diff options
Diffstat (limited to 'api4')
| -rw-r--r-- | api4/api.go | 4 | ||||
| -rw-r--r-- | api4/compliance.go | 127 | ||||
| -rw-r--r-- | api4/context.go | 11 | ||||
| -rw-r--r-- | api4/params.go | 5 |
4 files changed, 147 insertions, 0 deletions
diff --git a/api4/api.go b/api4/api.go index 289291951..fb0ca2758 100644 --- a/api4/api.go +++ b/api4/api.go @@ -65,6 +65,8 @@ type Routes struct { Admin *mux.Router // 'api/v4/admin' + Compliance *mux.Router // 'api/v4/compliance' + System *mux.Router // 'api/v4/system' Preferences *mux.Router // 'api/v4/preferences' @@ -134,6 +136,7 @@ func InitApi(full bool) { BaseRoutes.SAML = BaseRoutes.ApiRoot.PathPrefix("/saml").Subrouter() BaseRoutes.OAuth = BaseRoutes.ApiRoot.PathPrefix("/oauth").Subrouter() BaseRoutes.Admin = BaseRoutes.ApiRoot.PathPrefix("/admin").Subrouter() + BaseRoutes.Compliance = BaseRoutes.ApiRoot.PathPrefix("/compliance").Subrouter() BaseRoutes.System = BaseRoutes.ApiRoot.PathPrefix("/system").Subrouter() BaseRoutes.Preferences = BaseRoutes.User.PathPrefix("/preferences").Subrouter() BaseRoutes.License = BaseRoutes.ApiRoot.PathPrefix("/license").Subrouter() @@ -153,6 +156,7 @@ func InitApi(full bool) { InitWebhook() InitPreference() InitSaml() + InitCompliance() app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404)) diff --git a/api4/compliance.go b/api4/compliance.go new file mode 100644 index 000000000..37196c853 --- /dev/null +++ b/api4/compliance.go @@ -0,0 +1,127 @@ +// Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "net/http" + "strconv" + + l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" + "github.com/mssola/user_agent" +) + +func InitCompliance() { + l4g.Debug(utils.T("api.compliance.init.debug")) + + BaseRoutes.Compliance.Handle("/reports", ApiSessionRequired(createComplianceReport)).Methods("POST") + BaseRoutes.Compliance.Handle("/reports", ApiSessionRequired(getComplianceReports)).Methods("GET") + BaseRoutes.Compliance.Handle("/reports/{report_id:[A-Za-z0-9]+}", ApiSessionRequired(getComplianceReport)).Methods("GET") + BaseRoutes.Compliance.Handle("/reports/{report_id:[A-Za-z0-9]+}/download", ApiSessionRequired(downloadComplianceReport)).Methods("GET") +} + +func createComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { + job := model.ComplianceFromJson(r.Body) + if job == nil { + c.SetInvalidParam("compliance") + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + job.UserId = c.Session.UserId + + rjob, err := app.SaveComplianceReport(job) + if err != nil { + c.Err = err + return + } + + c.LogAudit("") + w.WriteHeader(http.StatusCreated) + w.Write([]byte(rjob.ToJson())) +} + +func getComplianceReports(c *Context, w http.ResponseWriter, r *http.Request) { + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + crs, err := app.GetComplianceReports(c.Params.Page, c.Params.PerPage) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(crs.ToJson())) +} + +func getComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireReportId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + job, err := app.GetComplianceReport(c.Params.ReportId) + if err != nil { + c.Err = err + return + } + + w.Write([]byte(job.ToJson())) +} + +func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequireReportId() + if c.Err != nil { + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + job, err := app.GetComplianceReport(c.Params.ReportId) + if err != nil { + c.Err = err + return + } + + reportBytes, err := app.GetComplianceFile(job) + if err != nil { + c.Err = err + return + } + + c.LogAudit("downloaded " + job.Desc) + + w.Header().Set("Cache-Control", "max-age=2592000, public") + w.Header().Set("Content-Length", strconv.Itoa(len(reportBytes))) + w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer + + // attach extra headers to trigger a download on IE, Edge, and Safari + ua := user_agent.New(r.UserAgent()) + bname, _ := ua.Browser() + + w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"") + + if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" { + // trim off anything before the final / so we just get the file's name + w.Header().Set("Content-Type", "application/octet-stream") + } + + w.Write(reportBytes) +} diff --git a/api4/context.go b/api4/context.go index f9460f53b..fe2e8d35b 100644 --- a/api4/context.go +++ b/api4/context.go @@ -396,6 +396,17 @@ func (c *Context) RequireFileId() *Context { return c } +func (c *Context) RequireReportId() *Context { + if c.Err != nil { + return c + } + + if len(c.Params.ReportId) != 26 { + c.SetInvalidUrlParam("report_id") + } + return c +} + func (c *Context) RequireTeamName() *Context { if c.Err != nil { return c diff --git a/api4/params.go b/api4/params.go index b1688a859..15f632195 100644 --- a/api4/params.go +++ b/api4/params.go @@ -24,6 +24,7 @@ type ApiParams struct { FileId string CommandId string HookId string + ReportId string EmojiId string Email string Username string @@ -68,6 +69,10 @@ func ApiParamsFromRequest(r *http.Request) *ApiParams { params.HookId = val } + if val, ok := props["report_id"]; ok { + params.ReportId = val + } + if val, ok := props["emoji_id"]; ok { params.EmojiId = val } |