json", getQAView)
-	router.POST("/qa_my_exercices.json", addQAView)
 	router.GET("/qa_work.json", getQATodo)
+}
+
+func declareTodoManagerRoutes(router *gin.RouterGroup) {
+	router.POST("/qa_my_exercices.json", addQAView)
 	router.POST("/qa_work.json", createQATodo)
 }

@ -122,13 +125,6 @@ func getQATodo(c *gin.Context) {
 }

 func createQATodo(c *gin.Context) {
-	ficteam := c.MustGet("LoggedUser").(string)
-
-	if ficteam != "nemunaire" {
-		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Restricted"})
-		return
-	}
-
 	var ut fic.QATodo
 	if err := c.ShouldBindJSON(&ut); err != nil {
 		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
@ -151,13 +147,6 @@ func createQATodo(c *gin.Context) {
 }

 func addQAView(c *gin.Context) {
-	ficteam := c.MustGet("LoggedUser").(string)
-
-	if ficteam != "nemunaire" {
-		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Restricted"})
-		return
-	}
-
 	var ut fic.QATodo
 	if err := c.ShouldBindJSON(&ut); err != nil {
 		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
--- a/qa/api/version.go
+++ b/qa/api/version.go
@ -14,11 +14,21 @@ func showVersion(c *gin.Context) {
 	teamid := c.MustGet("LoggedTeam").(int64)
 	ficteam := c.MustGet("LoggedUser").(string)

+	var ismanager bool
+
+	for _, manager := range ManagerUsers {
+		if manager == ficteam {
+			ismanager = true
+			break
+		}
+	}
+
 	c.JSON(http.StatusOK, gin.H{
 		"version": 0.2,
 		"auth": map[string]interface{}{
-			"name":    ficteam,
-			"id_team": teamid,
+			"name":       ficteam,
+			"id_team":    teamid,
+			"is_manager": ismanager,
 		},
 	})
 }
--- a/qa/main.go
+++ b/qa/main.go
@ -13,6 +13,7 @@ import (

 	"srs.epita.fr/fic-server/libfic"
 	"srs.epita.fr/fic-server/qa/api"
+	"srs.epita.fr/fic-server/settings"
 )

 type ResponseWriterPrefix struct {
@ -55,6 +56,10 @@ func StripPrefix(prefix string, h http.Handler) http.Handler {
 	})
 }

+func reloadSettings(config *settings.Settings) {
+	api.ManagerUsers = config.DelegatedQA
+}
+
 func main() {
 	// Read paremeters from environment
 	if v, exists := os.LookupEnv("FIC_BASEURL"); exists {
@ -66,6 +71,7 @@ func main() {
 	var dsn = flag.String("dsn", fic.DSNGenerator(), "DSN to connect to the MySQL server")
 	flag.StringVar(&BaseURL, "baseurl", BaseURL, "URL prepended to each URL")
 	flag.StringVar(&DevProxy, "dev", DevProxy, "Proxify traffic to this host for static assets")
+	flag.StringVar(&settings.SettingsDir, "settings", "./SETTINGSDIST", "Base directory where load and save settings")
 	flag.StringVar(&api.TeamsDir, "teams", "./TEAMS", "Base directory where save teams JSON files")
 	flag.StringVar(&api.Simulator, "simulator", "", "Auth string to simulate (for development only)")
 	flag.Parse()
@ -86,6 +92,9 @@ func main() {
 		}
 	}

+	// Load configuration
+	settings.LoadAndWatchSettings(path.Join(settings.SettingsDir, settings.SettingsFile), reloadSettings)
+
 	// Database connection
 	log.Println("Opening database...")
 	if err = fic.DBInit(*dsn); err != nil {
--- a/qa/ui/src/lib/components/Header.svelte
+++ b/qa/ui/src/lib/components/Header.svelte
@ -68,6 +68,7 @@
                <span class="d-none d-md-inline">Étapes</span>
            </NavLink>
        </NavItem>
+        {#if $auth && $auth.is_manager}
        <NavItem>
            <NavLink
                href="teams"
@ -86,6 +87,7 @@
                <span class="d-none d-md-inline">Dépôts</span>
            </NavLink>
        </NavItem>
+        {/if}
    </Nav>
    <Nav class="ms-auto text-light" navbar>
        <NavItem class="ms-2 text-truncate">
--- a/qa/ui/src/routes/themes/+page.svelte
+++ b/qa/ui/src/routes/themes/+page.svelte
@ -1,9 +1,11 @@
 <script>
 import { goto } from '$app/navigation';

+ import { auth } from '$lib/stores/auth';
 import { themes } from '$lib/stores/themes';

 import {
+     Button,
     Container,
     Table,
 } from 'sveltestrap';
@ -19,6 +21,14 @@
 </script>

 <Container class="mt-2 mb-5">
+    {#if $auth && $auth.is_manager}
+        <Button
+            href="export"
+            class="float-end"
+        >
+            Exporter toutes les remarques
+        </Button>
+    {/if}
    <h2>
        Scénarios
    </h2>