//GetSchema returns the schema filtered and trimmed for a specific user or nil when the user shouldn't see it at all
func GetSchema(s *schema.Schema, authorization schema.Authorization) (result *schema.Resource, err error) {
manager := schema.GetManager()
metaschema, _ := manager.Schema("schema")
policy, _ := manager.PolicyValidate("read", s.GetPluralURL(), authorization)
if policy == nil {
return
}
if s.IsAbstract() {
return
}
rawSchema := s.JSON()
filteredSchema := util.ExtendMap(nil, s.JSONSchema)
rawSchema["schema"] = filteredSchema
schemaProperties, schemaPropertiesOrder, schemaRequired := policy.FilterSchema(
util.MaybeMap(s.JSONSchema["properties"]),
util.MaybeStringList(s.JSONSchema["propertiesOrder"]),
util.MaybeStringList(s.JSONSchema["required"]))
filteredSchema["properties"] = schemaProperties
filteredSchema["propertiesOrder"] = schemaPropertiesOrder
filteredSchema["required"] = schemaRequired
result, err = schema.NewResource(metaschema, rawSchema)
if err != nil {
log.Warning("%s %s", result, err)
return
}
return
}
func clearTable(tx transaction.Transaction, s *schema.Schema) error {
if s.IsAbstract() {
return nil
}
for _, schema := range schema.GetManager().Schemas() {
if schema.ParentSchema == s {
err := clearTable(tx, schema)
if err != nil {
return err
}
} else {
for _, property := range schema.Properties {
if property.Relation == s.Singular {
err := clearTable(tx, schema)
if err != nil {
return err
}
}
}
}
}
resources, _, err := tx.List(s, nil, nil)
if err != nil {
return err
}
for _, resource := range resources {
err = tx.Delete(s, resource.ID())
if err != nil {
return err
}
}
return nil
}
//DropTable drop table definition
func (db *DB) DropTable(s *schema.Schema) error {
if s.IsAbstract() {
return nil
}
sql := fmt.Sprintf("drop table if exists %s\n", quote(s.GetDbTableName()))
_, err := db.DB.Exec(sql)
return err
}
//RegisterTable creates table in the db
func (db *DB) RegisterTable(s *schema.Schema, cascade bool) error {
if s.IsAbstract() {
return nil
}
tableDef, err := db.AlterTableDef(s, cascade)
if err != nil {
tableDef = db.GenTableDef(s, cascade)
}
if tableDef == "" {
return nil
}
_, err = db.DB.Exec(tableDef)
return err
}
//RegisterTable creates table in the db
func (db *DB) RegisterTable(s *schema.Schema, cascade bool) error {
if s.IsAbstract() {
return nil
}
tableDef, indices, err := db.AlterTableDef(s, cascade)
if err != nil {
tableDef, indices = db.GenTableDef(s, cascade)
}
if tableDef == "" {
return nil
}
_, err = db.DB.Exec(tableDef)
if err != nil && indices != nil {
for _, indexSql := range indices {
_, err = db.DB.Exec(indexSql)
if err != nil {
return err
}
}
}
return err
}
//MapRouteBySchema setup api route by schema
func MapRouteBySchema(server *Server, dataStore db.DB, s *schema.Schema) {
if s.IsAbstract() {
return
}
route := server.martini
singleURL := s.GetSingleURL()
pluralURL := s.GetPluralURL()
singleURLWithParents := s.GetSingleURLWithParents()
pluralURLWithParents := s.GetPluralURLWithParents()
//load extension environments
environmentManager := extension.GetManager()
if _, ok := environmentManager.GetEnvironment(s.ID); !ok {
env, err := server.NewEnvironmentForPath(s.ID, pluralURL)
if err != nil {
log.Fatal(fmt.Sprintf("[%s] %v", pluralURL, err))
}
environmentManager.RegisterEnvironment(s.ID, env)
}
log.Debug("[Plural Path] %s", pluralURL)
log.Debug("[Singular Path] %s", singleURL)
log.Debug("[Plural Path With Parents] %s", pluralURLWithParents)
log.Debug("[Singular Path With Parents] %s", singleURLWithParents)
//setup list route
getPluralFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
if err := resources.GetMultipleResources(context, dataStore, s, r.URL.Query()); err != nil {
handleError(w, err)
return
}
w.Header().Add("X-Total-Count", fmt.Sprint(context["total"]))
routes.ServeJson(w, context["response"])
}
route.Get(pluralURL, middleware.Authorization(schema.ActionRead), getPluralFunc)
route.Get(pluralURLWithParents, middleware.Authorization(schema.ActionRead), func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
getPluralFunc(w, r, p, identityService, context)
})
//setup show route
getSingleFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
id := p["id"]
if err := resources.GetSingleResource(context, dataStore, s, id); err != nil {
handleError(w, err)
return
}
routes.ServeJson(w, context["response"])
}
route.Get(singleURL, middleware.Authorization(schema.ActionRead), getSingleFunc)
route.Get(singleURLWithParents, middleware.Authorization(schema.ActionRead), func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
getSingleFunc(w, r, p, identityService, context)
})
//setup delete route
deleteSingleFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
id := p["id"]
if err := resources.DeleteResource(context, dataStore, s, id); err != nil {
handleError(w, err)
return
}
w.WriteHeader(http.StatusNoContent)
}
route.Delete(singleURL, middleware.Authorization(schema.ActionDelete), deleteSingleFunc)
route.Delete(singleURLWithParents, middleware.Authorization(schema.ActionDelete), func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
deleteSingleFunc(w, r, p, identityService, context)
})
//setup create route
postPluralFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
dataMap, err := middleware.ReadJSON(r)
if err != nil {
handleError(w, resources.NewResourceError(err, fmt.Sprintf("Failed to parse data: %s", err), resources.WrongData))
return
}
dataMap = removeResourceWrapper(s, dataMap)
if s.Parent != "" {
if _, ok := dataMap[s.ParentID()]; !ok {
queryParams := r.URL.Query()
parentIDParam := queryParams.Get(s.ParentID())
if parentIDParam != "" {
dataMap[s.ParentID()] = parentIDParam
}
}
}
if err := resources.CreateResource(context, dataStore, identityService, s, dataMap); err != nil {
handleError(w, err)
return
}
w.WriteHeader(http.StatusCreated)
routes.ServeJson(w, context["response"])
}
route.Post(pluralURL, middleware.Authorization(schema.ActionCreate), postPluralFunc)
route.Post(pluralURLWithParents, middleware.Authorization(schema.ActionCreate),
func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
postPluralFunc(w, r, p, identityService, context)
})
//setup create or update route
putSingleFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
id := p["id"]
dataMap, err := middleware.ReadJSON(r)
if err != nil {
handleError(w, resources.NewResourceError(err, fmt.Sprintf("Failed to parse data: %s", err), resources.WrongData))
return
}
dataMap = removeResourceWrapper(s, dataMap)
if isCreated, err := resources.CreateOrUpdateResource(
context, dataStore, identityService, s, id, dataMap); err != nil {
handleError(w, err)
return
} else if isCreated {
w.WriteHeader(http.StatusCreated)
}
routes.ServeJson(w, context["response"])
}
route.Put(singleURL, middleware.Authorization(schema.ActionUpdate), putSingleFunc)
route.Put(singleURLWithParents, middleware.Authorization(schema.ActionUpdate),
func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
putSingleFunc(w, r, p, identityService, context)
})
//setup update route
patchSingleFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
id := p["id"]
dataMap, err := middleware.ReadJSON(r)
if err != nil {
handleError(w, resources.NewResourceError(err, fmt.Sprintf("Failed to parse data: %s", err), resources.WrongData))
return
}
dataMap = removeResourceWrapper(s, dataMap)
if err := resources.UpdateResource(
context, dataStore, identityService, s, id, dataMap); err != nil {
handleError(w, err)
return
}
routes.ServeJson(w, context["response"])
}
route.Patch(singleURL, middleware.Authorization(schema.ActionUpdate), patchSingleFunc)
route.Patch(singleURLWithParents, middleware.Authorization(schema.ActionUpdate),
func(w http.ResponseWriter, r *http.Request, p martini.Params, identityService middleware.IdentityService, context middleware.Context) {
addParamToQuery(r, schema.FormatParentID(s.Parent), p[s.Parent])
patchSingleFunc(w, r, p, identityService, context)
})
//Custom action support
for _, actionExt := range s.Actions {
action := actionExt
ActionFunc := func(w http.ResponseWriter, r *http.Request, p martini.Params,
identityService middleware.IdentityService, auth schema.Authorization, context middleware.Context) {
addJSONContentTypeHeader(w)
fillInContext(context, dataStore, r, w, s, p, server.sync, identityService, server.queue)
id := p["id"]
input := make(map[string]interface{})
if action.InputSchema != nil {
var err error
input, err = middleware.ReadJSON(r)
if err != nil {
handleError(w, resources.NewResourceError(err, fmt.Sprintf("Failed to parse data: %s", err), resources.WrongData))
return
}
}
// TODO use authorization middleware
manager := schema.GetManager()
path := r.URL.Path
policy, role := manager.PolicyValidate(action.ID, path, auth)
if policy == nil {
middleware.HTTPJSONError(w, fmt.Sprintf("No matching policy: %s %s %s", action, path, s.Actions), http.StatusUnauthorized)
return
}
context["policy"] = policy
context["tenant_id"] = auth.TenantID()
context["auth_token"] = auth.AuthToken()
context["role"] = role
context["catalog"] = auth.Catalog()
context["auth"] = auth
if err := resources.ActionResource(
context, dataStore, identityService, s, action, id, input); err != nil {
handleError(w, err)
return
}
routes.ServeJson(w, context["response"])
}
route.AddRoute(action.Method, s.GetActionURL(action.Path), ActionFunc)
}
}