forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
/
handler.go
125 lines (104 loc) · 3.07 KB
/
handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package principals
import (
"context"
"encoding/json"
"net/http"
"fmt"
"github.com/pkg/errors"
"github.com/rancher/norman/httperror"
"github.com/rancher/norman/types"
"github.com/rancher/norman/types/convert"
"github.com/rancher/rancher/pkg/auth/providers"
"github.com/rancher/rancher/pkg/auth/requests"
"github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/config"
)
type principalsHandler struct {
principalsClient v3.PrincipalInterface
tokensClient v3.TokenInterface
auth requests.Authenticator
}
func newPrincipalsHandler(ctx context.Context, mgmt *config.ScaledContext) *principalsHandler {
providers.Configure(ctx, mgmt)
return &principalsHandler{
principalsClient: mgmt.Management.Principals(""),
tokensClient: mgmt.Management.Tokens(""),
auth: requests.NewAuthenticator(ctx, mgmt),
}
}
func (h *principalsHandler) actions(actionName string, action *types.Action, apiContext *types.APIContext) error {
if actionName != "search" {
return httperror.NewAPIError(httperror.ActionNotAvailable, "")
}
input := &v3.SearchPrincipalsInput{}
if err := json.NewDecoder(apiContext.Request.Body).Decode(input); err != nil {
return httperror.NewAPIError(httperror.InvalidBodyContent, fmt.Sprintf("Failed to parse body: %v", err))
}
token, err := h.getToken(apiContext.Request)
if err != nil {
return err
}
ps, err := providers.SearchPrincipals(input.Name, input.PrincipalType, *token)
if err != nil {
return err
}
var principals []map[string]interface{}
for _, p := range ps {
x, err := convertPrincipal(apiContext.Schema, p)
if err != nil {
return err
}
principals = append(principals, x)
}
apiContext.WriteResponse(200, principals)
return nil
}
func (h *principalsHandler) list(apiContext *types.APIContext, next types.RequestHandler) error {
var principals []map[string]interface{}
token, err := h.getToken(apiContext.Request)
if err != nil {
return err
}
if apiContext.ID != "" {
princ, err := providers.GetPrincipal(apiContext.ID, *token)
if err != nil {
return err
}
p, err := convertPrincipal(apiContext.Schema, princ)
if err != nil {
return err
}
apiContext.WriteResponse(200, p)
return nil
}
p, err := convertPrincipal(apiContext.Schema, token.UserPrincipal)
if err != nil {
return err
}
principals = append(principals, p)
for _, p := range token.GroupPrincipals {
x, err := convertPrincipal(apiContext.Schema, p)
if err != nil {
return err
}
principals = append(principals, x)
}
apiContext.WriteResponse(200, principals)
return nil
}
func convertPrincipal(schema *types.Schema, principal v3.Principal) (map[string]interface{}, error) {
data, err := convert.EncodeToMap(principal)
if err != nil {
return nil, err
}
mapper := schema.Mapper
if mapper == nil {
return nil, errors.New("no schema mapper available")
}
mapper.FromInternal(data)
return data, nil
}
func (h *principalsHandler) getToken(request *http.Request) (*v3.Token, error) {
token, err := h.auth.TokenFromRequest(request)
return token, errors.Wrap(err, "must authenticate")
}