2022-12-16 03:07:04 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
2023-01-16 21:35:37 +00:00
|
|
|
"errors"
|
|
|
|
"heckel.io/ntfy/log"
|
2022-12-25 16:41:38 +00:00
|
|
|
"heckel.io/ntfy/user"
|
2022-12-16 03:07:04 +00:00
|
|
|
"heckel.io/ntfy/util"
|
|
|
|
"net/http"
|
|
|
|
)
|
|
|
|
|
2022-12-29 00:55:11 +00:00
|
|
|
const (
|
2023-01-16 21:35:37 +00:00
|
|
|
jsonBodyBytesLimit = 4096
|
|
|
|
subscriptionIDLength = 16
|
|
|
|
createdByAPI = "api"
|
|
|
|
syncTopicAccountSyncEvent = "sync"
|
2022-12-29 00:55:11 +00:00
|
|
|
)
|
|
|
|
|
2022-12-16 03:07:04 +00:00
|
|
|
func (s *Server) handleAccountCreate(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2022-12-25 16:41:38 +00:00
|
|
|
admin := v.user != nil && v.user.Role == user.RoleAdmin
|
2022-12-24 17:10:51 +00:00
|
|
|
if !admin {
|
|
|
|
if !s.config.EnableSignup {
|
|
|
|
return errHTTPBadRequestSignupNotEnabled
|
|
|
|
} else if v.user != nil {
|
|
|
|
return errHTTPUnauthorized // Cannot create account from user context
|
|
|
|
}
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
2022-12-29 14:57:42 +00:00
|
|
|
newAccount, err := readJSONWithLimit[apiAccountCreateRequest](r.Body, jsonBodyBytesLimit)
|
2022-12-16 03:07:04 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-12-25 16:41:38 +00:00
|
|
|
if existingUser, _ := s.userManager.User(newAccount.Username); existingUser != nil {
|
2022-12-22 02:55:39 +00:00
|
|
|
return errHTTPConflictUserExists
|
|
|
|
}
|
2022-12-24 17:10:51 +00:00
|
|
|
if v.accountLimiter != nil && !v.accountLimiter.Allow() {
|
2023-01-06 02:15:10 +00:00
|
|
|
return errHTTPTooManyRequestsLimitAccountCreation
|
2022-12-24 17:10:51 +00:00
|
|
|
}
|
2023-01-10 02:53:21 +00:00
|
|
|
if err := s.userManager.AddUser(newAccount.Username, newAccount.Password, user.RoleUser, createdByAPI); err != nil { // TODO this should return a User
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-02 01:42:33 +00:00
|
|
|
func (s *Server) handleAccountGet(w http.ResponseWriter, _ *http.Request, v *visitor) error {
|
2023-01-09 20:40:46 +00:00
|
|
|
info, err := v.Info()
|
2022-12-17 20:17:52 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-01-09 20:40:46 +00:00
|
|
|
limits, stats := info.Limits, info.Stats
|
2022-12-28 03:14:14 +00:00
|
|
|
response := &apiAccountResponse{
|
2023-01-09 20:40:46 +00:00
|
|
|
Limits: &apiAccountLimits{
|
|
|
|
Basis: string(limits.Basis),
|
|
|
|
Messages: limits.MessagesLimit,
|
|
|
|
MessagesExpiryDuration: int64(limits.MessagesExpiryDuration.Seconds()),
|
|
|
|
Emails: limits.EmailsLimit,
|
|
|
|
Reservations: limits.ReservationsLimit,
|
|
|
|
AttachmentTotalSize: limits.AttachmentTotalSizeLimit,
|
|
|
|
AttachmentFileSize: limits.AttachmentFileSizeLimit,
|
|
|
|
AttachmentExpiryDuration: int64(limits.AttachmentExpiryDuration.Seconds()),
|
|
|
|
},
|
2022-12-19 21:22:13 +00:00
|
|
|
Stats: &apiAccountStats{
|
|
|
|
Messages: stats.Messages,
|
|
|
|
MessagesRemaining: stats.MessagesRemaining,
|
|
|
|
Emails: stats.Emails,
|
|
|
|
EmailsRemaining: stats.EmailsRemaining,
|
2023-01-08 02:04:13 +00:00
|
|
|
Reservations: stats.Reservations,
|
|
|
|
ReservationsRemaining: stats.ReservationsRemaining,
|
2022-12-19 21:22:13 +00:00
|
|
|
AttachmentTotalSize: stats.AttachmentTotalSize,
|
|
|
|
AttachmentTotalSizeRemaining: stats.AttachmentTotalSizeRemaining,
|
|
|
|
},
|
2022-12-17 20:17:52 +00:00
|
|
|
}
|
|
|
|
if v.user != nil {
|
|
|
|
response.Username = v.user.Name
|
|
|
|
response.Role = string(v.user.Role)
|
2023-01-10 02:53:21 +00:00
|
|
|
response.SyncTopic = v.user.SyncTopic
|
2022-12-17 20:17:52 +00:00
|
|
|
if v.user.Prefs != nil {
|
|
|
|
if v.user.Prefs.Language != "" {
|
|
|
|
response.Language = v.user.Prefs.Language
|
|
|
|
}
|
|
|
|
if v.user.Prefs.Notification != nil {
|
|
|
|
response.Notification = v.user.Prefs.Notification
|
|
|
|
}
|
|
|
|
if v.user.Prefs.Subscriptions != nil {
|
|
|
|
response.Subscriptions = v.user.Prefs.Subscriptions
|
|
|
|
}
|
|
|
|
}
|
2023-01-08 02:04:13 +00:00
|
|
|
if v.user.Tier != nil {
|
|
|
|
response.Tier = &apiAccountTier{
|
2023-01-09 20:40:46 +00:00
|
|
|
Code: v.user.Tier.Code,
|
|
|
|
Name: v.user.Tier.Name,
|
2022-12-18 04:54:19 +00:00
|
|
|
}
|
2022-12-17 20:17:52 +00:00
|
|
|
}
|
2023-01-16 04:29:46 +00:00
|
|
|
if v.user.Billing.StripeCustomerID != "" {
|
|
|
|
response.Billing = &apiAccountBilling{
|
|
|
|
Customer: true,
|
|
|
|
Subscription: v.user.Billing.StripeSubscriptionID != "",
|
|
|
|
Status: string(v.user.Billing.StripeSubscriptionStatus),
|
|
|
|
PaidUntil: v.user.Billing.StripeSubscriptionPaidUntil.Unix(),
|
2023-01-16 15:35:12 +00:00
|
|
|
CancelAt: v.user.Billing.StripeSubscriptionCancelAt.Unix(),
|
2023-01-16 04:29:46 +00:00
|
|
|
}
|
|
|
|
}
|
2023-01-03 01:08:37 +00:00
|
|
|
reservations, err := s.userManager.Reservations(v.user.Name)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if len(reservations) > 0 {
|
|
|
|
response.Reservations = make([]*apiAccountReservation, 0)
|
|
|
|
for _, r := range reservations {
|
|
|
|
response.Reservations = append(response.Reservations, &apiAccountReservation{
|
2023-01-03 02:12:42 +00:00
|
|
|
Topic: r.Topic,
|
|
|
|
Everyone: r.Everyone.String(),
|
2023-01-03 01:08:37 +00:00
|
|
|
})
|
2023-01-01 20:21:43 +00:00
|
|
|
}
|
|
|
|
}
|
2022-12-17 20:17:52 +00:00
|
|
|
} else {
|
2022-12-25 16:41:38 +00:00
|
|
|
response.Username = user.Everyone
|
|
|
|
response.Role = string(user.RoleAnonymous)
|
2022-12-17 20:17:52 +00:00
|
|
|
}
|
2022-12-29 00:55:11 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
2022-12-17 20:17:52 +00:00
|
|
|
if err := json.NewEncoder(w).Encode(response); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-02 01:42:33 +00:00
|
|
|
func (s *Server) handleAccountDelete(w http.ResponseWriter, _ *http.Request, v *visitor) error {
|
2022-12-25 16:41:38 +00:00
|
|
|
if err := s.userManager.RemoveUser(v.user.Name); err != nil {
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) handleAccountPasswordChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2022-12-29 14:57:42 +00:00
|
|
|
newPassword, err := readJSONWithLimit[apiAccountPasswordChangeRequest](r.Body, jsonBodyBytesLimit)
|
2022-12-16 03:07:04 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-12-25 16:41:38 +00:00
|
|
|
if err := s.userManager.ChangePassword(v.user.Name, newPassword.Password); err != nil {
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-02 01:42:33 +00:00
|
|
|
func (s *Server) handleAccountTokenIssue(w http.ResponseWriter, _ *http.Request, v *visitor) error {
|
2022-12-16 03:07:04 +00:00
|
|
|
// TODO rate limit
|
2022-12-25 16:41:38 +00:00
|
|
|
token, err := s.userManager.CreateToken(v.user)
|
2022-12-16 03:07:04 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
response := &apiAccountTokenResponse{
|
2022-12-25 16:41:38 +00:00
|
|
|
Token: token.Value,
|
2022-12-28 18:46:18 +00:00
|
|
|
Expires: token.Expires.Unix(),
|
2022-12-25 16:41:38 +00:00
|
|
|
}
|
|
|
|
if err := json.NewEncoder(w).Encode(response); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-02 01:42:33 +00:00
|
|
|
func (s *Server) handleAccountTokenExtend(w http.ResponseWriter, _ *http.Request, v *visitor) error {
|
2022-12-25 16:41:38 +00:00
|
|
|
// TODO rate limit
|
|
|
|
if v.user == nil {
|
|
|
|
return errHTTPUnauthorized
|
|
|
|
} else if v.user.Token == "" {
|
|
|
|
return errHTTPBadRequestNoTokenProvided
|
|
|
|
}
|
|
|
|
token, err := s.userManager.ExtendToken(v.user)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
response := &apiAccountTokenResponse{
|
|
|
|
Token: token.Value,
|
2022-12-28 18:46:18 +00:00
|
|
|
Expires: token.Expires.Unix(),
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
if err := json.NewEncoder(w).Encode(response); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-02 01:42:33 +00:00
|
|
|
func (s *Server) handleAccountTokenDelete(w http.ResponseWriter, _ *http.Request, v *visitor) error {
|
2022-12-16 03:07:04 +00:00
|
|
|
// TODO rate limit
|
2022-12-29 00:55:11 +00:00
|
|
|
if v.user.Token == "" {
|
2022-12-29 14:57:42 +00:00
|
|
|
return errHTTPBadRequestNoTokenProvided
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
2022-12-25 16:41:38 +00:00
|
|
|
if err := s.userManager.RemoveToken(v.user); err != nil {
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) handleAccountSettingsChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2022-12-29 14:57:42 +00:00
|
|
|
newPrefs, err := readJSONWithLimit[user.Prefs](r.Body, jsonBodyBytesLimit)
|
2022-12-16 03:07:04 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if v.user.Prefs == nil {
|
2022-12-25 16:41:38 +00:00
|
|
|
v.user.Prefs = &user.Prefs{}
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
prefs := v.user.Prefs
|
|
|
|
if newPrefs.Language != "" {
|
|
|
|
prefs.Language = newPrefs.Language
|
|
|
|
}
|
|
|
|
if newPrefs.Notification != nil {
|
|
|
|
if prefs.Notification == nil {
|
2022-12-25 16:41:38 +00:00
|
|
|
prefs.Notification = &user.NotificationPrefs{}
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
if newPrefs.Notification.DeleteAfter > 0 {
|
|
|
|
prefs.Notification.DeleteAfter = newPrefs.Notification.DeleteAfter
|
|
|
|
}
|
|
|
|
if newPrefs.Notification.Sound != "" {
|
|
|
|
prefs.Notification.Sound = newPrefs.Notification.Sound
|
|
|
|
}
|
|
|
|
if newPrefs.Notification.MinPriority > 0 {
|
|
|
|
prefs.Notification.MinPriority = newPrefs.Notification.MinPriority
|
|
|
|
}
|
|
|
|
}
|
2022-12-29 00:55:11 +00:00
|
|
|
if err := s.userManager.ChangeSettings(v.user); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) handleAccountSubscriptionAdd(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2022-12-29 14:57:42 +00:00
|
|
|
newSubscription, err := readJSONWithLimit[user.Subscription](r.Body, jsonBodyBytesLimit)
|
2022-12-16 03:07:04 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if v.user.Prefs == nil {
|
2022-12-25 16:41:38 +00:00
|
|
|
v.user.Prefs = &user.Prefs{}
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
newSubscription.ID = "" // Client cannot set ID
|
|
|
|
for _, subscription := range v.user.Prefs.Subscriptions {
|
|
|
|
if newSubscription.BaseURL == subscription.BaseURL && newSubscription.Topic == subscription.Topic {
|
2022-12-26 03:29:55 +00:00
|
|
|
newSubscription = subscription
|
2022-12-16 03:07:04 +00:00
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if newSubscription.ID == "" {
|
2022-12-29 16:09:45 +00:00
|
|
|
newSubscription.ID = util.RandomString(subscriptionIDLength)
|
2022-12-26 03:29:55 +00:00
|
|
|
v.user.Prefs.Subscriptions = append(v.user.Prefs.Subscriptions, newSubscription)
|
2022-12-25 16:41:38 +00:00
|
|
|
if err := s.userManager.ChangeSettings(v.user); err != nil {
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
2022-12-26 03:29:55 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
2022-12-16 03:07:04 +00:00
|
|
|
if err := json.NewEncoder(w).Encode(newSubscription); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-12-26 03:29:55 +00:00
|
|
|
func (s *Server) handleAccountSubscriptionChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2023-01-17 15:09:37 +00:00
|
|
|
matches := apiAccountSubscriptionSingleRegex.FindStringSubmatch(r.URL.Path)
|
2022-12-26 03:29:55 +00:00
|
|
|
if len(matches) != 2 {
|
2022-12-29 14:57:42 +00:00
|
|
|
return errHTTPInternalErrorInvalidPath
|
2022-12-26 03:29:55 +00:00
|
|
|
}
|
2022-12-29 14:57:42 +00:00
|
|
|
subscriptionID := matches[1]
|
|
|
|
updatedSubscription, err := readJSONWithLimit[user.Subscription](r.Body, jsonBodyBytesLimit)
|
2022-12-26 03:29:55 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if v.user.Prefs == nil || v.user.Prefs.Subscriptions == nil {
|
|
|
|
return errHTTPNotFound
|
|
|
|
}
|
|
|
|
var subscription *user.Subscription
|
|
|
|
for _, sub := range v.user.Prefs.Subscriptions {
|
|
|
|
if sub.ID == subscriptionID {
|
|
|
|
sub.DisplayName = updatedSubscription.DisplayName
|
|
|
|
subscription = sub
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if subscription == nil {
|
|
|
|
return errHTTPNotFound
|
|
|
|
}
|
|
|
|
if err := s.userManager.ChangeSettings(v.user); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
if err := json.NewEncoder(w).Encode(subscription); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-12-16 03:07:04 +00:00
|
|
|
func (s *Server) handleAccountSubscriptionDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2023-01-17 15:09:37 +00:00
|
|
|
matches := apiAccountSubscriptionSingleRegex.FindStringSubmatch(r.URL.Path)
|
2022-12-16 03:07:04 +00:00
|
|
|
if len(matches) != 2 {
|
2022-12-29 14:57:42 +00:00
|
|
|
return errHTTPInternalErrorInvalidPath
|
2022-12-16 03:07:04 +00:00
|
|
|
}
|
|
|
|
subscriptionID := matches[1]
|
|
|
|
if v.user.Prefs == nil || v.user.Prefs.Subscriptions == nil {
|
|
|
|
return nil
|
|
|
|
}
|
2022-12-25 16:41:38 +00:00
|
|
|
newSubscriptions := make([]*user.Subscription, 0)
|
2022-12-16 03:07:04 +00:00
|
|
|
for _, subscription := range v.user.Prefs.Subscriptions {
|
|
|
|
if subscription.ID != subscriptionID {
|
|
|
|
newSubscriptions = append(newSubscriptions, subscription)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(newSubscriptions) < len(v.user.Prefs.Subscriptions) {
|
|
|
|
v.user.Prefs.Subscriptions = newSubscriptions
|
2022-12-25 16:41:38 +00:00
|
|
|
if err := s.userManager.ChangeSettings(v.user); err != nil {
|
2022-12-16 03:07:04 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
2022-12-29 14:57:42 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
2022-12-16 03:07:04 +00:00
|
|
|
return nil
|
|
|
|
}
|
2022-12-30 19:20:48 +00:00
|
|
|
|
2023-01-12 15:50:09 +00:00
|
|
|
func (s *Server) handleAccountReservationAdd(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2023-01-07 14:34:02 +00:00
|
|
|
if v.user != nil && v.user.Role == user.RoleAdmin {
|
|
|
|
return errHTTPBadRequestMakesNoSenseForAdmin
|
|
|
|
}
|
2023-01-12 17:04:18 +00:00
|
|
|
req, err := readJSONWithLimit[apiAccountReservationRequest](r.Body, jsonBodyBytesLimit)
|
2022-12-30 19:20:48 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !topicRegex.MatchString(req.Topic) {
|
|
|
|
return errHTTPBadRequestTopicInvalid
|
|
|
|
}
|
2023-01-06 15:45:38 +00:00
|
|
|
everyone, err := user.ParsePermission(req.Everyone)
|
|
|
|
if err != nil {
|
|
|
|
return errHTTPBadRequestPermissionInvalid
|
|
|
|
}
|
2023-01-08 02:04:13 +00:00
|
|
|
if v.user.Tier == nil {
|
2023-01-12 15:50:09 +00:00
|
|
|
return errHTTPUnauthorized
|
2023-01-06 02:15:10 +00:00
|
|
|
}
|
2023-01-01 20:21:43 +00:00
|
|
|
if err := s.userManager.CheckAllowAccess(v.user.Name, req.Topic); err != nil {
|
|
|
|
return errHTTPConflictTopicReserved
|
|
|
|
}
|
2023-01-06 15:45:38 +00:00
|
|
|
hasReservation, err := s.userManager.HasReservation(v.user.Name, req.Topic)
|
2023-01-03 02:12:42 +00:00
|
|
|
if err != nil {
|
2023-01-06 15:45:38 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
if !hasReservation {
|
|
|
|
reservations, err := s.userManager.ReservationsCount(v.user.Name)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
2023-01-08 02:04:13 +00:00
|
|
|
} else if reservations >= v.user.Tier.ReservationsLimit {
|
2023-01-06 15:45:38 +00:00
|
|
|
return errHTTPTooManyRequestsLimitReservations
|
|
|
|
}
|
2023-01-03 02:12:42 +00:00
|
|
|
}
|
2023-01-06 15:45:38 +00:00
|
|
|
owner, username := v.user.Name, v.user.Name
|
2023-01-01 20:21:43 +00:00
|
|
|
if err := s.userManager.AllowAccess(owner, username, req.Topic, true, true); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2023-01-03 02:12:42 +00:00
|
|
|
if err := s.userManager.AllowAccess(owner, user.Everyone, req.Topic, everyone.IsRead(), everyone.IsWrite()); err != nil {
|
2023-01-01 20:21:43 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-12 15:50:09 +00:00
|
|
|
func (s *Server) handleAccountReservationDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
|
2023-01-17 15:09:37 +00:00
|
|
|
matches := apiAccountReservationSingleRegex.FindStringSubmatch(r.URL.Path)
|
2023-01-01 20:21:43 +00:00
|
|
|
if len(matches) != 2 {
|
|
|
|
return errHTTPInternalErrorInvalidPath
|
|
|
|
}
|
|
|
|
topic := matches[1]
|
|
|
|
if !topicRegex.MatchString(topic) {
|
|
|
|
return errHTTPBadRequestTopicInvalid
|
|
|
|
}
|
2023-01-06 15:45:38 +00:00
|
|
|
authorized, err := s.userManager.HasReservation(v.user.Name, topic)
|
2023-01-03 01:08:37 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
2023-01-06 15:45:38 +00:00
|
|
|
} else if !authorized {
|
2023-01-01 20:21:43 +00:00
|
|
|
return errHTTPUnauthorized
|
|
|
|
}
|
|
|
|
if err := s.userManager.ResetAccess(v.user.Name, topic); err != nil {
|
2022-12-30 19:20:48 +00:00
|
|
|
return err
|
|
|
|
}
|
2023-01-01 20:21:43 +00:00
|
|
|
if err := s.userManager.ResetAccess(user.Everyone, topic); err != nil {
|
2022-12-30 19:20:48 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", "*") // FIXME remove this
|
|
|
|
return nil
|
|
|
|
}
|
2023-01-16 21:35:37 +00:00
|
|
|
|
|
|
|
func (s *Server) publishSyncEvent(v *visitor) error {
|
|
|
|
if v.user == nil || v.user.SyncTopic == "" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
log.Trace("Publishing sync event to user %s's sync topic %s", v.user.Name, v.user.SyncTopic)
|
|
|
|
topics, err := s.topicsFromIDs(v.user.SyncTopic)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
} else if len(topics) == 0 {
|
|
|
|
return errors.New("cannot retrieve sync topic")
|
|
|
|
}
|
|
|
|
syncTopic := topics[0]
|
|
|
|
messageBytes, err := json.Marshal(&apiAccountSyncTopicResponse{Event: syncTopicAccountSyncEvent})
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
m := newDefaultMessage(syncTopic.ID, string(messageBytes))
|
|
|
|
if err := syncTopic.Publish(v, m); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *Server) publishSyncEventAsync(v *visitor) {
|
|
|
|
go func() {
|
|
|
|
if v.user == nil || v.user.SyncTopic == "" {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if err := s.publishSyncEvent(v); err != nil {
|
|
|
|
log.Trace("Error publishing to user %s's sync topic %s: %s", v.user.Name, v.user.SyncTopic, err.Error())
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
}
|