/usr/lib/ruby/vendor_ruby/chef_zero/endpoints/user_association_request_endpoint.rb is in chef-zero 5.1.1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | require "ffi_yajl"
require "chef_zero/rest_base"
module ChefZero
module Endpoints
# /users/USER/association_requests/ID
class UserAssociationRequestEndpoint < RestBase
def put(request)
username = request.rest_path[1]
id = request.rest_path[3]
if id !~ /^#{username}-(.+)/
raise RestErrorResponse.new(400, "Association request #{id} is invalid. Must be #{username}-orgname.")
end
orgname = $1
json = FFI_Yajl::Parser.parse(request.body)
association_request_path = [ "organizations", orgname, "association_requests", username ]
if json["response"] == "accept"
users = get_data(request, [ "organizations", orgname, "groups", "users" ])
users = FFI_Yajl::Parser.parse(users)
delete_data(request, association_request_path)
create_data(request, [ "organizations", orgname, "users" ], username, "{}")
# Add the user to the users group if it isn't already there
if !users["users"] || !users["users"].include?(username)
users["users"] ||= []
users["users"] |= [ username ]
set_data(request, [ "organizations", orgname, "groups", "users" ], FFI_Yajl::Encoder.encode(users, :pretty => true))
end
elsif json["response"] == "reject"
delete_data(request, association_request_path)
else
raise RestErrorResponse.new(400, "response parameter was missing or set to the wrong value (must be accept or reject)")
end
json_response(200, { "organization" => { "name" => orgname } })
end
end
end
end
|