remote-acl: add, list, remove (branch and user)

Signed-off-by: dzdidi <deniszalessky@gmail.com>

src/cli.js

@@ -305,7 +305,15 @@ async function remoteBranchProtectionRules(a, b, p, options) {
     await aclRemote.list(p, b, { branch: true })
   } else if (a === 'add') {
     await aclRemote.add(p, b, { branch: true })
+    if (!b) {
+      console.error('branch is not provided')
+      process.exit(1)
+    }
   } else if (a === 'remove') {
+    if (!b) {
+      console.error('branch is not provided')
+      process.exit(1)
+    }
     await aclRemote.remove(p, b, { branch: true })
   } else {
     throw new Error('Invalid action')
@@ -316,8 +324,20 @@ async function remoteACL(a, b, p, options) {
   if (a === 'list') {
     await aclRemote.list(p, b)
   } else if (a === 'add') {
+    if (!b) {
+      console.error('User not provided')
+      process.exit(1)
+    }
+    if (b.split(':').length !== 2) {
+      console.error('Invalid role')
+      process.exit(1)
+    }
     await aclRemote.add(p, b)
   } else if (a === 'remove') {
+    if (!b) {
+      console.error('User not provided')
+      process.exit(1)
+    }
     await aclRemote.remove(p, b)
   } else {
     throw new Error('Invalid action')

src/rpc-handlers/acl.js

@@ -9,14 +9,18 @@ async function getACLHandler (publicKey, req) {
 }
 
 async function addACLHandler (publicKey, req) {
-  const { repoName, userId, acl } = await parseACLRequest.bind(this)(publicKey, req)
+  const { repoName, userId, acl, isBranch, name } = await parseACLRequest.bind(this)(publicKey, req)
+
+  isBranch ? ACL.addProtectedBranch(repoName, name) : ACL.grantAccessToUser(repoName, ...name.split(':'))
 
   const repoACL = ACL.getACL(repoName)
   return Buffer.from(JSON.stringify(repoACL))
 }
 
 async function delACLHandler (publicKey, req) {
-  const { repoName, userId, acl } = await parseACLRequest.bind(this)(publicKey, req)
+  const { repoName, userId, acl, isBranch, name } = await parseACLRequest.bind(this)(publicKey, req)
+
+  isBranch ? ACL.removeProtectedBranch(repoName, name) : ACL.revokeAccessFromUser(repoName, name)
 
   const repoACL = ACL.getACL(repoName)
   return Buffer.from(JSON.stringify(repoACL))
@@ -35,8 +39,10 @@ async function parseACLRequest(publicKey, req) {
 
   return {
     repoName,
+    name: request.body.name,
     userId,
     acl: request.body.acl,
+    isBranch: !!request.body.branch,
   }
 }
 

src/rpc-requests/acl-remote.js

@@ -28,6 +28,34 @@ function listACLBranch(repoACL) {
   logBranches(repoACL)
 }
 
+async function add(url, name, rpc, opts) {
+  const payload = { body: { url, method: 'add-acl', name } }
+  if (opts.branch) payload.body.branch = true
+
+  if (process.env.GIT_PEAR_AUTH && process.env.GIT_PEAR_AUTH !== 'native') {
+    payload.header = await auth.getToken(payload.body)
+  }
+  const repoACLres = await rpc.request('add-acl', Buffer.from(JSON.stringify(payload)))
+  const repoACL = JSON.parse(repoACLres.toString())
+  opts.branch ? listACLBranch(repoACL) : listACLUser(repoACL, name.split(':')[0])
+
+  process.exit(0)
+}
+
+async function del(url, name, rpc, opts) {
+  const payload = { body: { url, method: 'del-acl', name } }
+  if (opts.branch) payload.body.branch = true
+
+  if (process.env.GIT_PEAR_AUTH && process.env.GIT_PEAR_AUTH !== 'native') {
+    payload.header = await auth.getToken(payload.body)
+  }
+  const repoACLres = await rpc.request('del-acl', Buffer.from(JSON.stringify(payload)))
+  const repoACL = JSON.parse(repoACLres.toString())
+  opts.branch ? listACLBranch(repoACL) : listACLUser(repoACL, name)
+
+  process.exit(0)
+}
+
 async function wrapper (url, name, opts = {}, cb) {
   if (typeof opts === 'function') {
     cb = opts
@@ -82,5 +110,7 @@ async function wrapper (url, name, opts = {}, cb) {
 }
 
 module.exports = {
-  list: (url, name, opts) => wrapper(url, name, opts, list)
+  list: (url, name, opts) => wrapper(url, name, opts, list),
+  add: (url, name, opts) => wrapper(url, name, opts, add),
+  remove: (url, name, opts) => wrapper(url, name, opts, del),
 }

src/utils.js

@@ -30,6 +30,7 @@ function logBranches(repoACL) {
 
 module.exports = {
   printACL,
+  printACLForUser,
   checkIfGitRepo,
   logBranches,
 }