ntfy/server/server_account.go

577 lines
18 KiB
Go
Raw Normal View History

2022-12-16 03:07:04 +00:00
package server
import (
"encoding/json"
2023-02-08 03:45:55 +00:00
"heckel.io/ntfy/log"
"heckel.io/ntfy/user"
2022-12-16 03:07:04 +00:00
"heckel.io/ntfy/util"
"net/http"
2023-01-29 01:29:06 +00:00
"net/netip"
"strings"
2023-01-28 04:10:59 +00:00
"time"
2022-12-16 03:07:04 +00:00
)
const (
subscriptionIDLength = 16
subscriptionIDPrefix = "su_"
syncTopicAccountSyncEvent = "sync"
2023-01-28 04:10:59 +00:00
tokenExpiryDuration = 72 * time.Hour // Extend tokens by this much
)
2022-12-16 03:07:04 +00:00
func (s *Server) handleAccountCreate(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-29 01:43:06 +00:00
u := v.User()
2023-02-10 02:51:12 +00:00
if !u.IsAdmin() { // u may be nil, but that's fine
2022-12-24 17:10:51 +00:00
if !s.config.EnableSignup {
return errHTTPBadRequestSignupNotEnabled
2023-01-29 01:43:06 +00:00
} else if u != nil {
2022-12-24 17:10:51 +00:00
return errHTTPUnauthorized // Cannot create account from user context
}
if !v.AccountCreationAllowed() {
2023-01-27 03:57:18 +00:00
return errHTTPTooManyRequestsLimitAccountCreation
}
2022-12-16 03:07:04 +00:00
}
2023-01-28 04:10:59 +00:00
newAccount, err := readJSONWithLimit[apiAccountCreateRequest](r.Body, jsonBodyBytesLimit, false)
2022-12-16 03:07:04 +00:00
if err != nil {
return err
}
if existingUser, _ := s.userManager.User(newAccount.Username); existingUser != nil {
2022-12-22 02:55:39 +00:00
return errHTTPConflictUserExists
}
2023-02-08 03:45:55 +00:00
logvr(v, r).Tag(tagAccount).Field("user_name", newAccount.Username).Info("Creating user %s", newAccount.Username)
if err := s.userManager.AddUser(newAccount.Username, newAccount.Password, user.RoleUser); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
2023-02-08 20:20:44 +00:00
v.AccountCreated()
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
2023-02-07 21:20:49 +00:00
func (s *Server) handleAccountGet(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-09 20:40:46 +00:00
info, err := v.Info()
2022-12-17 20:17:52 +00:00
if err != nil {
return err
}
2023-02-07 21:20:49 +00:00
logvr(v, r).Tag(tagAccount).Fields(visitorExtendedInfoContext(info)).Debug("Retrieving account stats")
2023-01-09 20:40:46 +00:00
limits, stats := info.Limits, info.Stats
2022-12-28 03:14:14 +00:00
response := &apiAccountResponse{
2023-01-09 20:40:46 +00:00
Limits: &apiAccountLimits{
Basis: string(limits.Basis),
2023-01-27 03:57:18 +00:00
Messages: limits.MessageLimit,
MessagesExpiryDuration: int64(limits.MessageExpiryDuration.Seconds()),
Emails: limits.EmailLimit,
2023-01-09 20:40:46 +00:00
Reservations: limits.ReservationsLimit,
AttachmentTotalSize: limits.AttachmentTotalSizeLimit,
AttachmentFileSize: limits.AttachmentFileSizeLimit,
AttachmentExpiryDuration: int64(limits.AttachmentExpiryDuration.Seconds()),
AttachmentBandwidth: limits.AttachmentBandwidthLimit,
2023-01-09 20:40:46 +00:00
},
2022-12-19 21:22:13 +00:00
Stats: &apiAccountStats{
Messages: stats.Messages,
MessagesRemaining: stats.MessagesRemaining,
Emails: stats.Emails,
EmailsRemaining: stats.EmailsRemaining,
Reservations: stats.Reservations,
ReservationsRemaining: stats.ReservationsRemaining,
2022-12-19 21:22:13 +00:00
AttachmentTotalSize: stats.AttachmentTotalSize,
AttachmentTotalSizeRemaining: stats.AttachmentTotalSizeRemaining,
},
2022-12-17 20:17:52 +00:00
}
2023-01-28 04:10:59 +00:00
u := v.User()
if u != nil {
response.Username = u.Name
response.Role = string(u.Role)
response.SyncTopic = u.SyncTopic
if u.Prefs != nil {
if u.Prefs.Language != nil {
response.Language = *u.Prefs.Language
2022-12-17 20:17:52 +00:00
}
2023-01-28 04:10:59 +00:00
if u.Prefs.Notification != nil {
response.Notification = u.Prefs.Notification
2022-12-17 20:17:52 +00:00
}
2023-01-28 04:10:59 +00:00
if u.Prefs.Subscriptions != nil {
response.Subscriptions = u.Prefs.Subscriptions
2022-12-17 20:17:52 +00:00
}
}
2023-01-28 04:10:59 +00:00
if u.Tier != nil {
response.Tier = &apiAccountTier{
2023-01-28 04:10:59 +00:00
Code: u.Tier.Code,
Name: u.Tier.Name,
}
2022-12-17 20:17:52 +00:00
}
2023-01-28 04:10:59 +00:00
if u.Billing.StripeCustomerID != "" {
2023-01-16 04:29:46 +00:00
response.Billing = &apiAccountBilling{
Customer: true,
2023-01-28 04:10:59 +00:00
Subscription: u.Billing.StripeSubscriptionID != "",
Status: string(u.Billing.StripeSubscriptionStatus),
PaidUntil: u.Billing.StripeSubscriptionPaidUntil.Unix(),
CancelAt: u.Billing.StripeSubscriptionCancelAt.Unix(),
2023-01-16 04:29:46 +00:00
}
}
2023-01-28 04:10:59 +00:00
reservations, err := s.userManager.Reservations(u.Name)
2023-01-03 01:08:37 +00:00
if err != nil {
return err
}
if len(reservations) > 0 {
response.Reservations = make([]*apiAccountReservation, 0)
for _, r := range reservations {
response.Reservations = append(response.Reservations, &apiAccountReservation{
Topic: r.Topic,
Everyone: r.Everyone.String(),
2023-01-03 01:08:37 +00:00
})
2023-01-01 20:21:43 +00:00
}
}
2023-01-28 04:10:59 +00:00
tokens, err := s.userManager.Tokens(u.ID)
if err != nil {
return err
}
if len(tokens) > 0 {
response.Tokens = make([]*apiAccountTokenResponse, 0)
for _, t := range tokens {
2023-01-29 01:29:06 +00:00
var lastOrigin string
if t.LastOrigin != netip.IPv4Unspecified() {
lastOrigin = t.LastOrigin.String()
}
2023-01-28 04:10:59 +00:00
response.Tokens = append(response.Tokens, &apiAccountTokenResponse{
2023-01-29 01:29:06 +00:00
Token: t.Value,
Label: t.Label,
LastAccess: t.LastAccess.Unix(),
LastOrigin: lastOrigin,
Expires: t.Expires.Unix(),
2023-01-28 04:10:59 +00:00
})
}
}
2022-12-17 20:17:52 +00:00
} else {
response.Username = user.Everyone
response.Role = string(user.RoleAnonymous)
2022-12-17 20:17:52 +00:00
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, response)
2022-12-17 20:17:52 +00:00
}
2023-01-23 03:21:30 +00:00
func (s *Server) handleAccountDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-28 04:10:59 +00:00
req, err := readJSONWithLimit[apiAccountDeleteRequest](r.Body, jsonBodyBytesLimit, false)
if err != nil {
return err
} else if req.Password == "" {
return errHTTPBadRequest
}
2023-01-29 01:43:06 +00:00
u := v.User()
if _, err := s.userManager.Authenticate(u.Name, req.Password); err != nil {
return errHTTPBadRequestIncorrectPasswordConfirmation
}
2023-01-29 01:43:06 +00:00
if u.Billing.StripeSubscriptionID != "" {
2023-02-06 04:34:27 +00:00
logvr(v, r).Tag(tagStripe).Info("Canceling billing subscription for user %s", u.Name)
2023-01-29 01:43:06 +00:00
if _, err := s.stripe.CancelSubscription(u.Billing.StripeSubscriptionID); err != nil {
2023-01-23 03:21:30 +00:00
return err
}
2023-01-19 19:03:39 +00:00
}
2023-02-05 02:26:01 +00:00
if err := s.maybeRemoveMessagesAndExcessReservations(r, v, u, 0); err != nil {
return err
}
2023-02-04 03:21:50 +00:00
logvr(v, r).Tag(tagAccount).Info("Marking user %s as deleted", u.Name)
2023-01-29 01:43:06 +00:00
if err := s.userManager.MarkUserRemoved(u); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
func (s *Server) handleAccountPasswordChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-28 04:10:59 +00:00
req, err := readJSONWithLimit[apiAccountPasswordChangeRequest](r.Body, jsonBodyBytesLimit, false)
2022-12-16 03:07:04 +00:00
if err != nil {
return err
} else if req.Password == "" || req.NewPassword == "" {
return errHTTPBadRequest
2022-12-16 03:07:04 +00:00
}
2023-01-29 01:43:06 +00:00
u := v.User()
if _, err := s.userManager.Authenticate(u.Name, req.Password); err != nil {
return errHTTPBadRequestIncorrectPasswordConfirmation
}
2023-02-08 03:45:55 +00:00
logvr(v, r).Tag(tagAccount).Debug("Changing password for user %s", u.Name)
2023-01-29 01:43:06 +00:00
if err := s.userManager.ChangePassword(u.Name, req.NewPassword); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
2023-01-28 04:10:59 +00:00
func (s *Server) handleAccountTokenCreate(w http.ResponseWriter, r *http.Request, v *visitor) error {
2022-12-16 03:07:04 +00:00
// TODO rate limit
2023-01-28 04:10:59 +00:00
req, err := readJSONWithLimit[apiAccountTokenIssueRequest](r.Body, jsonBodyBytesLimit, true) // Allow empty body!
if err != nil {
return err
}
var label string
if req.Label != nil {
label = *req.Label
}
expires := time.Now().Add(tokenExpiryDuration)
if req.Expires != nil {
expires = time.Unix(*req.Expires, 0)
}
2023-02-04 03:21:50 +00:00
u := v.User()
2023-02-08 03:45:55 +00:00
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"token_label": label,
"token_expires": expires,
}).
Debug("Creating token for user %s", u.Name)
2023-02-04 03:21:50 +00:00
token, err := s.userManager.CreateToken(u.ID, label, expires, v.IP())
2022-12-16 03:07:04 +00:00
if err != nil {
return err
}
response := &apiAccountTokenResponse{
2023-01-29 01:29:06 +00:00
Token: token.Value,
Label: token.Label,
LastAccess: token.LastAccess.Unix(),
LastOrigin: token.LastOrigin.String(),
Expires: token.Expires.Unix(),
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, response)
}
2023-01-28 04:10:59 +00:00
func (s *Server) handleAccountTokenUpdate(w http.ResponseWriter, r *http.Request, v *visitor) error {
// TODO rate limit
2023-01-28 04:10:59 +00:00
u := v.User()
req, err := readJSONWithLimit[apiAccountTokenUpdateRequest](r.Body, jsonBodyBytesLimit, true) // Allow empty body!
if err != nil {
return err
} else if req.Token == "" {
req.Token = u.Token
if req.Token == "" {
return errHTTPBadRequestNoTokenProvided
}
}
2023-01-28 04:10:59 +00:00
var expires *time.Time
if req.Expires != nil {
expires = util.Time(time.Unix(*req.Expires, 0))
} else if req.Label == nil {
2023-02-08 03:45:55 +00:00
expires = util.Time(time.Now().Add(tokenExpiryDuration)) // If label/expires not set, extend token by 72 hours
}
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"token_label": req.Label,
"token_expires": expires,
}).
Debug("Updating token for user %s as deleted", u.Name)
2023-01-28 04:10:59 +00:00
token, err := s.userManager.ChangeToken(u.ID, req.Token, req.Label, expires)
if err != nil {
return err
}
response := &apiAccountTokenResponse{
2023-01-29 01:29:06 +00:00
Token: token.Value,
Label: token.Label,
LastAccess: token.LastAccess.Unix(),
LastOrigin: token.LastOrigin.String(),
Expires: token.Expires.Unix(),
2022-12-16 03:07:04 +00:00
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, response)
2022-12-16 03:07:04 +00:00
}
2023-01-28 04:10:59 +00:00
func (s *Server) handleAccountTokenDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
2022-12-16 03:07:04 +00:00
// TODO rate limit
2023-01-28 04:10:59 +00:00
u := v.User()
token := readParam(r, "X-Token", "Token") // DELETEs cannot have a body, and we don't want it in the path
if token == "" {
token = u.Token
if token == "" {
return errHTTPBadRequestNoTokenProvided
}
2022-12-16 03:07:04 +00:00
}
2023-01-28 04:10:59 +00:00
if err := s.userManager.RemoveToken(u.ID, token); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
2023-02-08 03:45:55 +00:00
logvr(v, r).
Tag(tagAccount).
Field("token", token).
Debug("Deleted token for user %s", u.Name)
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
func (s *Server) handleAccountSettingsChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-28 04:10:59 +00:00
newPrefs, err := readJSONWithLimit[user.Prefs](r.Body, jsonBodyBytesLimit, false)
2022-12-16 03:07:04 +00:00
if err != nil {
return err
}
2023-01-29 01:43:06 +00:00
u := v.User()
if u.Prefs == nil {
u.Prefs = &user.Prefs{}
2022-12-16 03:07:04 +00:00
}
2023-01-29 01:43:06 +00:00
prefs := u.Prefs
if newPrefs.Language != nil {
2022-12-16 03:07:04 +00:00
prefs.Language = newPrefs.Language
}
if newPrefs.Notification != nil {
if prefs.Notification == nil {
prefs.Notification = &user.NotificationPrefs{}
2022-12-16 03:07:04 +00:00
}
if newPrefs.Notification.DeleteAfter != nil {
2022-12-16 03:07:04 +00:00
prefs.Notification.DeleteAfter = newPrefs.Notification.DeleteAfter
}
if newPrefs.Notification.Sound != nil {
2022-12-16 03:07:04 +00:00
prefs.Notification.Sound = newPrefs.Notification.Sound
}
if newPrefs.Notification.MinPriority != nil {
2022-12-16 03:07:04 +00:00
prefs.Notification.MinPriority = newPrefs.Notification.MinPriority
}
}
2023-02-08 03:45:55 +00:00
logvr(v, r).Tag(tagAccount).Debug("Changing account settings for user %s", u.Name)
2023-02-09 20:24:12 +00:00
if err := s.userManager.ChangeSettings(u.ID, prefs); err != nil {
return err
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
func (s *Server) handleAccountSubscriptionAdd(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-28 04:10:59 +00:00
newSubscription, err := readJSONWithLimit[user.Subscription](r.Body, jsonBodyBytesLimit, false)
2022-12-16 03:07:04 +00:00
if err != nil {
return err
}
2023-01-29 01:43:06 +00:00
u := v.User()
if u.Prefs == nil {
u.Prefs = &user.Prefs{}
2022-12-16 03:07:04 +00:00
}
newSubscription.ID = "" // Client cannot set ID
2023-01-29 01:43:06 +00:00
for _, subscription := range u.Prefs.Subscriptions {
2022-12-16 03:07:04 +00:00
if newSubscription.BaseURL == subscription.BaseURL && newSubscription.Topic == subscription.Topic {
2022-12-26 03:29:55 +00:00
newSubscription = subscription
2022-12-16 03:07:04 +00:00
break
}
}
if newSubscription.ID == "" {
newSubscription.ID = util.RandomStringPrefix(subscriptionIDPrefix, subscriptionIDLength)
2023-02-09 20:24:12 +00:00
prefs := u.Prefs
prefs.Subscriptions = append(prefs.Subscriptions, newSubscription)
2023-02-08 03:45:55 +00:00
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"base_url": newSubscription.BaseURL,
"topic": newSubscription.Topic,
}).
Debug("Adding subscription for user %s", u.Name)
2023-02-09 20:24:12 +00:00
if err := s.userManager.ChangeSettings(u.ID, prefs); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSubscription)
2022-12-16 03:07:04 +00:00
}
2022-12-26 03:29:55 +00:00
func (s *Server) handleAccountSubscriptionChange(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-17 15:09:37 +00:00
matches := apiAccountSubscriptionSingleRegex.FindStringSubmatch(r.URL.Path)
2022-12-26 03:29:55 +00:00
if len(matches) != 2 {
2022-12-29 14:57:42 +00:00
return errHTTPInternalErrorInvalidPath
2022-12-26 03:29:55 +00:00
}
2022-12-29 14:57:42 +00:00
subscriptionID := matches[1]
2023-01-28 04:10:59 +00:00
updatedSubscription, err := readJSONWithLimit[user.Subscription](r.Body, jsonBodyBytesLimit, false)
2022-12-26 03:29:55 +00:00
if err != nil {
return err
}
2023-01-29 01:43:06 +00:00
u := v.User()
if u.Prefs == nil || u.Prefs.Subscriptions == nil {
2022-12-26 03:29:55 +00:00
return errHTTPNotFound
}
2023-02-09 20:24:12 +00:00
prefs := u.Prefs
2022-12-26 03:29:55 +00:00
var subscription *user.Subscription
2023-02-09 20:24:12 +00:00
for _, sub := range prefs.Subscriptions {
2022-12-26 03:29:55 +00:00
if sub.ID == subscriptionID {
sub.DisplayName = updatedSubscription.DisplayName
subscription = sub
break
}
}
if subscription == nil {
return errHTTPNotFound
}
2023-02-08 03:45:55 +00:00
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"base_url": subscription.BaseURL,
"topic": subscription.Topic,
"display_name": subscription.DisplayName,
}).
Debug("Changing subscription for user %s", u.Name)
2023-02-09 20:24:12 +00:00
if err := s.userManager.ChangeSettings(u.ID, prefs); err != nil {
2022-12-26 03:29:55 +00:00
return err
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, subscription)
2022-12-26 03:29:55 +00:00
}
2022-12-16 03:07:04 +00:00
func (s *Server) handleAccountSubscriptionDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-17 15:09:37 +00:00
matches := apiAccountSubscriptionSingleRegex.FindStringSubmatch(r.URL.Path)
2022-12-16 03:07:04 +00:00
if len(matches) != 2 {
2022-12-29 14:57:42 +00:00
return errHTTPInternalErrorInvalidPath
2022-12-16 03:07:04 +00:00
}
subscriptionID := matches[1]
2023-01-29 01:43:06 +00:00
u := v.User()
if u.Prefs == nil || u.Prefs.Subscriptions == nil {
2022-12-16 03:07:04 +00:00
return nil
}
newSubscriptions := make([]*user.Subscription, 0)
2023-01-29 01:43:06 +00:00
for _, subscription := range u.Prefs.Subscriptions {
2023-02-08 03:45:55 +00:00
if subscription.ID == subscriptionID {
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"base_url": subscription.BaseURL,
"topic": subscription.Topic,
}).
Debug("Removing subscription for user %s", u.Name)
} else {
2022-12-16 03:07:04 +00:00
newSubscriptions = append(newSubscriptions, subscription)
}
}
2023-01-29 01:43:06 +00:00
if len(newSubscriptions) < len(u.Prefs.Subscriptions) {
2023-02-09 20:24:12 +00:00
prefs := u.Prefs
prefs.Subscriptions = newSubscriptions
if err := s.userManager.ChangeSettings(u.ID, prefs); err != nil {
2022-12-16 03:07:04 +00:00
return err
}
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-16 03:07:04 +00:00
}
2022-12-30 19:20:48 +00:00
2023-02-02 20:19:37 +00:00
// handleAccountReservationAdd adds a topic reservation for the logged-in user, but only if the user has a tier
// with enough remaining reservations left, or if the user is an admin. Admins can always reserve a topic, unless
// it is already reserved by someone else.
2023-01-12 15:50:09 +00:00
func (s *Server) handleAccountReservationAdd(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-29 01:43:06 +00:00
u := v.User()
2023-01-28 04:10:59 +00:00
req, err := readJSONWithLimit[apiAccountReservationRequest](r.Body, jsonBodyBytesLimit, false)
2022-12-30 19:20:48 +00:00
if err != nil {
return err
}
if !topicRegex.MatchString(req.Topic) {
return errHTTPBadRequestTopicInvalid
}
2023-01-06 15:45:38 +00:00
everyone, err := user.ParsePermission(req.Everyone)
if err != nil {
return errHTTPBadRequestPermissionInvalid
}
2023-02-02 20:19:37 +00:00
// Check if we are allowed to reserve this topic
2023-02-10 02:51:12 +00:00
if u.IsUser() && u.Tier == nil {
2023-01-12 15:50:09 +00:00
return errHTTPUnauthorized
2023-02-12 03:14:09 +00:00
} else if err := s.userManager.AllowReservation(u.Name, req.Topic); err != nil {
2023-01-01 20:21:43 +00:00
return errHTTPConflictTopicReserved
2023-02-10 02:51:12 +00:00
} else if u.IsUser() {
2023-02-02 20:19:37 +00:00
hasReservation, err := s.userManager.HasReservation(u.Name, req.Topic)
2023-01-06 15:45:38 +00:00
if err != nil {
return err
2023-02-02 20:19:37 +00:00
}
if !hasReservation {
reservations, err := s.userManager.ReservationsCount(u.Name)
if err != nil {
return err
} else if reservations >= u.Tier.ReservationLimit {
return errHTTPTooManyRequestsLimitReservations
}
2023-01-06 15:45:38 +00:00
}
}
// Actually add the reservation
2023-02-08 03:45:55 +00:00
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"topic": req.Topic,
"everyone": everyone.String(),
}).
Debug("Adding topic reservation")
2023-01-29 01:43:06 +00:00
if err := s.userManager.AddReservation(u.Name, req.Topic, everyone); err != nil {
2023-01-01 20:21:43 +00:00
return err
}
// Kill existing subscribers
t, err := s.topicFromID(req.Topic)
if err != nil {
return err
}
2023-01-29 01:43:06 +00:00
t.CancelSubscribers(u.ID)
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2023-01-01 20:21:43 +00:00
}
2023-02-02 20:19:37 +00:00
// handleAccountReservationDelete deletes a topic reservation if it is owned by the current user
2023-01-12 15:50:09 +00:00
func (s *Server) handleAccountReservationDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
2023-01-17 15:09:37 +00:00
matches := apiAccountReservationSingleRegex.FindStringSubmatch(r.URL.Path)
2023-01-01 20:21:43 +00:00
if len(matches) != 2 {
return errHTTPInternalErrorInvalidPath
}
topic := matches[1]
if !topicRegex.MatchString(topic) {
return errHTTPBadRequestTopicInvalid
}
2023-01-29 01:43:06 +00:00
u := v.User()
authorized, err := s.userManager.HasReservation(u.Name, topic)
2023-01-03 01:08:37 +00:00
if err != nil {
return err
2023-01-06 15:45:38 +00:00
} else if !authorized {
2023-01-01 20:21:43 +00:00
return errHTTPUnauthorized
}
2023-02-08 03:45:55 +00:00
deleteMessages := readBoolParam(r, false, "X-Delete-Messages", "Delete-Messages")
logvr(v, r).
Tag(tagAccount).
Fields(log.Context{
"topic": topic,
"delete_messages": deleteMessages,
}).
Debug("Removing topic reservation")
2023-01-29 01:43:06 +00:00
if err := s.userManager.RemoveReservations(u.Name, topic); err != nil {
2022-12-30 19:20:48 +00:00
return err
}
2023-02-01 02:39:30 +00:00
if deleteMessages {
if err := s.messageCache.ExpireMessages(topic); err != nil {
return err
}
}
2023-01-18 20:50:06 +00:00
return s.writeJSON(w, newSuccessResponse())
2022-12-30 19:20:48 +00:00
}
// maybeRemoveMessagesAndExcessReservations deletes topic reservations for the given user (if too many for tier),
// and marks associated messages for the topics as deleted. This also eventually deletes attachments.
// The process relies on the manager to perform the actual deletions (see runManager).
2023-02-05 02:26:01 +00:00
func (s *Server) maybeRemoveMessagesAndExcessReservations(r *http.Request, v *visitor, u *user.User, reservationsLimit int64) error {
reservations, err := s.userManager.Reservations(u.Name)
if err != nil {
return err
} else if int64(len(reservations)) <= reservationsLimit {
2023-02-05 02:26:01 +00:00
logvr(v, r).Tag(tagAccount).Debug("No excess reservations to remove")
return nil
}
topics := make([]string, 0)
for i := int64(len(reservations)) - 1; i >= reservationsLimit; i-- {
topics = append(topics, reservations[i].Topic)
}
2023-02-05 02:26:01 +00:00
logvr(v, r).Tag(tagAccount).Info("Removing excess reservations for topics %s", strings.Join(topics, ", "))
if err := s.userManager.RemoveReservations(u.Name, topics...); err != nil {
return err
}
if err := s.messageCache.ExpireMessages(topics...); err != nil {
return err
}
return nil
}
2023-01-29 01:43:06 +00:00
// publishSyncEventAsync kicks of a Go routine to publish a sync message to the user's sync topic
func (s *Server) publishSyncEventAsync(v *visitor) {
go func() {
if err := s.publishSyncEvent(v); err != nil {
2023-02-06 04:34:27 +00:00
logv(v).Err(err).Trace("Error publishing to user's sync topic")
2023-01-29 01:43:06 +00:00
}
}()
}
// publishSyncEvent publishes a sync message to the user's sync topic
func (s *Server) publishSyncEvent(v *visitor) error {
2023-01-29 01:43:06 +00:00
u := v.User()
if u == nil || u.SyncTopic == "" {
return nil
}
2023-02-06 04:34:27 +00:00
logv(v).Field("sync_topic", u.SyncTopic).Trace("Publishing sync event to user's sync topic")
2023-01-29 01:43:06 +00:00
syncTopic, err := s.topicFromID(u.SyncTopic)
if err != nil {
return err
}
messageBytes, err := json.Marshal(&apiAccountSyncTopicResponse{Event: syncTopicAccountSyncEvent})
if err != nil {
return err
}
m := newDefaultMessage(syncTopic.ID, string(messageBytes))
if err := syncTopic.Publish(v, m); err != nil {
return err
}
return nil
}