From 9cd06c95eba491bce1a60f7d1b2fef320aec1124 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Mon, 24 Jun 2024 08:44:22 +0200 Subject: don't display the global key anymore --- garage.go | 181 -------------------------------------------------------------- 1 file changed, 181 deletions(-) (limited to 'garage.go') diff --git a/garage.go b/garage.go index 7cd879b..f9529e9 100644 --- a/garage.go +++ b/garage.go @@ -4,10 +4,7 @@ import ( "context" "fmt" garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang" - "github.com/gorilla/mux" "log" - "net/http" - "strings" ) func gadmin() (*garage.APIClient, context.Context) { @@ -166,181 +163,3 @@ func grgDeleteBucket(bid string) error { } return err } - -// --- Start page rendering functions - -func handleWebsiteConfigure(w http.ResponseWriter, r *http.Request) { - user := RequireUserHtml(w, r) - if user == nil { - return - } - - tKey := getTemplate("garage_key.html") - tKey.Execute(w, user) -} - -func handleWebsiteList(w http.ResponseWriter, r *http.Request) { - user := RequireUserHtml(w, r) - if user == nil { - return - } - - ctrl, err := NewWebsiteController(user) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - if len(ctrl.PrettyList) > 0 { - http.Redirect(w, r, "/website/inspect/"+ctrl.PrettyList[0], http.StatusFound) - } else { - http.Redirect(w, r, "/website/new", http.StatusFound) - } -} - -type WebsiteNewTpl struct { - Ctrl *WebsiteController - Err error -} - -func handleWebsiteNew(w http.ResponseWriter, r *http.Request) { - user := RequireUserHtml(w, r) - if user == nil { - return - } - - ctrl, err := NewWebsiteController(user) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - tpl := &WebsiteNewTpl{ctrl, nil} - - tWebsiteNew := getTemplate("garage_website_new.html") - if r.Method == "POST" { - r.ParseForm() - - bucket := strings.Join(r.Form["bucket"], "") - if bucket == "" { - bucket = strings.Join(r.Form["bucket2"], "") - } - - view, err := ctrl.Create(bucket) - if err != nil { - tpl.Err = err - tWebsiteNew.Execute(w, tpl) - return - } - - http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound) - return - } - - tWebsiteNew.Execute(w, tpl) -} - -type WebsiteInspectTpl struct { - Describe *WebsiteDescribe - View *WebsiteView - Err error -} - -func handleWebsiteInspect(w http.ResponseWriter, r *http.Request) { - var processErr error - - user := RequireUserHtml(w, r) - if user == nil { - return - } - - ctrl, err := NewWebsiteController(user) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - bucketName := mux.Vars(r)["bucket"] - - if r.Method == "POST" { - r.ParseForm() - action := strings.Join(r.Form["action"], "") - switch action { - case "increase_quota": - _, processErr = ctrl.Patch(bucketName, &WebsitePatch{Size: &user.Quota.WebsiteSizeBursted}) - case "delete_bucket": - processErr = ctrl.Delete(bucketName) - if processErr == nil { - http.Redirect(w, r, "/website", http.StatusFound) - } - default: - processErr = fmt.Errorf("Unknown action") - } - - } - - view, err := ctrl.Inspect(bucketName) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - describe, err := ctrl.Describe() - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - tpl := &WebsiteInspectTpl{describe, view, processErr} - - tWebsiteInspect := getTemplate("garage_website_inspect.html") - tWebsiteInspect.Execute(w, &tpl) -} - -func handleWebsiteVhost(w http.ResponseWriter, r *http.Request) { - var processErr error - - user := RequireUserHtml(w, r) - if user == nil { - return - } - - ctrl, err := NewWebsiteController(user) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - bucketName := mux.Vars(r)["bucket"] - - if r.Method == "POST" { - r.ParseForm() - - bucket := strings.Join(r.Form["bucket"], "") - if bucket == "" { - bucket = strings.Join(r.Form["bucket2"], "") - } - - view, processErr := ctrl.Patch(bucketName, &WebsitePatch{Vhost: &bucket}) - if processErr == nil { - http.Redirect(w, r, "/website/inspect/"+view.Name.Pretty, http.StatusFound) - return - } - } - - view, err := ctrl.Inspect(bucketName) - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - describe, err := ctrl.Describe() - if err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - - tpl := &WebsiteInspectTpl{describe, view, processErr} - tWebsiteEdit := getTemplate("garage_website_edit.html") - tWebsiteEdit.Execute(w, &tpl) -} -- cgit v1.2.3 From a7edf6d1ba812f11b7711c4bdc6dc6d9af9c7906 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Mon, 24 Jun 2024 09:17:09 +0200 Subject: bump garage SDK --- garage.go | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'garage.go') diff --git a/garage.go b/garage.go index f9529e9..52a26b0 100644 --- a/garage.go +++ b/garage.go @@ -23,8 +23,9 @@ func gadmin() (*garage.APIClient, context.Context) { func grgCreateKey(name string) (*garage.KeyInfo, error) { client, ctx := gadmin() - kr := garage.AddKeyRequest{Name: &name} - resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(kr).Execute() + kr := garage.NewAddKeyRequest() + kr.SetName(name) + resp, _, err := client.KeyApi.AddKey(ctx).AddKeyRequest(*kr).Execute() if err != nil { fmt.Printf("%+v\n", err) return nil, err @@ -35,7 +36,7 @@ func grgCreateKey(name string) (*garage.KeyInfo, error) { func grgGetKey(accessKey string) (*garage.KeyInfo, error) { client, ctx := gadmin() - resp, _, err := client.KeyApi.GetKey(ctx, accessKey).Execute() + resp, _, err := client.KeyApi.GetKey(ctx).Id(accessKey).ShowSecretKey("true").Execute() if err != nil { fmt.Printf("%+v\n", err) return nil, err @@ -88,7 +89,7 @@ func allowWebsiteDefault() *garage.UpdateBucketRequestWebsiteAccess { func grgUpdateBucket(bid string, ur *garage.UpdateBucketRequest) (*garage.BucketInfo, error) { client, ctx := gadmin() - binfo, _, err := client.BucketApi.UpdateBucket(ctx, bid).UpdateBucketRequest(*ur).Execute() + binfo, _, err := client.BucketApi.UpdateBucket(ctx).Id(bid).UpdateBucketRequest(*ur).Execute() if err != nil { fmt.Printf("%+v\n", err) return nil, err @@ -145,7 +146,7 @@ func grgDelLocalAlias(bid, key, alias string) (*garage.BucketInfo, error) { func grgGetBucket(bid string) (*garage.BucketInfo, error) { client, ctx := gadmin() - resp, _, err := client.BucketApi.GetBucketInfo(ctx, bid).Execute() + resp, _, err := client.BucketApi.GetBucketInfo(ctx).Id(bid).Execute() if err != nil { log.Println(err) return nil, err @@ -157,7 +158,7 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) { func grgDeleteBucket(bid string) error { client, ctx := gadmin() - _, err := client.BucketApi.DeleteBucket(ctx, bid).Execute() + _, err := client.BucketApi.DeleteBucket(ctx).Id(bid).Execute() if err != nil { log.Println(err) } -- cgit v1.2.3 From e940996f0f8cb8c6adb22c7d8780e364d65ecea2 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Mon, 24 Jun 2024 10:22:17 +0200 Subject: generate a per-website dedicated key --- garage.go | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'garage.go') diff --git a/garage.go b/garage.go index 52a26b0..fabd6bf 100644 --- a/garage.go +++ b/garage.go @@ -44,6 +44,17 @@ func grgGetKey(accessKey string) (*garage.KeyInfo, error) { return resp, nil } +func grgSearchKey(name string) (*garage.KeyInfo, error) { + client, ctx := gadmin() + + resp, _, err := client.KeyApi.GetKey(ctx).Search(name).ShowSecretKey("true").Execute() + if err != nil { + fmt.Printf("%+v\n", err) + return nil, err + } + return resp, nil +} + func grgCreateBucket(bucket string) (*garage.BucketInfo, error) { client, ctx := gadmin() @@ -59,14 +70,14 @@ func grgCreateBucket(bucket string) (*garage.BucketInfo, error) { return binfo, nil } -func grgAllowKeyOnBucket(bid, gkey string) (*garage.BucketInfo, error) { +func grgAllowKeyOnBucket(bid, gkey string, read, write, owner bool) (*garage.BucketInfo, error) { client, ctx := gadmin() // Allow user's key ar := garage.AllowBucketKeyRequest{ BucketId: bid, AccessKeyId: gkey, - Permissions: *garage.NewAllowBucketKeyRequestPermissions(true, true, true), + Permissions: *garage.NewAllowBucketKeyRequestPermissions(read, write, owner), } binfo, _, err := client.BucketApi.AllowBucketKey(ctx).AllowBucketKeyRequest(ar).Execute() if err != nil { -- cgit v1.2.3 From df79d110285f1956f63206e7bc1f29e49dd6f088 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Mon, 24 Jun 2024 10:43:11 +0200 Subject: implement flush for dedicated key, allow delete & key rotation --- garage.go | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'garage.go') diff --git a/garage.go b/garage.go index fabd6bf..44b8dae 100644 --- a/garage.go +++ b/garage.go @@ -55,6 +55,17 @@ func grgSearchKey(name string) (*garage.KeyInfo, error) { return resp, nil } +func grgDelKey(accessKey string) error { + client, ctx := gadmin() + + _, err := client.KeyApi.DeleteKey(ctx).Id(accessKey).Execute() + if err != nil { + fmt.Printf("%+v\n", err) + return err + } + return nil +} + func grgCreateBucket(bucket string) (*garage.BucketInfo, error) { client, ctx := gadmin() -- cgit v1.2.3