mirror of
https://github.com/openziti/zrok.git
synced 2025-01-03 20:49:13 +01:00
160 lines
5.0 KiB
Go
160 lines
5.0 KiB
Go
package controller
|
|
|
|
import (
|
|
"github.com/go-openapi/runtime/middleware"
|
|
"github.com/jmoiron/sqlx"
|
|
"github.com/openziti/zrok/controller/store"
|
|
"github.com/openziti/zrok/rest_model_zrok"
|
|
"github.com/openziti/zrok/rest_server_zrok/operations/metadata"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
type orgAccountOverviewHandler struct{}
|
|
|
|
func newOrgAccountOverviewHandler() *orgAccountOverviewHandler {
|
|
return &orgAccountOverviewHandler{}
|
|
}
|
|
|
|
func (h *orgAccountOverviewHandler) Handle(params metadata.OrgAccountOverviewParams, principal *rest_model_zrok.Principal) middleware.Responder {
|
|
trx, err := str.Begin()
|
|
if err != nil {
|
|
logrus.Errorf("error starting transaction: %v", err)
|
|
return metadata.NewOrgAccountOverviewInternalServerError()
|
|
}
|
|
defer func() { _ = trx.Rollback() }()
|
|
|
|
org, err := str.FindOrganizationByToken(params.OrganizationToken, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error finding organization by token: %v", err)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
|
|
admin, err := str.IsAccountAdminOfOrganization(int(principal.ID), org.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error checking account admin: %v", err)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
if !admin {
|
|
logrus.Errorf("requesting account '%v' is not admin of organization '%v'", principal.Email, org.Token)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
|
|
acct, err := str.FindAccountWithEmail(params.AccountEmail, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error finding account by email: %v", err)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
|
|
inOrg, err := str.IsAccountInOrganization(acct.Id, org.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error checking account '%v' organization membership: %v", acct.Email, err)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
if !inOrg {
|
|
logrus.Errorf("account '%v' is not a member of organization '%v'", acct.Email, org.Token)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
|
|
envs, err := str.FindEnvironmentsForAccount(acct.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error finding environments for '%v': %v", acct.Email, err)
|
|
return metadata.NewOrgAccountOverviewNotFound()
|
|
}
|
|
|
|
accountLimited, err := h.isAccountLimited(acct.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error checking account '%v' limited: %v", acct.Email, err)
|
|
}
|
|
|
|
ovr := &rest_model_zrok.Overview{AccountLimited: accountLimited}
|
|
|
|
for _, env := range envs {
|
|
ear := &rest_model_zrok.EnvironmentAndResources{
|
|
Environment: &rest_model_zrok.Environment{
|
|
Address: env.Address,
|
|
Description: env.Description,
|
|
Host: env.Host,
|
|
ZID: env.ZId,
|
|
CreatedAt: env.CreatedAt.UnixMilli(),
|
|
UpdatedAt: env.UpdatedAt.UnixMilli(),
|
|
},
|
|
}
|
|
|
|
shrs, err := str.FindSharesForEnvironment(env.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error finding shares for environment '%v': %v", env.ZId, err)
|
|
return metadata.NewOverviewInternalServerError()
|
|
}
|
|
for _, shr := range shrs {
|
|
feEndpoint := ""
|
|
if shr.FrontendEndpoint != nil {
|
|
feEndpoint = *shr.FrontendEndpoint
|
|
}
|
|
feSelection := ""
|
|
if shr.FrontendSelection != nil {
|
|
feSelection = *shr.FrontendSelection
|
|
}
|
|
beProxyEndpoint := ""
|
|
if shr.BackendProxyEndpoint != nil {
|
|
beProxyEndpoint = *shr.BackendProxyEndpoint
|
|
}
|
|
envShr := &rest_model_zrok.Share{
|
|
Token: shr.Token,
|
|
ZID: shr.ZId,
|
|
ShareMode: shr.ShareMode,
|
|
BackendMode: shr.BackendMode,
|
|
FrontendSelection: feSelection,
|
|
FrontendEndpoint: feEndpoint,
|
|
BackendProxyEndpoint: beProxyEndpoint,
|
|
Reserved: shr.Reserved,
|
|
CreatedAt: shr.CreatedAt.UnixMilli(),
|
|
UpdatedAt: shr.UpdatedAt.UnixMilli(),
|
|
}
|
|
ear.Shares = append(ear.Shares, envShr)
|
|
}
|
|
|
|
fes, err := str.FindFrontendsForEnvironment(env.Id, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error finding frontends for environment '%v': %v", env.ZId, err)
|
|
return metadata.NewOverviewInternalServerError()
|
|
}
|
|
for _, fe := range fes {
|
|
envFe := &rest_model_zrok.Frontend{
|
|
ID: int64(fe.Id),
|
|
Token: fe.Token,
|
|
ZID: fe.ZId,
|
|
CreatedAt: fe.CreatedAt.UnixMilli(),
|
|
UpdatedAt: fe.UpdatedAt.UnixMilli(),
|
|
}
|
|
if fe.PrivateShareId != nil {
|
|
feShr, err := str.GetShare(*fe.PrivateShareId, trx)
|
|
if err != nil {
|
|
logrus.Errorf("error getting share for frontend '%v': %v", fe.ZId, err)
|
|
return metadata.NewOverviewInternalServerError()
|
|
}
|
|
envFe.ShrToken = feShr.Token
|
|
}
|
|
ear.Frontends = append(ear.Frontends, envFe)
|
|
}
|
|
|
|
ovr.Environments = append(ovr.Environments, ear)
|
|
}
|
|
|
|
return metadata.NewOrgAccountOverviewOK().WithPayload(ovr)
|
|
}
|
|
|
|
func (h *orgAccountOverviewHandler) isAccountLimited(acctId int, trx *sqlx.Tx) (bool, error) {
|
|
var je *store.BandwidthLimitJournalEntry
|
|
jEmpty, err := str.IsBandwidthLimitJournalEmpty(acctId, trx)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
if !jEmpty {
|
|
je, err = str.FindLatestBandwidthLimitJournal(acctId, trx)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
}
|
|
return je != nil && je.Action == store.LimitLimitAction, nil
|
|
}
|