← Back to branch summary

~nskaggs/+junk/xenial-test

« back to all changes in this revision

Viewing changes to src/github.com/juju/juju/state/controlleruser.go

  • Committer: Nicholas Skaggs
  • Date: 2016-10-24 20:56:05 UTC
  • Revision ID: nicholas.skaggs@canonical.com-20161024205605-z8lta0uvuhtxwzwl
Initi with beta15

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/github.com/juju/juju/state/controlleruser.go
 
1
// Copyright 2016 Canonical Ltd.
 
2
// Licensed under the AGPLv3, see LICENCE file for details.
 
3
 
 
4
package state
 
5
 
 
6
import (
 
7
        "fmt"
 
8
        "strings"
 
9
        "time"
 
10
 
 
11
        "github.com/juju/errors"
 
12
        "github.com/juju/juju/core/description"
 
13
        "gopkg.in/juju/names.v2"
 
14
        "gopkg.in/mgo.v2"
 
15
        "gopkg.in/mgo.v2/txn"
 
16
)
 
17
 
 
18
const defaultControllerPermission = description.LoginAccess
 
19
 
 
20
// setAccess changes the user's access permissions on the controller.
 
21
func (st *State) setControllerAccess(access description.Access, userGlobalKey string) error {
 
22
        if err := access.Validate(); err != nil {
 
23
                return errors.Trace(err)
 
24
        }
 
25
        op := updatePermissionOp(controllerGlobalKey, userGlobalKey, access)
 
26
        err := st.runTransaction([]txn.Op{op})
 
27
        if err == txn.ErrAborted {
 
28
                return errors.NotFoundf("existing permissions")
 
29
        }
 
30
        return errors.Trace(err)
 
31
}
 
32
 
 
33
// controllerUser a model userAccessDoc.
 
34
func (st *State) controllerUser(user names.UserTag) (userAccessDoc, error) {
 
35
        controllerUser := userAccessDoc{}
 
36
        controllerUsers, closer := st.getCollection(controllerUsersC)
 
37
        defer closer()
 
38
 
 
39
        username := strings.ToLower(user.Canonical())
 
40
        err := controllerUsers.FindId(username).One(&controllerUser)
 
41
        if err == mgo.ErrNotFound {
 
42
                return userAccessDoc{}, errors.NotFoundf("controller user %q", user.Canonical())
 
43
        }
 
44
        // DateCreated is inserted as UTC, but read out as local time. So we
 
45
        // convert it back to UTC here.
 
46
        controllerUser.DateCreated = controllerUser.DateCreated.UTC()
 
47
        return controllerUser, nil
 
48
}
 
49
 
 
50
func createControllerUserOps(controllerUUID string, user, createdBy names.UserTag, displayName string, dateCreated time.Time, access description.Access) []txn.Op {
 
51
        creatorname := createdBy.Canonical()
 
52
        doc := &userAccessDoc{
 
53
                ID:          userAccessID(user),
 
54
                ObjectUUID:  controllerUUID,
 
55
                UserName:    user.Canonical(),
 
56
                DisplayName: displayName,
 
57
                CreatedBy:   creatorname,
 
58
                DateCreated: dateCreated,
 
59
        }
 
60
        ops := []txn.Op{
 
61
                createPermissionOp(controllerGlobalKey, userGlobalKey(userAccessID(user)), access),
 
62
                {
 
63
                        C:      controllerUsersC,
 
64
                        Id:     userAccessID(user),
 
65
                        Assert: txn.DocMissing,
 
66
                        Insert: doc,
 
67
                },
 
68
        }
 
69
        return ops
 
70
}
 
71
 
 
72
// RemoveControllerUser removes a user from the database.
 
73
func (st *State) removeControllerUser(user names.UserTag) error {
 
74
        ops := []txn.Op{
 
75
                removePermissionOp(controllerGlobalKey, userGlobalKey(userAccessID(user))),
 
76
                {
 
77
                        C:      controllerUsersC,
 
78
                        Id:     userAccessID(user),
 
79
                        Assert: txn.DocExists,
 
80
                        Remove: true,
 
81
                }}
 
82
 
 
83
        err := st.runTransaction(ops)
 
84
        if err == txn.ErrAborted {
 
85
                err = errors.NewNotFound(nil, fmt.Sprintf("controller user %q does not exist", user.Canonical()))
 
86
        }
 
87
        if err != nil {
 
88
                return errors.Trace(err)
 
89
        }
 
90
        return nil
 
91
}