diff --git a/API.md b/API.md index 07b9c0a..bf9e880 100644 --- a/API.md +++ b/API.md @@ -18,8 +18,9 @@ NOTE: These routes will be documented using a Swagger / OpenAPI definition in th All routes can be found under `/api/v1/http/` - `/api/v1/auth`: Returns api session information -- `/api/v1/systems`: Returns a (publically visible) list of systems - `/api/v1/news`: Returns JSON containing all news items +- `/api/v1/instances/directory`: Returns a (publically visible) list of systems +- `/api/v1/resolve?uri=...`: Resolve a URI ## Interactive Websocket API diff --git a/internal/dis/component/auth/scopes/instances.go b/internal/dis/component/auth/scopes/instances.go index 1bb7002..d37bab6 100644 --- a/internal/dis/component/auth/scopes/instances.go +++ b/internal/dis/component/auth/scopes/instances.go @@ -32,7 +32,6 @@ func (*ListInstancesScope) Scope() component.ScopeInfo { } func (lis *ListInstancesScope) HasScope(param string, r *http.Request) (bool, error) { - // TODO: at the moment everyone has this permission - // this should change in the future! - return true, nil + _, user, err := lis.Dependencies.Auth.SessionOf(r) + return user != nil, err } diff --git a/internal/dis/component/auth/scopes/news.go b/internal/dis/component/auth/scopes/news.go index 3e38ddd..027e10b 100644 --- a/internal/dis/component/auth/scopes/news.go +++ b/internal/dis/component/auth/scopes/news.go @@ -32,6 +32,6 @@ func (*ListNewsScope) Scope() component.ScopeInfo { } func (lns *ListNewsScope) HasScope(param string, r *http.Request) (bool, error) { - // TODO: at the moment everyone has this permission - return true, nil + _, user, err := lns.Dependencies.Auth.SessionOf(r) + return user != nil, err } diff --git a/internal/dis/component/auth/scopes/resolver.go b/internal/dis/component/auth/scopes/resolver.go new file mode 100644 index 0000000..57efa4d --- /dev/null +++ b/internal/dis/component/auth/scopes/resolver.go @@ -0,0 +1,37 @@ +package scopes + +import ( + "net/http" + + "github.com/FAU-CDI/wisski-distillery/internal/dis/component" + "github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth" +) + +type ResolverScope struct { + component.Base + Dependencies struct { + Auth *auth.Auth + } +} + +var ( + _ component.ScopeProvider = (*ResolverScope)(nil) +) + +const ( + ScopeResolver Scope = "url.resolve" +) + +func (*ResolverScope) Scope() component.ScopeInfo { + return component.ScopeInfo{ + Scope: ScopeResolver, + Description: "resolve a URI to a URL to display it in", + DeniedMessage: "", + TakesParam: false, + } +} + +func (rs *ResolverScope) HasScope(param string, r *http.Request) (bool, error) { + _, user, err := rs.Dependencies.Auth.SessionOf(r) + return user != nil, err +} diff --git a/internal/dis/component/resolver/api.go b/internal/dis/component/resolver/api.go new file mode 100644 index 0000000..8b2de54 --- /dev/null +++ b/internal/dis/component/resolver/api.go @@ -0,0 +1,53 @@ +package resolver + +import ( + "context" + "net/http" + + "github.com/FAU-CDI/wisski-distillery/internal/dis/component" + "github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth" + "github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth/api" + "github.com/FAU-CDI/wisski-distillery/internal/dis/component/auth/scopes" + "github.com/tkw1536/pkglib/httpx" +) + +type API struct { + component.Base + Dependencies struct { + Auth *auth.Auth + Resolver *Resolver + } +} + +var ( + _ component.Routeable = (*API)(nil) +) + +func (api *API) Routes() component.Routes { + return component.Routes{ + Prefix: "/api/v1/resolve/", + Exact: true, + } +} + +func (a *API) HandleRoute(ctx context.Context, path string) (http.Handler, error) { + return &api.Handler[string]{ + Config: a.Config, + Auth: a.Dependencies.Auth, + + Methods: []string{"GET"}, + + Scope: scopes.ScopeResolver, + Handler: func(s string, r *http.Request) (string, error) { + uri := r.URL.Query().Get("uri") + if uri == "" { + return "", httpx.ErrBadRequest + } + target := a.Dependencies.Resolver.Target(uri) + if target == "" { + return "", httpx.ErrNotFound + } + return target, nil + }, + }, nil +} diff --git a/internal/dis/component/scope.go b/internal/dis/component/scope.go index 5cfae72..a56d55f 100644 --- a/internal/dis/component/scope.go +++ b/internal/dis/component/scope.go @@ -63,7 +63,6 @@ type ScopeProvider interface { // Check checks if the given session has access to the given scope. HasScope(param string, r *http.Request) (bool, error) - // TODO: move this to a session } // SessionInfo provides information about the current session. diff --git a/internal/dis/distillery.go b/internal/dis/distillery.go index 0b9e76d..477205d 100644 --- a/internal/dis/distillery.go +++ b/internal/dis/distillery.go @@ -154,6 +154,7 @@ func (dis *Distillery) allComponents() []initFunc { auto[*scopes.AdminLoggedIn], auto[*scopes.ListInstancesScope], auto[*scopes.ListNewsScope], + auto[*scopes.ResolverScope], // instances auto[*instances.Instances], @@ -203,5 +204,6 @@ func (dis *Distillery) allComponents() []initFunc { auto[*list.API], auto[*list.API], auto[*news.API], + auto[*resolver.API], } }