2019-03-14 13:36:18 +00:00
|
|
|
// Copyright 2019 Sorint.lab
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"net/http"
|
|
|
|
|
2019-04-09 12:53:00 +00:00
|
|
|
"github.com/pkg/errors"
|
2019-03-14 13:36:18 +00:00
|
|
|
"github.com/sorintlab/agola/internal/db"
|
2019-05-03 21:35:25 +00:00
|
|
|
"github.com/sorintlab/agola/internal/services/configstore/action"
|
2019-03-14 13:36:18 +00:00
|
|
|
"github.com/sorintlab/agola/internal/services/configstore/readdb"
|
|
|
|
"github.com/sorintlab/agola/internal/services/types"
|
2019-04-09 12:53:00 +00:00
|
|
|
"github.com/sorintlab/agola/internal/util"
|
2019-03-14 13:36:18 +00:00
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
"go.uber.org/zap"
|
|
|
|
)
|
|
|
|
|
2019-04-30 14:28:01 +00:00
|
|
|
// Secret augments types.Secret with dynamic data
|
|
|
|
type Secret struct {
|
|
|
|
*types.Secret
|
|
|
|
|
|
|
|
// dynamic data
|
|
|
|
ParentPath string
|
|
|
|
}
|
|
|
|
|
2019-03-14 13:36:18 +00:00
|
|
|
type SecretHandler struct {
|
|
|
|
log *zap.SugaredLogger
|
|
|
|
readDB *readdb.ReadDB
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewSecretHandler(logger *zap.Logger, readDB *readdb.ReadDB) *SecretHandler {
|
|
|
|
return &SecretHandler{log: logger.Sugar(), readDB: readDB}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SecretHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
vars := mux.Vars(r)
|
|
|
|
secretID := vars["secretid"]
|
|
|
|
|
|
|
|
var secret *types.Secret
|
|
|
|
err := h.readDB.Do(func(tx *db.Tx) error {
|
|
|
|
var err error
|
|
|
|
secret, err = h.readDB.GetSecretByID(tx, secretID)
|
|
|
|
return err
|
|
|
|
})
|
|
|
|
if err != nil {
|
2019-04-05 14:33:00 +00:00
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
httpError(w, err)
|
2019-03-14 13:36:18 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
if secret == nil {
|
2019-04-09 12:53:00 +00:00
|
|
|
httpError(w, util.NewErrNotFound(errors.Errorf("secret %q doesn't exist", secretID)))
|
2019-03-14 13:36:18 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-04-08 10:29:25 +00:00
|
|
|
if err := httpResponse(w, http.StatusOK, secret); err != nil {
|
2019-04-05 14:33:00 +00:00
|
|
|
h.log.Errorf("err: %+v", err)
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type SecretsHandler struct {
|
|
|
|
log *zap.SugaredLogger
|
|
|
|
readDB *readdb.ReadDB
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewSecretsHandler(logger *zap.Logger, readDB *readdb.ReadDB) *SecretsHandler {
|
|
|
|
return &SecretsHandler{log: logger.Sugar(), readDB: readDB}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h *SecretsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
query := r.URL.Query()
|
|
|
|
|
|
|
|
_, tree := query["tree"]
|
|
|
|
|
|
|
|
parentType, parentRef, err := GetConfigTypeRef(r)
|
|
|
|
if httpError(w, err) {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var secrets []*types.Secret
|
|
|
|
err = h.readDB.Do(func(tx *db.Tx) error {
|
|
|
|
parentID, err := h.readDB.ResolveConfigID(tx, parentType, parentRef)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if tree {
|
|
|
|
secrets, err = h.readDB.GetSecretsTree(tx, parentType, parentID)
|
|
|
|
} else {
|
|
|
|
secrets, err = h.readDB.GetSecrets(tx, parentID)
|
|
|
|
}
|
2019-04-30 14:28:01 +00:00
|
|
|
return err
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
httpError(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
resSecrets := make([]*Secret, len(secrets))
|
|
|
|
for i, s := range secrets {
|
|
|
|
resSecrets[i] = &Secret{Secret: s}
|
|
|
|
}
|
|
|
|
|
|
|
|
err = h.readDB.Do(func(tx *db.Tx) error {
|
2019-03-14 13:36:18 +00:00
|
|
|
// populate parent path
|
2019-04-30 14:28:01 +00:00
|
|
|
for _, s := range resSecrets {
|
2019-04-30 15:06:44 +00:00
|
|
|
pp, err := h.readDB.GetPath(tx, s.Parent.Type, s.Parent.ID)
|
2019-03-14 13:36:18 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2019-04-30 14:28:01 +00:00
|
|
|
s.ParentPath = pp
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
return err
|
|
|
|
})
|
|
|
|
if err != nil {
|
2019-04-05 14:33:00 +00:00
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
httpError(w, err)
|
2019-03-14 13:36:18 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-04-30 14:28:01 +00:00
|
|
|
if err := httpResponse(w, http.StatusOK, resSecrets); err != nil {
|
2019-04-05 14:33:00 +00:00
|
|
|
h.log.Errorf("err: %+v", err)
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type CreateSecretHandler struct {
|
|
|
|
log *zap.SugaredLogger
|
2019-05-03 21:35:25 +00:00
|
|
|
ah *action.ActionHandler
|
2019-03-14 13:36:18 +00:00
|
|
|
readDB *readdb.ReadDB
|
|
|
|
}
|
|
|
|
|
2019-05-03 21:35:25 +00:00
|
|
|
func NewCreateSecretHandler(logger *zap.Logger, ah *action.ActionHandler) *CreateSecretHandler {
|
|
|
|
return &CreateSecretHandler{log: logger.Sugar(), ah: ah}
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *CreateSecretHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
ctx := r.Context()
|
|
|
|
parentType, parentRef, err := GetConfigTypeRef(r)
|
|
|
|
if httpError(w, err) {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
var secret *types.Secret
|
|
|
|
d := json.NewDecoder(r.Body)
|
|
|
|
if err := d.Decode(&secret); err != nil {
|
2019-04-09 12:53:00 +00:00
|
|
|
httpError(w, util.NewErrBadRequest(err))
|
2019-03-14 13:36:18 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
secret.Parent.Type = parentType
|
|
|
|
secret.Parent.ID = parentRef
|
|
|
|
|
2019-05-03 21:35:25 +00:00
|
|
|
secret, err = h.ah.CreateSecret(ctx, secret)
|
2019-03-14 13:36:18 +00:00
|
|
|
if httpError(w, err) {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-04-08 10:29:25 +00:00
|
|
|
if err := httpResponse(w, http.StatusCreated, secret); err != nil {
|
2019-04-05 14:33:00 +00:00
|
|
|
h.log.Errorf("err: %+v", err)
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
type DeleteSecretHandler struct {
|
|
|
|
log *zap.SugaredLogger
|
2019-05-03 21:35:25 +00:00
|
|
|
ah *action.ActionHandler
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
|
2019-05-03 21:35:25 +00:00
|
|
|
func NewDeleteSecretHandler(logger *zap.Logger, ah *action.ActionHandler) *DeleteSecretHandler {
|
|
|
|
return &DeleteSecretHandler{log: logger.Sugar(), ah: ah}
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *DeleteSecretHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
|
|
ctx := r.Context()
|
|
|
|
vars := mux.Vars(r)
|
|
|
|
secretName := vars["secretname"]
|
|
|
|
|
|
|
|
parentType, parentRef, err := GetConfigTypeRef(r)
|
|
|
|
if httpError(w, err) {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-05-03 21:35:25 +00:00
|
|
|
err = h.ah.DeleteSecret(ctx, parentType, parentRef, secretName)
|
2019-03-14 13:36:18 +00:00
|
|
|
if httpError(w, err) {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
}
|
2019-04-08 10:29:25 +00:00
|
|
|
if err := httpResponse(w, http.StatusNoContent, nil); err != nil {
|
|
|
|
h.log.Errorf("err: %+v", err)
|
|
|
|
}
|
2019-03-14 13:36:18 +00:00
|
|
|
}
|