woodpecker/server/api/users.go
Martin W. Kirst 14177635b6
Update swagger API specification (#1782)
# Summary

This PR drops the outdated former swagger.yaml/json and introduced
automatic API document generation from Go code.
The generated code is also used to generate documentation/markdown for
the community page,
as well as enable the Woodpecker server to serve a Swagger Web UI for
manual tinkering.

I did opt-in for gin-swagger, a middleware for the Gin framework, to
ease implementation and have a sophisticated output.
This middleware only produces Swagger v2 specs. AFAIK the newer OpenApi
3x tooling is not yet that mature,
so I guess that's fine for now.

## Implemenation notes

- former swagger.json files removed
- former // swagger godocs removed
- introduced new dependency gin-swagger, which uses godoc annotations on
top of Gin Handler functions.
- reworked Makefile to automatically generate Go code for the server
- introduce new dependency go-swagger, to generate Markdown for
documentation purposes
- add a Swagger Web UI, incl. capabilities for manual API exploration
- consider relative root paths in the implementation
- write documentation for all exposed API endpoints
- incl. API docs in the community website (auto-generated)
- provide developer documentation, for the Woodpecker authors
- no other existing logic/code was intentionally changed

---------

close #292

---------

Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
2023-06-03 21:38:36 +02:00

170 lines
4.9 KiB
Go

// Copyright 2018 Drone.IO Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package api
import (
"encoding/base32"
"net/http"
"github.com/gin-gonic/gin"
"github.com/gorilla/securecookie"
"github.com/woodpecker-ci/woodpecker/server/model"
"github.com/woodpecker-ci/woodpecker/server/router/middleware/session"
"github.com/woodpecker-ci/woodpecker/server/store"
)
// GetUsers
//
// @Summary Get all users
// @Description Returns all registered, active users in the system. Requires admin rights.
// @Router /users [get]
// @Produce json
// @Success 200 {array} User
// @Tags Users
// @Param Authorization header string true "Insert your personal access token" default(Bearer <personal access token>)
// @Param page query int false "for response pagination, page offset number" default(1)
// @Param perPage query int false "for response pagination, max items per page" default(50)
func GetUsers(c *gin.Context) {
users, err := store.FromContext(c).GetUserList(session.Pagination(c))
if err != nil {
c.String(500, "Error getting user list. %s", err)
return
}
c.JSON(200, users)
}
// GetUser
//
// @Summary Get a user
// @Description Returns a user with the specified login name. Requires admin rights.
// @Router /users/{login} [get]
// @Produce json
// @Success 200 {object} User
// @Tags Users
// @Param Authorization header string true "Insert your personal access token" default(Bearer <personal access token>)
// @Param login path string true "the user's login name"
func GetUser(c *gin.Context) {
user, err := store.FromContext(c).GetUserLogin(c.Param("login"))
if err != nil {
handleDbGetError(c, err)
return
}
c.JSON(200, user)
}
// PatchUser
//
// @Summary Change a user
// @Description Changes the data of an existing user. Requires admin rights.
// @Router /users/{login} [patch]
// @Produce json
// @Accept json
// @Success 200 {object} User
// @Tags Users
// @Param Authorization header string true "Insert your personal access token" default(Bearer <personal access token>)
// @Param login path string true "the user's login name"
// @Param user body User true "the user's data"
func PatchUser(c *gin.Context) {
_store := store.FromContext(c)
in := &model.User{}
err := c.Bind(in)
if err != nil {
c.AbortWithStatus(http.StatusBadRequest)
return
}
user, err := _store.GetUserLogin(c.Param("login"))
if err != nil {
handleDbGetError(c, err)
return
}
// TODO: allow to change login (currently used as primary key)
// TODO: disallow to change login, email, avatar if the user is using oauth
user.Email = in.Email
user.Avatar = in.Avatar
user.Admin = in.Admin
err = _store.UpdateUser(user)
if err != nil {
c.AbortWithStatus(http.StatusConflict)
return
}
c.JSON(http.StatusOK, user)
}
// PostUser
//
// @Summary Create a user
// @Description Creates a new user account with the specified external login. Requires admin rights.
// @Router /users [post]
// @Produce json
// @Success 200 {object} User
// @Tags Users
// @Param Authorization header string true "Insert your personal access token" default(Bearer <personal access token>)
// @Param user body User true "the user's data"
func PostUser(c *gin.Context) {
in := &model.User{}
err := c.Bind(in)
if err != nil {
c.String(http.StatusBadRequest, err.Error())
return
}
user := &model.User{
Login: in.Login,
Email: in.Email,
Avatar: in.Avatar,
Hash: base32.StdEncoding.EncodeToString(
securecookie.GenerateRandomKey(32),
),
}
if err = user.Validate(); err != nil {
c.String(http.StatusBadRequest, err.Error())
return
}
if err = store.FromContext(c).CreateUser(user); err != nil {
c.String(http.StatusInternalServerError, err.Error())
return
}
c.JSON(http.StatusOK, user)
}
// DeleteUser
//
// @Summary Delete a user
// @Description Deletes the given user. Requires admin rights.
// @Router /users/{login} [delete]
// @Produce json
// @Success 200 {object} User
// @Tags Users
// @Param Authorization header string true "Insert your personal access token" default(Bearer <personal access token>)
// @Param login path string true "the user's login name"
func DeleteUser(c *gin.Context) {
_store := store.FromContext(c)
user, err := _store.GetUserLogin(c.Param("login"))
if err != nil {
c.String(404, "Cannot find user. %s", err)
return
}
if err = _store.DeleteUser(user); err != nil {
c.String(500, "Error deleting user. %s", err)
return
}
c.String(200, "")
}