netbird/management/server/http/users.go

package http

import (
	"github.com/netbirdio/netbird/management/server/http/api"
	"net/http"

	log "github.com/sirupsen/logrus"

	"github.com/netbirdio/netbird/management/server"
	"github.com/netbirdio/netbird/management/server/jwtclaims"
)

type UserHandler struct {
	accountManager server.AccountManager
	authAudience   string
	jwtExtractor   jwtclaims.ClaimsExtractor
}

func NewUserHandler(accountManager server.AccountManager, authAudience string) *UserHandler {
	return &UserHandler{
		accountManager: accountManager,
		authAudience:   authAudience,
		jwtExtractor:   *jwtclaims.NewClaimsExtractor(nil),
	}
}

// GetUsers returns a list of users of the account this user belongs to.
// It also gathers additional user data (like email and name) from the IDP manager.
func (h *UserHandler) GetUsers(w http.ResponseWriter, r *http.Request) {
	if r.Method != http.MethodGet {
		http.Error(w, "", http.StatusBadRequest)
	}

	account, err := getJWTAccount(h.accountManager, h.jwtExtractor, h.authAudience, r)
	if err != nil {
		log.Error(err)
	}

	data, err := h.accountManager.GetUsersFromAccount(account.Id)
	if err != nil {
		log.Error(err)
		http.Redirect(w, r, "/", http.StatusInternalServerError)
		return
	}

	users := []*api.User{}
	for _, r := range data {
		users = append(users, toUserResponse(r))
	}

	writeJSONObject(w, users)
}

func toUserResponse(user *server.UserInfo) *api.User {
	return &api.User{
		Id:    user.ID,
		Name:  user.Name,
		Email: user.Email,
		Role:  user.Role,
	}
}
Serve Management gRPC and HTTP on a single 80/443 port (#400) This PR is a part of an effort to use standard ports (443 or 80) that are usually allowed by default in most of the environments. Right now Management Service runs the Let'sEncrypt manager on port 443, HTTP API server on port 33071, and a gRPC server on port 33073. There are three separate listeners. This PR combines these listeners into one. With this change, the HTTP and gRPC server runs on either 443 with TLS or 80 without TLS by default (no --port specified). Let's Encrypt manager always runs on port 443 if enabled. The backward compatibility server runs on port 33073 (with TLS or without). HTTP port 33071 is obsolete and not used anymore. Newly installed agents will connect to port 443 by default instead of port 33073 if not specified otherwise. 2022-07-29 20:37:09 +02:00			`package http`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00
			`import (`
OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`"github.com/netbirdio/netbird/management/server/http/api"`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00			`"net/http"`

			`log "github.com/sirupsen/logrus"`

			`"github.com/netbirdio/netbird/management/server"`
			`"github.com/netbirdio/netbird/management/server/jwtclaims"`
			`)`

			`type UserHandler struct {`
			`accountManager server.AccountManager`
			`authAudience string`
			`jwtExtractor jwtclaims.ClaimsExtractor`
			`}`

			`func NewUserHandler(accountManager server.AccountManager, authAudience string) *UserHandler {`
			`return &UserHandler{`
			`accountManager: accountManager,`
			`authAudience: authAudience,`
			`jwtExtractor: *jwtclaims.NewClaimsExtractor(nil),`
			`}`
			`}`

			`// GetUsers returns a list of users of the account this user belongs to.`
			`// It also gathers additional user data (like email and name) from the IDP manager.`
OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`func (h UserHandler) GetUsers(w http.ResponseWriter, r http.Request) {`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00			`if r.Method != http.MethodGet {`
			`http.Error(w, "", http.StatusBadRequest)`
			`}`

OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`account, err := getJWTAccount(h.accountManager, h.jwtExtractor, h.authAudience, r)`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00			`if err != nil {`
			`log.Error(err)`
			`}`

OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`data, err := h.accountManager.GetUsersFromAccount(account.Id)`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00			`if err != nil {`
			`log.Error(err)`
			`http.Redirect(w, r, "/", http.StatusInternalServerError)`
			`return`
			`}`

OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`users := []*api.User{}`
Fix Peer Deletion & HTTP endpoints (#319) 2022-05-21 17:27:04 +02:00			`for _, r := range data {`
			`users = append(users, toUserResponse(r))`
			`}`

			`writeJSONObject(w, users)`
			`}`

OpenAPI specification and API Adjusts (#356) Introduced an OpenAPI specification. Updated API handlers to use the specification types. Added patch operation for rules and groups and methods to the account manager. HTTP PUT operations require id, fail if not provided. Use snake_case for HTTP request and response body 2022-06-14 10:32:54 +02:00			`func toUserResponse(user server.UserInfo) api.User {`
			`return &api.User{`
			`Id: user.ID,`
Fix Peer Deletion & HTTP endpoints (#319) 2022-05-21 17:27:04 +02:00			`Name: user.Name,`
			`Email: user.Email,`
			`Role: user.Role,`
			`}`
Add User HTTP Endpoint to the Management service (#303) Exposes endpoint under "/users/" that returns information on users. Calls IDP manager to get information not stored locally (email, name), which in the case of the managed version is auth0. 2022-05-05 08:58:34 +02:00			`}`