screwdriver-api 8.0.49 → 8.0.51

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "screwdriver-api",
-  "version": "8.0.49",
+  "version": "8.0.51",
   "description": "API server for the Screwdriver.cd service",
   "main": "index.js",
   "scripts": {

package/plugins/pipelines/batchUpdateAdmins.js

@@ -0,0 +1,65 @@
+'use strict';
+
+const boom = require('@hapi/boom');
+const schema = require('screwdriver-data-schema');
+const joi = require('joi');
+const idSchema = schema.models.pipeline.base.extract('id');
+const scmContextSchema = schema.models.pipeline.base.extract('scmContext');
+const usernameSchema = schema.models.user.base.extract('username');
+const { updatePipelineAdmins } = require('./helper/updateAdmins');
+
+module.exports = () => ({
+    method: 'PUT',
+    path: '/pipelines/updateAdmins',
+    options: {
+        description: 'Update admins for a collection of pipelines',
+        notes: 'Update the admins for a collection of pipelines',
+        tags: ['api', 'pipelines'],
+        auth: {
+            strategies: ['token'],
+            scope: ['user', '!guest']
+        },
+        handler: async (request, h) => {
+            const { scmContext, username, scmUserId } = request.auth.credentials;
+            const { payload } = request;
+
+            const { bannerFactory } = request.server.app;
+
+            // Check token permissions
+            // Only SD cluster admins can update the admins
+            const scmDisplayName = bannerFactory.scm.getDisplayName({ scmContext });
+
+            const adminDetails = request.server.plugins.banners.screwdriverAdminDetails(
+                username,
+                scmDisplayName,
+                scmUserId
+            );
+
+            if (!adminDetails.isAdmin) {
+                throw boom.forbidden(
+                    `User ${username} does not have Screwdriver administrative privileges to update the admins for pipelines`
+                );
+            }
+
+            await Promise.all(
+                payload.map(e => {
+                    return updatePipelineAdmins(e, request.server);
+                })
+            );
+
+            return h.response().code(204);
+        },
+        validate: {
+            payload: joi
+                .array()
+                .items(
+                    joi.object({
+                        id: idSchema.required(),
+                        scmContext: scmContextSchema.required(),
+                        usernames: joi.array().items(usernameSchema).min(1).max(50).required()
+                    })
+                )
+                .min(1)
+        }
+    }
+});

package/plugins/pipelines/helper/updateAdmins.js

@@ -0,0 +1,66 @@
+'use strict';
+
+const boom = require('@hapi/boom');
+const logger = require('screwdriver-logger');
+
+/**
+ * @typedef {import('screwdriver-models/lib/pipeline')} Pipeline
+ */
+
+/**
+ * Adds the users as admins for the specified pipeline
+ *
+ * @method updateBuildAndTriggerDownstreamJobs
+ * @param   {Object}    config
+ * @param   {Number}    config.id Pipeline id
+ * @param   {Array}     [config.usernames] List of usernames to be added as admins to the pipeline
+ * @param   {String}    config.scmContext SCM Context the users are associated with
+ * @param   {Object}    server
+ * @returns {Promise<Pipeline>} Updated pipeline
+ */
+async function updatePipelineAdmins(config, server) {
+    const { pipelineFactory, userFactory } = server.app;
+    const { id, scmContext, usernames } = config;
+
+    const pipeline = await pipelineFactory.get({ id });
+
+    // check if pipeline exists
+    if (!pipeline) {
+        throw boom.notFound(`Pipeline ${id} does not exist`);
+    }
+    if (pipeline.state === 'DELETING') {
+        throw boom.conflict('This pipeline is being deleted.');
+    }
+
+    const users = await userFactory.list({
+        params: {
+            username: usernames,
+            scmContext
+        }
+    });
+
+    const adminUsernamesForUpdate = [];
+    const newAdmins = new Set(pipeline.adminUserIds);
+
+    users.forEach(user => {
+        newAdmins.add(user.id);
+        adminUsernamesForUpdate.push(user.username);
+    });
+
+    pipeline.adminUserIds = Array.from(newAdmins);
+
+    try {
+        const updatedPipeline = await pipeline.update();
+
+        logger.info(`Updated admins ${adminUsernamesForUpdate} for pipeline(id=${id})`);
+
+        return updatedPipeline;
+    } catch (err) {
+        logger.error(`Failed to update admins ${adminUsernamesForUpdate} for pipeline(id=${id}): ${err.message}`);
+        throw boom.internal(`Failed to update admins for pipeline ${id}`);
+    }
+}
+
+module.exports = {
+    updatePipelineAdmins
+};

package/plugins/pipelines/index.js

@@ -45,6 +45,7 @@ const removeTemplateVersionRoute = require('./templates/removeVersion');
 const updateTrustedRoute = require('./templates/updateTrusted');
 const updateBuildCluster = require('./updateBuildCluster');
 const updateAdminsRoute = require('./updateAdmins');
+const batchUpdateAdminsRoute = require('./batchUpdateAdmins');
 
 /**
  * Pipeline API Plugin
@@ -280,7 +281,8 @@ const pipelinesPlugin = {
             removeTemplateVersionRoute(),
             updateTrustedRoute(),
             updateBuildCluster(),
-            updateAdminsRoute()
+            updateAdminsRoute(),
+            batchUpdateAdminsRoute()
         ]);
     }
 };

package/plugins/pipelines/updateAdmins.js

@@ -3,8 +3,8 @@
 const boom = require('@hapi/boom');
 const joi = require('joi');
 const schema = require('screwdriver-data-schema');
-const logger = require('screwdriver-logger');
 const idSchema = schema.models.pipeline.base.extract('id');
+const { updatePipelineAdmins } = require('./helper/updateAdmins');
 
 module.exports = () => ({
     method: 'PUT',
@@ -31,7 +31,7 @@ module.exports = () => ({
                 throw boom.badRequest(`Payload must contain scmContext`);
             }
 
-            const { pipelineFactory, bannerFactory, userFactory } = request.server.app;
+            const { bannerFactory } = request.server.app;
 
             // Check token permissions
             if (isPipeline) {
@@ -57,45 +57,16 @@ module.exports = () => ({
                 }
             }
 
-            const pipeline = await pipelineFactory.get({ id });
+            const updatedPipeline = await updatePipelineAdmins(
+                {
+                    id,
+                    scmContext: payloadScmContext,
+                    usernames
+                },
+                request.server
+            );
 
-            // check if pipeline exists
-            if (!pipeline) {
-                throw boom.notFound(`Pipeline ${id} does not exist`);
-            }
-            if (pipeline.state === 'DELETING') {
-                throw boom.conflict('This pipeline is being deleted.');
-            }
-
-            const users = await userFactory.list({
-                params: {
-                    username: usernames,
-                    scmContext: payloadScmContext
-                }
-            });
-
-            const adminUsernamesForUpdate = [];
-            const newAdmins = new Set(pipeline.adminUserIds);
-
-            users.forEach(user => {
-                newAdmins.add(user.id);
-                adminUsernamesForUpdate.push(user.username);
-            });
-
-            pipeline.adminUserIds = Array.from(newAdmins);
-
-            try {
-                const result = await pipeline.update();
-
-                logger.info(`Updated admins ${adminUsernamesForUpdate} for pipeline(id=${id})`);
-
-                return h.response(result.toJson()).code(200);
-            } catch (err) {
-                logger.error(
-                    `Failed to update admins ${adminUsernamesForUpdate} for pipeline(id=${id}): ${err.message}`
-                );
-                throw boom.internal(`Failed to update admins for pipeline ${id}`);
-            }
+            return h.response(updatedPipeline.toJson()).code(200);
         },
         validate: {
             params: joi.object({