ADD devops authorize
This commit is contained in:
Jasder
parent
3c7b257462
commit
b7b3751d43
|
|
@ -342,7 +342,8 @@ class ApplicationController < ActionController::Base
|
|||
elsif params[:debug] == 'student'
|
||||
User.current = User.find 8686
|
||||
elsif params[:debug] == 'admin'
|
||||
user = User.find 1
|
||||
logger.info "@@@@@@@@@@@@@@@@@@@@@@ debug mode....."
|
||||
user = User.find 36480
|
||||
User.current = user
|
||||
cookies.signed[:user_id] = user.id
|
||||
end
|
||||
|
|
@ -384,7 +385,7 @@ class ApplicationController < ActionController::Base
|
|||
|
||||
def current_user
|
||||
if Rails.env.development?
|
||||
User.current = User.find 1
|
||||
User.current = User.find 36480
|
||||
else
|
||||
User.current
|
||||
end
|
||||
|
|
@ -743,6 +744,11 @@ class ApplicationController < ActionController::Base
|
|||
interactor.success? ? render_ok : render_error(interactor.error)
|
||||
end
|
||||
|
||||
# devops 权限验证
|
||||
def devops_authorize!
|
||||
render_forbidden unless @project.owner?(current_user)
|
||||
end
|
||||
|
||||
private
|
||||
def object_not_found
|
||||
uid_logger("Missing template or cant't find record, responding with 404")
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ class DevOps::BuildsController < ApplicationController
|
|||
|
||||
before_action :require_login
|
||||
before_action :find_project
|
||||
before_action :devops_authorize!
|
||||
|
||||
def index
|
||||
cloud_account = @project.dev_ops_cloud_account
|
||||
|
|
|
|||
|
|
@ -1,19 +1,14 @@
|
|||
class DevOps::CloudAccountsController < ApplicationController
|
||||
before_action :require_login
|
||||
before_action :find_project
|
||||
before_action :devops_authorize!
|
||||
|
||||
def create
|
||||
ActiveRecord::Base.transaction do
|
||||
DevOps::CreateCloudAccountForm.new(devops_params).validate!
|
||||
logger.info "######### devops_params: #{devops_params}"
|
||||
logger.info "######### ......: #{(IPAddr.new devops_params[:ip_num]).to_i}"
|
||||
logger.info "######### ......: #{DevOps::CloudAccount.encrypted_secret(devops_params[:secret])}"
|
||||
|
||||
# 1. 保存华为云服务器帐号
|
||||
logger.info "######### ......ff: #{devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))}"
|
||||
create_params = devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))
|
||||
logger.info "######### create_params: #{create_params}"
|
||||
|
||||
|
||||
if cloud_account = @project.dev_ops_cloud_account
|
||||
return render_error('该仓库已绑定了云帐号.')
|
||||
else
|
||||
|
|
@ -37,6 +32,7 @@ class DevOps::CloudAccountsController < ApplicationController
|
|||
|
||||
rpc_secret = SecureRandom.hex 16
|
||||
logger.info "######### rpc_secret: #{rpc_secret}"
|
||||
|
||||
# 3. 创建drone server
|
||||
drone_server_cmd = DevOps::Drone::Server.new(oauth.client_id, oauth.client_secret, cloud_account.drone_host, rpc_secret).generate_cmd
|
||||
logger.info "######### drone_server_cmd: #{drone_server_cmd}"
|
||||
|
|
@ -52,10 +48,12 @@ class DevOps::CloudAccountsController < ApplicationController
|
|||
|
||||
redirect_url = "#{cloud_account.drone_url}/login"
|
||||
logger.info "######### redirect_url: #{redirect_url}"
|
||||
if result
|
||||
|
||||
if result && !result.blank?
|
||||
render_ok(redirect_url: redirect_url)
|
||||
else
|
||||
render_error('激活失败')
|
||||
render_error('激活失败, 请检查你的云服务器信息是否正确.')
|
||||
raise ActiveRecord::Rollback
|
||||
end
|
||||
end
|
||||
rescue Exception => ex
|
||||
|
|
|
|||
Loading…
Reference in New Issue