api_eventrule.go 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244
  1. // Copyright (C) 2019-2022 Nicola Murino
  2. //
  3. // This program is free software: you can redistribute it and/or modify
  4. // it under the terms of the GNU Affero General Public License as published
  5. // by the Free Software Foundation, version 3.
  6. //
  7. // This program is distributed in the hope that it will be useful,
  8. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  10. // GNU Affero General Public License for more details.
  11. //
  12. // You should have received a copy of the GNU Affero General Public License
  13. // along with this program. If not, see <https://www.gnu.org/licenses/>.
  14. package httpd
  15. import (
  16. "context"
  17. "net/http"
  18. "github.com/go-chi/render"
  19. "github.com/drakkan/sftpgo/v2/internal/dataprovider"
  20. "github.com/drakkan/sftpgo/v2/internal/util"
  21. )
  22. func getEventActions(w http.ResponseWriter, r *http.Request) {
  23. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  24. limit, offset, order, err := getSearchFilters(w, r)
  25. if err != nil {
  26. return
  27. }
  28. actions, err := dataprovider.GetEventActions(limit, offset, order, false)
  29. if err != nil {
  30. sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
  31. return
  32. }
  33. render.JSON(w, r, actions)
  34. }
  35. func renderEventAction(w http.ResponseWriter, r *http.Request, name string, status int) {
  36. action, err := dataprovider.EventActionExists(name)
  37. if err != nil {
  38. sendAPIResponse(w, r, err, "", getRespStatus(err))
  39. return
  40. }
  41. action.PrepareForRendering()
  42. if status != http.StatusOK {
  43. ctx := context.WithValue(r.Context(), render.StatusCtxKey, status)
  44. render.JSON(w, r.WithContext(ctx), action)
  45. } else {
  46. render.JSON(w, r, action)
  47. }
  48. }
  49. func getEventActionByName(w http.ResponseWriter, r *http.Request) {
  50. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  51. name := getURLParam(r, "name")
  52. renderEventAction(w, r, name, http.StatusOK)
  53. }
  54. func addEventAction(w http.ResponseWriter, r *http.Request) {
  55. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  56. claims, err := getTokenClaims(r)
  57. if err != nil || claims.Username == "" {
  58. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  59. return
  60. }
  61. var action dataprovider.BaseEventAction
  62. err = render.DecodeJSON(r.Body, &action)
  63. if err != nil {
  64. sendAPIResponse(w, r, err, "", http.StatusBadRequest)
  65. return
  66. }
  67. err = dataprovider.AddEventAction(&action, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  68. if err != nil {
  69. sendAPIResponse(w, r, err, "", getRespStatus(err))
  70. return
  71. }
  72. renderEventAction(w, r, action.Name, http.StatusCreated)
  73. }
  74. func updateEventAction(w http.ResponseWriter, r *http.Request) {
  75. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  76. claims, err := getTokenClaims(r)
  77. if err != nil || claims.Username == "" {
  78. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  79. return
  80. }
  81. name := getURLParam(r, "name")
  82. action, err := dataprovider.EventActionExists(name)
  83. if err != nil {
  84. sendAPIResponse(w, r, err, "", getRespStatus(err))
  85. return
  86. }
  87. var updatedAction dataprovider.BaseEventAction
  88. err = render.DecodeJSON(r.Body, &updatedAction)
  89. if err != nil {
  90. sendAPIResponse(w, r, err, "", http.StatusBadRequest)
  91. return
  92. }
  93. updatedAction.ID = action.ID
  94. updatedAction.Name = action.Name
  95. updatedAction.Options.SetEmptySecretsIfNil()
  96. switch updatedAction.Type {
  97. case dataprovider.ActionTypeHTTP:
  98. if updatedAction.Options.HTTPConfig.Password.IsNotPlainAndNotEmpty() {
  99. updatedAction.Options.HTTPConfig.Password = action.Options.HTTPConfig.Password
  100. }
  101. }
  102. err = dataprovider.UpdateEventAction(&updatedAction, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  103. if err != nil {
  104. sendAPIResponse(w, r, err, "", getRespStatus(err))
  105. return
  106. }
  107. sendAPIResponse(w, r, nil, "Event action updated", http.StatusOK)
  108. }
  109. func deleteEventAction(w http.ResponseWriter, r *http.Request) {
  110. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  111. claims, err := getTokenClaims(r)
  112. if err != nil || claims.Username == "" {
  113. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  114. return
  115. }
  116. name := getURLParam(r, "name")
  117. err = dataprovider.DeleteEventAction(name, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  118. if err != nil {
  119. sendAPIResponse(w, r, err, "", getRespStatus(err))
  120. return
  121. }
  122. sendAPIResponse(w, r, err, "Event action deleted", http.StatusOK)
  123. }
  124. func getEventRules(w http.ResponseWriter, r *http.Request) {
  125. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  126. limit, offset, order, err := getSearchFilters(w, r)
  127. if err != nil {
  128. return
  129. }
  130. rules, err := dataprovider.GetEventRules(limit, offset, order)
  131. if err != nil {
  132. sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
  133. return
  134. }
  135. render.JSON(w, r, rules)
  136. }
  137. func renderEventRule(w http.ResponseWriter, r *http.Request, name string, status int) {
  138. rule, err := dataprovider.EventRuleExists(name)
  139. if err != nil {
  140. sendAPIResponse(w, r, err, "", getRespStatus(err))
  141. return
  142. }
  143. rule.PrepareForRendering()
  144. if status != http.StatusOK {
  145. ctx := context.WithValue(r.Context(), render.StatusCtxKey, status)
  146. render.JSON(w, r.WithContext(ctx), rule)
  147. } else {
  148. render.JSON(w, r, rule)
  149. }
  150. }
  151. func getEventRuleByName(w http.ResponseWriter, r *http.Request) {
  152. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  153. name := getURLParam(r, "name")
  154. renderEventRule(w, r, name, http.StatusOK)
  155. }
  156. func addEventRule(w http.ResponseWriter, r *http.Request) {
  157. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  158. claims, err := getTokenClaims(r)
  159. if err != nil || claims.Username == "" {
  160. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  161. return
  162. }
  163. var rule dataprovider.EventRule
  164. err = render.DecodeJSON(r.Body, &rule)
  165. if err != nil {
  166. sendAPIResponse(w, r, err, "", http.StatusBadRequest)
  167. return
  168. }
  169. err = dataprovider.AddEventRule(&rule, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  170. if err != nil {
  171. sendAPIResponse(w, r, err, "", getRespStatus(err))
  172. return
  173. }
  174. renderEventRule(w, r, rule.Name, http.StatusCreated)
  175. }
  176. func updateEventRule(w http.ResponseWriter, r *http.Request) {
  177. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  178. claims, err := getTokenClaims(r)
  179. if err != nil || claims.Username == "" {
  180. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  181. return
  182. }
  183. rule, err := dataprovider.EventRuleExists(getURLParam(r, "name"))
  184. if err != nil {
  185. sendAPIResponse(w, r, err, "", getRespStatus(err))
  186. return
  187. }
  188. var updatedRule dataprovider.EventRule
  189. err = render.DecodeJSON(r.Body, &updatedRule)
  190. if err != nil {
  191. sendAPIResponse(w, r, err, "", http.StatusBadRequest)
  192. return
  193. }
  194. updatedRule.ID = rule.ID
  195. updatedRule.Name = rule.Name
  196. err = dataprovider.UpdateEventRule(&updatedRule, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  197. if err != nil {
  198. sendAPIResponse(w, r, err, "", getRespStatus(err))
  199. return
  200. }
  201. sendAPIResponse(w, r, nil, "Event rules updated", http.StatusOK)
  202. }
  203. func deleteEventRule(w http.ResponseWriter, r *http.Request) {
  204. r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
  205. claims, err := getTokenClaims(r)
  206. if err != nil || claims.Username == "" {
  207. sendAPIResponse(w, r, err, "Invalid token claims", http.StatusBadRequest)
  208. return
  209. }
  210. name := getURLParam(r, "name")
  211. err = dataprovider.DeleteEventRule(name, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr), claims.Role)
  212. if err != nil {
  213. sendAPIResponse(w, r, err, "", getRespStatus(err))
  214. return
  215. }
  216. sendAPIResponse(w, r, err, "Event rule deleted", http.StatusOK)
  217. }