2016-05-24 11:55:48 +02:00
|
|
|
package api
|
2016-04-09 21:09:57 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/rand"
|
|
|
|
"encoding/base64"
|
2020-12-03 14:51:15 +01:00
|
|
|
"github.com/ansible-semaphore/semaphore/api/helpers"
|
2020-12-04 23:41:26 +01:00
|
|
|
"github.com/ansible-semaphore/semaphore/db"
|
2023-08-26 20:43:42 +02:00
|
|
|
"github.com/ansible-semaphore/semaphore/util"
|
2020-12-03 14:51:15 +01:00
|
|
|
"github.com/gorilla/context"
|
|
|
|
"github.com/gorilla/mux"
|
2016-04-09 21:09:57 +02:00
|
|
|
"io"
|
2017-02-23 00:21:49 +01:00
|
|
|
"net/http"
|
2016-04-09 21:09:57 +02:00
|
|
|
"strings"
|
|
|
|
)
|
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
func getUser(w http.ResponseWriter, r *http.Request) {
|
|
|
|
if u, exists := context.GetOk(r, "_user"); exists {
|
2020-12-03 14:51:15 +01:00
|
|
|
helpers.WriteJSON(w, http.StatusOK, u)
|
2019-07-09 18:11:01 +02:00
|
|
|
return
|
|
|
|
}
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2023-08-26 20:43:42 +02:00
|
|
|
var user struct {
|
|
|
|
db.User
|
2024-03-20 14:55:47 +01:00
|
|
|
CanCreateProject bool `json:"can_create_project"`
|
2023-08-26 20:43:42 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
user.User = *context.Get(r, "user").(*db.User)
|
|
|
|
user.CanCreateProject = user.Admin || util.Config.NonAdminCanCreateProject
|
|
|
|
|
|
|
|
helpers.WriteJSON(w, http.StatusOK, user)
|
2019-07-09 18:11:01 +02:00
|
|
|
}
|
2019-07-09 14:56:03 +02:00
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
func getAPITokens(w http.ResponseWriter, r *http.Request) {
|
2020-12-04 23:41:26 +01:00
|
|
|
user := context.Get(r, "user").(*db.User)
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2020-12-03 14:51:15 +01:00
|
|
|
tokens, err := helpers.Store(r).GetAPITokens(user.ID)
|
|
|
|
if err != nil {
|
|
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
|
|
return
|
2019-07-09 18:11:01 +02:00
|
|
|
}
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2020-12-03 14:51:15 +01:00
|
|
|
helpers.WriteJSON(w, http.StatusOK, tokens)
|
2016-04-09 21:09:57 +02:00
|
|
|
}
|
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
func createAPIToken(w http.ResponseWriter, r *http.Request) {
|
2020-12-04 23:41:26 +01:00
|
|
|
user := context.Get(r, "user").(*db.User)
|
2019-07-09 18:11:01 +02:00
|
|
|
tokenID := make([]byte, 32)
|
|
|
|
if _, err := io.ReadFull(rand.Reader, tokenID); err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
|
2020-12-04 23:41:26 +01:00
|
|
|
token, err := helpers.Store(r).CreateAPIToken(db.APIToken{
|
2019-07-09 18:11:01 +02:00
|
|
|
ID: strings.ToLower(base64.URLEncoding.EncodeToString(tokenID)),
|
|
|
|
UserID: user.ID,
|
|
|
|
Expired: false,
|
2020-12-03 14:51:15 +01:00
|
|
|
})
|
2020-12-01 20:06:49 +01:00
|
|
|
if err != nil {
|
2019-07-09 18:11:01 +02:00
|
|
|
panic(err)
|
|
|
|
}
|
|
|
|
|
2020-12-03 14:51:15 +01:00
|
|
|
helpers.WriteJSON(w, http.StatusCreated, token)
|
2016-04-09 21:09:57 +02:00
|
|
|
}
|
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
func expireAPIToken(w http.ResponseWriter, r *http.Request) {
|
2020-12-04 23:41:26 +01:00
|
|
|
user := context.Get(r, "user").(*db.User)
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
tokenID := mux.Vars(r)["token_id"]
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2020-12-03 14:51:15 +01:00
|
|
|
err := helpers.Store(r).ExpireAPIToken(user.ID, tokenID)
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2020-12-03 14:51:15 +01:00
|
|
|
if err != nil {
|
|
|
|
helpers.WriteError(w, err)
|
2019-07-09 18:11:01 +02:00
|
|
|
return
|
|
|
|
}
|
2016-04-09 21:09:57 +02:00
|
|
|
|
2019-07-09 18:11:01 +02:00
|
|
|
w.WriteHeader(http.StatusNoContent)
|
2016-04-09 21:09:57 +02:00
|
|
|
}
|