ADD devops authorize

6 years ago · b7b3751d43
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -342,7 +342,8 @@ class ApplicationController < ActionController::Base
 			elsif params[:debug] == 'student'
 				User.current = User.find 8686
 			elsif params[:debug] == 'admin'
 				user = User.find 1
 				logger.info "@@@@@@@@@@@@@@@@@@@@@@ debug mode....."
 				user =  User.find 36480
 				User.current = user
 				cookies.signed[:user_id] = user.id
 			end
@@ -384,7 +385,7 @@ class ApplicationController < ActionController::Base

 	def current_user
 		if Rails.env.development?
 			User.current = User.find 1
 			User.current = User.find 36480
 		else
 			User.current
 		end
@@ -743,6 +744,11 @@ class ApplicationController < ActionController::Base
 		interactor.success? ? render_ok : render_error(interactor.error)
 	end

 	# devops 权限验证
 	def devops_authorize!
 		render_forbidden unless @project.owner?(current_user)
 	end

  private
 	def object_not_found
 		uid_logger("Missing template or cant't find record, responding with 404")
--- a/app/controllers/dev_ops/builds_controller.rb
+++ b/app/controllers/dev_ops/builds_controller.rb
@@ -3,6 +3,7 @@ class DevOps::BuildsController < ApplicationController

  before_action :require_login
  before_action :find_project
  before_action :devops_authorize!

  def index
    cloud_account = @project.dev_ops_cloud_account
--- a/app/controllers/dev_ops/cloud_accounts_controller.rb
+++ b/app/controllers/dev_ops/cloud_accounts_controller.rb
@@ -1,19 +1,14 @@
 class DevOps::CloudAccountsController < ApplicationController
  before_action :require_login
  before_action :find_project
  before_action :devops_authorize!

  def create
    ActiveRecord::Base.transaction do
      DevOps::CreateCloudAccountForm.new(devops_params).validate!
      logger.info "######### devops_params: #{devops_params}"
      logger.info "######### ......: #{(IPAddr.new devops_params[:ip_num]).to_i}"
      logger.info "######### ......: #{DevOps::CloudAccount.encrypted_secret(devops_params[:secret])}"

      # 1. 保存华为云服务器帐号
      logger.info "######### ......ff:  #{devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))}"
      create_params = devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))
      logger.info "######### create_params: #{create_params}"


      if cloud_account = @project.dev_ops_cloud_account
        return render_error('该仓库已绑定了云帐号.')
      else
@@ -37,6 +32,7 @@ class DevOps::CloudAccountsController < ApplicationController

      rpc_secret = SecureRandom.hex 16
      logger.info "######### rpc_secret: #{rpc_secret}"

      # 3. 创建drone server
      drone_server_cmd = DevOps::Drone::Server.new(oauth.client_id, oauth.client_secret, cloud_account.drone_host, rpc_secret).generate_cmd
      logger.info "######### drone_server_cmd: #{drone_server_cmd}"
@@ -52,10 +48,12 @@ class DevOps::CloudAccountsController < ApplicationController

      redirect_url = "#{cloud_account.drone_url}/login"
      logger.info "######### redirect_url: #{redirect_url}"
      if result

      if result && !result.blank?
        render_ok(redirect_url: redirect_url)
      else
        render_error('激活失败')
        render_error('激活失败, 请检查你的云服务器信息是否正确.')
        raise ActiveRecord::Rollback
      end
    end
  rescue Exception => ex