clusters_controller.rb 3 KB
Newer Older
1
class Projects::ClustersController < Projects::ApplicationController
2
  before_action :cluster, except: [:login, :index, :new, :create]
3 4 5 6 7
  before_action :authorize_read_cluster!
  before_action :authorize_create_cluster!, only: [:new, :create]
  before_action :authorize_google_api, only: [:new, :create]
  before_action :authorize_update_cluster!, only: [:update]
  before_action :authorize_admin_cluster!, only: [:destroy]
8

9 10
  def login
    begin
11
      @authorize_url = GoogleApi::CloudPlatform::Client.new(
12 13
        nil, callback_google_api_authorizations_url,
        state: namespace_project_clusters_url.to_s).authorize_url
14
    rescue GoogleApi::Auth::ConfigMissingError
15
      # no-op
16 17 18
    end
  end

19
  def index
20
    if project.cluster
21
      redirect_to project_cluster_path(project, project.cluster)
22
    else
23
      redirect_to new_project_cluster_path(project)
24 25 26 27
    end
  end

  def new
28
    @cluster = project.build_cluster
29 30 31
  end

  def create
32 33 34
    @cluster = Ci::CreateClusterService
      .new(project, current_user, cluster_params)
      .execute(token_in_session)
Shinya Maeda's avatar
Shinya Maeda committed
35

36 37 38 39 40
    if @cluster.persisted?
      redirect_to project_clusters_path(project)
    else
      render :new
    end
41
  end
42

43
  def status
44 45
    respond_to do |format|
      format.json do
46 47
        Gitlab::PollingInterval.set_header(response, interval: 10_000)

48 49 50
        render json: ClusterSerializer
          .new(project: @project, current_user: @current_user)
          .represent_status(@cluster)
51 52
      end
    end
53 54
  end

55
  def show
56 57 58
  end

  def update
59 60 61
    Ci::UpdateClusterService
      .new(project, current_user, cluster_params)
      .execute(cluster)
62

Filipa Lacerda's avatar
Filipa Lacerda committed
63
      if cluster.valid?
64
        flash[:notice] = "Cluster was successfully updated."
Filipa Lacerda's avatar
Filipa Lacerda committed
65 66
        redirect_to project_cluster_path(project, project.cluster)
      else
67 68
        render :show
      end
69 70
  end

71
  def destroy
72
    if cluster.destroy
73
      flash[:notice] = "Cluster was successfully removed."
74 75
      redirect_to project_clusters_path(project), status: 302
    else
76
      flash[:notice] = "Cluster was not removed."
77
      render :show
78
    end
79 80
  end

81 82 83
  private

  def cluster
84
    @cluster ||= project.cluster
85 86
  end

87
  def cluster_params
88 89 90 91 92 93 94
    params.require(:cluster).permit(:gcp_project_id,
      :gcp_cluster_zone,
      :gcp_cluster_name,
      :gcp_cluster_size,
      :gcp_machine_type,
      :project_namespace,
      :enabled)
95
  end
Shinya Maeda's avatar
Shinya Maeda committed
96

97
  def authorize_google_api
98 99
    unless GoogleApi::CloudPlatform::Client.new(token_in_session, nil)
                                           .validate_token(expires_at_in_session)
100 101 102
      redirect_to action: 'login'
    end
  end
103 104

  def token_in_session
105 106 107 108 109 110 111
    @token_in_session ||=
      session[GoogleApi::CloudPlatform::Client.session_key_for_token]
  end

  def expires_at_in_session
    @expires_at_in_session ||=
      session[GoogleApi::CloudPlatform::Client.session_key_for_expires_at]
112
  end
113 114

  def authorize_update_cluster!
115
    access_denied! unless can?(current_user, :update_cluster, cluster)
116 117 118
  end

  def authorize_admin_cluster!
119
    access_denied! unless can?(current_user, :admin_cluster, cluster)
120
  end
121
end