summaryrefslogtreecommitdiffstats
path: root/api/admin.go
diff options
context:
space:
mode:
author=Corey Hulen <corey@hulen.com>2016-03-14 16:07:58 -0700
committer=Corey Hulen <corey@hulen.com>2016-03-15 18:27:45 -0700
commit36b17bf99ddd35c0c223722f8b6f4f1c71b2235e (patch)
tree6bc07d42d19d1d7a5bef26864bb93a1bc91da5f1 /api/admin.go
parentea3f25924ea64a2dd1e73624c0d30824e1efb240 (diff)
downloadchat-36b17bf99ddd35c0c223722f8b6f4f1c71b2235e.tar.gz
chat-36b17bf99ddd35c0c223722f8b6f4f1c71b2235e.tar.bz2
chat-36b17bf99ddd35c0c223722f8b6f4f1c71b2235e.zip
PLT-2115 Adding compliance
Diffstat (limited to 'api/admin.go')
-rw-r--r--api/admin.go112
1 files changed, 109 insertions, 3 deletions
diff --git a/api/admin.go b/api/admin.go
index feb70aae3..9de9f5dd8 100644
--- a/api/admin.go
+++ b/api/admin.go
@@ -5,15 +5,18 @@ package api
import (
"bufio"
+ "io/ioutil"
"net/http"
"os"
+ "strconv"
"strings"
l4g "github.com/alecthomas/log4go"
"github.com/gorilla/mux"
-
+ "github.com/mattermost/platform/einterfaces"
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
+ "github.com/mssola/user_agent"
)
func InitAdmin(r *mux.Router) {
@@ -27,8 +30,11 @@ func InitAdmin(r *mux.Router) {
sr.Handle("/test_email", ApiUserRequired(testEmail)).Methods("POST")
sr.Handle("/client_props", ApiAppHandler(getClientConfig)).Methods("GET")
sr.Handle("/log_client", ApiAppHandler(logClient)).Methods("POST")
- sr.Handle("/analytics/{id:[A-Za-z0-9]+}/{name:[A-Za-z0-9_]+}", ApiAppHandler(getAnalytics)).Methods("GET")
- sr.Handle("/analytics/{name:[A-Za-z0-9_]+}", ApiAppHandler(getAnalytics)).Methods("GET")
+ sr.Handle("/analytics/{id:[A-Za-z0-9]+}/{name:[A-Za-z0-9_]+}", ApiUserRequired(getAnalytics)).Methods("GET")
+ sr.Handle("/analytics/{name:[A-Za-z0-9_]+}", ApiUserRequired(getAnalytics)).Methods("GET")
+ sr.Handle("/save_compliance_report", ApiUserRequired(saveComplianceReport)).Methods("POST")
+ sr.Handle("/compliance_reports", ApiUserRequired(getComplianceReports)).Methods("GET")
+ sr.Handle("/download_compliance_report/{id:[A-Za-z0-9]+}", ApiUserRequired(downloadComplianceReport)).Methods("GET")
}
func getLogs(c *Context, w http.ResponseWriter, r *http.Request) {
@@ -142,6 +148,8 @@ func saveConfig(c *Context, w http.ResponseWriter, r *http.Request) {
return
}
+ c.LogAudit("")
+
utils.SaveConfig(utils.CfgFileName, cfg)
utils.LoadConfig(utils.CfgFileName)
json := utils.Cfg.ToJson()
@@ -174,6 +182,104 @@ func testEmail(c *Context, w http.ResponseWriter, r *http.Request) {
w.Write([]byte(model.MapToJson(m)))
}
+func getComplianceReports(c *Context, w http.ResponseWriter, r *http.Request) {
+ if !c.HasSystemAdminPermissions("getComplianceReports") {
+ return
+ }
+
+ if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance {
+ c.Err = model.NewLocAppError("getComplianceReports", "ent.compliance.licence_disable.app_error", nil, "")
+ return
+ }
+
+ if result := <-Srv.Store.Compliance().GetAll(); result.Err != nil {
+ c.Err = result.Err
+ return
+ } else {
+ crs := result.Data.(model.Compliances)
+ w.Write([]byte(crs.ToJson()))
+ }
+}
+
+func saveComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
+ if !c.HasSystemAdminPermissions("getComplianceReports") {
+ return
+ }
+
+ if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil {
+ c.Err = model.NewLocAppError("saveComplianceReport", "ent.compliance.licence_disable.app_error", nil, "")
+ return
+ }
+
+ job := model.ComplianceFromJson(r.Body)
+ if job == nil {
+ c.SetInvalidParam("saveComplianceReport", "compliance")
+ return
+ }
+
+ job.UserId = c.Session.UserId
+ job.Type = model.COMPLIANCE_TYPE_ADHOC
+
+ if result := <-Srv.Store.Compliance().Save(job); result.Err != nil {
+ c.Err = result.Err
+ return
+ } else {
+ job = result.Data.(*model.Compliance)
+ go einterfaces.GetComplianceInterface().RunComplianceJob(job)
+ }
+
+ w.Write([]byte(job.ToJson()))
+}
+
+func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
+ if !c.HasSystemAdminPermissions("downloadComplianceReport") {
+ return
+ }
+
+ if !*utils.Cfg.ComplianceSettings.Enable || !utils.IsLicensed || !*utils.License.Features.Compliance || einterfaces.GetComplianceInterface() == nil {
+ c.Err = model.NewLocAppError("downloadComplianceReport", "ent.compliance.licence_disable.app_error", nil, "")
+ return
+ }
+
+ params := mux.Vars(r)
+
+ id := params["id"]
+ if len(id) != 26 {
+ c.SetInvalidParam("downloadComplianceReport", "id")
+ return
+ }
+
+ if result := <-Srv.Store.Compliance().Get(id); result.Err != nil {
+ c.Err = result.Err
+ return
+ } else {
+ job := result.Data.(*model.Compliance)
+ c.LogAudit("downloaded " + job.JobName())
+
+ if f, err := ioutil.ReadFile(*utils.Cfg.ComplianceSettings.Directory + "compliance/" + job.JobName() + ".zip"); err != nil {
+ c.Err = model.NewLocAppError("readFile", "api.file.read_file.reading_local.app_error", nil, err.Error())
+ return
+ } else {
+ w.Header().Set("Cache-Control", "max-age=2592000, public")
+ w.Header().Set("Content-Length", strconv.Itoa(len(f)))
+ w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer
+
+ // attach extra headers to trigger a download on IE, Edge, and Safari
+ ua := user_agent.New(r.UserAgent())
+ bname, _ := ua.Browser()
+
+ w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"")
+
+ if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" {
+ // trim off anything before the final / so we just get the file's name
+ w.Header().Set("Content-Type", "application/octet-stream")
+ }
+
+ w.Write(f)
+ }
+ }
+}
+
func getAnalytics(c *Context, w http.ResponseWriter, r *http.Request) {
if !c.HasSystemAdminPermissions("getAnalytics") {
return