ADD devops authorize

app/controllers/application_controller.rb

@@ -342,7 +342,8 @@ class ApplicationController < ActionController::Base
 			elsif params[:debug] == 'student'
 				User.current = User.find 8686
 			elsif params[:debug] == 'admin'
-				user = User.find 1
+				logger.info "@@@@@@@@@@@@@@@@@@@@@@ debug mode....."
+				user =  User.find 36480
 				User.current = user
 				cookies.signed[:user_id] = user.id
 			end
@@ -384,7 +385,7 @@ class ApplicationController < ActionController::Base
 
 	def current_user
 		if Rails.env.development?
-			User.current = User.find 1
+			User.current = User.find 36480
 		else
 			User.current
 		end
@@ -743,6 +744,11 @@ class ApplicationController < ActionController::Base
 		interactor.success? ? render_ok : render_error(interactor.error)
 	end
 
+	# devops 权限验证
+	def devops_authorize!
+		render_forbidden unless @project.owner?(current_user)
+	end
+
   private
 	def object_not_found
 		uid_logger("Missing template or cant't find record, responding with 404")

app/controllers/dev_ops/builds_controller.rb

@@ -3,6 +3,7 @@ class DevOps::BuildsController < ApplicationController
 
   before_action :require_login
   before_action :find_project
+  before_action :devops_authorize!
 
   def index
     cloud_account = @project.dev_ops_cloud_account

app/controllers/dev_ops/cloud_accounts_controller.rb

@@ -1,19 +1,14 @@
 class DevOps::CloudAccountsController < ApplicationController
   before_action :require_login
   before_action :find_project
+  before_action :devops_authorize!
 
   def create
     ActiveRecord::Base.transaction do
       DevOps::CreateCloudAccountForm.new(devops_params).validate!
-      logger.info "######### devops_params: #{devops_params}"
+
-      logger.info "######### ......: #{(IPAddr.new devops_params[:ip_num]).to_i}"
-      logger.info "######### ......: #{DevOps::CloudAccount.encrypted_secret(devops_params[:secret])}"
       # 1. 保存华为云服务器帐号
-      logger.info "######### ......ff:  #{devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))}"
       create_params = devops_params.merge(ip_num: IPAddr.new(devops_params[:ip_num]).to_i, secret: DevOps::CloudAccount.encrypted_secret(devops_params[:secret]))
-      logger.info "######### create_params: #{create_params}"
-
-
       if cloud_account = @project.dev_ops_cloud_account
         return render_error('该仓库已绑定了云帐号.')
       else
@@ -37,6 +32,7 @@ class DevOps::CloudAccountsController < ApplicationController
 
       rpc_secret = SecureRandom.hex 16
       logger.info "######### rpc_secret: #{rpc_secret}"
+
       # 3. 创建drone server
       drone_server_cmd = DevOps::Drone::Server.new(oauth.client_id, oauth.client_secret, cloud_account.drone_host, rpc_secret).generate_cmd
       logger.info "######### drone_server_cmd: #{drone_server_cmd}"
@@ -52,10 +48,12 @@ class DevOps::CloudAccountsController < ApplicationController
 
       redirect_url = "#{cloud_account.drone_url}/login"
       logger.info "######### redirect_url: #{redirect_url}"
-      if result
+
+      if result && !result.blank?
         render_ok(redirect_url: redirect_url)
       else
-        render_error('激活失败')
+        render_error('激活失败, 请检查你的云服务器信息是否正确.')
+        raise ActiveRecord::Rollback
       end
     end
   rescue Exception => ex