/
wiggle_hypervisor_handler.erl
219 lines (170 loc) · 7.29 KB
/
wiggle_hypervisor_handler.erl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
%% Feel free to use, reuse and abuse the code in this file.
%% @doc Hello world handler.
-module(wiggle_hypervisor_handler).
-export([init/3,
rest_init/2]).
-export([content_types_provided/2,
content_types_accepted/2,
allowed_methods/2,
resource_exists/2,
forbidden/2,
service_available/2,
options/2,
delete_resource/2,
is_authorized/2]).
-export([to_json/2,
from_json/2,
to_msgpack/2,
from_msgpack/2]).
-ignore_xref([to_json/2,
from_json/2,
from_msgpack/2,
to_msgpack/2,
allowed_methods/2,
content_types_accepted/2,
content_types_provided/2,
delete_resource/2,
forbidden/2,
init/3,
is_authorized/2,
options/2,
service_available/2,
resource_exists/2,
rest_init/2]).
-record(state, {path, method, version, token, content, reply, obj, body}).
init(_Transport, _Req, []) ->
{upgrade, protocol, cowboy_http_rest}.
rest_init(Req, _) ->
wiggle_handler:initial_state(Req).
service_available(Req, State) ->
case {libsniffle:servers(), libsnarl:servers()} of
{[], _} ->
{false, Req, State};
{_, []} ->
{false, Req, State};
_ ->
{true, Req, State}
end.
options(Req, State) ->
Methods = allowed_methods(State#state.version, State#state.token, State#state.path),
Req1 = cowboy_req:set_resp_header(
<<"Access-Control-Allow-Methods">>,
string:join(
lists:map(fun erlang:atom_to_list/1,
['HEAD', 'OPTIONS' | Methods]), ", "), Req),
{ok, Req1, State}.
content_types_provided(Req, State) ->
{[
{<<"application/json">>, to_json},
{<<"application/x-msgpack">>, to_msgpack}
], Req, State}.
content_types_accepted(Req, State) ->
{wiggle_handler:accepted(), Req, State}.
allowed_methods(Req, State) ->
{['HEAD', 'OPTIONS' | allowed_methods(State#state.version, State#state.token, State#state.path)], Req, State}.
allowed_methods(_Version, _Token, []) ->
['GET'];
allowed_methods(_Version, _Token, [_Hypervisor]) ->
['GET'];
allowed_methods(_Version, _Token, [_Hypervisor, <<"characteristics">>|_]) ->
['PUT', 'DELETE'];
allowed_methods(_Version, _Token, [_Hypervisor, <<"metadata">>|_]) ->
['PUT', 'DELETE'].
resource_exists(Req, State = #state{path = []}) ->
{true, Req, State};
resource_exists(Req, State = #state{path = [Hypervisor | _]}) ->
case libsniffle:hypervisor_get(Hypervisor) of
not_found ->
{false, Req, State};
{ok, Obj} ->
{true, Req, State#state{obj = Obj}}
end.
is_authorized(Req, State = #state{method = 'OPTIONS'}) ->
{true, Req, State};
is_authorized(Req, State = #state{token = undefined}) ->
{{false, <<"X-Snarl-Token">>}, Req, State};
is_authorized(Req, State) ->
{true, Req, State}.
forbidden(Req, State = #state{method = 'OPTIONS'}) ->
{false, Req, State};
forbidden(Req, State = #state{token = undefined}) ->
{true, Req, State};
forbidden(Req, State = #state{path = []}) ->
{allowed(State#state.token, [<<"cloud">>, <<"hypervisors">>, <<"list">>]), Req, State};
forbidden(Req, State = #state{method = 'GET', path = [Hypervisor]}) ->
{allowed(State#state.token, [<<"hypervisors">>, Hypervisor, <<"get">>]), Req, State};
forbidden(Req, State = #state{method = 'PUT', path = [Hypervisor, <<"metadata">> | _]}) ->
{allowed(State#state.token, [<<"hypervisors">>, Hypervisor, <<"edit">>]), Req, State};
forbidden(Req, State = #state{method = 'DELETE', path = [Hypervisor, <<"metadata">> | _]}) ->
{allowed(State#state.token, [<<"hypervisors">>, Hypervisor, <<"edit">>]), Req, State};
forbidden(Req, State = #state{method = 'PUT', path = [Hypervisor, <<"characteristics">> | _]}) ->
{allowed(State#state.token, [<<"hypervisors">>, Hypervisor, <<"edit">>]), Req, State};
forbidden(Req, State = #state{method = 'DELETE', path = [Hypervisor, <<"characteristics">> | _]}) ->
{allowed(State#state.token, [<<"hypervisors">>, Hypervisor, <<"edit">>]), Req, State};
forbidden(Req, State) ->
{true, Req, State}.
%%--------------------------------------------------------------------
%% GET
%%--------------------------------------------------------------------
to_json(Req, State) ->
{Reply, Req1, State1} = handle_request(Req, State),
{jsx:encode(Reply), Req1, State1}.
to_msgpack(Req, State) ->
{Reply, Req1, State1} = handle_request(Req, State),
{msgpack:pack(Reply, [jsx]), Req1, State1}.
handle_request(Req, State = #state{token = Token, path = []}) ->
{ok, Permissions} = libsnarl:user_cache({token, Token}),
{ok, Res} = libsniffle:hypervisor_list([{must, 'allowed', [<<"hypervisors">>, {<<"res">>, <<"name">>}, <<"get">>], Permissions}]),
{lists:map(fun ({E, _}) -> E end, Res), Req, State};
handle_request(Req, State = #state{path = [_Hypervisor], obj = Obj}) ->
{Obj, Req, State}.
%%--------------------------------------------------------------------
%% PUT
%%--------------------------------------------------------------------
from_json(Req, State) ->
{ok, Body, Req1} = cowboy_req:body(Req),
{Reply, Req2, State1} = case Body of
<<>> ->
handle_write(Req1, State, []);
_ ->
Decoded = jsx:decode(Body),
handle_write(Req1, State, Decoded)
end,
{Reply, Req2, State1}.
from_msgpack(Req, State) ->
{ok, Body, Req1} = cowboy_req:body(Req),
{Reply, Req2, State1} = case Body of
<<>> ->
handle_write(Req1, State, []);
_ ->
Decoded = msgpack:unpack(Body, [jsx]),
handle_write(Req1, State, Decoded)
end,
{Reply, Req2, State1}.
handle_write(Req, State = #state{path = [Hypervisor, <<"characteristics">> | Path]}, [{K, V}]) ->
libsniffle:hypervisor_set(Hypervisor, [<<"characteristics">> | Path] ++ [K], jsxd:from_list(V)),
{true, Req, State};
handle_write(Req, State = #state{path = [Hypervisor, <<"metadata">> | Path]}, [{K, V}]) ->
libsniffle:hypervisor_set(Hypervisor, [<<"metadata">> | Path] ++ [K], jsxd:from_list(V)),
{true, Req, State};
handle_write(Req, State, _Body) ->
{false, Req, State}.
%%--------------------------------------------------------------------
%% DELETE
%%--------------------------------------------------------------------
delete_resource(Req, State = #state{path = [Hypervisor, <<"characteristics">> | Path]}) ->
libsniffle:hypervisor_set(Hypervisor, [<<"characteristics">> | Path], delete),
{true, Req, State};
delete_resource(Req, State = #state{path = [Hypervisor, <<"metadata">> | Path]}) ->
libsniffle:hypervisor_set(Hypervisor, [<<"metadata">> | Path], delete),
{true, Req, State}.
%% Internal Functions
allowed(Token, Perm) ->
case libsnarl:allowed({token, Token}, Perm) of
not_found ->
true;
true ->
false;
false ->
true
end.