Comparison

mod_http_admin_api/mod_http_admin_api.lua @ 4368:e0c8d866d58c

mod_http_admin_api: Some fixes and improvements for the groups API Now allows setting a name separate from the id, and updating group membership in a single call.
author Matthew Wild <mwild1@gmail.com>
date Thu, 21 Jan 2021 16:02:31 +0000
parent 4366:83370df0ce4a
child 4369:29b7f445aec5
comparison
equal deleted inserted replaced
4367:33f82988d7a9 4368:e0c8d866d58c
1 local usermanager = require "core.usermanager"; 1 local usermanager = require "core.usermanager";
2 2
3 local id = require "util.id";
3 local json = require "util.json"; 4 local json = require "util.json";
4 5
5 module:depends("http"); 6 module:depends("http");
6 7
7 local invites = module:depends("invites"); 8 local invites = module:depends("invites");
8 local tokens = module:depends("tokenauth"); 9 local tokens = module:depends("tokenauth");
9 local mod_pep = module:depends("pep"); 10 local mod_pep = module:depends("pep");
10 11
11 local group_store = module:open_store("groups"); 12 local group_info_store = module:open_store("group_info");
13 local group_members_store = module:open_store("groups");
12 local group_memberships = module:open_store("groups", "map"); 14 local group_memberships = module:open_store("groups", "map");
13 local push_errors = module:shared("cloud_notify/push_errors"); 15 local push_errors = module:shared("cloud_notify/push_errors");
14 16
15 local json_content_type = "application/json"; 17 local json_content_type = "application/json";
16 18
364 return 200; 366 return 200;
365 end 367 end
366 368
367 function list_groups(event) 369 function list_groups(event)
368 local group_list = {}; 370 local group_list = {};
369 for group_id in group_store:users() do 371 for group_id in group_info_store:users() do
372 local group_info = group_info_store:get(group_id);
370 table.insert(group_list, { 373 table.insert(group_list, {
371 id = group_id; 374 id = group_id;
372 name = group_id; 375 name = group_info.name;
373 members = group_store:get(group_id); 376 members = group_members_store:get(group_id);
374 }); 377 });
375 end 378 end
376 379
377 event.response.headers["Content-Type"] = json_content_type; 380 event.response.headers["Content-Type"] = json_content_type;
378 return json.encode_array(group_list); 381 return json.encode_array(group_list);
379 end 382 end
380 383
381 function get_group_by_id(event, group_id) 384 function get_group_by_id(event, group_id)
382 local group = group_store:get(group_id); 385 local group = group_info_store:get(group_id);
383 if not group then 386 if not group then
384 return 404; 387 return 404;
385 end 388 end
386 389
387 event.response.headers["Content-Type"] = json_content_type; 390 event.response.headers["Content-Type"] = json_content_type;
388 391
389 return json.encode({ 392 return json.encode({
390 id = group_id; 393 id = group_id;
391 name = group_id; 394 name = group.name;
392 members = group; 395 members = group_members_store:get(group_id);
393 }); 396 });
394 end 397 end
395 398
396 function create_group(event) 399 function create_group(event)
397 local request = event.request; 400 local request = event.request;
402 local group = json.decode(event.request.body); 405 local group = json.decode(event.request.body);
403 if not group then 406 if not group then
404 return 400; 407 return 400;
405 end 408 end
406 409
407 local ok = group_store:set(group.id, {}); 410 if not group.name then
411 module:log("warn", "Group missing name property");
412 return 400;
413 end
414
415 local group_id = id.short();
416
417 local ok = group_info_store:set(group_id, {
418 name = group.name;
419 });
408 if not ok then 420 if not ok then
409 return 500; 421 return 500;
410 end 422 end
411 423
412 event.response.headers["Content-Type"] = json_content_type; 424 event.response.headers["Content-Type"] = json_content_type;
413 return json.encode({ 425 return json.encode({
414 id = group.id or group.name; 426 id = group_id;
415 name = group.name; 427 name = group.name;
428 members = {};
416 }); 429 });
417 end 430 end
418 431
419 function delete_group(event, group_id) --luacheck: ignore 212/event 432 function update_group(event, group) --luacheck: ignore 212/event
433 local group_id, member_name = group:match("^([^/]+)/members/([^/]+)$");
434 if group_id and member_name then
435 if not group_info_store:get(group_id) then
436 return 404;
437 elseif not group_memberships:set(group_id, member_name, true) then
438 return 500;
439 end
440 return 200;
441 end
442 return 400;
443 end
444
445 function delete_group(event, subpath) --luacheck: ignore 212/event
446 -- Check if this is a membership deletion and handle it
447 local group_id, member_name = subpath:match("^([^/]+)/members/([^/]+)$");
448 if group_id and member_name then
449 if not group_info_store:get(group_id) then
450 return 404;
451 end
452 if group_memberships:set(group_id, member_name, nil) then
453 return 200;
454 else
455 return 500;
456 end
457 else
458 group_id = subpath;
459 end
460
420 if not group_id then 461 if not group_id then
421 return 400; 462 return 400;
422 end 463 end
423 if not group_store:set(group_id, nil) then 464
465 if not group_info_store:get(group_id) then
466 return 404;
467 end
468
469 if not group_members_store:set(group_id, nil) then
424 return 500; 470 return 500;
471 else
472 if not group_info_store:set(group_id, nil) then
473 return 500;
474 end
425 end 475 end
426 return 200; 476 return 200;
427 end 477 end
428 478
429 module:provides("http", { 479 module:provides("http", {
438 ["DELETE /users/*"] = delete_user; 488 ["DELETE /users/*"] = delete_user;
439 489
440 ["GET /groups"] = list_groups; 490 ["GET /groups"] = list_groups;
441 ["GET /groups/*"] = get_group_by_id; 491 ["GET /groups/*"] = get_group_by_id;
442 ["POST /groups"] = create_group; 492 ["POST /groups"] = create_group;
493 ["PUT /groups/*"] = update_group;
443 ["DELETE /groups/*"] = delete_group; 494 ["DELETE /groups/*"] = delete_group;
444 }; 495 };
445 }); 496 });