Golang ApiContext.VerifyAccessTags Examples

Programming Language: Golang

Namespace/Package Name: github.com/cloudsecurityalliance/ctpd/server/ctp

Class/Type: ApiContext

Method/Function: VerifyAccessTags

Examples at hotexamples.com: 3

Golang ApiContext.VerifyAccessTags - 3 examples found. These are the top rated real world Golang examples of github.com/cloudsecurityalliance/ctpd/server/ctp.ApiContext.VerifyAccessTags extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

AuthenticateClient(3)

VerifyAccessTags(3)

Example #1

Show file

File: baseuri.go Project: ehengzh/ctpd

// HandleGETBaseURI handles a request to the baseURI.
// It proceeds differently from other resources, which user the 'handler' paradigm.
func HandleGETBaseURI(w http.ResponseWriter, r *http.Request, context *ctp.ApiContext) {

	if !context.AuthenticateClient(w, r) {
		ctp.Log(context, "Missing access tags")
		return
	}

	if !context.VerifyAccessTags(w, ctp.UserAccess) {
		ctp.Log(context, "Mismatched access tags for API signature")
		return
	}

	base := new(BaseURI)

	base.Version = "0"
	base.Annotation = "ctpd prototype server"
	base.BuildLinks(context)

	ctp.RenderJsonResponse(w, context, 200, base)
}

Example #2

Show file

File: baseuri.go Project: cloudsecurityalliance/ctpd

// HandleGETBaseURI handles a request to the baseURI.
// It proceeds differently from other resources, which user the 'handler' paradigm.
func HandleGETBaseURI(w http.ResponseWriter, r *http.Request, context *ctp.ApiContext) {

	if !context.AuthenticateClient(w, r) {
		ctp.Log(context, ctp.WARNING, "Missing access tags")
		return
	}

	if !context.VerifyAccessTags(w, ctp.UserRoleTag) {
		ctp.Log(context, ctp.WARNING, "Mismatched access tags for API signature")
		return
	}

	base := new(BaseURI)

	if !ctp.LoadResource(context, "baseuri", ctp.Base64Id("0"), base) {
		base.Version = "0"
		base.Annotation = "Unconfigured ctpd prototype server"
	}
	base.BuildLinks(context)

	ctp.RenderJsonResponse(w, context, 200, base)
}

Example #3

Show file

File: collections.go Project: cloudsecurityalliance/ctpd

func HandleGETCollection(w http.ResponseWriter, r *http.Request, context *ctp.ApiContext) {
	var item ctp.NamedResource
	var parent ctp.Resource
	var query *mgo.Query
	var collectionType string
	var skip, page, items int
	var err error

	collection := new(Collection)
	selector := make(bson.M)

	if name, ok := r.URL.Query()["name"]; ok {
		selector["name"] = name[0]
	}

	page_query := r.URL.Query().Get("page")
	items_query := r.URL.Query().Get("items")
	if page_query != "" || items_query != "" {
		if page_query == "" || items_query == "" {
			ctp.RenderErrorResponse(w, context, ctp.NewHttpError(http.StatusBadRequest, "Must specify both 'page' and 'items' in query string."))
			return
		}
		if page, err = strconv.Atoi(page_query); err != nil || page < 0 {
			ctp.RenderErrorResponse(w, context, ctp.NewHttpError(http.StatusBadRequest, "page must be a positive number."))
			return
		}
		if items, err = strconv.Atoi(items_query); err != nil || items <= 0 {
			ctp.RenderErrorResponse(w, context, ctp.NewHttpError(http.StatusBadRequest, "items must be a non-zero positive number."))
		}
		skip = items * page
	}

	if !context.AuthenticateClient(w, r) {
		return
	}

	var mgoCollection *mgo.Collection

	if len(context.Params) == 1 {
		collectionType = context.Params[0]
		mgoCollection = context.Session.DB("ctp").C(collectionType)

		switch collectionType {
		case "serviceViews":
			if !context.VerifyAccessTags(w, ctp.UserRoleTag) {
				return
			}
			if !ctp.MatchTags(context.AccountTags, ctp.AdminRoleTag) {
				selector["accessTags"] = bson.M{"$in": context.AccountTags.WithPrefix("account:")}
			}
		case "metrics":
			if !context.VerifyAccessTags(w, ctp.UserRoleTag) {
				return
			}
		default:
			if !context.VerifyAccessTags(w, ctp.AdminRoleTag) {
				return
			}
		}
	} else {
		if !context.VerifyAccessTags(w, ctp.UserRoleTag) {
			return
		}

		if !ctp.LoadResource(context, context.Params[0], ctp.Base64Id(context.Params[1]), &parent) {
			ctp.RenderErrorResponse(w, context, ctp.NewNotFoundErrorf("Not found - /%s/%s does not exist", context.Params[0], context.Params[1]))
			return
		}

		if !context.VerifyAccessTags(w, parent.AccessTags) {
			return
		}
		collection.Scope = ctp.NewLink(context.CtpBase, "/$/$", context.Params[0], context.Params[1])

		collectionType = context.Params[2]
		if context.Params[2] == "indicators" {
			mgoCollection = context.Session.DB("ctp").C("measurements")
		} else {
			mgoCollection = context.Session.DB("ctp").C(collectionType)
		}
		selector["parent"] = context.Params[1]
	}

	query = mgoCollection.Find(selector)

	collection_length, err := query.Count()
	if err != nil {
		ctp.RenderErrorResponse(w, context, ctp.NewInternalServerError(err))
		return
	}

	query = query.Sort("$natural").Skip(skip).Limit(items)

	returned_length, err := query.Count()
	if err != nil {
		ctp.RenderErrorResponse(w, context, ctp.NewInternalServerError(err))
		return
	}

	collection.Self = ctp.Link(r.URL.RequestURI())
	collection.CollectionLength = collection_length
	collection.ReturnedLength = returned_length
	collection.CollectionType = collectionType
	collection.Items = make([]CollectionItem, 0, returned_length)

	iter := query.Iter()
	for iter.Next(&item) {
		collection.Items = append(collection.Items, CollectionItem{
			Link: ctp.NewLink(context.CtpBase, "@/$/$", collectionType, item.Id),
			Name: item.Name,
		})
	}

	if err := iter.Close(); err != nil {
		ctp.RenderErrorResponse(w, context, ctp.NewInternalServerError(err))
		return
	}

	ctp.RenderJsonResponse(w, context, 200, collection)
}