User endpoint (#220)

metal-stack · Sep 2, 2021 · 562a90a · 562a90a
1 parent a426a10
commit 562a90a
Show file tree

Hide file tree

Showing 6 changed files with 225 additions and 133 deletions.
diff --git a/cmd/metal-api/internal/service/user-service.go b/cmd/metal-api/internal/service/user-service.go
@@ -0,0 +1,79 @@
+package service
+
+import (
+	"fmt"
+	"net/http"
+
+	v1 "github.com/metal-stack/metal-api/cmd/metal-api/internal/service/v1"
+	"github.com/metal-stack/metal-api/cmd/metal-api/internal/utils"
+	"github.com/metal-stack/security"
+
+	"go.uber.org/zap"
+
+	restfulspec "github.com/emicklei/go-restful-openapi/v2"
+	restful "github.com/emicklei/go-restful/v3"
+	"github.com/metal-stack/metal-lib/httperrors"
+	"github.com/metal-stack/metal-lib/zapup"
+)
+
+type userResource struct {
+	userGetter security.UserGetter
+}
+
+// NewUser returns a webservice for user specific endpoints.
+func NewUser(userGetter security.UserGetter) *restful.WebService {
+	r := userResource{
+		userGetter: userGetter,
+	}
+	return r.webService()
+}
+
+func (r userResource) webService() *restful.WebService {
+	ws := new(restful.WebService)
+	ws.
+		Path(BasePath + "v1/user").
+		Consumes(restful.MIME_JSON).
+		Produces(restful.MIME_JSON)
+
+	tags := []string{"user"}
+
+	ws.Route(ws.GET("/me").
+		To(viewer(r.getMe)).
+		Operation("getMe").
+		Doc("extract the connecting user from auth header").
+		Metadata(restfulspec.KeyOpenAPITags, tags).
+		Writes(v1.User{}).
+		Returns(http.StatusOK, "OK", v1.User{}).
+		DefaultReturns("Error", httperrors.HTTPErrorResponse{}))
+
+	return ws
+}
+
+func (r userResource) getMe(request *restful.Request, response *restful.Response) {
+	u, err := r.userGetter.User(request.Request)
+	if checkError(request, response, utils.CurrentFuncName(), err) {
+		return
+	}
+	if u == nil {
+		if checkError(request, response, utils.CurrentFuncName(), fmt.Errorf("unable to extract user from token, got nil")) {
+			return
+		}
+	}
+	grps := []string{}
+	for _, g := range u.Groups {
+		grps = append(grps, string(g))
+	}
+	user := &v1.User{
+		EMail:   u.EMail,
+		Name:    u.Name,
+		Tenant:  u.Tenant,
+		Issuer:  u.Issuer,
+		Subject: u.Subject,
+		Groups:  grps,
+	}
+	err = response.WriteHeaderAndEntity(http.StatusOK, user)
+	if err != nil {
+		zapup.MustRootLogger().Error("Failed to send response", zap.Error(err))
+		return
+	}
+}
diff --git a/cmd/metal-api/internal/service/v1/user.go b/cmd/metal-api/internal/service/v1/user.go
@@ -0,0 +1,10 @@
+package v1
+
+type User struct {
+	EMail   string
+	Name    string
+	Groups  []string
+	Tenant  string
+	Issuer  string
+	Subject string
+}
diff --git a/cmd/metal-api/main.go b/cmd/metal-api/main.go
@@ -710,6 +710,7 @@ func initRestServices(withauth bool) *restfulspec.Config {
 	restful.DefaultContainer.Add(machineService)
 	restful.DefaultContainer.Add(service.NewProject(ds, mdc))
 	restful.DefaultContainer.Add(service.NewTenant(mdc))
+	restful.DefaultContainer.Add(service.NewUser(userGetter))
 	restful.DefaultContainer.Add(firewallService)
 	restful.DefaultContainer.Add(service.NewFilesystemLayout(ds))
 	restful.DefaultContainer.Add(service.NewSwitch(ds))
@@ -901,6 +902,10 @@ func enrichSwaggerObject(swo *spec.Swagger) {
 			Name:        "switch",
 			Description: "Managing switch entities",
 		}},
+		{TagProps: spec.TagProps{
+			Name:        "user",
+			Description: "Managing user entities",
+		}},
 	}
 
 	hmacspec := spec.APIKeyAuth("Authorization", "header")

diff --git a/go.mod b/go.mod
@@ -8,19 +8,19 @@ require (
 	github.com/aws/aws-sdk-go v1.39.4
 	github.com/dustin/go-humanize v1.0.0
 	github.com/emicklei/go-restful-openapi/v2 v2.3.0
-	github.com/emicklei/go-restful/v3 v3.5.1
-	github.com/go-logr/zapr v0.4.0
+	github.com/emicklei/go-restful/v3 v3.5.2
+	github.com/go-logr/zapr v1.1.0
 	github.com/go-openapi/spec v0.20.3
-	github.com/go-stack/stack v1.8.0
+	github.com/go-stack/stack v1.8.1
 	github.com/google/go-cmp v0.5.6
-	github.com/google/uuid v1.2.0
+	github.com/google/uuid v1.3.0
 	github.com/gopherjs/gopherjs v0.0.0-20210707094841-eea289f08d45 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
 	github.com/metal-stack/go-ipam v1.8.5
-	github.com/metal-stack/masterdata-api v0.8.7
-	github.com/metal-stack/metal-lib v0.8.0
-	github.com/metal-stack/security v0.6.0
+	github.com/metal-stack/masterdata-api v0.8.8
+	github.com/metal-stack/metal-lib v0.8.1
+	github.com/metal-stack/security v0.6.2
 	github.com/metal-stack/v v1.0.3
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/nsqio/go-nsq v1.0.8
@@ -30,8 +30,8 @@ require (
 	github.com/spf13/viper v1.8.1
 	github.com/stretchr/testify v1.7.0
 	github.com/testcontainers/testcontainers-go v0.11.1
-	go.uber.org/zap v1.18.1
-	golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97
+	go.uber.org/zap v1.19.0
+	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
 	google.golang.org/grpc v1.39.0
 	google.golang.org/protobuf v1.27.1