mirror of
https://github.com/openziti/zrok.git
synced 2025-08-11 17:03:53 +02:00
.github
bin
build
cmd
controller
config
emailUi
env
limits
metrics
store
zrokEdgeSdk
access.go
accountDetail.go
bootstrap.go
changePassword.go
configuration.go
controller.go
createFrontend.go
createIdentity.go
deleteFrontend.go
disable.go
enable.go
environmentDetail.go
frontendDetail.go
gc.go
health.go
invite.go
inviteTokenGenerate.go
listFrontends.go
login.go
maintenance.go
metrics.go
overview.go
passwords.go
regenerateToken.go
register.go
resetPassword.go
resetPasswordEmail.go
resetPasswordRequest.go
share.go
shareDetail.go
sharePrivate.go
sharePublic.go
sparkData.go
startup.go
unaccess.go
unshare.go
updateFrontend.go
updateShare.go
util.go
verify.go
verifyEmail.go
version.go
docker
docs
drives
endpoints
environment
etc
nfpm
rest_client_zrok
rest_model_zrok
rest_server_zrok
sdk
specs
tui
ui
util
website
.flake8
.gitattributes
.gitignore
.goreleaser-darwin.yml
.goreleaser-linux-amd64.yml
.goreleaser-linux-arm64.yml
.goreleaser-linux-armel.yml
.goreleaser-linux-armhf.yml
.goreleaser-release.yml
.goreleaser-windows.yml
.markdownlint.yaml
ACKNOWLEDGEMENTS.md
BUILD.md
CHANGELOG.md
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
README.md
RELEASING.md
SECURITY.md
go.mod
go.sum
140 lines
4.9 KiB
Go
140 lines
4.9 KiB
Go
package controller
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"github.com/go-openapi/runtime/middleware"
|
|
"github.com/openziti/edge-api/rest_management_api_client"
|
|
edge_service "github.com/openziti/edge-api/rest_management_api_client/service"
|
|
"github.com/openziti/zrok/controller/store"
|
|
"github.com/openziti/zrok/controller/zrokEdgeSdk"
|
|
"github.com/openziti/zrok/rest_model_zrok"
|
|
"github.com/openziti/zrok/rest_server_zrok/operations/share"
|
|
"github.com/pkg/errors"
|
|
"github.com/sirupsen/logrus"
|
|
"time"
|
|
)
|
|
|
|
type unshareHandler struct{}
|
|
|
|
func newUnshareHandler() *unshareHandler {
|
|
return &unshareHandler{}
|
|
}
|
|
|
|
func (h *unshareHandler) Handle(params share.UnshareParams, principal *rest_model_zrok.Principal) middleware.Responder {
|
|
tx, err := str.Begin()
|
|
if err != nil {
|
|
logrus.Errorf("error starting transaction for '%v': %v", principal.Email, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
defer func() { _ = tx.Rollback() }()
|
|
|
|
edge, err := zrokEdgeSdk.Client(cfg.Ziti)
|
|
if err != nil {
|
|
logrus.Errorf("error getting edge client for '%v': %v", principal.Email, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
shrToken := params.Body.ShrToken
|
|
shrZId, err := h.findShareZId(shrToken, edge)
|
|
if err != nil {
|
|
logrus.Errorf("error finding share identity for '%v' (%v): %v", shrToken, principal.Email, err)
|
|
return share.NewUnshareNotFound()
|
|
}
|
|
var senv *store.Environment
|
|
if envs, err := str.FindEnvironmentsForAccount(int(principal.ID), tx); err == nil {
|
|
for _, env := range envs {
|
|
if env.ZId == params.Body.EnvZID {
|
|
senv = env
|
|
break
|
|
}
|
|
}
|
|
if senv == nil {
|
|
logrus.Errorf("environment with id '%v' not found for '%v", params.Body.EnvZID, principal.Email)
|
|
return share.NewUnshareNotFound()
|
|
}
|
|
} else {
|
|
logrus.Errorf("error finding environments for account '%v': %v", principal.Email, err)
|
|
return share.NewUnshareNotFound()
|
|
}
|
|
|
|
var sshr *store.Share
|
|
if shrs, err := str.FindSharesForEnvironment(senv.Id, tx); err == nil {
|
|
for _, shr := range shrs {
|
|
if shr.ZId == shrZId {
|
|
sshr = shr
|
|
break
|
|
}
|
|
}
|
|
if sshr == nil {
|
|
logrus.Errorf("share with id '%v' not found for '%v'", shrZId, principal.Email)
|
|
return share.NewUnshareNotFound()
|
|
}
|
|
} else {
|
|
logrus.Errorf("error finding shares for account '%v': %v", principal.Email, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
|
|
if sshr.Reserved == params.Body.Reserved {
|
|
// single tag-based share deallocator; should work regardless of sharing mode
|
|
h.deallocateResources(senv, shrToken, shrZId, edge)
|
|
logrus.Debugf("deallocated share '%v'", shrToken)
|
|
|
|
if err := str.DeleteAccessGrantsForShare(sshr.Id, tx); err != nil {
|
|
logrus.Errorf("error deleting access grants for share '%v': %v", shrToken, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
if err := str.DeleteShare(sshr.Id, tx); err != nil {
|
|
logrus.Errorf("error deleting share '%v': %v", shrToken, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
if err := tx.Commit(); err != nil {
|
|
logrus.Errorf("error committing transaction for '%v': %v", shrZId, err)
|
|
return share.NewUnshareInternalServerError()
|
|
}
|
|
|
|
} else {
|
|
logrus.Infof("share '%v' is reserved, skipping deallocation", shrToken)
|
|
}
|
|
|
|
return share.NewUnshareOK()
|
|
}
|
|
|
|
func (h *unshareHandler) findShareZId(shrToken string, edge *rest_management_api_client.ZitiEdgeManagement) (string, error) {
|
|
filter := fmt.Sprintf("name=\"%v\"", shrToken)
|
|
limit := int64(1)
|
|
offset := int64(0)
|
|
listReq := &edge_service.ListServicesParams{
|
|
Filter: &filter,
|
|
Limit: &limit,
|
|
Offset: &offset,
|
|
Context: context.Background(),
|
|
}
|
|
listReq.SetTimeout(30 * time.Second)
|
|
listResp, err := edge.Service.ListServices(listReq, nil)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
if len(listResp.Payload.Data) == 1 {
|
|
return *(listResp.Payload.Data[0].ID), nil
|
|
}
|
|
return "", errors.Errorf("share '%v' not found", shrToken)
|
|
}
|
|
|
|
func (h *unshareHandler) deallocateResources(senv *store.Environment, shrToken, shrZId string, edge *rest_management_api_client.ZitiEdgeManagement) {
|
|
if err := zrokEdgeSdk.DeleteServiceEdgeRouterPolicy(senv.ZId, shrToken, edge); err != nil {
|
|
logrus.Warnf("error deleting service edge router policies for share '%v' in environment '%v': %v", shrToken, senv.ZId, err)
|
|
}
|
|
if err := zrokEdgeSdk.DeleteServicePoliciesDial(senv.ZId, shrToken, edge); err != nil {
|
|
logrus.Warnf("error deleting dial service policies for share '%v' in environment '%v': %v", shrToken, senv.ZId, err)
|
|
}
|
|
if err := zrokEdgeSdk.DeleteServicePoliciesBind(senv.ZId, shrToken, edge); err != nil {
|
|
logrus.Warnf("error deleting bind service policies for share '%v' in environment '%v': %v", shrToken, senv.ZId, err)
|
|
}
|
|
if err := zrokEdgeSdk.DeleteConfig(senv.ZId, shrToken, edge); err != nil {
|
|
logrus.Warnf("error deleting config for share '%v' in environment '%v': %v", shrToken, senv.ZId, err)
|
|
}
|
|
if err := zrokEdgeSdk.DeleteService(senv.ZId, shrZId, edge); err != nil {
|
|
logrus.Warnf("error deleting service '%v' for share '%v' in environment '%v': %v", shrZId, shrToken, senv.ZId, err)
|
|
}
|
|
}
|