new frontend grants admin endpoint handlers; miscellaneous cleanup and organization for consistency (#992)

controller/access.go

@@ -134,7 +134,7 @@ func (h *accessHandler) checkAccessGrants(shr *store.Share, ownerAccountId int,
 		logrus.Infof("accessing own share '%v' for '%v'", shr.Token, principal.Email)
 		return nil
 	}
-	count, err := str.CheckAccessGrantForShareAndAccount(shr.Id, int(principal.ID), trx)
+	count, err := str.IsAccessGrantedToAccountForShare(shr.Id, int(principal.ID), trx)
 	if err != nil {
 		logrus.Infof("error checking access grants for '%v': %v", shr.Token, err)
 		return err

controller/addFrontendGrant.go

@@ -0,0 +1,59 @@
+package controller
+
+import (
+	"fmt"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/openziti/zrok/rest_model_zrok"
+	"github.com/openziti/zrok/rest_server_zrok/operations/admin"
+	"github.com/sirupsen/logrus"
+)
+
+type addFrontendGrantHandler struct{}
+
+func newAddFrontendGrantHandler() *addFrontendGrantHandler {
+	return &addFrontendGrantHandler{}
+}
+
+func (h *addFrontendGrantHandler) Handle(params admin.AddFrontendGrantParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	if !principal.Admin {
+		logrus.Error("invalid admin principal")
+		return admin.NewAddFrontendGrantUnauthorized()
+	}
+
+	trx, err := str.Begin()
+	if err != nil {
+		logrus.Errorf("error starting transaction: %v", err)
+		return admin.NewAddFrontendGrantInternalServerError()
+	}
+	defer trx.Rollback()
+
+	fe, err := str.FindFrontendWithToken(params.Body.FrontendToken, trx)
+	if err != nil {
+		logrus.Errorf("error finding frontend with token '%v': %v", params.Body.FrontendToken, err)
+		return admin.NewAddFrontendGrantNotFound().WithPayload(rest_model_zrok.ErrorMessage(fmt.Sprintf("frontend token '%v' not found", params.Body.FrontendToken)))
+	}
+
+	acct, err := str.FindAccountWithEmail(params.Body.Email, trx)
+	if err != nil {
+		logrus.Errorf("error finding account with email '%v': %v", params.Body.Email, err)
+		return admin.NewAddFrontendGrantNotFound().WithPayload(rest_model_zrok.ErrorMessage(fmt.Sprintf("account '%v' not found", params.Body.Email)))
+	}
+
+	if granted, err := str.IsFrontendGrantedToAccount(fe.Id, acct.Id, trx); err != nil {
+		logrus.Errorf("error checking frontend grant for account '%v' and frontend '%v': %v", acct.Email, fe.Token, err)
+		return admin.NewAddFrontendGrantInternalServerError()
+
+	} else if !granted {
+		if _, err := str.CreateFrontendGrant(fe.Id, acct.Id, trx); err != nil {
+			logrus.Errorf("error creating frontend ('%v') grant for '%v': %v", fe.Token, acct.Email, err)
+			return admin.NewAddFrontendGrantInternalServerError()
+		}
+		logrus.Infof("granted '%v' access to frontend '%v'", acct.Email, fe.Token)
+		
+	} else {
+		logrus.Infof("account '%v' already granted access to frontend '%v'", acct.Email, fe.Token)
+	}
+
+	return admin.NewAddFrontendGrantOK()
+}

controller/controller.go

@@ -2,6 +2,10 @@ package controller
 
 import (
 	"context"
+	"log"
+	"net/http"
+	_ "net/http/pprof"
+
 	"github.com/go-openapi/loads"
 	influxdb2 "github.com/influxdata/influxdb-client-go/v2"
 	"github.com/jessevdk/go-flags"
@@ -15,9 +19,6 @@ import (
 	"github.com/openziti/zrok/rest_server_zrok/operations/metadata"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
-	"log"
-	"net/http"
-	_ "net/http/pprof"
 )
 
 var (
@@ -51,11 +52,13 @@ func Run(inCfg *config.Config) error {
 	api.AccountResetPasswordHandler = newResetPasswordHandler(cfg)
 	api.AccountResetPasswordRequestHandler = newResetPasswordRequestHandler()
 	api.AccountVerifyHandler = newVerifyHandler()
+	api.AdminAddFrontendGrantHandler = newAddFrontendGrantHandler()
 	api.AdminAddOrganizationMemberHandler = newAddOrganizationMemberHandler()
 	api.AdminCreateAccountHandler = newCreateAccountHandler()
 	api.AdminCreateFrontendHandler = newCreateFrontendHandler()
 	api.AdminCreateIdentityHandler = newCreateIdentityHandler()
 	api.AdminCreateOrganizationHandler = newCreateOrganizationHandler()
+	api.AdminDeleteFrontendGrantHandler = newDeleteFrontendGrantHandler()
 	api.AdminDeleteFrontendHandler = newDeleteFrontendHandler()
 	api.AdminDeleteOrganizationHandler = newDeleteOrganizationHandler()
 	api.AdminGrantsHandler = newGrantsHandler()

controller/deleteFrontendGrant.go

@@ -0,0 +1,59 @@
+package controller
+
+import (
+	"fmt"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/openziti/zrok/rest_model_zrok"
+	"github.com/openziti/zrok/rest_server_zrok/operations/admin"
+	"github.com/sirupsen/logrus"
+)
+
+type deleteFrontendGrantHandler struct{}
+
+func newDeleteFrontendGrantHandler() *deleteFrontendGrantHandler {
+	return &deleteFrontendGrantHandler{}
+}
+
+func (h *deleteFrontendGrantHandler) Handle(params admin.DeleteFrontendGrantParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	if !principal.Admin {
+		logrus.Error("invalid admin principal")
+		return admin.NewDeleteFrontendGrantUnauthorized()
+	}
+
+	trx, err := str.Begin()
+	if err != nil {
+		logrus.Errorf("error starting transaction: %v", err)
+		return admin.NewDeleteFrontendGrantInternalServerError()
+	}
+	defer trx.Rollback()
+
+	fe, err := str.FindFrontendWithToken(params.Body.FrontendToken, trx)
+	if err != nil {
+		logrus.Errorf("error finding frontend with token '%v': %v", params.Body.FrontendToken, err)
+		return admin.NewDeleteFrontendGrantNotFound().WithPayload(rest_model_zrok.ErrorMessage(fmt.Sprintf("frontend token '%v' not found", params.Body.FrontendToken)))
+	}
+
+	acct, err := str.FindAccountWithEmail(params.Body.Email, trx)
+	if err != nil {
+		logrus.Errorf("error finding account with email '%v': %v", params.Body.Email, err)
+		return admin.NewDeleteFrontendGrantNotFound().WithPayload(rest_model_zrok.ErrorMessage(fmt.Sprintf("account '%v' not found", params.Body.Email)))
+	}
+
+	if granted, err := str.IsFrontendGrantedToAccount(fe.Id, acct.Id, trx); err != nil {
+		logrus.Errorf("error checking frontend grant for account '%v' and frontend '%v': %v", acct.Email, fe.Token, err)
+		return admin.NewDeleteFrontendGrantInternalServerError()
+
+	} else if granted {
+		if err := str.DeleteFrontendGrant(fe.Id, acct.Id, trx); err != nil {
+			logrus.Errorf("error deleting frontend ('%v') grant for '%v': %v", fe.Token, acct.Email, err)
+			return admin.NewDeleteFrontendGrantInternalServerError()
+		}
+		logrus.Infof("deleted '%v' access to frontend '%v'", acct.Email, fe.Token)
+
+	} else {
+		logrus.Infof("account '%v' not granted access to frontend '%v'", acct.Email, fe.Token)
+	}
+
+	return admin.NewDeleteFrontendGrantOK()
+}

controller/share.go

@@ -117,7 +117,7 @@ func (h *shareHandler) Handle(params share.ShareParams, principal *rest_model_zr
 				return share.NewShareNotFound()
 			}
 			if sfe.PermissionMode == store.ClosedPermissionMode {
-				granted, err := str.IsFrontendGrantedToAccount(int(principal.ID), sfe.Id, trx)
+				granted, err := str.IsFrontendGrantedToAccount(sfe.Id, int(principal.ID), trx)
 				if err != nil {
 					logrus.Error(err)
 					return share.NewShareInternalServerError()

controller/store/accessGrant.go

@@ -14,16 +14,16 @@ type AccessGrant struct {
 func (str *Store) CreateAccessGrant(shareId, accountId int, tx *sqlx.Tx) (int, error) {
 	stmt, err := tx.Prepare("insert into access_grants (share_id, account_id) values ($1, $2) returning id")
 	if err != nil {
-		return 0, errors.Wrap(err, "error preparing access_grant insert statement")
+		return 0, errors.Wrap(err, "error preparing access_grants insert statement")
 	}
 	var id int
 	if err := stmt.QueryRow(shareId, accountId).Scan(&id); err != nil {
-		return 0, errors.Wrap(err, "error executing access_grant insert statement")
+		return 0, errors.Wrap(err, "error executing access_grants insert statement")
 	}
 	return id, nil
 }
 
-func (str *Store) CheckAccessGrantForShareAndAccount(shrId, acctId int, tx *sqlx.Tx) (int, error) {
+func (str *Store) IsAccessGrantedToAccountForShare(shrId, acctId int, tx *sqlx.Tx) (int, error) {
 	count := 0
 	err := tx.QueryRowx("select count(0) from access_grants where share_id = $1 and account_id = $2 and not deleted", shrId, acctId).Scan(&count)
 	if err != nil {

controller/store/frontendGrant.go

@@ -5,14 +5,38 @@ import (
 	"github.com/pkg/errors"
 )
 
-func (str *Store) IsFrontendGrantedToAccount(acctId, frontendId int, trx *sqlx.Tx) (bool, error) {
+func (str *Store) IsFrontendGrantedToAccount(frontendId, accountId int, trx *sqlx.Tx) (bool, error) {
-	stmt, err := trx.Prepare("select count(0) from frontend_grants where account_id = $1 AND frontend_id = $2")
+	stmt, err := trx.Prepare("select count(0) from frontend_grants where frontend_id = $1 AND account_id = $2 and not deleted")
 	if err != nil {
 		return false, errors.Wrap(err, "error preparing frontend_grants select statement")
 	}
 	var count int
-	if err := stmt.QueryRow(acctId, frontendId).Scan(&count); err != nil {
+	if err := stmt.QueryRow(frontendId, accountId).Scan(&count); err != nil {
 		return false, errors.Wrap(err, "error querying frontend_grants count")
 	}
 	return count > 0, nil
 }
+
+func (str *Store) CreateFrontendGrant(frontendId, accountId int, trx *sqlx.Tx) (int, error) {
+	stmt, err := trx.Prepare("insert into frontend_grants (frontend_id, account_id) values ($1, $2) returning id")
+	if err != nil {
+		return 0, errors.Wrap(err, "error preparing frontend_grants insert statement")
+	}
+	var id int
+	if err := stmt.QueryRow(frontendId, accountId).Scan(&id); err != nil {
+		return 0, errors.Wrap(err, "error executing frontend_grants insert statement")
+	}
+	return id, nil
+}
+
+func (str *Store) DeleteFrontendGrant(frontendId, accountId int, trx *sqlx.Tx) error {
+	stmt, err := trx.Prepare("delete from frontend_grants where frontend_id = $1 and account_id = $2")
+	if err != nil {
+		return errors.Wrap(err, "error preparing frontend_grants delete for frontend and acount statement")
+	}
+	_, err = stmt.Exec(frontendId, accountId)
+	if err != nil {
+		return errors.Wrap(err, "error executing frontend_grants for frontend and account statement")
+	}
+	return nil
+}

rest_client_zrok/admin/add_frontend_grant_responses.go

@@ -8,10 +8,13 @@ package admin
 import (
 	"context"
 	"fmt"
+	"io"
 
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+
+	"github.com/openziti/zrok/rest_model_zrok"
 )
 
 // AddFrontendGrantReader is a Reader for the AddFrontendGrant structure.
@@ -34,6 +37,12 @@ func (o *AddFrontendGrantReader) ReadResponse(response runtime.ClientResponse, c
 			return nil, err
 		}
 		return nil, result
+	case 404:
+		result := NewAddFrontendGrantNotFound()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
 	case 500:
 		result := NewAddFrontendGrantInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
@@ -157,6 +166,72 @@ func (o *AddFrontendGrantUnauthorized) readResponse(response runtime.ClientRespo
 	return nil
 }
 
+// NewAddFrontendGrantNotFound creates a AddFrontendGrantNotFound with default headers values
+func NewAddFrontendGrantNotFound() *AddFrontendGrantNotFound {
+	return &AddFrontendGrantNotFound{}
+}
+
+/*
+AddFrontendGrantNotFound describes a response with status code 404, with default header values.
+
+not found
+*/
+type AddFrontendGrantNotFound struct {
+	Payload rest_model_zrok.ErrorMessage
+}
+
+// IsSuccess returns true when this add frontend grant not found response has a 2xx status code
+func (o *AddFrontendGrantNotFound) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this add frontend grant not found response has a 3xx status code
+func (o *AddFrontendGrantNotFound) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this add frontend grant not found response has a 4xx status code
+func (o *AddFrontendGrantNotFound) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this add frontend grant not found response has a 5xx status code
+func (o *AddFrontendGrantNotFound) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this add frontend grant not found response a status code equal to that given
+func (o *AddFrontendGrantNotFound) IsCode(code int) bool {
+	return code == 404
+}
+
+// Code gets the status code for the add frontend grant not found response
+func (o *AddFrontendGrantNotFound) Code() int {
+	return 404
+}
+
+func (o *AddFrontendGrantNotFound) Error() string {
+	return fmt.Sprintf("[POST /frontend/grant][%d] addFrontendGrantNotFound  %+v", 404, o.Payload)
+}
+
+func (o *AddFrontendGrantNotFound) String() string {
+	return fmt.Sprintf("[POST /frontend/grant][%d] addFrontendGrantNotFound  %+v", 404, o.Payload)
+}
+
+func (o *AddFrontendGrantNotFound) GetPayload() rest_model_zrok.ErrorMessage {
+	return o.Payload
+}
+
+func (o *AddFrontendGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	// response payload
+	if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF {
+		return err
+	}
+
+	return nil
+}
+
 // NewAddFrontendGrantInternalServerError creates a AddFrontendGrantInternalServerError with default headers values
 func NewAddFrontendGrantInternalServerError() *AddFrontendGrantInternalServerError {
 	return &AddFrontendGrantInternalServerError{}

rest_client_zrok/admin/delete_frontend_grant_responses.go

@@ -8,10 +8,13 @@ package admin
 import (
 	"context"
 	"fmt"
+	"io"
 
 	"github.com/go-openapi/runtime"
 	"github.com/go-openapi/strfmt"
 	"github.com/go-openapi/swag"
+
+	"github.com/openziti/zrok/rest_model_zrok"
 )
 
 // DeleteFrontendGrantReader is a Reader for the DeleteFrontendGrant structure.
@@ -34,6 +37,12 @@ func (o *DeleteFrontendGrantReader) ReadResponse(response runtime.ClientResponse
 			return nil, err
 		}
 		return nil, result
+	case 404:
+		result := NewDeleteFrontendGrantNotFound()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
 	case 500:
 		result := NewDeleteFrontendGrantInternalServerError()
 		if err := result.readResponse(response, consumer, o.formats); err != nil {
@@ -157,6 +166,72 @@ func (o *DeleteFrontendGrantUnauthorized) readResponse(response runtime.ClientRe
 	return nil
 }
 
+// NewDeleteFrontendGrantNotFound creates a DeleteFrontendGrantNotFound with default headers values
+func NewDeleteFrontendGrantNotFound() *DeleteFrontendGrantNotFound {
+	return &DeleteFrontendGrantNotFound{}
+}
+
+/*
+DeleteFrontendGrantNotFound describes a response with status code 404, with default header values.
+
+not found
+*/
+type DeleteFrontendGrantNotFound struct {
+	Payload rest_model_zrok.ErrorMessage
+}
+
+// IsSuccess returns true when this delete frontend grant not found response has a 2xx status code
+func (o *DeleteFrontendGrantNotFound) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this delete frontend grant not found response has a 3xx status code
+func (o *DeleteFrontendGrantNotFound) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this delete frontend grant not found response has a 4xx status code
+func (o *DeleteFrontendGrantNotFound) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this delete frontend grant not found response has a 5xx status code
+func (o *DeleteFrontendGrantNotFound) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this delete frontend grant not found response a status code equal to that given
+func (o *DeleteFrontendGrantNotFound) IsCode(code int) bool {
+	return code == 404
+}
+
+// Code gets the status code for the delete frontend grant not found response
+func (o *DeleteFrontendGrantNotFound) Code() int {
+	return 404
+}
+
+func (o *DeleteFrontendGrantNotFound) Error() string {
+	return fmt.Sprintf("[DELETE /frontend/grant][%d] deleteFrontendGrantNotFound  %+v", 404, o.Payload)
+}
+
+func (o *DeleteFrontendGrantNotFound) String() string {
+	return fmt.Sprintf("[DELETE /frontend/grant][%d] deleteFrontendGrantNotFound  %+v", 404, o.Payload)
+}
+
+func (o *DeleteFrontendGrantNotFound) GetPayload() rest_model_zrok.ErrorMessage {
+	return o.Payload
+}
+
+func (o *DeleteFrontendGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	// response payload
+	if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF {
+		return err
+	}
+
+	return nil
+}
+
 // NewDeleteFrontendGrantInternalServerError creates a DeleteFrontendGrantInternalServerError with default headers values
 func NewDeleteFrontendGrantInternalServerError() *DeleteFrontendGrantInternalServerError {
 	return &DeleteFrontendGrantInternalServerError{}

rest_server_zrok/embedded_spec.go

@@ -1248,6 +1248,12 @@ func init() {
           "401": {
             "description": "unauthorized"
           },
+          "404": {
+            "description": "not found",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          },
           "500": {
             "description": "internal server error"
           }
@@ -1287,6 +1293,12 @@ func init() {
           "401": {
             "description": "unauthorized"
           },
+          "404": {
+            "description": "not found",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          },
           "500": {
             "description": "internal server error"
           }
@@ -4147,6 +4159,12 @@ func init() {
           "401": {
             "description": "unauthorized"
           },
+          "404": {
+            "description": "not found",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          },
           "500": {
             "description": "internal server error"
           }
@@ -4186,6 +4204,12 @@ func init() {
           "401": {
             "description": "unauthorized"
           },
+          "404": {
+            "description": "not found",
+            "schema": {
+              "$ref": "#/definitions/errorMessage"
+            }
+          },
           "500": {
             "description": "internal server error"
           }

rest_server_zrok/operations/admin/add_frontend_grant_responses.go

@@ -9,6 +9,8 @@ import (
 	"net/http"
 
 	"github.com/go-openapi/runtime"
+
+	"github.com/openziti/zrok/rest_model_zrok"
 )
 
 // AddFrontendGrantOKCode is the HTTP code returned for type AddFrontendGrantOK
@@ -61,6 +63,49 @@ func (o *AddFrontendGrantUnauthorized) WriteResponse(rw http.ResponseWriter, pro
 	rw.WriteHeader(401)
 }
 
+// AddFrontendGrantNotFoundCode is the HTTP code returned for type AddFrontendGrantNotFound
+const AddFrontendGrantNotFoundCode int = 404
+
+/*
+AddFrontendGrantNotFound not found
+
+swagger:response addFrontendGrantNotFound
+*/
+type AddFrontendGrantNotFound struct {
+
+	/*
+	  In: Body
+	*/
+	Payload rest_model_zrok.ErrorMessage `json:"body,omitempty"`
+}
+
+// NewAddFrontendGrantNotFound creates AddFrontendGrantNotFound with default headers values
+func NewAddFrontendGrantNotFound() *AddFrontendGrantNotFound {
+
+	return &AddFrontendGrantNotFound{}
+}
+
+// WithPayload adds the payload to the add frontend grant not found response
+func (o *AddFrontendGrantNotFound) WithPayload(payload rest_model_zrok.ErrorMessage) *AddFrontendGrantNotFound {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the add frontend grant not found response
+func (o *AddFrontendGrantNotFound) SetPayload(payload rest_model_zrok.ErrorMessage) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *AddFrontendGrantNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(404)
+	payload := o.Payload
+	if err := producer.Produce(rw, payload); err != nil {
+		panic(err) // let the recovery middleware deal with this
+	}
+}
+
 // AddFrontendGrantInternalServerErrorCode is the HTTP code returned for type AddFrontendGrantInternalServerError
 const AddFrontendGrantInternalServerErrorCode int = 500
 

rest_server_zrok/operations/admin/delete_frontend_grant_responses.go

@@ -9,6 +9,8 @@ import (
 	"net/http"
 
 	"github.com/go-openapi/runtime"
+
+	"github.com/openziti/zrok/rest_model_zrok"
 )
 
 // DeleteFrontendGrantOKCode is the HTTP code returned for type DeleteFrontendGrantOK
@@ -61,6 +63,49 @@ func (o *DeleteFrontendGrantUnauthorized) WriteResponse(rw http.ResponseWriter,
 	rw.WriteHeader(401)
 }
 
+// DeleteFrontendGrantNotFoundCode is the HTTP code returned for type DeleteFrontendGrantNotFound
+const DeleteFrontendGrantNotFoundCode int = 404
+
+/*
+DeleteFrontendGrantNotFound not found
+
+swagger:response deleteFrontendGrantNotFound
+*/
+type DeleteFrontendGrantNotFound struct {
+
+	/*
+	  In: Body
+	*/
+	Payload rest_model_zrok.ErrorMessage `json:"body,omitempty"`
+}
+
+// NewDeleteFrontendGrantNotFound creates DeleteFrontendGrantNotFound with default headers values
+func NewDeleteFrontendGrantNotFound() *DeleteFrontendGrantNotFound {
+
+	return &DeleteFrontendGrantNotFound{}
+}
+
+// WithPayload adds the payload to the delete frontend grant not found response
+func (o *DeleteFrontendGrantNotFound) WithPayload(payload rest_model_zrok.ErrorMessage) *DeleteFrontendGrantNotFound {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the delete frontend grant not found response
+func (o *DeleteFrontendGrantNotFound) SetPayload(payload rest_model_zrok.ErrorMessage) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *DeleteFrontendGrantNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(404)
+	payload := o.Payload
+	if err := producer.Produce(rw, payload); err != nil {
+		panic(err) // let the recovery middleware deal with this
+	}
+}
+
 // DeleteFrontendGrantInternalServerErrorCode is the HTTP code returned for type DeleteFrontendGrantInternalServerError
 const DeleteFrontendGrantInternalServerErrorCode int = 500
 

sdk/python/src/docs/AdminApi.md

@@ -85,7 +85,7 @@ void (empty response body)
 ### HTTP request headers
 
  - **Content-Type**: application/zrok.v1+json
- - **Accept**: Not defined
+ - **Accept**: application/zrok.v1+json
 
 ### HTTP response details
 
@@ -93,6 +93,7 @@ void (empty response body)
 |-------------|-------------|------------------|
 **200** | ok |  -  |
 **401** | unauthorized |  -  |
+**404** | not found |  -  |
 **500** | internal server error |  -  |
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
@@ -694,7 +695,7 @@ void (empty response body)
 ### HTTP request headers
 
  - **Content-Type**: application/zrok.v1+json
- - **Accept**: Not defined
+ - **Accept**: application/zrok.v1+json
 
 ### HTTP response details
 
@@ -702,6 +703,7 @@ void (empty response body)
 |-------------|-------------|------------------|
 **200** | ok |  -  |
 **401** | unauthorized |  -  |
+**404** | not found |  -  |
 **500** | internal server error |  -  |
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)

sdk/python/src/zrok_api/api/admin_api.py

@@ -108,6 +108,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -176,6 +177,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -244,6 +246,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -285,6 +288,13 @@ class AdminApi:
             _body_params = body
 
 
+        # set the HTTP header `Accept`
+        if 'Accept' not in _header_params:
+            _header_params['Accept'] = self.api_client.select_header_accept(
+                [
+                    'application/zrok.v1+json'
+                ]
+            )
 
         # set the HTTP header `Content-Type`
         if _content_type:
@@ -2311,6 +2321,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -2379,6 +2390,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -2447,6 +2459,7 @@ class AdminApi:
         _response_types_map: Dict[str, Optional[str]] = {
             '200': None,
             '401': None,
+            '404': "str",
             '500': None,
         }
         response_data = self.api_client.call_api(
@@ -2488,6 +2501,13 @@ class AdminApi:
             _body_params = body
 
 
+        # set the HTTP header `Accept`
+        if 'Accept' not in _header_params:
+            _header_params['Accept'] = self.api_client.select_header_accept(
+                [
+                    'application/zrok.v1+json'
+                ]
+            )
 
         # set the HTTP header `Content-Type`
         if _content_type:

specs/zrok.yml

@@ -385,6 +385,10 @@ paths:
           description: ok
         401:
           description: unauthorized
+        404:
+          description: not found
+          schema:
+            $ref: "#/definitions/errorMessage"
         500:
           description: internal server error
     delete:
@@ -408,6 +412,10 @@ paths:
           description: ok
         401:
           description: unauthorized
+        404:
+          description: not found
+          schema:
+            $ref: "#/definitions/errorMessage"
         500:
           description: internal server error