Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/http/org_service.go

648 lines
19 KiB
Go
Raw Blame History

package http
import (
"context"
"fmt"
"net/http"
"path"
"strings"
"github.com/influxdata/httprouter"
"github.com/influxdata/influxdb/v2"
"github.com/influxdata/influxdb/v2/kit/tracing"
kithttp "github.com/influxdata/influxdb/v2/kit/transport/http"
"github.com/influxdata/influxdb/v2/pkg/httpc"
"go.uber.org/zap"
)
// OrgBackend is all services and associated parameters required to construct
// the OrgHandler.
type OrgBackend struct {
influxdb.HTTPErrorHandler
log *zap.Logger
OrganizationService influxdb.OrganizationService
OrganizationOperationLogService influxdb.OrganizationOperationLogService
UserResourceMappingService influxdb.UserResourceMappingService
SecretService influxdb.SecretService
LabelService influxdb.LabelService
UserService influxdb.UserService
}
// NewOrgBackend is a datasource used by the org handler.
func NewOrgBackend(log *zap.Logger, b *APIBackend) *OrgBackend {
return &OrgBackend{
HTTPErrorHandler: b.HTTPErrorHandler,
log: log,
OrganizationService: b.OrganizationService,
OrganizationOperationLogService: b.OrganizationOperationLogService,
UserResourceMappingService: b.UserResourceMappingService,
SecretService: b.SecretService,
LabelService: b.LabelService,
UserService: b.UserService,
}
}
// OrgHandler represents an HTTP API handler for orgs.
type OrgHandler struct {
*httprouter.Router
*kithttp.API
log *zap.Logger
OrgSVC influxdb.OrganizationService
OrganizationOperationLogService influxdb.OrganizationOperationLogService
UserResourceMappingService influxdb.UserResourceMappingService
SecretService influxdb.SecretService
LabelService influxdb.LabelService
UserService influxdb.UserService
}
const (
prefixOrganizations = "/api/v2/orgs"
organizationsIDPath = "/api/v2/orgs/:id"
organizationsIDLogPath = "/api/v2/orgs/:id/logs"
organizationsIDMembersPath = "/api/v2/orgs/:id/members"
organizationsIDMembersIDPath = "/api/v2/orgs/:id/members/:userID"
organizationsIDOwnersPath = "/api/v2/orgs/:id/owners"
organizationsIDOwnersIDPath = "/api/v2/orgs/:id/owners/:userID"
organizationsIDSecretsPath = "/api/v2/orgs/:id/secrets"
// TODO(desa): need a way to specify which secrets to delete. this should work for now
organizationsIDSecretsDeletePath = "/api/v2/orgs/:id/secrets/delete"
organizationsIDLabelsPath = "/api/v2/orgs/:id/labels"
organizationsIDLabelsIDPath = "/api/v2/orgs/:id/labels/:lid"
)
func checkOrganizationExists(orgHandler *OrgHandler) kithttp.Middleware {
fn := func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
orgID, err := decodeIDFromCtx(ctx, "id")
if err != nil {
orgHandler.API.Err(w, err)
return
}
if _, err := orgHandler.OrgSVC.FindOrganizationByID(ctx, orgID); err != nil {
orgHandler.API.Err(w, err)
return
}
next.ServeHTTP(w, r)
})
}
return fn
}
// NewOrgHandler returns a new instance of OrgHandler.
func NewOrgHandler(log *zap.Logger, b *OrgBackend) *OrgHandler {
h := &OrgHandler{
Router: NewRouter(b.HTTPErrorHandler),
API: kithttp.NewAPI(kithttp.WithLog(log)),
log: log,
OrgSVC: b.OrganizationService,
OrganizationOperationLogService: b.OrganizationOperationLogService,
UserResourceMappingService: b.UserResourceMappingService,
SecretService: b.SecretService,
LabelService: b.LabelService,
UserService: b.UserService,
}
h.HandlerFunc("POST", prefixOrganizations, h.handlePostOrg)
h.HandlerFunc("GET", prefixOrganizations, h.handleGetOrgs)
h.HandlerFunc("GET", organizationsIDPath, h.handleGetOrg)
h.HandlerFunc("GET", organizationsIDLogPath, h.handleGetOrgLog)
h.HandlerFunc("PATCH", organizationsIDPath, h.handlePatchOrg)
h.HandlerFunc("DELETE", organizationsIDPath, h.handleDeleteOrg)
memberBackend := MemberBackend{
HTTPErrorHandler: b.HTTPErrorHandler,
log: b.log.With(zap.String("handler", "member")),
ResourceType: influxdb.OrgsResourceType,
UserType: influxdb.Member,
UserResourceMappingService: b.UserResourceMappingService,
UserService: b.UserService,
}
h.HandlerFunc("POST", organizationsIDMembersPath, newPostMemberHandler(memberBackend))
h.Handler("GET", organizationsIDMembersPath, applyMW(newGetMembersHandler(memberBackend), checkOrganizationExists(h)))
h.HandlerFunc("DELETE", organizationsIDMembersIDPath, newDeleteMemberHandler(memberBackend))
ownerBackend := MemberBackend{
HTTPErrorHandler: b.HTTPErrorHandler,
log: b.log.With(zap.String("handler", "member")),
ResourceType: influxdb.OrgsResourceType,
UserType: influxdb.Owner,
UserResourceMappingService: b.UserResourceMappingService,
UserService: b.UserService,
}
h.HandlerFunc("POST", organizationsIDOwnersPath, newPostMemberHandler(ownerBackend))
h.Handler("GET", organizationsIDOwnersPath, applyMW(newGetMembersHandler(ownerBackend), checkOrganizationExists(h)))
h.HandlerFunc("DELETE", organizationsIDOwnersIDPath, newDeleteMemberHandler(ownerBackend))
h.HandlerFunc("GET", organizationsIDSecretsPath, h.handleGetSecrets)
h.HandlerFunc("PATCH", organizationsIDSecretsPath, h.handlePatchSecrets)
// TODO(desa): need a way to specify which secrets to delete. this should work for now
h.HandlerFunc("POST", organizationsIDSecretsDeletePath, h.handleDeleteSecrets)
labelBackend := &LabelBackend{
HTTPErrorHandler: b.HTTPErrorHandler,
log: b.log.With(zap.String("handler", "label")),
LabelService: b.LabelService,
ResourceType: influxdb.OrgsResourceType,
}
h.HandlerFunc("GET", organizationsIDLabelsPath, newGetLabelsHandler(labelBackend))
h.HandlerFunc("POST", organizationsIDLabelsPath, newPostLabelHandler(labelBackend))
h.HandlerFunc("DELETE", organizationsIDLabelsIDPath, newDeleteLabelHandler(labelBackend))
return h
}
type orgsResponse struct {
Links map[string]string `json:"links"`
Organizations []orgResponse `json:"orgs"`
}
func (o orgsResponse) toInfluxdb() []*influxdb.Organization {
orgs := make([]*influxdb.Organization, len(o.Organizations))
for i := range o.Organizations {
orgs[i] = &o.Organizations[i].Organization
}
return orgs
}
func newOrgsResponse(orgs []*influxdb.Organization) *orgsResponse {
res := orgsResponse{
Links: map[string]string{
"self": "/api/v2/orgs",
},
Organizations: []orgResponse{},
}
for _, org := range orgs {
res.Organizations = append(res.Organizations, newOrgResponse(*org))
}
return &res
}
type orgResponse struct {
Links map[string]string `json:"links"`
influxdb.Organization
}
func newOrgResponse(o influxdb.Organization) orgResponse {
return orgResponse{
Links: map[string]string{
"self": fmt.Sprintf("/api/v2/orgs/%s", o.ID),
"logs": fmt.Sprintf("/api/v2/orgs/%s/logs", o.ID),
"members": fmt.Sprintf("/api/v2/orgs/%s/members", o.ID),
"owners": fmt.Sprintf("/api/v2/orgs/%s/owners", o.ID),
"secrets": fmt.Sprintf("/api/v2/orgs/%s/secrets", o.ID),
"labels": fmt.Sprintf("/api/v2/orgs/%s/labels", o.ID),
"buckets": fmt.Sprintf("/api/v2/buckets?org=%s", o.Name),
"tasks": fmt.Sprintf("/api/v2/tasks?org=%s", o.Name),
"dashboards": fmt.Sprintf("/api/v2/dashboards?org=%s", o.Name),
},
Organization: o,
}
}
// handlePostOrg is the HTTP handler for the POST /api/v2/orgs route.
func (h *OrgHandler) handlePostOrg(w http.ResponseWriter, r *http.Request) {
var org influxdb.Organization
if err := h.API.DecodeJSON(r.Body, &org); err != nil {
h.API.Err(w, err)
return
}
if err := h.OrgSVC.CreateOrganization(r.Context(), &org); err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Org created", zap.String("org", fmt.Sprint(org)))
h.API.Respond(w, http.StatusCreated, newOrgResponse(org))
}
// handleGetOrg is the HTTP handler for the GET /api/v2/orgs/:id route.
func (h *OrgHandler) handleGetOrg(w http.ResponseWriter, r *http.Request) {
id, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
org, err := h.OrgSVC.FindOrganizationByID(r.Context(), id)
if err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Org retrieved", zap.String("org", fmt.Sprint(org)))
h.API.Respond(w, http.StatusOK, newOrgResponse(*org))
}
// handleGetOrgs is the HTTP handler for the GET /api/v2/orgs route.
func (h *OrgHandler) handleGetOrgs(w http.ResponseWriter, r *http.Request) {
var filter influxdb.OrganizationFilter
qp := r.URL.Query()
if name := qp.Get(Org); name != "" {
filter.Name = &name
}
if orgID := qp.Get("orgID"); orgID != "" {
id, err := influxdb.IDFromString(orgID)
if err != nil {
h.API.Err(w, err)
return
}
filter.ID = id
}
orgs, _, err := h.OrgSVC.FindOrganizations(r.Context(), filter)
if err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Orgs retrieved", zap.String("org", fmt.Sprint(orgs)))
h.API.Respond(w, http.StatusOK, newOrgsResponse(orgs))
}
// handleDeleteOrganization is the HTTP handler for the DELETE /api/v2/orgs/:id route.
func (h *OrgHandler) handleDeleteOrg(w http.ResponseWriter, r *http.Request) {
id, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
ctx := r.Context()
if err := h.OrgSVC.DeleteOrganization(ctx, id); err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Org deleted", zap.String("orgID", fmt.Sprint(id)))
h.API.Respond(w, http.StatusNoContent, nil)
}
// handlePatchOrg is the HTTP handler for the PATH /api/v2/orgs route.
func (h *OrgHandler) handlePatchOrg(w http.ResponseWriter, r *http.Request) {
id, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
var upd influxdb.OrganizationUpdate
if err := h.API.DecodeJSON(r.Body, &upd); err != nil {
h.API.Err(w, err)
return
}
org, err := h.OrgSVC.UpdateOrganization(r.Context(), id, upd)
if err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Org updated", zap.String("org", fmt.Sprint(org)))
h.API.Respond(w, http.StatusOK, newOrgResponse(*org))
}
type secretsResponse struct {
Links map[string]string `json:"links"`
Secrets []string `json:"secrets"`
}
func newSecretsResponse(orgID influxdb.ID, ks []string) *secretsResponse {
if ks == nil {
ks = []string{}
}
return &secretsResponse{
Links: map[string]string{
"org": fmt.Sprintf("/api/v2/orgs/%s", orgID),
"self": fmt.Sprintf("/api/v2/orgs/%s/secrets", orgID),
},
Secrets: ks,
}
}
// handleGetSecrets is the HTTP handler for the GET /api/v2/orgs/:id/secrets route.
func (h *OrgHandler) handleGetSecrets(w http.ResponseWriter, r *http.Request) {
orgID, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
ks, err := h.SecretService.GetSecretKeys(r.Context(), orgID)
if err != nil && influxdb.ErrorCode(err) != influxdb.ENotFound {
h.API.Err(w, err)
return
}
h.API.Respond(w, http.StatusOK, newSecretsResponse(orgID, ks))
}
// handleGetPatchSecrets is the HTTP handler for the PATCH /api/v2/orgs/:id/secrets route.
func (h *OrgHandler) handlePatchSecrets(w http.ResponseWriter, r *http.Request) {
orgID, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
var secrets map[string]string
if err := h.API.DecodeJSON(r.Body, &secrets); err != nil {
h.API.Err(w, err)
return
}
if err := h.SecretService.PatchSecrets(r.Context(), orgID, secrets); err != nil {
h.API.Err(w, err)
return
}
h.API.Respond(w, http.StatusNoContent, nil)
}
type secretsDeleteBody struct {
Secrets []string `json:"secrets"`
}
// handleDeleteSecrets is the HTTP handler for the DELETE /api/v2/orgs/:id/secrets route.
func (h *OrgHandler) handleDeleteSecrets(w http.ResponseWriter, r *http.Request) {
orgID, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
var reqBody secretsDeleteBody
if err := h.API.DecodeJSON(r.Body, &reqBody); err != nil {
h.API.Err(w, err)
return
}
if err := h.SecretService.DeleteSecret(r.Context(), orgID, reqBody.Secrets...); err != nil {
h.API.Err(w, err)
return
}
h.API.Respond(w, http.StatusNoContent, nil)
}
// hanldeGetOrganizationLog retrieves a organization log by the organizations ID.
func (h *OrgHandler) handleGetOrgLog(w http.ResponseWriter, r *http.Request) {
orgID, err := decodeIDFromCtx(r.Context(), "id")
if err != nil {
h.API.Err(w, err)
return
}
opts, err := decodeFindOptions(r)
if err != nil {
h.API.Err(w, err)
return
}
log, _, err := h.OrganizationOperationLogService.GetOrganizationOperationLog(r.Context(), orgID, *opts)
if err != nil {
h.API.Err(w, err)
return
}
h.log.Debug("Org logs retrieved", zap.String("log", fmt.Sprint(log)))
h.API.Respond(w, http.StatusOK, newOrganizationLogResponse(orgID, log))
}
func newOrganizationLogResponse(id influxdb.ID, es []*influxdb.OperationLogEntry) *operationLogResponse {
logs := make([]*operationLogEntryResponse, 0, len(es))
for _, e := range es {
logs = append(logs, newOperationLogEntryResponse(e))
}
return &operationLogResponse{
Links: map[string]string{
"self": fmt.Sprintf("/api/v2/orgs/%s/logs", id),
},
Logs: logs,
}
}
// SecretService connects to Influx via HTTP using tokens to manage secrets.
type SecretService struct {
Client *httpc.Client
}
// LoadSecret is not implemented for http
func (s *SecretService) LoadSecret(ctx context.Context, orgID influxdb.ID, k string) (string, error) {
return "", &influxdb.Error{
Code: influxdb.EMethodNotAllowed,
Msg: "load secret is not implemented for http",
}
}
// PutSecret is not implemented for http.
func (s *SecretService) PutSecret(ctx context.Context, orgID influxdb.ID, k string, v string) error {
return &influxdb.Error{
Code: influxdb.EMethodNotAllowed,
Msg: "put secret is not implemented for http",
}
}
// GetSecretKeys get all secret keys mathing an org ID via HTTP.
func (s *SecretService) GetSecretKeys(ctx context.Context, orgID influxdb.ID) ([]string, error) {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
span.LogKV("org-id", orgID)
path := strings.Replace(organizationsIDSecretsPath, ":id", orgID.String(), 1)
var ss secretsResponse
err := s.Client.
Get(path).
DecodeJSON(&ss).
Do(ctx)
if err != nil {
return nil, err
}
return ss.Secrets, nil
}
// PutSecrets is not implemented for http.
func (s *SecretService) PutSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
return &influxdb.Error{
Code: influxdb.EMethodNotAllowed,
Msg: "put secrets is not implemented for http",
}
}
// PatchSecrets will update the existing secret with new via http.
func (s *SecretService) PatchSecrets(ctx context.Context, orgID influxdb.ID, m map[string]string) error {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
if orgID != 0 {
span.LogKV("org-id", orgID)
}
path := strings.Replace(organizationsIDSecretsPath, ":id", orgID.String(), 1)
return s.Client.
PatchJSON(m, path).
Do(ctx)
}
// DeleteSecret removes a single secret via HTTP.
func (s *SecretService) DeleteSecret(ctx context.Context, orgID influxdb.ID, ks ...string) error {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
path := strings.Replace(organizationsIDSecretsDeletePath, ":id", orgID.String(), 1)
return s.Client.
PostJSON(secretsDeleteBody{
Secrets: ks,
}, path).
Do(ctx)
}
// OrganizationService connects to Influx via HTTP using tokens to manage organizations.
type OrganizationService struct {
Client *httpc.Client
// OpPrefix is for not found errors.
OpPrefix string
}
// FindOrganizationByID gets a single organization with a given id using HTTP.
func (s *OrganizationService) FindOrganizationByID(ctx context.Context, id influxdb.ID) (*influxdb.Organization, error) {
filter := influxdb.OrganizationFilter{ID: &id}
o, err := s.FindOrganization(ctx, filter)
if err != nil {
return nil, &influxdb.Error{
Err: err,
Op: s.OpPrefix + influxdb.OpFindOrganizationByID,
}
}
return o, nil
}
// FindOrganization gets a single organization matching the filter using HTTP.
func (s *OrganizationService) FindOrganization(ctx context.Context, filter influxdb.OrganizationFilter) (*influxdb.Organization, error) {
if filter.ID == nil && filter.Name == nil {
return nil, influxdb.ErrInvalidOrgFilter
}
os, n, err := s.FindOrganizations(ctx, filter)
if err != nil {
return nil, &influxdb.Error{
Err: err,
Op: s.OpPrefix + influxdb.OpFindOrganization,
}
}
if n == 0 {
return nil, &influxdb.Error{
Code: influxdb.ENotFound,
Op: s.OpPrefix + influxdb.OpFindOrganization,
Msg: "organization not found",
}
}
return os[0], nil
}
// FindOrganizations returns all organizations that match the filter via HTTP.
func (s *OrganizationService) FindOrganizations(ctx context.Context, filter influxdb.OrganizationFilter, opt ...influxdb.FindOptions) ([]*influxdb.Organization, int, error) {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
params := findOptionParams(opt...)
if filter.Name != nil {
span.LogKV("org", *filter.Name)
params = append(params, [2]string{"org", *filter.Name})
}
if filter.ID != nil {
span.LogKV("org-id", *filter.ID)
params = append(params, [2]string{"orgID", filter.ID.String()})
}
for _, o := range opt {
if o.Offset != 0 {
span.LogKV("offset", o.Offset)
}
span.LogKV("descending", o.Descending)
if o.Limit > 0 {
span.LogKV("limit", o.Limit)
}
if o.SortBy != "" {
span.LogKV("sortBy", o.SortBy)
}
}
var os orgsResponse
err := s.Client.
Get(prefixOrganizations).
QueryParams(params...).
DecodeJSON(&os).
Do(ctx)
if err != nil {
return nil, 0, err
}
orgs := os.toInfluxdb()
return orgs, len(orgs), nil
}
// CreateOrganization creates an organization.
func (s *OrganizationService) CreateOrganization(ctx context.Context, o *influxdb.Organization) error {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
if o.Name != "" {
span.LogKV("org", o.Name)
}
if o.ID != 0 {
span.LogKV("org-id", o.ID)
}
return s.Client.
PostJSON(o, prefixOrganizations).
DecodeJSON(o).
Do(ctx)
}
// UpdateOrganization updates the organization over HTTP.
func (s *OrganizationService) UpdateOrganization(ctx context.Context, id influxdb.ID, upd influxdb.OrganizationUpdate) (*influxdb.Organization, error) {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
span.LogKV("org-id", id)
span.LogKV("name", upd.Name)
var o influxdb.Organization
err := s.Client.
PatchJSON(upd, prefixOrganizations, id.String()).
DecodeJSON(&o).
Do(ctx)
if err != nil {
return nil, tracing.LogError(span, err)
}
return &o, nil
}
// DeleteOrganization removes organization id over HTTP.
func (s *OrganizationService) DeleteOrganization(ctx context.Context, id influxdb.ID) error {
span, _ := tracing.StartSpanFromContext(ctx)
defer span.Finish()
return s.Client.
Delete(prefixOrganizations, id.String()).
Do(ctx)
}
func organizationIDPath(id influxdb.ID) string {
return path.Join(prefixOrganizations, id.String())
}
Reference in New Issue View Git Blame Copy Permalink