aligned users to new design
This commit is contained in:
@@ -1,152 +1,71 @@
|
||||
package servers
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/auth"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/db_handler/mongo"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/dbhandler"
|
||||
instancemanager "git.acooldomain.co/server-manager/backend-kubernetes-go/instance_manager"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/instance_manager/docker"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/models"
|
||||
"github.com/docker/docker/api/types/container"
|
||||
"github.com/docker/docker/api/types/filters"
|
||||
"github.com/docker/docker/api/types/volume"
|
||||
"github.com/docker/docker/client"
|
||||
"github.com/gin-gonic/gin"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
)
|
||||
|
||||
func (con Connection) getBrowserInfo(volume volume.Volume) (*models.FileBrowser, error) {
|
||||
serverInfo, err := con.getServerInfo(volume)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
containers, err := con.dockerClient.ContainerList(context.TODO(), container.ListOptions{
|
||||
All: true,
|
||||
Filters: filters.NewArgs(filters.Arg("label", "type=FILE_BROWSER"), filters.Arg("label", fmt.Sprintf("volume_id=%s", volume.Name))),
|
||||
})
|
||||
if err != nil || len(containers) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
container := containers[0]
|
||||
jsonData, err := json.Marshal(container.Labels)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var browserInfo ContainerLabels
|
||||
err = json.Unmarshal(jsonData, &browserInfo)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &models.FileBrowser{
|
||||
Id: serverInfo.Id,
|
||||
OwnerId: browserInfo.OwnerId,
|
||||
ConnectedTo: *serverInfo,
|
||||
Url: serverInfo.Id[:12] + ".browsers." + DOMAIN,
|
||||
}, nil
|
||||
|
||||
}
|
||||
func (con Connection) getBrowserInfoFromServerId(serverId string) (*models.FileBrowser, error) {
|
||||
serverInfo, err := con.getServerInfoFromId(serverId)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
containers, err := con.dockerClient.ContainerList(context.TODO(), container.ListOptions{
|
||||
All: true,
|
||||
Filters: filters.NewArgs(filters.Arg("label", "type=FILE_BROWSER"), filters.Arg("label", fmt.Sprintf("volume_id=%s", serverInfo.Id))),
|
||||
})
|
||||
if err != nil || len(containers) == 0 {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
container := containers[0]
|
||||
jsonData, err := json.Marshal(container.Labels)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
var browserInfo ContainerLabels
|
||||
err = json.Unmarshal(jsonData, &browserInfo)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &models.FileBrowser{
|
||||
Id: serverInfo.Id,
|
||||
OwnerId: browserInfo.OwnerId,
|
||||
ConnectedTo: *serverInfo,
|
||||
Url: serverInfo.Id[:12] + ".browsers." + DOMAIN,
|
||||
}, nil
|
||||
|
||||
}
|
||||
|
||||
func (con Connection) GetBrowsers(ctx *gin.Context) {
|
||||
volumes, err := con.dockerClient.VolumeList(
|
||||
context.TODO(),
|
||||
volume.ListOptions{
|
||||
Filters: filters.NewArgs(filters.Arg("label", "type=GAME")),
|
||||
},
|
||||
)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
}
|
||||
|
||||
var servers []models.FileBrowser = make([]models.FileBrowser, 0, len(volumes.Volumes))
|
||||
|
||||
for _, volume := range volumes.Volumes {
|
||||
browserInfo, err := con.getBrowserInfo(*volume)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
}
|
||||
if browserInfo == nil {
|
||||
continue
|
||||
}
|
||||
|
||||
servers = append(servers, *browserInfo)
|
||||
}
|
||||
fileBrowsers, err := con.InstanceManager.ListFileBrowsers(ctx)
|
||||
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
}
|
||||
|
||||
ctx.JSON(200, servers)
|
||||
ctx.JSON(200, fileBrowsers)
|
||||
}
|
||||
|
||||
func (con Connection) StopBrowser(ctx *gin.Context) {
|
||||
serverId := ctx.Param("server_id")
|
||||
containersList, err := con.dockerClient.ContainerList(context.TODO(), container.ListOptions{
|
||||
Filters: filters.NewArgs(filters.Arg("label", "volume_id="+serverId), filters.Arg("label", "type=FILE_BROWSER")),
|
||||
})
|
||||
err := con.InstanceManager.StopFileBrowser(ctx, serverId)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
if len(containersList) == 0 {
|
||||
ctx.Status(200)
|
||||
return
|
||||
}
|
||||
|
||||
for _, containerData := range containersList {
|
||||
con.dockerClient.ContainerStop(context.TODO(), containerData.ID, container.StopOptions{})
|
||||
}
|
||||
ctx.Status(200)
|
||||
}
|
||||
|
||||
func LoadBrowsersGroup(group *gin.RouterGroup, mongo_client *mongo.Client, config models.GlobalConfig) {
|
||||
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer apiClient.Close()
|
||||
func LoadBrowsersGroup(group *gin.RouterGroup, config models.GlobalConfig) {
|
||||
var instanceManager instancemanager.InstanceManager
|
||||
var serversDbHandler dbhandler.ServersDbHandler
|
||||
var serversAuthorizationHandler dbhandler.ServersAuthorizationDbHandler
|
||||
|
||||
var err error
|
||||
|
||||
if config.InstanceManager.Type == models.DOCKER {
|
||||
instanceManager, err = docker.NewInstanceManager(config.InstanceManager.Docker)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if config.ServersDatabase.Type == models.MONGO {
|
||||
serversDbHandler, err = mongo.NewServersDbHandler(*config.ServersDatabase.Mongo)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if config.ServersAuthorizationDatabase.Type == models.MONGO {
|
||||
serversAuthorizationHandler, err = mongo.NewAuthorizationHandler(*config.ServersAuthorizationDatabase.Mongo)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
connection := Connection{
|
||||
ServersDbHandler: serversDbHandler,
|
||||
ServerAuthorization: serversAuthorizationHandler,
|
||||
InstanceManager: instanceManager,
|
||||
}
|
||||
|
||||
connection := Connection{databaseConnection: mongo_client, dockerClient: apiClient}
|
||||
authConnection := auth.Connection{DatabaseConnection: mongo_client}
|
||||
group.GET("", auth.AuthorizedTo(0), connection.GetBrowsers)
|
||||
group.POST("/:server_id/stop", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Browse)), connection.StopBrowser)
|
||||
group.POST("/:server_id/stop", auth.AuthorizedTo(models.Browse), connection.ServerAuthorized(models.Browse), connection.StopBrowser)
|
||||
}
|
||||
|
||||
@@ -1,46 +1,41 @@
|
||||
package servers
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/auth"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/db_handler/mongo"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/dbhandler"
|
||||
instancemanager "git.acooldomain.co/server-manager/backend-kubernetes-go/instance_manager"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/instance_manager/docker"
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/models"
|
||||
"github.com/docker/docker/api/types/filters"
|
||||
"github.com/docker/docker/api/types/image"
|
||||
"github.com/docker/docker/client"
|
||||
"github.com/gin-gonic/gin"
|
||||
"go.mongodb.org/mongo-driver/mongo"
|
||||
)
|
||||
|
||||
type ImageData struct {
|
||||
Id string
|
||||
Name string
|
||||
Version string
|
||||
DisplayName string
|
||||
Id string `json:"Id"`
|
||||
Name string `json:"Name"`
|
||||
Version string `json:"Version"`
|
||||
DisplayName string `json:"DisplayName"`
|
||||
}
|
||||
|
||||
func convertImageToImageData(imageSummary image.Summary) *ImageData {
|
||||
if len(imageSummary.RepoTags) == 0 {
|
||||
return nil
|
||||
}
|
||||
imageId := imageSummary.RepoTags[0]
|
||||
splitImageId := strings.Split(imageId, ":")
|
||||
imageName, imageVersion := splitImageId[0], splitImageId[1]
|
||||
func convertImageToImageData(instanceImage instancemanager.Image) *ImageData {
|
||||
imageId := instanceImage.Registry + ":" + instanceImage.Tag
|
||||
|
||||
return &ImageData{
|
||||
Id: imageId,
|
||||
Name: imageName,
|
||||
Version: imageVersion,
|
||||
DisplayName: fmt.Sprintf("%s %s", imageName, imageVersion),
|
||||
Name: instanceImage.Registry,
|
||||
Version: instanceImage.Tag,
|
||||
DisplayName: fmt.Sprintf("%s %s", instanceImage.Registry, instanceImage.Tag),
|
||||
}
|
||||
}
|
||||
func (con Connection) GetImages(c *gin.Context) {
|
||||
images, err := con.dockerClient.ImageList(context.TODO(), image.ListOptions{Filters: filters.NewArgs(filters.Arg("label", "type=GAME"))})
|
||||
func (con Connection) GetImages(ctx *gin.Context) {
|
||||
images, err := con.InstanceManager.ListImages(ctx)
|
||||
if err != nil {
|
||||
c.AbortWithError(500, err)
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
imagesData := make([]ImageData, 0, len(images))
|
||||
|
||||
for _, imageSummary := range images {
|
||||
@@ -52,16 +47,43 @@ func (con Connection) GetImages(c *gin.Context) {
|
||||
imagesData = append(imagesData, *imageData)
|
||||
}
|
||||
|
||||
c.JSON(200, imagesData)
|
||||
ctx.JSON(200, imagesData)
|
||||
}
|
||||
|
||||
func LoadeImagesGroup(group *gin.RouterGroup, mongo_client *mongo.Client, config models.GlobalConfig) {
|
||||
apiClient, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer apiClient.Close()
|
||||
func LoadeImagesGroup(group *gin.RouterGroup, config models.GlobalConfig) {
|
||||
var instanceManager instancemanager.InstanceManager
|
||||
var serversDbHandler dbhandler.ServersDbHandler
|
||||
var serversAuthorizationHandler dbhandler.ServersAuthorizationDbHandler
|
||||
|
||||
var err error
|
||||
|
||||
if config.InstanceManager.Type == models.DOCKER {
|
||||
instanceManager, err = docker.NewInstanceManager(config.InstanceManager.Docker)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if config.ServersDatabase.Type == models.MONGO {
|
||||
serversDbHandler, err = mongo.NewServersDbHandler(*config.ServersDatabase.Mongo)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if config.ServersAuthorizationDatabase.Type == models.MONGO {
|
||||
serversAuthorizationHandler, err = mongo.NewAuthorizationHandler(*config.ServersAuthorizationDatabase.Mongo)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
connection := Connection{
|
||||
ServersDbHandler: serversDbHandler,
|
||||
ServerAuthorization: serversAuthorizationHandler,
|
||||
InstanceManager: instanceManager,
|
||||
}
|
||||
|
||||
connection := Connection{databaseConnection: mongo_client, dockerClient: apiClient}
|
||||
group.GET("", auth.AuthorizedTo(0), connection.GetImages)
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package servers
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
@@ -19,7 +18,6 @@ import (
|
||||
"git.acooldomain.co/server-manager/backend-kubernetes-go/models"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/gorilla/websocket"
|
||||
v1 "github.com/opencontainers/image-spec/specs-go/v1"
|
||||
)
|
||||
|
||||
var upgrader = websocket.Upgrader{
|
||||
@@ -67,6 +65,37 @@ type CreateServerRequest struct {
|
||||
Nickname string `json:"Nickname"`
|
||||
}
|
||||
|
||||
func (con Connection) ServerAuthorized(permissions models.Permission) func(*gin.Context) {
|
||||
return func(ctx *gin.Context) {
|
||||
claimsPointer, exists := ctx.Get("claims")
|
||||
if !exists {
|
||||
ctx.AbortWithStatus(403)
|
||||
return
|
||||
}
|
||||
|
||||
claims := claimsPointer.(*auth.AuthClaims)
|
||||
|
||||
serverId := ctx.Param("server_id")
|
||||
if serverId == "" {
|
||||
ctx.AbortWithStatus(403)
|
||||
return
|
||||
}
|
||||
|
||||
userPermissions, err := con.ServerAuthorization.GetPermissions(ctx, claims.Username, serverId)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
if userPermissions&permissions == permissions || userPermissions&models.Admin == models.Admin {
|
||||
return
|
||||
}
|
||||
|
||||
ctx.AbortWithStatus(403)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
func (con Connection) CreateServer(ctx *gin.Context) {
|
||||
claims, exists := ctx.Get("claims")
|
||||
if !exists {
|
||||
@@ -109,6 +138,12 @@ func (con Connection) CreateServer(ctx *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
err = con.ServerAuthorization.AddPermissions(ctx, serverClaims.Username, instanceServer.Id, models.Admin)
|
||||
if err != nil {
|
||||
ctx.AbortWithError(500, err)
|
||||
return
|
||||
}
|
||||
|
||||
ctx.JSON(200, instanceServer.Id)
|
||||
}
|
||||
|
||||
@@ -540,17 +575,16 @@ func LoadGroup(group *gin.RouterGroup, config models.GlobalConfig) {
|
||||
ServerAuthorization: serversAuthorizationHandler,
|
||||
InstanceManager: instanceManager,
|
||||
}
|
||||
authConnection := auth.Connection{}
|
||||
|
||||
group.POST("/:server_id/start", auth.AuthorizedTo(models.Start, authConnection.ServerAuthorized(models.Start)), connection.StartServer)
|
||||
group.POST("/:server_id/start", auth.AuthorizedTo(models.Start), connection.ServerAuthorized(models.Start), connection.StartServer)
|
||||
group.POST("", auth.AuthorizedTo(models.Create), connection.CreateServer)
|
||||
group.GET("", auth.AuthorizedTo(0), connection.GetServers)
|
||||
group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop, authConnection.ServerAuthorized(models.Stop)), connection.StopServer)
|
||||
group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete, authConnection.ServerAuthorized(models.Delete)), connection.DeleteServer)
|
||||
group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand, authConnection.ServerAuthorized(models.RunCommand)), connection.RunCommand)
|
||||
group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand, authConnection.ServerAuthorized(models.RunCommand)), connection.AttachServer)
|
||||
group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin, authConnection.ServerAuthorized(models.Admin)), connection.UpdateServer)
|
||||
group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.BrowseServer)
|
||||
group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.GetServerUserPermissions)
|
||||
group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse, authConnection.ServerAuthorized(models.Admin)), connection.SetServerUserPermissions)
|
||||
group.POST("/:server_id/stop", auth.AuthorizedTo(models.Stop), connection.ServerAuthorized(models.Stop), connection.StopServer)
|
||||
group.DELETE("/:server_id", auth.AuthorizedTo(models.Delete), connection.ServerAuthorized(models.Delete), connection.DeleteServer)
|
||||
group.POST("/:server_id/run_command", auth.AuthorizedTo(models.RunCommand), connection.ServerAuthorized(models.RunCommand), connection.RunCommand)
|
||||
group.GET("/:server_id/attach", auth.AuthorizedTo(models.RunCommand), connection.ServerAuthorized(models.RunCommand), connection.AttachServer)
|
||||
group.PATCH("/:server_id", auth.AuthorizedTo(models.Admin), connection.ServerAuthorized(models.Admin), connection.UpdateServer)
|
||||
group.POST("/:server_id/browse", auth.AuthorizedTo(models.Browse), connection.ServerAuthorized(models.Admin), connection.BrowseServer)
|
||||
group.GET("/:server_id/permissions", auth.AuthorizedTo(models.Browse), connection.ServerAuthorized(models.Admin), connection.GetServerUserPermissions)
|
||||
group.POST("/:server_id/permissions", auth.AuthorizedTo(models.Browse), connection.ServerAuthorized(models.Admin), connection.SetServerUserPermissions)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user