Mercurial > gemma

view pkg/controllers/routes.go @ 801:b6a1779ffb42

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Removed old cross section controller.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Thu, 27 Sep 2018 13:18:50 +0200
parents e6f8d58434f4
children 98a7776100fb
line wrap: on
line source

package controllers

import (
	"net/http"
	"net/http/httputil"

	"github.com/gorilla/mux"

	"gemma.intevation.de/gemma/pkg/auth"
	"gemma.intevation.de/gemma/pkg/middleware"
	"gemma.intevation.de/gemma/pkg/models"
)

func BindRoutes(m *mux.Router) {

	api := m.PathPrefix("/api").Subrouter()

	var (
		sysAdmin = auth.EnsureRole("sys_admin")
		any      = auth.EnsureRole("sys_admin", "waterway_admin", "waterway_user")
	)

	// User management.
	api.Handle("/users", any(&JSONHandler{
		Handle: listUsers,
	})).Methods(http.MethodGet)

	api.Handle("/users", sysAdmin(&JSONHandler{
		Input:  func() interface{} { return new(models.User) },
		Handle: createUser,
	})).Methods(http.MethodPost)

	api.Handle("/users/{user}", any(&JSONHandler{
		Handle: listUser,
	})).Methods(http.MethodGet)

	api.Handle("/users/{user}", any(&JSONHandler{
		Input:  func() interface{} { return new(models.User) },
		Handle: updateUser,
	})).Methods(http.MethodPut)

	api.Handle("/users/{user}", sysAdmin(&JSONHandler{
		Handle: deleteUser,
	})).Methods(http.MethodDelete)

	// System Management
	api.Handle("/system/log/{service}/{file}", sysAdmin(&JSONHandler{
		Handle: showSystemLog,
		NoConn: true,
	})).Methods(http.MethodGet)

	// Password resets.
	api.Handle("/users/passwordreset", &JSONHandler{
		Input:  func() interface{} { return new(models.PWResetUser) },
		Handle: passwordResetRequest,
		NoConn: true,
	}).Methods(http.MethodPost)

	api.Handle("/users/passwordreset/{hash}", &JSONHandler{
		Handle: passwordReset,
		NoConn: true,
	}).Methods(http.MethodGet)

	// External proxies.
	external := &httputil.ReverseProxy{
		Director:       proxyDirector(models.ExternalServices.Find),
		ModifyResponse: proxyModifyResponse("/api/external/"),
	}

	externalAuth := any(external)

	api.Handle("/external/{hash}/{url}", externalAuth).
		Methods(
			http.MethodGet, http.MethodPost,
			http.MethodPut, http.MethodDelete)

	api.Handle("/external/{entry}", externalAuth).
		Methods(
			http.MethodGet, http.MethodPost,
			http.MethodPut, http.MethodDelete)

	// Internal proxies.
	internal := &httputil.ReverseProxy{
		Director:       proxyDirector(models.InternalServices.Find),
		ModifyResponse: proxyModifyResponse("/api/internal/"),
	}

	internalAuth := any(
		middleware.ModifyQuery(internal, middleware.InjectUser))

	api.Handle("/internal/{hash}/{url}", internalAuth).
		Methods(
			http.MethodGet, http.MethodPost,
			http.MethodPut, http.MethodDelete)

	api.Handle("/internal/{entry}", internalAuth).
		Methods(
			http.MethodGet, http.MethodPost,
			http.MethodPut, http.MethodDelete)

	api.Handle("/published", any(&JSONHandler{
		Handle: published,
		NoConn: true,
	})).Methods(http.MethodGet)

	// Cross sections

	api.Handle("/cross", any(&JSONHandler{
		Input:  func() interface{} { return new(models.CrossSectionInput) },
		Handle: crossSection,
	})).Methods(http.MethodPost)

	// Feature search
	api.Handle("/search", any(&JSONHandler{
		Input:  func() interface{} { return new(models.SearchRequest) },
		Handle: searchFeature,
	})).Methods(http.MethodPost)

	// Token handling: Login/Logout.
	api.HandleFunc("/login", login).
		Methods(http.MethodPost)
	api.Handle("/logout", auth.SessionMiddleware(http.HandlerFunc(logout))).
		Methods(http.MethodGet, http.MethodPost)
	api.Handle("/renew", auth.SessionMiddleware(http.HandlerFunc(renew))).
		Methods(http.MethodGet, http.MethodPost)
}