3 * Copyright 2016 RIFT.IO Inc
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 // DescriptorModelMeta API (NSD + VNFD)
21 var UserManagement
= {};
22 var Promise
= require('bluebird');
23 var rp
= require('request-promise');
24 var Promise
= require('promise');
25 var constants
= require('../../api_utils/constants');
26 var utils
= require('../../api_utils/utils');
27 var _
= require('lodash');
28 var ProjectManagementAPI
= require('./projectManagementAPI.js');
29 var API_VERSION
= 'v2';
31 UserManagement
.get = function(req
) {
33 var api_server
= req
.query
['api_server'];
35 return new Promise(function(resolve
, reject
) {
37 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/operational/user-config/user',
39 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
40 'Authorization': req
.session
&& req
.session
.authorization
42 forever
: constants
.FOREVER_ON
,
43 rejectUnauthorized
: false,
44 resolveWithFullResponse
: true
47 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/operational/user-state/user',
49 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
50 'Authorization': req
.session
&& req
.session
.authorization
52 forever
: constants
.FOREVER_ON
,
53 rejectUnauthorized
: false,
54 resolveWithFullResponse
: true
59 ]).then(function(result
) {
63 response
['data'] = {};
65 userConfig
= JSON
.parse(result
[0].body
)['rw-user:user'];
68 JSON
.parse(result
[1].body
)['rw-user:user'].map(function(u
) {
69 userOpData
[u
['user-domain'] + ',' + u
['user-name']] = u
;
72 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
73 response
['data']['user'] = userConfig
.map(function(u
,i
) {
74 var mergedData
= _
.merge(u
, userOpData
[u
['user-domain'] + ',' + u
['user-name']]);
75 mergedData
.projects
= {
79 var projects
= mergedData
.projects
;
80 mergedData
.role
&& mergedData
.role
.map(function(r
) {
81 if ((r
.role
!= "rw-project:user-self" )&& (r
.role
!= "rw-rbac-platform:user-self")) {
82 var projectId
= r
.keys
.split(';')[0];
83 if (projectId
== "") {
84 projectId
= "platform"
86 if (!projects
.data
[projectId
]) {
87 projects
.ids
.push(projectId
);
88 projects
.data
[projectId
] = [];
90 projects
.data
[projectId
].push(r
.role
);
96 }).catch(function(error
) {
98 console
.log('Problem with UserManagement.get', error
);
99 response
.statusCode
= error
.statusCode
|| constants
.HTTP_RESPONSE_CODES
.ERROR
.INTERNAL_SERVER_ERROR
;
100 response
.errorMessage
= {
101 error
: 'Failed to get UserManagement' + error
109 UserManagement
.getProfile = function(req
) {
111 var api_server
= req
.query
['api_server'];
112 return new Promise(function(resolve
, reject
) {
115 var userId
= req
.session
.userdata
.username
118 projectId
: req
.session
.projectId
,
119 domain
: req
.session
.passport
.user
.domain
121 UserManagement
.getUserInfo(req
, userId
).then(function(result
) {
122 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
;
123 response
.data
.data
= result
.data
126 console
.log('Error retrieving getUserInfo');
127 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.ERROR
.INTERNAL_SERVER_ERROR
;
132 console
.log('Problem with UserManagement.get', error
);
133 response
.statusCode
= error
.statusCode
|| 500;
134 response
.errorMessage
= {
135 error
: 'Failed to get UserManagement' + error
141 UserManagement
.getUserInfo = function(req
, userId
, domain
) {
143 var api_server
= req
.query
['api_server'];
144 var id
= req
.params
['userId'] || userId
;
145 var domain
= req
.params
['domainId'] || domain
;
147 return new Promise(function(resolve
, reject
) {
149 var getProjects
= ProjectManagementAPI
.get(req
, ['name', 'project-config']);
150 var getPlatformUser
= ProjectManagementAPI
.getPlatform(req
, id
);
151 var getUserUiState
= UserManagement
.getUserUiState(req
);
156 ]).then(function(result
) {
163 //id/key values for each project
168 * data: [project object],
177 var uiState
= result
[2].data
&& result
[2].data
['rw-user:user'];
178 userData
['ui-state'] = uiState
['ui-state'];
179 //Build platform roles
180 var platformRoles
= result
[1].data
.platform
&& result
[1].data
.platform
.role
;
181 platformRoles
&& platformRoles
.map(function(r
) {
182 userData
.platform
.role
[r
.role
] = true
184 //Build project roles
185 var projects
= result
[0].data
.project
;
186 var userProjects
= [];
187 projects
&& projects
.map(function(p
, i
) {
188 userData
.project
[p
.name
] = {
192 userData
.projectId
.push(p
.name
);
193 if (userData
.platform
.role
['rw-rbac-platform:super-admin']) {
194 userData
.project
[p
.name
] = {
197 "rw-project:project-admin": true,
198 "rw-project:project-oper": true,
199 "rw-project-mano:account-admin": true,
200 "rw-project-mano:account-oper": true,
201 "rw-project-mano:catalog-admin": true,
202 "rw-project-mano:catalog-oper": true,
203 "rw-project-mano:lcm-admin": true,
204 "rw-project-mano:lcm-oper": true
208 var users
= p
['project-config'] && p
['project-config'].user
;
209 users
&& users
.map(function(u
) {
210 if(u
['user-name'] == id
) {
211 u
.role
&& u
.role
.map(function(r
) {
212 userData
.project
[p
.name
].role
[r
.role
] = true;
213 if (r
.role
=== 'rw-project:project-admin') {
214 userData
.project
[p
.name
].role
["rw-project-mano:account-admin"] = true;
215 userData
.project
[p
.name
].role
["rw-project-mano:catalog-admin"] = true;
216 userData
.project
[p
.name
].role
["rw-project-mano:lcm-admin"] = true;
217 userData
.isLCM
= true;
218 } else if (r
.role
=== 'rw-project:project-oper') {
219 userData
.project
[p
.name
].role
["rw-project-mano:account-oper"] = true;
220 userData
.project
[p
.name
].role
["rw-project-mano:catalog-oper"] = true;
221 userData
.project
[p
.name
].role
["rw-project-mano:lcm-oper"] = true;
222 userData
.isLCM
= true;
225 u
["rw-project-mano:mano-role"] && u
["rw-project-mano:mano-role"] .map(function(r
) {
226 userData
.project
[p
.name
].role
[r
.role
] = true;
227 if (r
.role
.indexOf('rw-project-mano:lcm') > -1) {
228 userData
.isLCM
= true;
235 response
.data
= userData
;
236 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
;
238 req
.session
.projectMap
= userData
.project
;
239 req
.session
.platformMap
= userData
.platform
;
243 var errorMsg
= 'userId not specified in UserManagement.getUserInfo';
244 console
.error(errorMsg
);
245 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.ERROR
.BAD_REQUEST
;
246 response
.error
= errorMsg
;
252 UserManagement
.create = function(req
) {
254 var api_server
= req
.query
['api_server'];
259 return new Promise(function(resolve
, reject
) {
262 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/config/user-config',
264 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
265 'Authorization': req
.session
&& req
.session
.authorization
267 forever
: constants
.FOREVER_ON
,
269 rejectUnauthorized
: false,
270 resolveWithFullResponse
: true
272 ]).then(function(result
) {
274 response
['data'] = {};
275 if (result
[0].body
) {
276 response
['data'] = result
[0].body
;
278 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
281 }).catch(function(error
) {
283 console
.log('Problem with UserManagement.create', error
);
284 response
.statusCode
= error
.statusCode
|| 500;
285 response
.errorMessage
= {
286 error
: 'Failed to create user' + error
292 UserManagement
.update = function(req
) {
294 var api_server
= req
.query
['api_server'];
295 var bodyData
= req
.body
;
297 "rw-user:user": bodyData
299 var updateTasks
= [];
300 if(bodyData
.hasOwnProperty('old-password')) {
302 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/operations/change-password',
304 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
305 'Authorization': req
.session
&& req
.session
.authorization
307 forever
: constants
.FOREVER_ON
,
310 'user-name' : bodyData
['user-name'],
311 'user-domain' : bodyData
['user-domain'],
312 'old-password' : bodyData
['old-password'],
313 'new-password' : bodyData
['new-password'],
314 'confirm-password' : bodyData
['confirm-password'],
317 rejectUnauthorized
: false,
318 resolveWithFullResponse
: true
320 updateTasks
.push(changePW
);
322 var updateUser
= rp({
323 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/config/user-config/user/' + encodeURIComponent(bodyData
['user-name']) + ',' + encodeURIComponent(bodyData
['user-domain']),
325 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
326 'Authorization': req
.session
&& req
.session
.authorization
328 forever
: constants
.FOREVER_ON
,
330 rejectUnauthorized
: false,
331 resolveWithFullResponse
: true
333 updateTasks
.push(updateUser
)
334 return new Promise(function(resolve
, reject
) {
337 ]).then(function(result
) {
339 response
['data'] = {};
340 if (result
[0].body
) {
341 response
['data'] = result
[0].body
;
343 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
346 }).catch(function(error
) {
348 console
.log('Problem with UserManagement.passwordChange', error
);
349 response
.statusCode
= error
.statusCode
|| 500;
350 response
.errorMessage
= {
351 error
: 'Failed to passwordChange user' + error
358 UserManagement
.delete = function(req
) {
360 var username
= req
.params
.username
;
361 var domain
= req
.params
.domain
;
362 var api_server
= req
.query
["api_server"];
363 var requestHeaders
= {};
364 var url
= `${utils.confdPort(api_server)}/${API_VERSION}/api/config/user-config/user/${encodeURIComponent(username)},${encodeURIComponent(domain)}`
365 return new Promise(function(resolve
, reject
) {
366 _
.extend(requestHeaders
,
367 constants
.HTTP_HEADERS
.accept
.data
,
368 constants
.HTTP_HEADERS
.content_type
.data
, {
369 'Authorization': req
.session
&& req
.session
.authorization
374 headers
: requestHeaders
,
375 forever
: constants
.FOREVER_ON
,
376 rejectUnauthorized
: false,
377 }, function(error
, response
, body
) {
378 if (utils
.validateResponse('UserManagement.DELETE', error
, response
, body
, resolve
, reject
)) {
380 statusCode
: response
.statusCode
,
381 data
: JSON
.stringify(response
.body
)
387 UserManagement
.getUserUiState = function(req
) {
389 var api_server
= req
.query
['api_server'];
390 var user
= req
.session
.passport
.user
;
391 return new Promise(function(resolve
, reject
) {
394 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/config/user-config/user/'+encodeURIComponent(user
.username
) + ',' + encodeURIComponent(user
.domain
),
396 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
397 'Authorization': req
.session
&& req
.session
.authorization
399 forever
: constants
.FOREVER_ON
,
400 rejectUnauthorized
: false,
401 resolveWithFullResponse
: true
403 ]).then(function(result
) {
405 response
['data'] = {};
406 if (result
[0].body
) {
407 response
['data'] = JSON
.parse(result
[0].body
);
409 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
412 }).catch(function(error
) {
414 console
.log('Problem with UserManagement.getUserUiState', error
);
415 response
.statusCode
= error
.statusCode
|| 500;
416 response
.errorMessage
= {
417 error
: 'Failed to create user' + error
423 UserManagement
.updateActiveProject = function(req
) {
425 var api_server
= req
.query
['api_server'];
426 var user
= req
.session
.passport
.user
;
428 "rw-user:user-config": {
430 "user-name" : user
.username
,
431 "user-domain": user
.domain
,
433 "last-active-project" : req
.params
.projectId
438 return new Promise(function(resolve
, reject
) {
441 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/config/user-config',
443 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
444 'Authorization': req
.session
&& req
.session
.authorization
446 forever
: constants
.FOREVER_ON
,
448 rejectUnauthorized
: false,
449 resolveWithFullResponse
: true
451 ]).then(function(result
) {
453 response
['data'] = {};
454 if (result
[0].body
) {
455 response
['data'] = result
[0].body
;
457 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
460 }).catch(function(error
) {
462 console
.log('Problem with UserManagement.updateActiveProject', error
);
463 response
.statusCode
= error
.statusCode
|| 500;
464 response
.errorMessage
= {
465 error
: 'Failed to create user' + error
471 UserManagement
.updateActiveUri = function(req
) {
472 if (!req
.session
.passport
) {
473 console
.debug("passport gone before we got the save the active uri");
477 error
: 'Failed to save active uri'
479 return Promise
.resolve(response
);
482 var api_server
= req
.query
['api_server'];
483 var user
= req
.session
.passport
.user
;
484 var ref
= req
.headers
.referer
;
485 var hash
= req
.query
.hash
;
487 "rw-user:user-config": {
489 "user-name" : user
.username
,
490 "user-domain": user
.domain
,
492 "last-active-uri" : ref
+ decodeURIComponent(hash
)
497 return new Promise(function(resolve
, reject
) {
500 uri
: utils
.confdPort(api_server
) + '/' + API_VERSION
+ '/api/config/user-config',
502 headers
: _
.extend({}, constants
.HTTP_HEADERS
.accept
.data
, {
503 'Authorization': req
.session
&& req
.session
.authorization
505 forever
: constants
.FOREVER_ON
,
507 rejectUnauthorized
: false,
508 resolveWithFullResponse
: true
510 ]).then(function(result
) {
512 response
['data'] = {};
513 if (result
[0].body
) {
514 response
['data'] = result
[0].body
;
516 response
.statusCode
= constants
.HTTP_RESPONSE_CODES
.SUCCESS
.OK
519 }).catch(function(error
) {
521 console
.log('Problem with UserManagement.updateActiveProject', error
);
522 response
.statusCode
= error
.statusCode
|| 500;
523 response
.errorMessage
= {
524 error
: 'Failed to create user' + error
530 module
.exports
= UserManagement
;