Skip to content

Commit a9502af

Browse files
prakash100198prakash100198
committed
approval deployment flow
1 parent 2c98ca1 commit a9502af

18 files changed

+229
-74
lines changed

api/restHandler/BulkUpdateRestHandler.go

Lines changed: 56 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ package restHandler
1919
import (
2020
"encoding/json"
2121
"fmt"
22+
bean4 "github.com/devtron-labs/devtron/pkg/auth/user/bean"
2223
"github.com/devtron-labs/devtron/pkg/build/git/gitMaterial/repository"
2324
"github.com/devtron-labs/devtron/pkg/build/git/gitProvider"
2425
"github.com/devtron-labs/devtron/pkg/bulkAction/bean"
@@ -212,9 +213,14 @@ func (handler BulkUpdateRestHandlerImpl) CheckAuthForBulkUpdate(AppId int, EnvId
212213

213214
}
214215
func (handler BulkUpdateRestHandlerImpl) BulkUpdate(w http.ResponseWriter, r *http.Request) {
216+
userId, err := handler.userAuthService.GetLoggedInUser(r)
217+
if userId == 0 || err != nil {
218+
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
219+
return
220+
}
215221
decoder := json.NewDecoder(r.Body)
216222
var script bean.BulkUpdateScript
217-
err := decoder.Decode(&script)
223+
err = decoder.Decode(&script)
218224
if err != nil {
219225
common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
220226
return
@@ -250,8 +256,18 @@ func (handler BulkUpdateRestHandlerImpl) BulkUpdate(w http.ResponseWriter, r *ht
250256
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
251257
}
252258
}
253-
254-
response := handler.bulkUpdateService.BulkUpdate(script.Spec)
259+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
260+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
261+
if err != nil {
262+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
263+
return
264+
}
265+
userMetadata := &bean4.UserMetadata{
266+
UserEmailId: userEmail,
267+
IsUserSuperAdmin: isSuperAdmin,
268+
UserId: userId,
269+
}
270+
response := handler.bulkUpdateService.BulkUpdate(script.Spec, userMetadata)
255271
common.WriteJsonResp(w, nil, response, http.StatusOK)
256272
}
257273

@@ -261,7 +277,19 @@ func (handler BulkUpdateRestHandlerImpl) BulkHibernate(w http.ResponseWriter, r
261277
return // response already written by the helper on error.
262278
}
263279
token := r.Header.Get("token")
264-
response, err := handler.bulkUpdateService.BulkHibernate(request, r.Context(), w, token, handler.checkAuthForBulkHibernateAndUnhibernate)
280+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
281+
userEmail, err := handler.userAuthService.GetActiveEmailById(request.UserId)
282+
if err != nil {
283+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
284+
return
285+
}
286+
userMetadata := &bean4.UserMetadata{
287+
UserEmailId: userEmail,
288+
IsUserSuperAdmin: isSuperAdmin,
289+
UserId: request.UserId,
290+
}
291+
292+
response, err := handler.bulkUpdateService.BulkHibernate(r.Context(), request, token, handler.checkAuthForBulkHibernateAndUnhibernate, userMetadata)
265293
if err != nil {
266294
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
267295
return
@@ -298,7 +326,18 @@ func (handler BulkUpdateRestHandlerImpl) BulkUnHibernate(w http.ResponseWriter,
298326
return // response already written by the helper on error.
299327
}
300328
token := r.Header.Get("token")
301-
response, err := handler.bulkUpdateService.BulkUnHibernate(request, r.Context(), w, token, handler.checkAuthForBulkHibernateAndUnhibernate)
329+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
330+
userEmail, err := handler.userAuthService.GetActiveEmailById(request.UserId)
331+
if err != nil {
332+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
333+
return
334+
}
335+
userMetadata := &bean4.UserMetadata{
336+
UserEmailId: userEmail,
337+
IsUserSuperAdmin: isSuperAdmin,
338+
UserId: request.UserId,
339+
}
340+
response, err := handler.bulkUpdateService.BulkUnHibernate(r.Context(), request, token, handler.checkAuthForBulkHibernateAndUnhibernate, userMetadata)
302341
if err != nil {
303342
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
304343
return
@@ -326,7 +365,18 @@ func (handler BulkUpdateRestHandlerImpl) BulkDeploy(w http.ResponseWriter, r *ht
326365
common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
327366
return
328367
}
329-
response, err := handler.bulkUpdateService.BulkDeploy(&request, token, handler.checkAuthBatch)
368+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
369+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
370+
if err != nil {
371+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
372+
return
373+
}
374+
userMetadata := &bean4.UserMetadata{
375+
UserEmailId: userEmail,
376+
IsUserSuperAdmin: isSuperAdmin,
377+
UserId: userId,
378+
}
379+
response, err := handler.bulkUpdateService.BulkDeploy(&request, token, handler.checkAuthBatch, userMetadata)
330380
if err != nil {
331381
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
332382
return

api/restHandler/app/pipeline/configure/DeploymentPipelineRestHandler.go

Lines changed: 37 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"errors"
2323
"fmt"
2424
models2 "github.com/devtron-labs/devtron/internal/sql/models"
25+
bean4 "github.com/devtron-labs/devtron/pkg/auth/user/bean"
2526
bean3 "github.com/devtron-labs/devtron/pkg/chart/bean"
2627

2728
devtronAppGitOpConfigBean "github.com/devtron-labs/devtron/pkg/chart/gitOpsConfig/bean"
@@ -412,8 +413,18 @@ func (handler *PipelineConfigRestHandlerImpl) HandleChangeDeploymentRequest(w ht
412413
// Retrieve argocd token
413414

414415
ctx := r.Context()
415-
416-
resp, err := handler.pipelineBuilder.ChangeDeploymentType(ctx, deploymentAppTypeChangeRequest)
416+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
417+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
418+
if err != nil {
419+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
420+
return
421+
}
422+
userMetadata := &bean4.UserMetadata{
423+
UserEmailId: userEmail,
424+
IsUserSuperAdmin: isSuperAdmin,
425+
UserId: userId,
426+
}
427+
resp, err := handler.pipelineBuilder.ChangeDeploymentType(ctx, deploymentAppTypeChangeRequest, userMetadata)
417428

418429
if err != nil {
419430
nErr := errors.New("failed to change deployment type with error msg: " + err.Error())
@@ -464,7 +475,18 @@ func (handler *PipelineConfigRestHandlerImpl) HandleChangeDeploymentTypeRequest(
464475
}
465476

466477
ctx := r.Context()
467-
resp, err := handler.pipelineBuilder.ChangePipelineDeploymentType(ctx, deploymentTypeChangeRequest)
478+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
479+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
480+
if err != nil {
481+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
482+
return
483+
}
484+
userMetadata := &bean4.UserMetadata{
485+
UserEmailId: userEmail,
486+
IsUserSuperAdmin: isSuperAdmin,
487+
UserId: userId,
488+
}
489+
resp, err := handler.pipelineBuilder.ChangePipelineDeploymentType(ctx, deploymentTypeChangeRequest, userMetadata)
468490

469491
if err != nil {
470492
handler.Logger.Errorw(err.Error(), "payload", deploymentTypeChangeRequest, "err", err)
@@ -513,7 +535,18 @@ func (handler *PipelineConfigRestHandlerImpl) HandleTriggerDeploymentAfterTypeCh
513535
}
514536

515537
ctx := r.Context()
516-
resp, err := handler.pipelineBuilder.TriggerDeploymentAfterTypeChange(ctx, deploymentAppTriggerRequest)
538+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
539+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
540+
if err != nil {
541+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
542+
return
543+
}
544+
userMetadata := &bean4.UserMetadata{
545+
UserEmailId: userEmail,
546+
IsUserSuperAdmin: isSuperAdmin,
547+
UserId: userId,
548+
}
549+
resp, err := handler.pipelineBuilder.TriggerDeploymentAfterTypeChange(ctx, deploymentAppTriggerRequest, userMetadata)
517550

518551
if err != nil {
519552
handler.Logger.Errorw(err.Error(),

api/restHandler/app/pipeline/trigger/PipelineTriggerRestHandler.go

Lines changed: 49 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ import (
2020
"encoding/json"
2121
"fmt"
2222
util2 "github.com/devtron-labs/devtron/internal/util"
23+
bean5 "github.com/devtron-labs/devtron/pkg/auth/user/bean"
2324
"github.com/devtron-labs/devtron/pkg/deployment/deployedApp"
2425
bean2 "github.com/devtron-labs/devtron/pkg/deployment/deployedApp/bean"
2526
"github.com/devtron-labs/devtron/pkg/deployment/trigger/devtronApps"
@@ -140,7 +141,18 @@ func (handler PipelineTriggerRestHandlerImpl) OverrideConfig(w http.ResponseWrit
140141
triggerContext := bean3.TriggerContext{
141142
Context: ctx,
142143
}
143-
mergeResp, helmPackageName, _, err := handler.cdTriggerService.ManualCdTrigger(triggerContext, &overrideRequest)
144+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
145+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
146+
if err != nil {
147+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
148+
return
149+
}
150+
userMetadata := &bean5.UserMetadata{
151+
UserEmailId: userEmail,
152+
IsUserSuperAdmin: isSuperAdmin,
153+
UserId: userId,
154+
}
155+
mergeResp, helmPackageName, _, err := handler.cdTriggerService.ManualCdTrigger(triggerContext, &overrideRequest, userMetadata)
144156
span.End()
145157
if err != nil {
146158
handler.logger.Errorw("request err, OverrideConfig", "err", err, "payload", overrideRequest)
@@ -184,7 +196,18 @@ func (handler PipelineTriggerRestHandlerImpl) RotatePods(w http.ResponseWriter,
184196
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
185197
return
186198
}
187-
rotatePodResponse, err := handler.deployedAppService.RotatePods(r.Context(), &podRotateRequest)
199+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
200+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
201+
if err != nil {
202+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
203+
return
204+
}
205+
userMetadata := &bean5.UserMetadata{
206+
UserEmailId: userEmail,
207+
IsUserSuperAdmin: isSuperAdmin,
208+
UserId: userId,
209+
}
210+
rotatePodResponse, err := handler.deployedAppService.RotatePods(r.Context(), &podRotateRequest, userMetadata)
188211
if err != nil {
189212
handler.logger.Errorw("service err, RotatePods", "err", err, "payload", podRotateRequest)
190213
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
@@ -229,7 +252,18 @@ func (handler PipelineTriggerRestHandlerImpl) StartStopApp(w http.ResponseWriter
229252
}
230253
//rback block ends here
231254
ctx := r.Context()
232-
mergeResp, err := handler.deployedAppService.StopStartApp(ctx, &overrideRequest)
255+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
256+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
257+
if err != nil {
258+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
259+
return
260+
}
261+
userMetadata := &bean5.UserMetadata{
262+
UserEmailId: userEmail,
263+
IsUserSuperAdmin: isSuperAdmin,
264+
UserId: userId,
265+
}
266+
mergeResp, err := handler.deployedAppService.StopStartApp(ctx, &overrideRequest, userMetadata)
233267
if err != nil {
234268
handler.logger.Errorw("service err, StartStopApp", "err", err, "payload", overrideRequest)
235269
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
@@ -283,7 +317,18 @@ func (handler PipelineTriggerRestHandlerImpl) StartStopDeploymentGroup(w http.Re
283317
return
284318
}
285319
//rback block ends here
286-
res, err := handler.workflowEventPublishService.TriggerBulkHibernateAsync(stopDeploymentGroupRequest)
320+
isSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*")
321+
userEmail, err := handler.userAuthService.GetActiveEmailById(userId)
322+
if err != nil {
323+
common.WriteJsonResp(w, fmt.Errorf("userEmail not found by userId"), "userEmail not found by userId", http.StatusNotFound)
324+
return
325+
}
326+
userMetadata := &bean5.UserMetadata{
327+
UserEmailId: userEmail,
328+
IsUserSuperAdmin: isSuperAdmin,
329+
UserId: userId,
330+
}
331+
res, err := handler.workflowEventPublishService.TriggerBulkHibernateAsync(stopDeploymentGroupRequest, userMetadata)
287332
if err != nil {
288333
handler.logger.Errorw("service err, StartStopDeploymentGroup", "err", err, "payload", stopDeploymentGroupRequest)
289334
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)

pkg/auth/user/bean/bean.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -142,3 +142,9 @@ const (
142142
ApplicationBasedKey MergingBaseKey = "application"
143143
EnvironmentBasedKey MergingBaseKey = "environment"
144144
)
145+
146+
type UserMetadata struct {
147+
UserEmailId string
148+
IsUserSuperAdmin bool
149+
UserId int32
150+
}

0 commit comments

Comments
 (0)