2016-04-02 14:40:07 +02:00
package projects
2016-04-04 01:10:12 +02:00
import (
2016-04-09 21:09:57 +02:00
"database/sql"
2017-02-23 00:21:49 +01:00
"net/http"
2016-04-09 21:09:57 +02:00
2016-05-24 11:55:48 +02:00
database "github.com/ansible-semaphore/semaphore/db"
2016-04-04 01:10:12 +02:00
"github.com/ansible-semaphore/semaphore/models"
"github.com/ansible-semaphore/semaphore/util"
2017-02-23 00:21:49 +01:00
"github.com/castawaylabs/mulekick"
"github.com/gorilla/context"
2016-04-04 01:10:12 +02:00
"github.com/masterminds/squirrel"
)
2016-04-02 14:40:07 +02:00
2017-02-22 23:17:36 +01:00
func KeyMiddleware ( w http . ResponseWriter , r * http . Request ) {
2017-02-22 23:21:52 +01:00
project := context . Get ( r , "project" ) . ( models . Project )
2017-02-23 00:21:49 +01:00
keyID , err := util . GetIntParam ( "key_id" , w , r )
2016-04-09 21:09:57 +02:00
if err != nil {
return
}
var key models . AccessKey
if err := database . Mysql . SelectOne ( & key , "select * from access_key where project_id=? and id=?" , project . ID , keyID ) ; err != nil {
if err == sql . ErrNoRows {
2017-02-22 23:17:36 +01:00
w . WriteHeader ( http . StatusNotFound )
2016-04-09 21:09:57 +02:00
return
}
panic ( err )
}
2017-02-23 00:21:49 +01:00
context . Set ( r , "accessKey" , key )
2016-04-04 15:44:34 +02:00
}
2017-02-22 23:17:36 +01:00
func GetKeys ( w http . ResponseWriter , r * http . Request ) {
2017-02-22 23:21:52 +01:00
project := context . Get ( r , "project" ) . ( models . Project )
2016-04-04 01:10:12 +02:00
var keys [ ] models . AccessKey
2016-06-17 22:16:46 +02:00
q := squirrel . Select ( "id, name, type, project_id, `key`, removed" ) .
2016-04-04 01:10:12 +02:00
From ( "access_key" ) .
2016-04-04 15:44:34 +02:00
Where ( "project_id=?" , project . ID )
2017-02-23 00:21:49 +01:00
if t := r . URL . Query ( ) . Get ( "type" ) ; len ( t ) > 0 {
q = q . Where ( "type=?" , t )
2016-04-04 15:44:34 +02:00
}
query , args , _ := q . ToSql ( )
2016-04-04 01:10:12 +02:00
if _ , err := database . Mysql . Select ( & keys , query , args ... ) ; err != nil {
panic ( err )
}
2017-02-23 00:21:49 +01:00
mulekick . WriteJSON ( w , http . StatusOK , keys )
2016-04-02 14:40:07 +02:00
}
2017-02-22 23:17:36 +01:00
func AddKey ( w http . ResponseWriter , r * http . Request ) {
2017-02-22 23:21:52 +01:00
project := context . Get ( r , "project" ) . ( models . Project )
2016-04-04 01:10:12 +02:00
var key models . AccessKey
2017-02-22 23:21:52 +01:00
if err := mulekick . Bind ( w , r , & key ) ; err != nil {
2016-04-04 01:10:12 +02:00
return
}
switch key . Type {
2016-06-17 22:16:46 +02:00
case "aws" , "gcloud" , "do" :
2016-04-04 01:10:12 +02:00
break
2016-06-17 22:16:46 +02:00
case "ssh" :
if key . Secret == nil || len ( * key . Secret ) == 0 {
2017-02-23 00:21:49 +01:00
mulekick . WriteJSON ( w , http . StatusBadRequest , map [ string ] string {
2016-06-17 22:16:46 +02:00
"error" : "SSH Secret empty" ,
} )
return
}
2016-04-04 01:10:12 +02:00
default :
2017-02-23 00:21:49 +01:00
mulekick . WriteJSON ( w , http . StatusBadRequest , map [ string ] string {
2016-06-17 22:16:46 +02:00
"error" : "Invalid key type" ,
} )
2016-04-04 01:10:12 +02:00
return
}
2016-12-21 09:56:38 +01:00
secret := * key . Secret + "\n"
res , err := database . Mysql . Exec ( "insert into access_key set name=?, type=?, project_id=?, `key`=?, secret=?" , key . Name , key . Type , project . ID , key . Key , secret )
2016-04-17 12:41:36 +02:00
if err != nil {
panic ( err )
}
insertID , _ := res . LastInsertId ( )
insertIDInt := int ( insertID )
objType := "key"
desc := "Access Key " + key . Name + " created"
if err := ( models . Event {
ProjectID : & project . ID ,
ObjectType : & objType ,
ObjectID : & insertIDInt ,
Description : & desc ,
} . Insert ( ) ) ; err != nil {
2016-04-04 01:10:12 +02:00
panic ( err )
}
2017-02-22 23:17:36 +01:00
w . WriteHeader ( http . StatusNoContent )
2016-04-04 01:10:12 +02:00
}
2017-02-22 23:17:36 +01:00
func UpdateKey ( w http . ResponseWriter , r * http . Request ) {
2016-04-09 21:09:57 +02:00
var key models . AccessKey
2017-02-22 23:21:52 +01:00
oldKey := context . Get ( r , "accessKey" ) . ( models . AccessKey )
2016-04-09 21:09:57 +02:00
2017-02-22 23:21:52 +01:00
if err := mulekick . Bind ( w , r , & key ) ; err != nil {
2016-04-09 21:09:57 +02:00
return
}
switch key . Type {
2016-06-17 22:16:46 +02:00
case "aws" , "gcloud" , "do" :
2016-04-09 21:09:57 +02:00
break
2016-06-17 22:16:46 +02:00
case "ssh" :
if key . Secret == nil || len ( * key . Secret ) == 0 {
2017-02-23 00:21:49 +01:00
mulekick . WriteJSON ( w , http . StatusBadRequest , map [ string ] string {
2016-06-17 22:16:46 +02:00
"error" : "SSH Secret empty" ,
} )
return
}
2016-04-09 21:09:57 +02:00
default :
2017-02-23 00:21:49 +01:00
mulekick . WriteJSON ( w , http . StatusBadRequest , map [ string ] string {
2016-06-17 22:16:46 +02:00
"error" : "Invalid key type" ,
} )
2016-04-09 21:09:57 +02:00
return
}
2016-06-17 22:16:46 +02:00
if key . Secret == nil || len ( * key . Secret ) == 0 {
// override secret
key . Secret = oldKey . Secret
2016-12-21 09:56:38 +01:00
} else {
secret := * key . Secret + "\n"
key . Secret = & secret
2016-06-17 22:16:46 +02:00
}
if _ , err := database . Mysql . Exec ( "update access_key set name=?, type=?, `key`=?, secret=? where id=?" , key . Name , key . Type , key . Key , key . Secret , oldKey . ID ) ; err != nil {
2016-04-09 21:09:57 +02:00
panic ( err )
}
2016-04-17 12:41:36 +02:00
desc := "Access Key " + key . Name + " updated"
objType := "key"
if err := ( models . Event {
ProjectID : oldKey . ProjectID ,
Description : & desc ,
ObjectID : & oldKey . ID ,
ObjectType : & objType ,
} . Insert ( ) ) ; err != nil {
panic ( err )
}
2017-02-22 23:17:36 +01:00
w . WriteHeader ( http . StatusNoContent )
2016-04-02 14:40:07 +02:00
}
2017-02-22 23:17:36 +01:00
func RemoveKey ( w http . ResponseWriter , r * http . Request ) {
2017-02-22 23:21:52 +01:00
key := context . Get ( r , "accessKey" ) . ( models . AccessKey )
2016-04-04 01:10:12 +02:00
2016-06-17 22:16:46 +02:00
templatesC , err := database . Mysql . SelectInt ( "select count(1) from project__template where project_id=? and ssh_key_id=?" , * key . ProjectID , key . ID )
if err != nil {
panic ( err )
}
inventoryC , err := database . Mysql . SelectInt ( "select count(1) from project__inventory where project_id=? and ssh_key_id=?" , * key . ProjectID , key . ID )
if err != nil {
panic ( err )
}
if templatesC > 0 || inventoryC > 0 {
2017-02-23 00:21:49 +01:00
if len ( r . URL . Query ( ) . Get ( "setRemoved" ) ) == 0 {
mulekick . WriteJSON ( w , http . StatusBadRequest , map [ string ] interface { } {
2016-06-17 22:16:46 +02:00
"error" : "Key is in use by one or more templates / inventory" ,
"inUse" : true ,
} )
return
}
if _ , err := database . Mysql . Exec ( "update access_key set removed=1 where id=?" , key . ID ) ; err != nil {
panic ( err )
}
2017-02-22 23:17:36 +01:00
w . WriteHeader ( http . StatusNoContent )
2016-06-17 22:16:46 +02:00
return
}
2016-04-09 21:38:14 +02:00
if _ , err := database . Mysql . Exec ( "delete from access_key where id=?" , key . ID ) ; err != nil {
2016-04-04 01:10:12 +02:00
panic ( err )
}
2016-04-17 12:41:36 +02:00
desc := "Access Key " + key . Name + " deleted"
if err := ( models . Event {
ProjectID : key . ProjectID ,
Description : & desc ,
} . Insert ( ) ) ; err != nil {
panic ( err )
}
2017-02-22 23:17:36 +01:00
w . WriteHeader ( http . StatusNoContent )
2016-04-02 14:40:07 +02:00
}