router.go 21 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025
  1. package router
  2. import (
  3. "net/http"
  4. "os"
  5. "github.com/go-chi/chi"
  6. "github.com/porter-dev/porter/server/api"
  7. "github.com/porter-dev/porter/server/requestlog"
  8. mw "github.com/porter-dev/porter/server/router/middleware"
  9. )
  10. // New creates a new Chi router instance and registers all routes supported by the
  11. // API
  12. func New(a *api.App) *chi.Mux {
  13. l := a.Logger
  14. r := chi.NewRouter()
  15. auth := mw.NewAuth(a.Store, a.ServerConf.CookieName, a.Repo)
  16. r.Route("/api", func(r chi.Router) {
  17. r.Use(mw.ContentTypeJSON)
  18. // health checks
  19. r.Method("GET", "/livez", http.HandlerFunc(a.HandleLive))
  20. r.Method("GET", "/readyz", http.HandlerFunc(a.HandleReady))
  21. // /api/users routes
  22. r.Method(
  23. "GET",
  24. "/users/{user_id}",
  25. auth.DoesUserIDMatch(
  26. requestlog.NewHandler(a.HandleReadUser, l),
  27. mw.URLParam,
  28. ),
  29. )
  30. r.Method(
  31. "GET",
  32. "/users/{user_id}/projects",
  33. auth.DoesUserIDMatch(
  34. requestlog.NewHandler(a.HandleListUserProjects, l),
  35. mw.URLParam,
  36. ),
  37. )
  38. r.Method(
  39. "POST",
  40. "/users",
  41. requestlog.NewHandler(a.HandleCreateUser, l),
  42. )
  43. r.Method(
  44. "DELETE",
  45. "/users/{user_id}",
  46. auth.DoesUserIDMatch(
  47. requestlog.NewHandler(a.HandleDeleteUser, l),
  48. mw.URLParam,
  49. ),
  50. )
  51. r.Method(
  52. "POST",
  53. "/login",
  54. requestlog.NewHandler(a.HandleLoginUser, l),
  55. )
  56. r.Method(
  57. "GET",
  58. "/auth/check",
  59. auth.BasicAuthenticate(
  60. requestlog.NewHandler(a.HandleAuthCheck, l),
  61. ),
  62. )
  63. r.Method(
  64. "POST",
  65. "/logout",
  66. auth.BasicAuthenticate(
  67. requestlog.NewHandler(a.HandleLogoutUser, l),
  68. ),
  69. )
  70. // /api/integrations routes
  71. r.Method(
  72. "GET",
  73. "/integrations/cluster",
  74. auth.BasicAuthenticate(
  75. requestlog.NewHandler(a.HandleListClusterIntegrations, l),
  76. ),
  77. )
  78. r.Method(
  79. "GET",
  80. "/integrations/registry",
  81. auth.BasicAuthenticate(
  82. requestlog.NewHandler(a.HandleListRegistryIntegrations, l),
  83. ),
  84. )
  85. r.Method(
  86. "GET",
  87. "/integrations/helm",
  88. auth.BasicAuthenticate(
  89. requestlog.NewHandler(a.HandleListHelmRepoIntegrations, l),
  90. ),
  91. )
  92. r.Method(
  93. "GET",
  94. "/integrations/repo",
  95. auth.BasicAuthenticate(
  96. requestlog.NewHandler(a.HandleListRepoIntegrations, l),
  97. ),
  98. )
  99. // /api/templates routes
  100. r.Method(
  101. "GET",
  102. "/templates",
  103. auth.BasicAuthenticate(
  104. requestlog.NewHandler(a.HandleListTemplates, l),
  105. ),
  106. )
  107. r.Method(
  108. "GET",
  109. "/templates/{name}/{version}",
  110. auth.BasicAuthenticate(
  111. requestlog.NewHandler(a.HandleReadTemplate, l),
  112. ),
  113. )
  114. // /api/oauth routes
  115. r.Method(
  116. "GET",
  117. "/oauth/projects/{project_id}/github",
  118. auth.DoesUserHaveProjectAccess(
  119. requestlog.NewHandler(a.HandleGithubOAuthStartProject, l),
  120. mw.URLParam,
  121. mw.WriteAccess,
  122. ),
  123. )
  124. r.Method(
  125. "GET",
  126. "/oauth/github/callback",
  127. requestlog.NewHandler(a.HandleGithubOAuthCallback, l),
  128. )
  129. r.Method(
  130. "GET",
  131. "/oauth/projects/{project_id}/digitalocean",
  132. auth.DoesUserHaveProjectAccess(
  133. requestlog.NewHandler(a.HandleDOOAuthStartProject, l),
  134. mw.URLParam,
  135. mw.WriteAccess,
  136. ),
  137. )
  138. r.Method(
  139. "GET",
  140. "/oauth/digitalocean/callback",
  141. requestlog.NewHandler(a.HandleDOOAuthCallback, l),
  142. )
  143. // /api/projects routes
  144. r.Method(
  145. "GET",
  146. "/projects/{project_id}",
  147. auth.DoesUserHaveProjectAccess(
  148. requestlog.NewHandler(a.HandleReadProject, l),
  149. mw.URLParam,
  150. mw.ReadAccess,
  151. ),
  152. )
  153. r.Method(
  154. "POST",
  155. "/projects",
  156. auth.BasicAuthenticate(
  157. requestlog.NewHandler(a.HandleCreateProject, l),
  158. ),
  159. )
  160. r.Method(
  161. "DELETE",
  162. "/projects/{project_id}",
  163. auth.DoesUserHaveProjectAccess(
  164. requestlog.NewHandler(a.HandleDeleteProject, l),
  165. mw.URLParam,
  166. mw.WriteAccess,
  167. ),
  168. )
  169. // /api/projects/{project_id}/infra routes
  170. r.Method(
  171. "GET",
  172. "/projects/{project_id}/infra",
  173. auth.DoesUserHaveProjectAccess(
  174. requestlog.NewHandler(a.HandleListProjectInfra, l),
  175. mw.URLParam,
  176. mw.ReadAccess,
  177. ),
  178. )
  179. // /api/projects/{project_id}/provision routes
  180. r.Method(
  181. "POST",
  182. "/projects/{project_id}/provision/test",
  183. auth.DoesUserHaveProjectAccess(
  184. requestlog.NewHandler(a.HandleProvisionTestInfra, l),
  185. mw.URLParam,
  186. mw.ReadAccess,
  187. ),
  188. )
  189. r.Method(
  190. "POST",
  191. "/projects/{project_id}/provision/ecr",
  192. auth.DoesUserHaveProjectAccess(
  193. auth.DoesUserHaveAWSIntegrationAccess(
  194. requestlog.NewHandler(a.HandleProvisionAWSECRInfra, l),
  195. mw.URLParam,
  196. mw.BodyParam,
  197. false,
  198. ),
  199. mw.URLParam,
  200. mw.ReadAccess,
  201. ),
  202. )
  203. r.Method(
  204. "POST",
  205. "/projects/{project_id}/provision/eks",
  206. auth.DoesUserHaveProjectAccess(
  207. auth.DoesUserHaveAWSIntegrationAccess(
  208. requestlog.NewHandler(a.HandleProvisionAWSEKSInfra, l),
  209. mw.URLParam,
  210. mw.BodyParam,
  211. false,
  212. ),
  213. mw.URLParam,
  214. mw.ReadAccess,
  215. ),
  216. )
  217. r.Method(
  218. "POST",
  219. "/projects/{project_id}/provision/gcr",
  220. auth.DoesUserHaveProjectAccess(
  221. auth.DoesUserHaveGCPIntegrationAccess(
  222. requestlog.NewHandler(a.HandleProvisionGCPGCRInfra, l),
  223. mw.URLParam,
  224. mw.BodyParam,
  225. false,
  226. ),
  227. mw.URLParam,
  228. mw.ReadAccess,
  229. ),
  230. )
  231. r.Method(
  232. "POST",
  233. "/projects/{project_id}/provision/gke",
  234. auth.DoesUserHaveProjectAccess(
  235. auth.DoesUserHaveGCPIntegrationAccess(
  236. requestlog.NewHandler(a.HandleProvisionGCPGKEInfra, l),
  237. mw.URLParam,
  238. mw.BodyParam,
  239. false,
  240. ),
  241. mw.URLParam,
  242. mw.ReadAccess,
  243. ),
  244. )
  245. r.Method(
  246. "POST",
  247. "/projects/{project_id}/provision/docr",
  248. auth.DoesUserHaveProjectAccess(
  249. auth.DoesUserHaveDOIntegrationAccess(
  250. requestlog.NewHandler(a.HandleProvisionDODOCRInfra, l),
  251. mw.URLParam,
  252. mw.BodyParam,
  253. false,
  254. ),
  255. mw.URLParam,
  256. mw.ReadAccess,
  257. ),
  258. )
  259. r.Method(
  260. "POST",
  261. "/projects/{project_id}/provision/doks",
  262. auth.DoesUserHaveProjectAccess(
  263. auth.DoesUserHaveDOIntegrationAccess(
  264. requestlog.NewHandler(a.HandleProvisionDODOKSInfra, l),
  265. mw.URLParam,
  266. mw.BodyParam,
  267. false,
  268. ),
  269. mw.URLParam,
  270. mw.ReadAccess,
  271. ),
  272. )
  273. r.Method(
  274. "GET",
  275. "/projects/{project_id}/provision/{kind}/{infra_id}/logs",
  276. auth.DoesUserHaveProjectAccess(
  277. auth.DoesUserHaveInfraAccess(
  278. requestlog.NewHandler(a.HandleGetProvisioningLogs, l),
  279. mw.URLParam,
  280. mw.URLParam,
  281. ),
  282. mw.URLParam,
  283. mw.ReadAccess,
  284. ),
  285. )
  286. r.Method(
  287. "POST",
  288. "/projects/{project_id}/provision/{kind}/{infra_id}/logs",
  289. auth.DoesUserHaveProjectAccess(
  290. auth.DoesUserHaveInfraAccess(
  291. requestlog.NewHandler(a.HandleGetProvisioningLogs, l),
  292. mw.URLParam,
  293. mw.URLParam,
  294. ),
  295. mw.URLParam,
  296. mw.ReadAccess,
  297. ),
  298. )
  299. r.Method(
  300. "POST",
  301. "/projects/{project_id}/infra/{infra_id}/ecr/destroy",
  302. auth.DoesUserHaveProjectAccess(
  303. auth.DoesUserHaveInfraAccess(
  304. requestlog.NewHandler(a.HandleDestroyAWSECRInfra, l),
  305. mw.URLParam,
  306. mw.URLParam,
  307. ),
  308. mw.URLParam,
  309. mw.ReadAccess,
  310. ),
  311. )
  312. r.Method(
  313. "POST",
  314. "/projects/{project_id}/infra/{infra_id}/test/destroy",
  315. auth.DoesUserHaveProjectAccess(
  316. auth.DoesUserHaveInfraAccess(
  317. requestlog.NewHandler(a.HandleDestroyTestInfra, l),
  318. mw.URLParam,
  319. mw.URLParam,
  320. ),
  321. mw.URLParam,
  322. mw.ReadAccess,
  323. ),
  324. )
  325. r.Method(
  326. "POST",
  327. "/projects/{project_id}/infra/{infra_id}/eks/destroy",
  328. auth.DoesUserHaveProjectAccess(
  329. auth.DoesUserHaveInfraAccess(
  330. requestlog.NewHandler(a.HandleDestroyAWSEKSInfra, l),
  331. mw.URLParam,
  332. mw.URLParam,
  333. ),
  334. mw.URLParam,
  335. mw.ReadAccess,
  336. ),
  337. )
  338. r.Method(
  339. "POST",
  340. "/projects/{project_id}/infra/{infra_id}/gke/destroy",
  341. auth.DoesUserHaveProjectAccess(
  342. auth.DoesUserHaveInfraAccess(
  343. requestlog.NewHandler(a.HandleDestroyGCPGKEInfra, l),
  344. mw.URLParam,
  345. mw.URLParam,
  346. ),
  347. mw.URLParam,
  348. mw.ReadAccess,
  349. ),
  350. )
  351. r.Method(
  352. "POST",
  353. "/projects/{project_id}/infra/{infra_id}/docr/destroy",
  354. auth.DoesUserHaveProjectAccess(
  355. auth.DoesUserHaveInfraAccess(
  356. requestlog.NewHandler(a.HandleDestroyDODOCRInfra, l),
  357. mw.URLParam,
  358. mw.URLParam,
  359. ),
  360. mw.URLParam,
  361. mw.ReadAccess,
  362. ),
  363. )
  364. r.Method(
  365. "POST",
  366. "/projects/{project_id}/infra/{infra_id}/doks/destroy",
  367. auth.DoesUserHaveProjectAccess(
  368. auth.DoesUserHaveInfraAccess(
  369. requestlog.NewHandler(a.HandleDestroyDODOKSInfra, l),
  370. mw.URLParam,
  371. mw.URLParam,
  372. ),
  373. mw.URLParam,
  374. mw.ReadAccess,
  375. ),
  376. )
  377. // /api/projects/{project_id}/clusters routes
  378. r.Method(
  379. "GET",
  380. "/projects/{project_id}/clusters",
  381. auth.DoesUserHaveProjectAccess(
  382. requestlog.NewHandler(a.HandleListProjectClusters, l),
  383. mw.URLParam,
  384. mw.ReadAccess,
  385. ),
  386. )
  387. r.Method(
  388. "POST",
  389. "/projects/{project_id}/clusters",
  390. auth.DoesUserHaveProjectAccess(
  391. auth.DoesUserHaveAWSIntegrationAccess(
  392. auth.DoesUserHaveGCPIntegrationAccess(
  393. requestlog.NewHandler(a.HandleCreateProjectCluster, l),
  394. mw.URLParam,
  395. mw.BodyParam,
  396. true,
  397. ),
  398. mw.URLParam,
  399. mw.BodyParam,
  400. true,
  401. ),
  402. mw.URLParam,
  403. mw.WriteAccess,
  404. ),
  405. )
  406. r.Method(
  407. "GET",
  408. "/projects/{project_id}/clusters/{cluster_id}",
  409. auth.DoesUserHaveProjectAccess(
  410. auth.DoesUserHaveClusterAccess(
  411. requestlog.NewHandler(a.HandleReadProjectCluster, l),
  412. mw.URLParam,
  413. mw.URLParam,
  414. ),
  415. mw.URLParam,
  416. mw.ReadAccess,
  417. ),
  418. )
  419. r.Method(
  420. "POST",
  421. "/projects/{project_id}/clusters/{cluster_id}",
  422. auth.DoesUserHaveProjectAccess(
  423. auth.DoesUserHaveClusterAccess(
  424. requestlog.NewHandler(a.HandleUpdateProjectCluster, l),
  425. mw.URLParam,
  426. mw.URLParam,
  427. ),
  428. mw.URLParam,
  429. mw.WriteAccess,
  430. ),
  431. )
  432. r.Method(
  433. "DELETE",
  434. "/projects/{project_id}/clusters/{cluster_id}",
  435. auth.DoesUserHaveProjectAccess(
  436. auth.DoesUserHaveClusterAccess(
  437. requestlog.NewHandler(a.HandleDeleteProjectCluster, l),
  438. mw.URLParam,
  439. mw.URLParam,
  440. ),
  441. mw.URLParam,
  442. mw.WriteAccess,
  443. ),
  444. )
  445. // /api/projects/{project_id}/clusters/candidates routes
  446. r.Method(
  447. "POST",
  448. "/projects/{project_id}/clusters/candidates",
  449. auth.DoesUserHaveProjectAccess(
  450. requestlog.NewHandler(a.HandleCreateProjectClusterCandidates, l),
  451. mw.URLParam,
  452. mw.WriteAccess,
  453. ),
  454. )
  455. r.Method(
  456. "GET",
  457. "/projects/{project_id}/clusters/candidates",
  458. auth.DoesUserHaveProjectAccess(
  459. requestlog.NewHandler(a.HandleListProjectClusterCandidates, l),
  460. mw.URLParam,
  461. mw.WriteAccess,
  462. ),
  463. )
  464. r.Method(
  465. "POST",
  466. "/projects/{project_id}/clusters/candidates/{candidate_id}/resolve",
  467. auth.DoesUserHaveProjectAccess(
  468. requestlog.NewHandler(a.HandleResolveClusterCandidate, l),
  469. mw.URLParam,
  470. mw.WriteAccess,
  471. ),
  472. )
  473. // /api/projects/{project_id}/integrations routes
  474. r.Method(
  475. "POST",
  476. "/projects/{project_id}/integrations/gcp",
  477. auth.DoesUserHaveProjectAccess(
  478. requestlog.NewHandler(a.HandleCreateGCPIntegration, l),
  479. mw.URLParam,
  480. mw.WriteAccess,
  481. ),
  482. )
  483. r.Method(
  484. "POST",
  485. "/projects/{project_id}/integrations/aws",
  486. auth.DoesUserHaveProjectAccess(
  487. requestlog.NewHandler(a.HandleCreateAWSIntegration, l),
  488. mw.URLParam,
  489. mw.WriteAccess,
  490. ),
  491. )
  492. r.Method(
  493. "POST",
  494. "/projects/{project_id}/integrations/basic",
  495. auth.DoesUserHaveProjectAccess(
  496. requestlog.NewHandler(a.HandleCreateBasicAuthIntegration, l),
  497. mw.URLParam,
  498. mw.WriteAccess,
  499. ),
  500. )
  501. r.Method(
  502. "GET",
  503. "/projects/{project_id}/integrations/oauth",
  504. auth.DoesUserHaveProjectAccess(
  505. requestlog.NewHandler(a.HandleListProjectOAuthIntegrations, l),
  506. mw.URLParam,
  507. mw.WriteAccess,
  508. ),
  509. )
  510. // /api/projects/{project_id}/helmrepos routes
  511. r.Method(
  512. "POST",
  513. "/projects/{project_id}/helmrepos",
  514. auth.DoesUserHaveProjectAccess(
  515. auth.DoesUserHaveAWSIntegrationAccess(
  516. auth.DoesUserHaveGCPIntegrationAccess(
  517. requestlog.NewHandler(a.HandleCreateHelmRepo, l),
  518. mw.URLParam,
  519. mw.BodyParam,
  520. true,
  521. ),
  522. mw.URLParam,
  523. mw.BodyParam,
  524. true,
  525. ),
  526. mw.URLParam,
  527. mw.WriteAccess,
  528. ),
  529. )
  530. r.Method(
  531. "GET",
  532. "/projects/{project_id}/helmrepos",
  533. auth.DoesUserHaveProjectAccess(
  534. requestlog.NewHandler(a.HandleListProjectHelmRepos, l),
  535. mw.URLParam,
  536. mw.WriteAccess,
  537. ),
  538. )
  539. r.Method(
  540. "GET",
  541. "/projects/{project_id}/helmrepos/{helm_id}/charts",
  542. auth.DoesUserHaveProjectAccess(
  543. requestlog.NewHandler(a.HandleListHelmRepoCharts, l),
  544. mw.URLParam,
  545. mw.WriteAccess,
  546. ),
  547. )
  548. // /api/projects/{project_id}/registries routes
  549. r.Method(
  550. "POST",
  551. "/projects/{project_id}/registries",
  552. auth.DoesUserHaveProjectAccess(
  553. auth.DoesUserHaveAWSIntegrationAccess(
  554. auth.DoesUserHaveGCPIntegrationAccess(
  555. auth.DoesUserHaveDOIntegrationAccess(
  556. requestlog.NewHandler(a.HandleCreateRegistry, l),
  557. mw.URLParam,
  558. mw.BodyParam,
  559. true,
  560. ),
  561. mw.URLParam,
  562. mw.BodyParam,
  563. true,
  564. ),
  565. mw.URLParam,
  566. mw.BodyParam,
  567. true,
  568. ),
  569. mw.URLParam,
  570. mw.WriteAccess,
  571. ),
  572. )
  573. r.Method(
  574. "GET",
  575. "/projects/{project_id}/registries",
  576. auth.DoesUserHaveProjectAccess(
  577. requestlog.NewHandler(a.HandleListProjectRegistries, l),
  578. mw.URLParam,
  579. mw.WriteAccess,
  580. ),
  581. )
  582. r.Method(
  583. "POST",
  584. "/projects/{project_id}/registries/{registry_id}",
  585. auth.DoesUserHaveProjectAccess(
  586. auth.DoesUserHaveRegistryAccess(
  587. requestlog.NewHandler(a.HandleUpdateProjectRegistry, l),
  588. mw.URLParam,
  589. mw.URLParam,
  590. ),
  591. mw.URLParam,
  592. mw.WriteAccess,
  593. ),
  594. )
  595. r.Method(
  596. "GET",
  597. "/projects/{project_id}/registries/ecr/{region}/token",
  598. auth.DoesUserHaveProjectAccess(
  599. requestlog.NewHandler(a.HandleGetProjectRegistryECRToken, l),
  600. mw.URLParam,
  601. mw.WriteAccess,
  602. ),
  603. )
  604. r.Method(
  605. "GET",
  606. "/projects/{project_id}/registries/gcr/token",
  607. auth.DoesUserHaveProjectAccess(
  608. requestlog.NewHandler(a.HandleGetProjectRegistryGCRToken, l),
  609. mw.URLParam,
  610. mw.WriteAccess,
  611. ),
  612. )
  613. r.Method(
  614. "GET",
  615. "/projects/{project_id}/registries/docr/token",
  616. auth.DoesUserHaveProjectAccess(
  617. requestlog.NewHandler(a.HandleGetProjectRegistryDOCRToken, l),
  618. mw.URLParam,
  619. mw.WriteAccess,
  620. ),
  621. )
  622. r.Method(
  623. "DELETE",
  624. "/projects/{project_id}/registries/{registry_id}",
  625. auth.DoesUserHaveProjectAccess(
  626. auth.DoesUserHaveRegistryAccess(
  627. requestlog.NewHandler(a.HandleDeleteProjectRegistry, l),
  628. mw.URLParam,
  629. mw.URLParam,
  630. ),
  631. mw.URLParam,
  632. mw.WriteAccess,
  633. ),
  634. )
  635. // /api/projects/{project_id}/registries/{registry_id}/repositories routes
  636. r.Method(
  637. "GET",
  638. "/projects/{project_id}/registries/{registry_id}/repositories",
  639. auth.DoesUserHaveProjectAccess(
  640. auth.DoesUserHaveRegistryAccess(
  641. requestlog.NewHandler(a.HandleListRepositories, l),
  642. mw.URLParam,
  643. mw.URLParam,
  644. ),
  645. mw.URLParam,
  646. mw.WriteAccess,
  647. ),
  648. )
  649. r.Method(
  650. "GET",
  651. // * is the repo name, which can itself be nested
  652. // for example, for GCR this is project-id/repo
  653. // need to use wildcard, see https://github.com/go-chi/chi/issues/243
  654. "/projects/{project_id}/registries/{registry_id}/repositories/*",
  655. auth.DoesUserHaveProjectAccess(
  656. auth.DoesUserHaveRegistryAccess(
  657. requestlog.NewHandler(a.HandleListImages, l),
  658. mw.URLParam,
  659. mw.URLParam,
  660. ),
  661. mw.URLParam,
  662. mw.WriteAccess,
  663. ),
  664. )
  665. // /api/projects/{project_id}/releases routes
  666. r.Method(
  667. "GET",
  668. "/projects/{project_id}/releases",
  669. auth.DoesUserHaveProjectAccess(
  670. auth.DoesUserHaveClusterAccess(
  671. requestlog.NewHandler(a.HandleListReleases, l),
  672. mw.URLParam,
  673. mw.QueryParam,
  674. ),
  675. mw.URLParam,
  676. mw.ReadAccess,
  677. ),
  678. )
  679. r.Method(
  680. "GET",
  681. "/projects/{project_id}/releases/{name}/{revision}/components",
  682. auth.DoesUserHaveProjectAccess(
  683. auth.DoesUserHaveClusterAccess(
  684. requestlog.NewHandler(a.HandleGetReleaseComponents, l),
  685. mw.URLParam,
  686. mw.QueryParam,
  687. ),
  688. mw.URLParam,
  689. mw.ReadAccess,
  690. ),
  691. )
  692. r.Method(
  693. "GET",
  694. "/projects/{project_id}/releases/{name}/{revision}/controllers",
  695. auth.DoesUserHaveProjectAccess(
  696. auth.DoesUserHaveClusterAccess(
  697. requestlog.NewHandler(a.HandleGetReleaseControllers, l),
  698. mw.URLParam,
  699. mw.QueryParam,
  700. ),
  701. mw.URLParam,
  702. mw.ReadAccess,
  703. ),
  704. )
  705. r.Method(
  706. "GET",
  707. "/projects/{project_id}/releases/{name}/history",
  708. auth.DoesUserHaveProjectAccess(
  709. auth.DoesUserHaveClusterAccess(
  710. requestlog.NewHandler(a.HandleListReleaseHistory, l),
  711. mw.URLParam,
  712. mw.QueryParam,
  713. ),
  714. mw.URLParam,
  715. mw.ReadAccess,
  716. ),
  717. )
  718. r.Method(
  719. "GET",
  720. "/projects/{project_id}/releases/{name}/webhook_token",
  721. auth.DoesUserHaveProjectAccess(
  722. auth.DoesUserHaveClusterAccess(
  723. requestlog.NewHandler(a.HandleGetReleaseToken, l),
  724. mw.URLParam,
  725. mw.QueryParam,
  726. ),
  727. mw.URLParam,
  728. mw.ReadAccess,
  729. ),
  730. )
  731. r.Method(
  732. "POST",
  733. "/projects/{project_id}/releases/{name}/upgrade",
  734. auth.DoesUserHaveProjectAccess(
  735. auth.DoesUserHaveClusterAccess(
  736. requestlog.NewHandler(a.HandleUpgradeRelease, l),
  737. mw.URLParam,
  738. mw.QueryParam,
  739. ),
  740. mw.URLParam,
  741. mw.ReadAccess,
  742. ),
  743. )
  744. r.Method(
  745. "GET",
  746. "/projects/{project_id}/releases/{name}/{revision}",
  747. auth.DoesUserHaveProjectAccess(
  748. auth.DoesUserHaveClusterAccess(
  749. requestlog.NewHandler(a.HandleGetRelease, l),
  750. mw.URLParam,
  751. mw.QueryParam,
  752. ),
  753. mw.URLParam,
  754. mw.ReadAccess,
  755. ),
  756. )
  757. r.Method(
  758. "POST",
  759. "/projects/{project_id}/releases/{name}/rollback",
  760. auth.DoesUserHaveProjectAccess(
  761. auth.DoesUserHaveClusterAccess(
  762. requestlog.NewHandler(a.HandleRollbackRelease, l),
  763. mw.URLParam,
  764. mw.QueryParam,
  765. ),
  766. mw.URLParam,
  767. mw.ReadAccess,
  768. ),
  769. )
  770. // r.Method(
  771. // "POST",
  772. // "/projects/{project_id}/releases/{name}/upgrade/hook",
  773. // requestlog.NewHandler(a.HandleReleaseDeployHook, l),
  774. // )
  775. r.Method(
  776. "POST",
  777. "/webhooks/deploy/{token}",
  778. requestlog.NewHandler(a.HandleReleaseDeployWebhook, l),
  779. )
  780. // /api/projects/{project_id}/gitrepos routes
  781. r.Method(
  782. "GET",
  783. "/projects/{project_id}/gitrepos",
  784. auth.DoesUserHaveProjectAccess(
  785. requestlog.NewHandler(a.HandleListProjectGitRepos, l),
  786. mw.URLParam,
  787. mw.ReadAccess,
  788. ),
  789. )
  790. r.Method(
  791. "GET",
  792. "/projects/{project_id}/gitrepos/{git_repo_id}/repos",
  793. auth.DoesUserHaveProjectAccess(
  794. auth.DoesUserHaveGitRepoAccess(
  795. requestlog.NewHandler(a.HandleListRepos, l),
  796. mw.URLParam,
  797. mw.QueryParam,
  798. ),
  799. mw.URLParam,
  800. mw.ReadAccess,
  801. ),
  802. )
  803. r.Method(
  804. "GET",
  805. "/projects/{project_id}/gitrepos/{git_repo_id}/repos/{kind}/{name}/branches",
  806. auth.DoesUserHaveProjectAccess(
  807. auth.DoesUserHaveGitRepoAccess(
  808. requestlog.NewHandler(a.HandleGetBranches, l),
  809. mw.URLParam,
  810. mw.QueryParam,
  811. ),
  812. mw.URLParam,
  813. mw.ReadAccess,
  814. ),
  815. )
  816. r.Method(
  817. "GET",
  818. "/projects/{project_id}/gitrepos/{git_repo_id}/repos/{kind}/{name}/{branch}/contents",
  819. auth.DoesUserHaveProjectAccess(
  820. auth.DoesUserHaveGitRepoAccess(
  821. requestlog.NewHandler(a.HandleGetBranchContents, l),
  822. mw.URLParam,
  823. mw.QueryParam,
  824. ),
  825. mw.URLParam,
  826. mw.ReadAccess,
  827. ),
  828. )
  829. // /api/projects/{project_id}/deploy routes
  830. r.Method(
  831. "POST",
  832. "/projects/{project_id}/deploy/{name}/{version}",
  833. auth.DoesUserHaveProjectAccess(
  834. auth.DoesUserHaveClusterAccess(
  835. requestlog.NewHandler(a.HandleDeployTemplate, l),
  836. mw.URLParam,
  837. mw.QueryParam,
  838. ),
  839. mw.URLParam,
  840. mw.ReadAccess,
  841. ),
  842. )
  843. // /api/projects/{project_id}/deploy routes
  844. r.Method(
  845. "POST",
  846. "/projects/{project_id}/deploy/{name}",
  847. auth.DoesUserHaveProjectAccess(
  848. auth.DoesUserHaveClusterAccess(
  849. requestlog.NewHandler(a.HandleUninstallTemplate, l),
  850. mw.URLParam,
  851. mw.QueryParam,
  852. ),
  853. mw.URLParam,
  854. mw.ReadAccess,
  855. ),
  856. )
  857. // /api/projects/{project_id}/k8s routes
  858. r.Method(
  859. "GET",
  860. "/projects/{project_id}/k8s/namespaces",
  861. auth.DoesUserHaveProjectAccess(
  862. auth.DoesUserHaveClusterAccess(
  863. requestlog.NewHandler(a.HandleListNamespaces, l),
  864. mw.URLParam,
  865. mw.QueryParam,
  866. ),
  867. mw.URLParam,
  868. mw.ReadAccess,
  869. ),
  870. )
  871. r.Method(
  872. "GET",
  873. "/projects/{project_id}/k8s/{namespace}/pod/{name}/logs",
  874. auth.DoesUserHaveProjectAccess(
  875. auth.DoesUserHaveClusterAccess(
  876. requestlog.NewHandler(a.HandleGetPodLogs, l),
  877. mw.URLParam,
  878. mw.QueryParam,
  879. ),
  880. mw.URLParam,
  881. mw.ReadAccess,
  882. ),
  883. )
  884. r.Method(
  885. "GET",
  886. "/projects/{project_id}/k8s/{namespace}/ingress/{name}",
  887. auth.DoesUserHaveProjectAccess(
  888. auth.DoesUserHaveClusterAccess(
  889. requestlog.NewHandler(a.HandleGetIngress, l),
  890. mw.URLParam,
  891. mw.QueryParam,
  892. ),
  893. mw.URLParam,
  894. mw.ReadAccess,
  895. ),
  896. )
  897. r.Method(
  898. "GET",
  899. "/projects/{project_id}/k8s/{kind}/status",
  900. auth.DoesUserHaveProjectAccess(
  901. auth.DoesUserHaveClusterAccess(
  902. requestlog.NewHandler(a.HandleStreamControllerStatus, l),
  903. mw.URLParam,
  904. mw.QueryParam,
  905. ),
  906. mw.URLParam,
  907. mw.ReadAccess,
  908. ),
  909. )
  910. r.Method(
  911. "GET",
  912. "/projects/{project_id}/k8s/pods",
  913. auth.DoesUserHaveProjectAccess(
  914. auth.DoesUserHaveClusterAccess(
  915. requestlog.NewHandler(a.HandleListPods, l),
  916. mw.URLParam,
  917. mw.QueryParam,
  918. ),
  919. mw.URLParam,
  920. mw.ReadAccess,
  921. ),
  922. )
  923. })
  924. staticFilePath := a.ServerConf.StaticFilePath
  925. fs := http.FileServer(http.Dir(staticFilePath))
  926. r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
  927. if _, err := os.Stat(staticFilePath + r.RequestURI); os.IsNotExist(err) {
  928. http.StripPrefix(r.URL.Path, fs).ServeHTTP(w, r)
  929. } else {
  930. fs.ServeHTTP(w, r)
  931. }
  932. })
  933. return r
  934. }