Beispiel #1
0
// Aggregates
func (u *Uchiwa) aggregatesHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)

	resources := strings.Split(r.URL.Path, "/")

	if len(resources) == 2 {
		token := auth.GetTokenFromContext(r)
		aggregates := FilterAggregates(&u.Data.Aggregates, token)

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(aggregates); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else if len(resources) == 5 {
		check := resources[3]
		dc := resources[2]
		issued := resources[4]

		if check == "" || dc == "" || issued == "" {
			http.Error(w, "", http.StatusBadRequest)
			return
		}

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		aggregate, err := u.GetAggregateByIssued(check, issued, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), 500)
			return
		}

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(aggregate); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #2
0
func (u *Uchiwa) getAggregateByIssuedHandler(w http.ResponseWriter, r *http.Request) {
	urlStruct, _ := url.Parse(r.URL.String())
	check := urlStruct.Query().Get("check")
	issued := urlStruct.Query().Get("issued")
	dc := urlStruct.Query().Get("dc")
	if check == "" || issued == "" || dc == "" {
		http.Error(w, fmt.Sprint("Parameters 'check', 'issued' and 'dc' are required"), http.StatusNotFound)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)
	unauthorized := FilterGetRequest(dc, token)

	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	aggregate, err := u.GetAggregateByIssued(check, issued, dc)
	if err != nil {
		http.Error(w, fmt.Sprint(err), 500)
	} else {
		encoder := json.NewEncoder(w)
		if err := encoder.Encode(aggregate); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
		}
	}
}
Beispiel #3
0
func (u *Uchiwa) getClientHandler(w http.ResponseWriter, r *http.Request) {
	urlStruct, _ := url.Parse(r.URL.String())
	id := urlStruct.Query().Get("id")
	dc := urlStruct.Query().Get("dc")
	if id == "" || dc == "" {
		http.Error(w, fmt.Sprint("Parameters 'id' and 'dc' are required"), http.StatusNotFound)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)
	unauthorized := FilterGetRequest(dc, token)

	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	client, err := u.GetClient(id, dc)
	if err != nil {
		http.Error(w, fmt.Sprint(err), http.StatusNotFound)
		return
	}

	encoder := json.NewEncoder(w)
	if err := encoder.Encode(client); err != nil {
		http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
		return
	}
}
Beispiel #4
0
// Results
func (u *Uchiwa) resultsHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "DELETE" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	resources := strings.Split(r.URL.Path, "/")
	if len(resources) != 5 {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	check := resources[4]
	client := resources[3]
	dc := resources[2]

	token := auth.GetTokenFromContext(r)

	unauthorized := FilterGetRequest(dc, token)
	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	err := u.DeleteCheckResult(check, client, dc)
	if err != nil {
		http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
		return
	}
}
Beispiel #5
0
func (u *Uchiwa) stashHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "POST" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	decoder := json.NewDecoder(r.Body)
	var data stash
	err := decoder.Decode(&data)
	if err != nil {
		http.Error(w, "Could not decode body", http.StatusInternalServerError)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)
	unauthorized := FilterGetRequest(data.Dc, token)

	// add username to the stash content
	if token != nil && token.Claims["Username"] != nil {
		data.Content["username"] = token.Claims["Username"]
	}

	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	err = u.PostStash(data)
	if err != nil {
		http.Error(w, "Could not create the stash", http.StatusNotFound)
	}
}
Beispiel #6
0
// Request
func (u *Uchiwa) requestHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "POST" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	decoder := json.NewDecoder(r.Body)
	var data structs.CheckExecution
	err := decoder.Decode(&data)
	if err != nil {
		http.Error(w, "Could not decode body", http.StatusInternalServerError)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)
	unauthorized := FilterGetRequest(data.Dc, token)
	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	err = u.IssueCheckExecution(data)
	if err != nil {
		http.Error(w, "Could not create the stash", http.StatusNotFound)
		return
	}

	return
}
Beispiel #7
0
// Stashes
func (u *Uchiwa) stashesHandler(w http.ResponseWriter, r *http.Request) {
	token := auth.GetTokenFromContext(r)
	resources := strings.Split(r.URL.Path, "/")

	if r.Method == "DELETE" && len(resources) >= 3 {
		dc := resources[2]
		path := strings.Join(resources[3:], "/")

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.DeleteStash(dc, path)
		if err != nil {
			http.Error(w, "Could not create the stash", http.StatusNotFound)
		}
	} else if r.Method == "GET" {
		stashes := FilterStashes(&u.Data.Stashes, token)

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(stashes); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else if r.Method == "POST" {
		decoder := json.NewDecoder(r.Body)
		var data stash
		err := decoder.Decode(&data)
		if err != nil {
			http.Error(w, "Could not decode body", http.StatusInternalServerError)
			return
		}

		// verify that the authenticated user is authorized to access this resource
		unauthorized := FilterGetRequest(data.Dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		if token != nil && token.Claims["Username"] != nil {
			data.Content["username"] = token.Claims["Username"]
		}

		err = u.PostStash(data)
		if err != nil {
			http.Error(w, "Could not create the stash", http.StatusNotFound)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #8
0
func (u *Uchiwa) getSensuHandler(w http.ResponseWriter, r *http.Request) {
	//Test()
	token := auth.GetTokenFromContext(r)
	data := FilterSensuData(token, u.Data)

	encoder := json.NewEncoder(w)
	if err := encoder.Encode(data); err != nil {
		http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
	}
}
Beispiel #9
0
// stashes
func (u *Uchiwa) stashesHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		token := auth.GetTokenFromContext(r)
		stashes := FilterStashes(&u.Data.Stashes, token)

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(stashes); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else if r.Method == "POST" {
		decoder := json.NewDecoder(r.Body)
		var data stash
		err := decoder.Decode(&data)
		if err != nil {
			http.Error(w, "Could not decode body", http.StatusInternalServerError)
			return
		}

		// verify that the authenticated user is authorized to access this resource
		token := auth.GetTokenFromContext(r)
		unauthorized := FilterGetRequest(data.Dc, token)

		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err = u.PostStash(data)
		if err != nil {
			http.Error(w, "Could not create the stash", http.StatusNotFound)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #10
0
// Subscriptions
func (u *Uchiwa) subscriptionsHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	token := auth.GetTokenFromContext(r)
	subscriptions := FilterSubscriptions(&u.Data.Subscriptions, token)

	encoder := json.NewEncoder(w)
	if err := encoder.Encode(subscriptions); err != nil {
		http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
		return
	}
}
Beispiel #11
0
// Events
func (u *Uchiwa) eventsHandler(w http.ResponseWriter, r *http.Request) {
	token := auth.GetTokenFromContext(r)

	// DELETE on /events
	if r.Method == "DELETE" {
		resources := strings.Split(r.URL.Path, "/")
		if len(resources) != 5 {
			http.Error(w, "", http.StatusBadRequest)
			return
		}

		check := resources[4]
		client := resources[3]
		dc := resources[2]

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.ResolveEvent(check, client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
			return
		}

	} else if r.Method == "GET" {
		// GET on /events
		events := FilterEvents(&u.Data.Events, token)

		// Create header
		w.Header().Add("Accept-Charset", "utf-8")
		w.Header().Add("Content-Type", "application/json")
		w.Header().Set("Content-Encoding", "gzip")

		gz := gzip.NewWriter(w)
		defer gz.Close()
		if err := json.NewEncoder(gz).Encode(events); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
		return
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #12
0
// Datacenters
func (u *Uchiwa) datacentersHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	token := auth.GetTokenFromContext(r)
	datacenters := FilterDatacenters(u.Data.Dc, token)

	// Create header
	w.Header().Add("Accept-Charset", "utf-8")
	w.Header().Add("Content-Type", "application/json")
	w.Header().Set("Content-Encoding", "gzip")

	gz := gzip.NewWriter(w)
	defer gz.Close()
	if err := json.NewEncoder(gz).Encode(datacenters); err != nil {
		http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
		return
	}
	return
}
Beispiel #13
0
// Events
func (u *Uchiwa) eventsHandler(w http.ResponseWriter, r *http.Request) {
	token := auth.GetTokenFromContext(r)

	if r.Method == "DELETE" {
		resources := strings.Split(r.URL.Path, "/")
		if len(resources) != 5 {
			http.Error(w, "", http.StatusBadRequest)
			return
		}

		check := resources[4]
		client := resources[3]
		dc := resources[2]

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.ResolveEvent(check, client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
			return
		}

	} else if r.Method == "GET" {
		events := FilterEvents(&u.Data.Events, token)

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(events); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #14
0
func (u *Uchiwa) postEventHandler(w http.ResponseWriter, r *http.Request) {
	decoder := json.NewDecoder(r.Body)
	var data interface{}
	err := decoder.Decode(&data)
	if err != nil {
		http.Error(w, fmt.Sprint("Could not decode body"), http.StatusInternalServerError)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)
	unauthorized := FilterPostRequest(token, &data)

	if unauthorized {
		http.Error(w, fmt.Sprint(""), http.StatusNotFound)
		return
	}

	err = u.ResolveEvent(data)

	if err != nil {
		http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
	}
}
Beispiel #15
0
// Aggregates
func (u *Uchiwa) aggregatesHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	// verify that the authenticated user is authorized to access this resource
	token := auth.GetTokenFromContext(r)

	resources := strings.Split(r.URL.Path, "/")

	// GET on /aggregates
	if len(resources) == 2 {
		token := auth.GetTokenFromContext(r)
		aggregates := FilterAggregates(&u.Data.Aggregates, token)

		// Create header
		w.Header().Add("Accept-Charset", "utf-8")
		w.Header().Add("Content-Type", "application/json")
		w.Header().Set("Content-Encoding", "gzip")

		gz := gzip.NewWriter(w)
		defer gz.Close()
		if err := json.NewEncoder(gz).Encode(aggregates); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
		return
	} else if len(resources) == 5 {
		// GET on /aggregates/{dc}/{check}/{issued}
		check := resources[3]
		dc := resources[2]
		issued := resources[4]

		if check == "" || dc == "" || issued == "" {
			http.Error(w, "", http.StatusBadRequest)
			return
		}

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		aggregate, err := u.GetAggregateByIssued(check, issued, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), 500)
			return
		}

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(aggregate); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #16
0
// Stashes
func (u *Uchiwa) stashesHandler(w http.ResponseWriter, r *http.Request) {
	token := auth.GetTokenFromContext(r)
	resources := strings.Split(r.URL.Path, "/")

	// DELETE on /stashes/{dc}/{path}
	if r.Method == "DELETE" && len(resources) >= 3 {
		dc := resources[2]
		path := strings.Join(resources[3:], "/")

		if dc == "" || path == "" {
			http.Error(w, "", http.StatusBadRequest)
			return
		}

		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.DeleteStash(dc, path)
		if err != nil {
			logger.Warningf("Could not delete the stash '%s': %s", path, err)
			http.Error(w, "Could not create the stash", http.StatusNotFound)
			return
		}
	} else if r.Method == "GET" {
		// GET on /stashes
		stashes := FilterStashes(&u.Data.Stashes, token)

		// Create header
		w.Header().Add("Accept-Charset", "utf-8")
		w.Header().Add("Content-Type", "application/json")
		w.Header().Set("Content-Encoding", "gzip")

		gz := gzip.NewWriter(w)
		defer gz.Close()
		if err := json.NewEncoder(gz).Encode(stashes); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
		return
	} else if r.Method == "POST" {
		// POST on /stashes
		decoder := json.NewDecoder(r.Body)
		var data stash
		err := decoder.Decode(&data)
		if err != nil {
			http.Error(w, "Could not decode body", http.StatusInternalServerError)
			return
		}

		// verify that the authenticated user is authorized to access this resource
		unauthorized := FilterGetRequest(data.Dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		if token != nil && token.Claims["Username"] != nil {
			data.Content["username"] = token.Claims["Username"]
		}

		err = u.PostStash(data)
		if err != nil {
			http.Error(w, "Could not create the stash", http.StatusNotFound)
			return
		}
	} else {
		http.Error(w, "", http.StatusBadRequest)
		return
	}
}
Beispiel #17
0
// Clients
func (u *Uchiwa) clientsHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "DELETE" && r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	token := auth.GetTokenFromContext(r)

	resources := strings.Split(r.URL.Path, "/")

	// GET on /clients
	if len(resources) == 2 && r.Method == "GET" {
		clients := FilterClients(&u.Data.Clients, token)

		// Create header
		w.Header().Add("Accept-Charset", "utf-8")
		w.Header().Add("Content-Type", "application/json")
		w.Header().Set("Content-Encoding", "gzip")

		gz := gzip.NewWriter(w)
		defer gz.Close()
		if err := json.NewEncoder(gz).Encode(clients); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
		return
	} else if len(resources) != 4 {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	client := resources[3]
	dc := resources[2]

	if client == "" || dc == "" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	// DELETE on /clients
	if r.Method == "DELETE" {
		// verify that the authenticated user is authorized to access this resource
		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.DeleteClient(client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
			return
		}
	} else if r.Method == "GET" {
		// GET on /clients/{client}
		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		data, err := u.GetClient(client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusNotFound)
			return
		}

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(data); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	}
}
Beispiel #18
0
// Clients
func (u *Uchiwa) clientsHandler(w http.ResponseWriter, r *http.Request) {
	if r.Method != "DELETE" && r.Method != "GET" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	token := auth.GetTokenFromContext(r)

	resources := strings.Split(r.URL.Path, "/")
	if len(resources) == 2 && r.Method == "GET" {
		clients := FilterClients(&u.Data.Clients, token)
		encoder := json.NewEncoder(w)
		if err := encoder.Encode(clients); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
		return
	} else if len(resources) != 4 {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	client := resources[3]
	dc := resources[2]

	if client == "" || dc == "" {
		http.Error(w, "", http.StatusBadRequest)
		return
	}

	if r.Method == "DELETE" {
		// verify that the authenticated user is authorized to access this resource
		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		err := u.DeleteClient(client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusInternalServerError)
			return
		}
	} else if r.Method == "GET" {
		unauthorized := FilterGetRequest(dc, token)
		if unauthorized {
			http.Error(w, fmt.Sprint(""), http.StatusNotFound)
			return
		}

		data, err := u.GetClient(client, dc)
		if err != nil {
			http.Error(w, fmt.Sprint(err), http.StatusNotFound)
			return
		}

		encoder := json.NewEncoder(w)
		if err := encoder.Encode(data); err != nil {
			http.Error(w, fmt.Sprintf("Cannot encode response data: %v", err), http.StatusInternalServerError)
			return
		}
	}
}