New setting delegated_qa to store QA managers

2023-07-25 09:04:31 +02:00 · 2023-07-25 09:04:31 +02:00 · d2f409db7a
commit d2f409db7a
parent e000778696
11 changed files with 148 additions and 20 deletions
--- a/qa/api/auth.go
+++ b/qa/api/auth.go
@ -10,8 +10,11 @@ import (
 	"github.com/gin-gonic/gin"
 )

-var Simulator string
-var TeamsDir string
+var (
+	Simulator    string
+	TeamsDir     string
+	ManagerUsers []string
+)

 func authMiddleware(access ...func(string, int64, *gin.Context) bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
@ -50,6 +53,7 @@ func authMiddleware(access ...func(string, int64, *gin.Context) bool) gin.Handle
 		c.Set("LoggedTeam", teamid)

 		// We are now ready to continue
+
 		c.Next()
 	}
 }
--- a/qa/api/router.go
+++ b/qa/api/router.go
@ -1,6 +1,8 @@
 package api

 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
 )

@ -13,4 +15,18 @@ func DeclareRoutes(router *gin.RouterGroup) {
 	declareThemesRoutes(apiRoutes)
 	declareTodoRoutes(apiRoutes)
 	declareVersionRoutes(apiRoutes)
+
+	apiManagerRoutes := router.Group("/api")
+	apiManagerRoutes.Use(authMiddleware(func(ficteam string, teamid int64, c *gin.Context) bool {
+		for _, manager := range ManagerUsers {
+			if manager == ficteam {
+				return true
+			}
+		}
+
+		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"errmsg": "Not authorized."})
+		return false
+	}))
+
+	declareTodoManagerRoutes(apiManagerRoutes)
 }
--- a/qa/api/todo.go
+++ b/qa/api/todo.go
@ -12,8 +12,11 @@ func declareTodoRoutes(router *gin.RouterGroup) {
 	router.GET("/qa_exercices.json", getExerciceTested)
 	router.GET("/qa_mywork.json", getQAWork)
 	router.GET("/qa_myexercices.json", getQAView)
-	router.POST("/qa_my_exercices.json", addQAView)
 	router.GET("/qa_work.json", getQATodo)
+}
+
+func declareTodoManagerRoutes(router *gin.RouterGroup) {
+	router.POST("/qa_my_exercices.json", addQAView)
 	router.POST("/qa_work.json", createQATodo)
 }

@ -122,13 +125,6 @@ func getQATodo(c *gin.Context) {
 }

 func createQATodo(c *gin.Context) {
-	ficteam := c.MustGet("LoggedUser").(string)
-
-	if ficteam != "nemunaire" {
-		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Restricted"})
-		return
-	}
-
 	var ut fic.QATodo
 	if err := c.ShouldBindJSON(&ut); err != nil {
 		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
@ -151,13 +147,6 @@ func createQATodo(c *gin.Context) {
 }

 func addQAView(c *gin.Context) {
-	ficteam := c.MustGet("LoggedUser").(string)
-
-	if ficteam != "nemunaire" {
-		c.AbortWithStatusJSON(http.StatusForbidden, gin.H{"errmsg": "Restricted"})
-		return
-	}
-
 	var ut fic.QATodo
 	if err := c.ShouldBindJSON(&ut); err != nil {
 		c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": err.Error()})
--- a/qa/api/version.go
+++ b/qa/api/version.go
@ -14,11 +14,21 @@ func showVersion(c *gin.Context) {
 	teamid := c.MustGet("LoggedTeam").(int64)
 	ficteam := c.MustGet("LoggedUser").(string)

+	var ismanager bool
+
+	for _, manager := range ManagerUsers {
+		if manager == ficteam {
+			ismanager = true
+			break
+		}
+	}
+
 	c.JSON(http.StatusOK, gin.H{
 		"version": 0.2,
 		"auth": map[string]interface{}{
-			"name":    ficteam,
-			"id_team": teamid,
+			"name":       ficteam,
+			"id_team":    teamid,
+			"is_manager": ismanager,
 		},
 	})
 }