tarsisazevedo/permission-migration.go

## permission-migration.go
package main

import (
	"fmt"
	"os"

	"github.com/tsuru/config"
	"github.com/tsuru/tsuru/auth"
	"github.com/tsuru/tsuru/db"
	"github.com/tsuru/tsuru/permission"
	"gopkg.in/mgo.v2/bson"
)

func createRole(name, contextType string) (permission.Role, error) {
	role, err := permission.NewRole(name, contextType)
	if err != nil && err != permission.ErrRoleAlreadyExists {
		return role, err
	}
	if err == permission.ErrRoleAlreadyExists {
		role, err = permission.FindRole(name)
	}
	return role, err
}

func main() {
	err := config.ReadConfigFile(os.Args[1])
	if err != nil {
		panic(err)
	}
	adminTeam, err := config.GetString("admin-team")
	if err != nil {
		panic(err)
	}
	conn, err := db.Conn()
	if err != nil {
		panic(err)
	}
	defer conn.Close()
	adminRole, err := createRole("admin", "global")
	if err != nil {
		panic(err)
	}
	err = adminRole.AddPermissions("*")
	if err != nil {
		panic(err)
	}
	teamRole, err := createRole("team-member", "team")
	if err != nil {
		panic(err)
	}
	err = teamRole.AddPermissions(permission.PermApp.FullName(),
		permission.PermTeam.FullName(),
		permission.PermServiceInstance.FullName())
	if err != nil {
		panic(err)
	}
	teamCreate, err := createRole("team-creator", "global")
	if err != nil {
		panic(err)
	}
	err = teamCreate.AddPermissions(permission.PermTeamCreate.FullName())
	if err != nil {
		panic(err)
	}
	users, err := auth.ListUsers()
	if err != nil {
		panic(err)
	}
	for _, u := range users {
		var teams []auth.Team
		err := conn.Teams().Find(bson.M{"users": bson.M{"$in": []string{u.Email}}}).All(&teams)
		if err != nil {
			panic(err)
		}
		for _, team := range teams {
			if team.Name == adminTeam {
				err := u.AddRole(adminRole.Name, "")
				if err != nil {
					fmt.Printf("%s\n", err.Error())
				}
				continue
			}
			err := u.AddRole(teamRole.Name, team.Name)
			if err != nil {
				fmt.Printf("%s\n", err.Error())
			}
			err = u.AddRole(teamCreate.Name, "")
			if err != nil {
				fmt.Printf("%s\n", err.Error())
			}
		}
	}
}
	package main

	import (
	"fmt"
	"os"

	"github.com/tsuru/config"
	"github.com/tsuru/tsuru/auth"
	"github.com/tsuru/tsuru/db"
	"github.com/tsuru/tsuru/permission"
	"gopkg.in/mgo.v2/bson"
	)

	func createRole(name, contextType string) (permission.Role, error) {
	role, err := permission.NewRole(name, contextType)
	if err != nil && err != permission.ErrRoleAlreadyExists {
	return role, err
	}
	if err == permission.ErrRoleAlreadyExists {
	role, err = permission.FindRole(name)
	}
	return role, err
	}

	func main() {
	err := config.ReadConfigFile(os.Args[1])
	if err != nil {
	panic(err)
	}
	adminTeam, err := config.GetString("admin-team")
	if err != nil {
	panic(err)
	}
	conn, err := db.Conn()
	if err != nil {
	panic(err)
	}
	defer conn.Close()
	adminRole, err := createRole("admin", "global")
	if err != nil {
	panic(err)
	}
	err = adminRole.AddPermissions("*")
	if err != nil {
	panic(err)
	}
	teamRole, err := createRole("team-member", "team")
	if err != nil {
	panic(err)
	}
	err = teamRole.AddPermissions(permission.PermApp.FullName(),
	permission.PermTeam.FullName(),
	permission.PermServiceInstance.FullName())
	if err != nil {
	panic(err)
	}
	teamCreate, err := createRole("team-creator", "global")
	if err != nil {
	panic(err)
	}
	err = teamCreate.AddPermissions(permission.PermTeamCreate.FullName())
	if err != nil {
	panic(err)
	}
	users, err := auth.ListUsers()
	if err != nil {
	panic(err)
	}
	for _, u := range users {
	var teams []auth.Team
	err := conn.Teams().Find(bson.M{"users": bson.M{"$in": []string{u.Email}}}).All(&teams)
	if err != nil {
	panic(err)
	}
	for _, team := range teams {
	if team.Name == adminTeam {
	err := u.AddRole(adminRole.Name, "")
	if err != nil {
	fmt.Printf("%s\n", err.Error())
	}
	continue
	}
	err := u.AddRole(teamRole.Name, team.Name)
	if err != nil {
	fmt.Printf("%s\n", err.Error())
	}
	err = u.AddRole(teamCreate.Name, "")
	if err != nil {
	fmt.Printf("%s\n", err.Error())
	}
	}
	}
	}