misc fixes
This commit is contained in:
Mikaël Cluseau
@ -7,6 +7,8 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
ErrNotFound = httperr.NewStd(404, http.StatusNotFound, "not found")
|
||||
ErrInvalidToken = httperr.NewStd(403, http.StatusForbidden, "invalid token")
|
||||
ErrNotFound = httperr.StdStatus(http.StatusNotFound)
|
||||
ErrUnauthorized = httperr.StdStatus(http.StatusUnauthorized)
|
||||
ErrForbidden = httperr.StdStatus(http.StatusForbidden)
|
||||
ErrInvalidToken = httperr.NewStd(1000, http.StatusForbidden, "invalid token")
|
||||
)
|
||||
|
||||
@ -24,7 +24,7 @@ func tokenAuth(req *restful.Request, resp *restful.Response, chain *restful.Filt
|
||||
}
|
||||
}
|
||||
|
||||
resp.WriteErrorString(401, "401: Not Authorized")
|
||||
wsError(resp, ErrUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
@ -38,7 +38,7 @@ func getToken(req *restful.Request) string {
|
||||
}
|
||||
|
||||
if !strings.HasPrefix(token, bearerPrefix) {
|
||||
return ""
|
||||
return token
|
||||
}
|
||||
|
||||
return token[len(bearerPrefix):]
|
||||
|
||||
@ -18,7 +18,10 @@ func wsUploadConfig(req *restful.Request, resp *restful.Response) {
|
||||
|
||||
if err != nil {
|
||||
wsError(resp, err)
|
||||
return
|
||||
}
|
||||
|
||||
resp.WriteEntity(true)
|
||||
}
|
||||
|
||||
func writeNewConfig(reader io.Reader) (err error) {
|
||||
@ -38,10 +41,17 @@ func writeNewConfig(reader io.Reader) (err error) {
|
||||
cfgPath := configFilePath()
|
||||
in, err := os.Open(cfgPath)
|
||||
|
||||
if err == nil {
|
||||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
// nothing to backup
|
||||
} else {
|
||||
return // real error
|
||||
}
|
||||
} else {
|
||||
err = backupCurrentConfig(in)
|
||||
} else if !os.IsNotExist(err) {
|
||||
return
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
err = os.Rename(out.Name(), cfgPath)
|
||||
|
||||
@ -24,8 +24,8 @@ func registerWS(rest *restful.Container) {
|
||||
ws := &restful.WebService{}
|
||||
ws.
|
||||
Path("/public").
|
||||
Produces("application/json").
|
||||
Consumes("application/json").
|
||||
Produces(mime.JSON).
|
||||
Consumes(mime.JSON).
|
||||
Route(ws.POST("/unlock-store").To(wsUnlockStore).
|
||||
Reads("").
|
||||
Writes("").
|
||||
@ -46,23 +46,24 @@ func registerWS(rest *restful.Container) {
|
||||
ws := &restful.WebService{}
|
||||
ws.
|
||||
Filter(adminAuth).
|
||||
HeaderParameter("Authorization", "Admin bearer token")
|
||||
Param(ws.HeaderParameter("Authorization", "Admin bearer token").Required(true)).
|
||||
Produces(mime.JSON)
|
||||
|
||||
// - store management
|
||||
ws.Route(ws.POST("/store/add-key").To(wsStoreAddKey).
|
||||
Consumes("application/json").Reads("").
|
||||
Produces("application/json").
|
||||
Consumes(mime.JSON).Reads("").
|
||||
Doc("Add an unlock key to the store"))
|
||||
|
||||
// - downloads
|
||||
ws.Route(ws.POST("/authorize-download").To(wsAuthorizeDownload).
|
||||
Consumes("application/json").Reads(DownloadSpec{}).
|
||||
Produces("application/json").
|
||||
Consumes(mime.JSON).Reads(DownloadSpec{}).
|
||||
Produces(mime.JSON).
|
||||
Doc("Create a download token for the given download"))
|
||||
|
||||
// - configs API
|
||||
ws.Route(ws.POST("/configs").To(wsUploadConfig).
|
||||
Consumes(mime.YAML).
|
||||
Consumes(mime.YAML).Param(ws.BodyParameter("config", "The new full configuration")).
|
||||
Produces(mime.JSON).Writes(true).
|
||||
Doc("Upload a new current configuration, archiving the previous one"))
|
||||
|
||||
// - clusters API
|
||||
@ -124,6 +125,7 @@ func registerWS(rest *restful.Container) {
|
||||
return req.PathParameter("host-name"), nil
|
||||
},
|
||||
}).register(ws, func(rb *restful.RouteBuilder) {
|
||||
rb.Param(ws.PathParameter("host-name", "host's name"))
|
||||
})
|
||||
|
||||
ws.Route(ws.GET("/ssh-acls").To(wsSSH_ACL_List))
|
||||
@ -134,10 +136,10 @@ func registerWS(rest *restful.Container) {
|
||||
|
||||
// Hosts API
|
||||
ws = &restful.WebService{}
|
||||
ws.Produces("application/json")
|
||||
ws.Path("/me")
|
||||
ws.Filter(hostsAuth).
|
||||
HeaderParameter("Authorization", "Host or admin bearer token")
|
||||
ws.Produces(mime.JSON).
|
||||
Path("/me").
|
||||
Filter(hostsAuth).
|
||||
Param(ws.HeaderParameter("Authorization", "Host or admin bearer token"))
|
||||
|
||||
(&wsHost{
|
||||
hostDoc: "detected host",
|
||||
@ -148,12 +150,12 @@ func registerWS(rest *restful.Container) {
|
||||
|
||||
// Hosts by token API
|
||||
ws = &restful.WebService{}
|
||||
ws.Path("/hosts-by-token/{host-token}")
|
||||
ws.Path("/hosts-by-token/{host-token}").Param(ws.PathParameter("host-token", "host's download token"))
|
||||
|
||||
(&wsHost{
|
||||
hostDoc: "token's host",
|
||||
getHost: func(req *restful.Request) (host string, err error) {
|
||||
reqToken := req.PathParameter("host-name")
|
||||
reqToken := req.PathParameter("host-token")
|
||||
|
||||
data, err := hostDownloadTokens.Data()
|
||||
if err != nil {
|
||||
@ -170,7 +172,7 @@ func registerWS(rest *restful.Container) {
|
||||
return
|
||||
},
|
||||
}).register(ws, func(rb *restful.RouteBuilder) {
|
||||
rb.Notes("In this case, the host is detected from the remote IP")
|
||||
rb.Notes("In this case, the host is detected from the token")
|
||||
})
|
||||
|
||||
rest.Add(ws)
|
||||
|
||||
Reference in New Issue
Block a user