diff --git a/internal/api/controller/user/update_admin.go b/internal/api/controller/user/update_admin.go index 2b5891a97..f67af65f8 100644 --- a/internal/api/controller/user/update_admin.go +++ b/internal/api/controller/user/update_admin.go @@ -14,12 +14,16 @@ import ( "github.com/harness/gitness/types/enum" ) +type UpdateAdminInput struct { + admin bool `json:"admin"` +} + /* * UpdateAdmin updates the admin state of a user. */ func (c *Controller) UpdateAdmin(ctx context.Context, session *auth.Session, - userUID string, admin bool) (*types.User, error) { - user, err := findUserFromUID(ctx, c.principalStore, userUID) + userID string, request *UpdateAdminInput) (*types.User, error) { + user, err := findUserFromUID(ctx, c.principalStore, userID) if err != nil { return nil, err } @@ -29,7 +33,7 @@ func (c *Controller) UpdateAdmin(ctx context.Context, session *auth.Session, return nil, err } - user.Admin = admin + user.Admin = request.admin user.Updated = time.Now().UnixMilli() err = c.principalStore.UpdateUser(ctx, user) diff --git a/internal/api/handler/user/update_admin.go b/internal/api/handler/user/update_admin.go new file mode 100644 index 000000000..cfa738b16 --- /dev/null +++ b/internal/api/handler/user/update_admin.go @@ -0,0 +1,44 @@ +// Copyright 2022 Harness Inc. All rights reserved. +// Use of this source code is governed by the Polyform Free Trial License +// that can be found in the LICENSE.md file for this repository. + +package user + +import ( + "encoding/json" + "net/http" + + "github.com/harness/gitness/internal/api/controller/user" + "github.com/harness/gitness/internal/api/render" + "github.com/harness/gitness/internal/api/request" +) + +// HandleUpdateAdmin returns an http.HandlerFunc that processes an http.Request +// to update the current user admin status. +func HandleUpdateAdmin(userCtrl *user.Controller) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + session, _ := request.AuthSessionFrom(ctx) + + userID, err := request.GetUserUIDFromPath(r) + if err != nil { + render.BadRequestf(w, "Invalid request: %s.", err) + return + } + + in := new(user.UpdateAdminInput) + err = json.NewDecoder(r.Body).Decode(in) + if err != nil { + render.BadRequestf(w, "Invalid request body: %s.", err) + return + } + + user, err := userCtrl.UpdateAdmin(ctx, session, userID, in) + if err != nil { + render.TranslatedUserError(w, err) + return + } + + render.JSON(w, http.StatusOK, user) + } +} diff --git a/internal/api/openapi/user.go b/internal/api/openapi/user.go index 1c7030f96..f28062a2d 100644 --- a/internal/api/openapi/user.go +++ b/internal/api/openapi/user.go @@ -18,6 +18,11 @@ type createTokenRequest struct { user.CreateTokenInput } +type updateAdminRequest struct { + ID int64 `path:"user_id"` + user.UpdateAdminInput +} + // helper function that constructs the openapi specification // for user account resources. func buildUser(reflector *openapi3.Reflector) { @@ -43,4 +48,14 @@ func buildUser(reflector *openapi3.Reflector) { _ = reflector.SetRequest(&opToken, new(createTokenRequest), http.MethodPost) _ = reflector.SetJSONResponse(&opToken, new(types.TokenResponse), http.StatusCreated) _ = reflector.SetJSONResponse(&opToken, new(usererror.Error), http.StatusInternalServerError) + _ = reflector.Spec.AddOperation(http.MethodPost, "/user/token", opToken) + + opUpdateAdmin := openapi3.Operation{} + opUpdateAdmin.WithTags("user") + opUpdateAdmin.WithMapOfAnything(map[string]interface{}{"operationId": "updateUserAdmin"}) + _ = reflector.SetRequest(&opUpdateAdmin, new(updateAdminRequest), http.MethodPatch) + _ = reflector.SetJSONResponse(&opUpdateAdmin, new(types.User), http.StatusOK) + _ = reflector.SetJSONResponse(&opUpdateAdmin, new(usererror.Error), http.StatusNotFound) + _ = reflector.SetJSONResponse(&opUpdateAdmin, new(usererror.Error), http.StatusInternalServerError) + _ = reflector.Spec.AddOperation(http.MethodPatch, "/user/{user_id}/admin", opUpdateAdmin) } diff --git a/internal/router/api.go b/internal/router/api.go index 7263b1c17..2514628b7 100644 --- a/internal/router/api.go +++ b/internal/router/api.go @@ -345,6 +345,9 @@ func setupUser(r chi.Router, userCtrl *user.Controller) { r.Use(middlewareprincipal.RestrictTo(enum.PrincipalTypeUser)) r.Get("/", handleruser.HandleFind(userCtrl)) r.Patch("/", handleruser.HandleUpdate(userCtrl)) + r.Route(fmt.Sprintf("/{%s}", request.PathParamUserUID), func(r chi.Router) { + r.Patch("/admin", handleruser.HandleUpdateAdmin(userCtrl)) + }) // PAT r.Route("/tokens", func(r chi.Router) {