fix #42. support `admin` flag when posting to `/db/:db/users/:user`

CHANGELOG.md

@@ -94,3 +94,5 @@
 ### Bugfixes
 
 - [Issue #36](https://github.com/influxdb/influxdb/issues/36). The regex operator should be =~ not ~=
+- Preparing to deprecate endpoints `/db/:db/admins/:user` in favor of using `/db/:db/users/:user` which should
+  be used to update user flags, password, etc.

src/api/http/api.go

@@ -755,8 +755,8 @@ func (self *HttpServer) updateDbUser(w libhttp.ResponseWriter, r *libhttp.Reques
 		return
 	}
 
-	updateUser := &UpdateUser{}
-	err = json.Unmarshal(body, updateUser)
+	updateUser := make(map[string]interface{})
+	err = json.Unmarshal(body, &updateUser)
 	if err != nil {
 		w.WriteHeader(libhttp.StatusBadRequest)
 		w.Write([]byte(err.Error()))
@@ -767,8 +767,26 @@ func (self *HttpServer) updateDbUser(w libhttp.ResponseWriter, r *libhttp.Reques
 	db := r.URL.Query().Get(":db")
 
 	self.tryAsDbUserAndClusterAdmin(w, r, func(u common.User) (int, interface{}) {
-		if err := self.userManager.ChangeDbUserPassword(u, db, newUser, updateUser.Password); err != nil {
-			return errorToStatusCode(err), err.Error()
+		if pwd, ok := updateUser["password"]; ok {
+			newPassword, ok := pwd.(string)
+			if !ok {
+				return libhttp.StatusBadRequest, "password must be string"
+			}
+
+			if err := self.userManager.ChangeDbUserPassword(u, db, newUser, newPassword); err != nil {
+				return errorToStatusCode(err), err.Error()
+			}
+		}
+
+		if admin, ok := updateUser["admin"]; ok {
+			isAdmin, ok := admin.(bool)
+			if !ok {
+				return libhttp.StatusBadRequest, "admin must be boolean"
+			}
+
+			if err := self.userManager.SetDbAdmin(u, db, newUser, isAdmin); err != nil {
+				return errorToStatusCode(err), err.Error()
+			}
 		}
 		return libhttp.StatusOK, nil
 	})

src/api/http/api_test.go

@@ -441,7 +441,7 @@ func (self *ApiSuite) TestClusterAdminOperations(c *C) {
 	c.Assert(self.manager.ops[0].username, Equals, "new_user")
 }
 
-func (self *ApiSuite) TestDbUSerOperations(c *C) {
+func (self *ApiSuite) TestDbUserOperations(c *C) {
 	url := self.formatUrl("/db/db1/users?u=root&p=root")
 	resp, err := libhttp.Post(url, "", bytes.NewBufferString(`{"username":"dbuser", "password": "password"}`))
 	c.Assert(err, IsNil)
@@ -473,6 +473,29 @@ func (self *ApiSuite) TestDbUSerOperations(c *C) {
 	defer resp.Body.Close()
 	c.Assert(resp.StatusCode, Equals, libhttp.StatusBadRequest)
 
+	// set and unset the db admin flag
+	url = self.formatUrl("/db/db1/users/dbuser?u=root&p=root")
+	resp, err = libhttp.Post(url, "", bytes.NewBufferString(`{"admin": true}`))
+	c.Assert(err, IsNil)
+	defer resp.Body.Close()
+	c.Assert(resp.StatusCode, Equals, libhttp.StatusOK)
+	c.Assert(self.manager.ops, HasLen, 1)
+	c.Assert(self.manager.ops[0].operation, Equals, "db_user_admin")
+	c.Assert(self.manager.ops[0].username, Equals, "dbuser")
+	c.Assert(self.manager.ops[0].isAdmin, Equals, true)
+	self.manager.ops = nil
+	url = self.formatUrl("/db/db1/users/dbuser?u=root&p=root")
+	resp, err = libhttp.Post(url, "", bytes.NewBufferString(`{"admin": false}`))
+	c.Assert(err, IsNil)
+	defer resp.Body.Close()
+	c.Assert(resp.StatusCode, Equals, libhttp.StatusOK)
+	c.Assert(self.manager.ops, HasLen, 1)
+	c.Assert(self.manager.ops[0].operation, Equals, "db_user_admin")
+	c.Assert(self.manager.ops[0].username, Equals, "dbuser")
+	c.Assert(self.manager.ops[0].isAdmin, Equals, false)
+	self.manager.ops = nil
+
+	// TODO: remove this parapgraph one the old endpoints are removed
 	// set and unset the db admin flag
 	url = self.formatUrl("/db/db1/admins/dbuser?u=root&p=root")
 	resp, err = libhttp.Post(url, "", nil)
@@ -484,7 +507,6 @@ func (self *ApiSuite) TestDbUSerOperations(c *C) {
 	c.Assert(self.manager.ops[0].username, Equals, "dbuser")
 	c.Assert(self.manager.ops[0].isAdmin, Equals, true)
 	self.manager.ops = nil
-
 	url = self.formatUrl("/db/db1/admins/dbuser?u=root&p=root")
 	req, _ := libhttp.NewRequest("DELETE", url, nil)
 	resp, err = libhttp.DefaultClient.Do(req)