You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by mi...@apache.org on 2018/07/11 16:31:20 UTC
[trafficcontrol] 03/04: Add TO Go
deliveryservices/xmlId/copyFromXmlId
This is an automated email from the ASF dual-hosted git repository.
mitchell852 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
commit 810816f3a18f380f1dc0779d62c9b5b7db430446
Author: Robert Butts <ro...@apache.org>
AuthorDate: Tue Jun 19 21:55:45 2018 -0600
Add TO Go deliveryservices/xmlId/copyFromXmlId
---
.../traffic_ops_golang/deliveryservice/urlkey.go | 81 ++++++++++++++++++++++
traffic_ops/traffic_ops_golang/riaksvc/dsutil.go | 21 ++++++
traffic_ops/traffic_ops_golang/routes.go | 1 +
3 files changed, 103 insertions(+)
diff --git a/traffic_ops/traffic_ops_golang/deliveryservice/urlkey.go b/traffic_ops/traffic_ops_golang/deliveryservice/urlkey.go
index aae1cbb..4f9f4e2 100644
--- a/traffic_ops/traffic_ops_golang/deliveryservice/urlkey.go
+++ b/traffic_ops/traffic_ops_golang/deliveryservice/urlkey.go
@@ -147,6 +147,87 @@ func GetURLKeysByName(w http.ResponseWriter, r *http.Request) {
api.WriteResp(w, r, keys)
}
+func CopyURLKeys(w http.ResponseWriter, r *http.Request) {
+ inf, userErr, sysErr, errCode := api.NewInfo(r, []string{"name", "copy-name"}, nil)
+ if userErr != nil || sysErr != nil {
+ api.HandleErr(w, r, errCode, userErr, sysErr)
+ return
+ }
+ defer inf.Close()
+
+ if inf.Config.RiakEnabled == false {
+ api.HandleErr(w, r, http.StatusInternalServerError, userErr, errors.New("deliveryservice.DeleteSSLKeys: Riak is not configured!"))
+ return
+ }
+
+ ds := tc.DeliveryServiceName(inf.Params["name"])
+ copyDS := tc.DeliveryServiceName(inf.Params["copy-name"])
+
+ // TODO create a helper function to check all this in a single line.
+ ok, err := tenant.IsTenancyEnabledTx(inf.Tx.Tx)
+ if err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("checking tenancy enabled: "+err.Error()))
+ return
+ }
+ if ok {
+ dsTenantID, ok, err := GetDSTenantIDByNameTx(inf.Tx.Tx, ds)
+ if err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("checking tenant: "+err.Error()))
+ return
+ }
+ if !ok {
+ api.HandleErr(w, r, http.StatusNotFound, errors.New("delivery service "+string(ds)+" not found"), nil)
+ return
+ }
+ if dsTenantID != nil {
+ if authorized, err := tenant.IsResourceAuthorizedToUserTx(*dsTenantID, inf.User, inf.Tx.Tx); err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("checking tenant: "+err.Error()))
+ return
+ } else if !authorized {
+ api.HandleErr(w, r, http.StatusForbidden, errors.New("not authorized on this tenant"), nil)
+ return
+ }
+ }
+
+ {
+ copyDSTenantID, ok, err := GetDSTenantIDByNameTx(inf.Tx.Tx, copyDS)
+ if err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("checking tenant: "+err.Error()))
+ return
+ }
+ if !ok {
+ api.HandleErr(w, r, http.StatusNotFound, errors.New("delivery service "+string(ds)+" not found"), nil)
+ return
+ }
+ if copyDSTenantID != nil {
+ if authorized, err := tenant.IsResourceAuthorizedToUserTx(*copyDSTenantID, inf.User, inf.Tx.Tx); err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("checking tenant: "+err.Error()))
+ return
+ } else if !authorized {
+ api.HandleErr(w, r, http.StatusForbidden, errors.New("not authorized on this copy tenant"), nil)
+ return
+ }
+ }
+ }
+ }
+
+ keys, ok, err := riaksvc.GetURLSigKeys(inf.Tx.Tx, inf.Config.RiakAuthOptions, copyDS)
+ if err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("getting URL Sig keys from riak: "+err.Error()))
+ return
+ }
+ if !ok {
+ api.HandleErr(w, r, http.StatusBadRequest, errors.New("Unable to retrieve keys from Delivery Service '"+string(copyDS)+"'"), nil)
+ return
+ }
+
+ if err := riaksvc.PutURLSigKeys(inf.Tx.Tx, inf.Config.RiakAuthOptions, ds, keys); err != nil {
+ api.HandleErr(w, r, http.StatusInternalServerError, nil, errors.New("setting URL Sig keys for '"+string(ds)+" copied from "+string(copyDS)+": "+err.Error()))
+ return
+ }
+ api.WriteRespAlert(w, r, tc.SuccessLevel, "Successfully copied and stored keys")
+}
+
// GetDSNameFromID loads the DeliveryService's xml_id from the database, from the ID. Returns whether the delivery service was found, and any error.
// TODO move somewhere generic
func GetDSNameFromID(tx *sql.Tx, id int) (tc.DeliveryServiceName, bool, error) {
diff --git a/traffic_ops/traffic_ops_golang/riaksvc/dsutil.go b/traffic_ops/traffic_ops_golang/riaksvc/dsutil.go
index 81b5377..7c543a4 100644
--- a/traffic_ops/traffic_ops_golang/riaksvc/dsutil.go
+++ b/traffic_ops/traffic_ops_golang/riaksvc/dsutil.go
@@ -288,3 +288,24 @@ func GetURLSigKeys(tx *sql.Tx, authOpts *riak.AuthOptions, ds tc.DeliveryService
}
return val, found, nil
}
+
+func PutURLSigKeys(tx *sql.Tx, authOpts *riak.AuthOptions, ds tc.DeliveryServiceName, keys tc.URLSigKeys) error {
+ keyJSON, err := json.Marshal(&keys)
+ if err != nil {
+ return errors.New("marshalling keys: " + err.Error())
+ }
+ err = WithClusterTx(tx, authOpts, func(cluster StorageCluster) error {
+ obj := &riak.Object{
+ ContentType: "application/json",
+ Charset: "utf-8",
+ ContentEncoding: "utf-8",
+ Key: GetURLSigConfigFileName(ds),
+ Value: []byte(keyJSON),
+ }
+ if err = SaveObject(obj, URLSigKeysBucket, cluster); err != nil {
+ return errors.New("saving Riak object: " + err.Error())
+ }
+ return nil
+ })
+ return err
+}
diff --git a/traffic_ops/traffic_ops_golang/routes.go b/traffic_ops/traffic_ops_golang/routes.go
index 3af2c25..3298441 100644
--- a/traffic_ops/traffic_ops_golang/routes.go
+++ b/traffic_ops/traffic_ops_golang/routes.go
@@ -369,6 +369,7 @@ func Routes(d ServerData) ([]Route, []RawRoute, http.Handler, error) {
{1.1, http.MethodGet, `deliveryservices/{id}/servers/eligible/?(\.json)?$`, deliveryservice.GetServersEligible, auth.PrivLevelReadOnly, Authenticated, nil},
{1.1, http.MethodPost, `deliveryservices/sslkeys/generate/?(\.json)?$`, deliveryservice.GenerateSSLKeys, auth.PrivLevelOperations, Authenticated, nil},
+ {1.1, http.MethodPost, `deliveryservices/xmlId/{name}/urlkeys/copyFromXmlId/{copy-name}/?(\.json)?$`, deliveryservice.CopyURLKeys, auth.PrivLevelOperations, Authenticated, nil},
{1.1, http.MethodGet, `deliveryservices/xmlId/{name}/urlkeys/?(\.json)?$`, deliveryservice.GetURLKeysByName, auth.PrivLevelReadOnly, Authenticated, nil},
{1.1, http.MethodGet, `deliveryservices/{id}/urlkeys/?(\.json)?$`, deliveryservice.GetURLKeysByID, auth.PrivLevelReadOnly, Authenticated, nil},
{1.1, http.MethodGet, `riak/bucket/{bucket}/key/{key}/values/?(\.json)?$`, apiriak.GetBucketKey, auth.PrivLevelAdmin, Authenticated, nil},