diff --git a/lib/NGCP/Panel/Controller/API/AdminsItem.pm b/lib/NGCP/Panel/Controller/API/AdminsItem.pm index a7e3eac603..780c1fba94 100644 --- a/lib/NGCP/Panel/Controller/API/AdminsItem.pm +++ b/lib/NGCP/Panel/Controller/API/AdminsItem.pm @@ -9,7 +9,7 @@ use NGCP::Panel::Utils::Auth; use HTTP::Status qw(:constants); sub allowed_methods{ - return [qw/GET OPTIONS HEAD DELETE/]; + return [qw/GET OPTIONS HEAD PATCH PUT DELETE/]; } sub journal_query_params { @@ -23,6 +23,42 @@ sub get_journal_methods{ __PACKAGE__->set_config(); +sub PATCH :Allow { + my ($self, $c, $id) = @_; + + my $guard = $c->model('DB')->txn_scope_guard; + { + my $preference = $self->require_preference($c); + last unless $preference; + + my $json = $self->get_valid_patch_data( + c => $c, + id => $id, + media_type => 'application/json-patch+json', + ); + last unless $json; + + my $item = $self->item_by_id($c, $id); + last unless $self->resource_exists($c, admin => $item); + my $old_resource = { $item->get_inflated_columns }; + #use saltedpass so we have a password field for applying patch + #we later check in update_item and if the password field is still + #the same with saltedpass we don't update the password + $old_resource->{password} = $old_resource->{salted_pass}; + my $resource = $self->apply_patch($c, $old_resource, $json); + last unless $resource; + + my $form = $self->get_form($c); + $item = $self->update_item($c, $item, $old_resource, $resource, $form); + last unless $item; + + $guard->commit; + + $self->return_representation($c, 'item' => $item, 'form' => $form, 'preference' => $preference ); + } + return; +} + sub delete_item { my ($self, $c, $item) = @_; @@ -52,19 +88,6 @@ sub delete_item { return 1; } -#we do not use update_item for the admins now, as we do not allo PUT and PATCH -sub update_item_model { - my ($self, $c, $item, $old_resource, $resource, $form) = @_; - - if($old_resource->{login} eq NGCP::Panel::Utils::Auth::get_special_admin_login()) { - my $active = $resource->{is_active}; - $resource = $old_resource; - $resource->{is_active} = $active; - } - $item->update($resource); - return $item; -} - 1; # vim: set tabstop=4 expandtab: diff --git a/lib/NGCP/Panel/Role/API/Admins.pm b/lib/NGCP/Panel/Role/API/Admins.pm index 9b546157fd..ac22b325eb 100644 --- a/lib/NGCP/Panel/Role/API/Admins.pm +++ b/lib/NGCP/Panel/Role/API/Admins.pm @@ -106,5 +106,39 @@ sub check_duplicate{ return 1; } +sub update_item { + my ($self, $c, $item, $old_resource, $resource, $form) = @_; + + if($form->field('password')){ + $form->field('password')->{required} = 0; + } + $form //= $self->get_form($c); + return unless $self->validate_form( + c => $c, + form => $form, + resource => $resource, + ); + + my $pass = $resource->{password}; + delete $resource->{password}; + if(defined $pass && $pass ne $old_resource->{saltedpass}) { + unless($c->user->id == $item->id) { + $self->error($c, HTTP_FORBIDDEN, "Only own user can change password"); + return; + } + $resource->{md5pass} = undef; + $resource->{saltedpass} = NGCP::Panel::Utils::Auth::generate_salted_hash($pass); + } + + if($old_resource->{login} eq NGCP::Panel::Utils::Auth::get_special_admin_login()) { + my $active = $resource->{is_active}; + $resource = $old_resource; + $resource->{is_active} = $active; + } + $item->update($resource); + + return $item; +} + 1; # vim: set tabstop=4 expandtab: diff --git a/t/api-rest/api-admins-collection.t b/t/api-rest/api-admins-collection.t index c2751dac7c..5bb5f159f7 100644 --- a/t/api-rest/api-admins-collection.t +++ b/t/api-rest/api-admins-collection.t @@ -11,7 +11,7 @@ my $test_machine = Test::Collection->new( name => 'admins', ); $test_machine->methods->{collection}->{allowed} = {map {$_ => 1} qw(GET HEAD OPTIONS POST)}; -$test_machine->methods->{item}->{allowed} = {map {$_ => 1} qw(GET HEAD OPTIONS DELETE)}; +$test_machine->methods->{item}->{allowed} = {map {$_ => 1} qw(GET HEAD OPTIONS PUT PATCH DELETE)}; my $fake_data = Test::FakeData->new; $fake_data->set_data_from_script({