// title: service proxy // path: /services/proxy/service/{service} // method: "*" // responses: // 401: Unauthorized // 404: Service not found func serviceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) (err error) { parseFormPreserveBody(r) serviceName := r.URL.Query().Get(":service") s, err := getService(serviceName) if err != nil { return err } allowed := permission.Check(t, permission.PermServiceUpdateProxy, contextsForServiceProvision(&s)..., ) if !allowed { return permission.ErrUnauthorized } if r.Method != httpMethodGet && r.Method != httpMethodHead { evt, err := event.New(&event.Opts{ Target: serviceTarget(s.Name), Kind: permission.PermServiceUpdateProxy, Owner: t, CustomData: append(event.FormToCustomData(r.Form), map[string]interface{}{ "name": "method", "value": r.Method, }), Allowed: event.Allowed(permission.PermServiceReadEvents, contextsForServiceProvision(&s)...), }) if err != nil { return err } defer func() { evt.Done(err) }() } path := r.URL.Query().Get("callback") return service.Proxy(&s, path, w, r) }
func serviceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) error { serviceName := r.URL.Query().Get(":service") user, err := t.User() if err != nil { return err } se, err := getServiceByOwner(serviceName, user) if err != nil { return err } path := r.URL.Query().Get("callback") return service.Proxy(&se, path, w, r) }
func serviceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) error { u, err := t.User() if err != nil { return err } siName := r.URL.Query().Get(":instance") si, err := getServiceInstanceOrError(siName, u) if err != nil { return err } path := r.URL.Query().Get("callback") rec.Log(u.Email, "service-proxy-status", siName, path) return service.Proxy(si, path, w, r) }
func serviceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) error { serviceName := r.URL.Query().Get(":service") s, err := getService(serviceName) if err != nil { return err } allowed := permission.Check(t, permission.PermServiceUpdateProxy, append(permission.Contexts(permission.CtxTeam, s.OwnerTeams), permission.Context(permission.CtxService, s.Name), )..., ) if !allowed { return permission.ErrUnauthorized } path := r.URL.Query().Get("callback") return service.Proxy(&s, path, w, r) }
func serviceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) error { u, err := t.User() if err != nil { return err } siName := r.URL.Query().Get(":instance") si, err := getServiceInstanceOrError(siName, u) if err != nil { return err } path := r.URL.Query().Get("callback") rec.Log(u.Email, "service-proxy-status", siName, path) response, _ := service.Proxy(si, r.Method, path, r.Body) w.WriteHeader(response.StatusCode) defer response.Body.Close() io.Copy(w, response.Body) return nil }
func serviceInstanceProxy(w http.ResponseWriter, r *http.Request, t auth.Token) error { serviceName := r.URL.Query().Get(":service") instanceName := r.URL.Query().Get(":instance") serviceInstance, err := getServiceInstanceOrError(serviceName, instanceName) if err != nil { return err } permissionValue := serviceName + "/" + instanceName allowed := permission.Check(t, permission.PermServiceInstanceUpdateProxy, append(permission.Contexts(permission.CtxTeam, serviceInstance.Teams), permission.Context(permission.CtxServiceInstance, permissionValue), )..., ) if !allowed { return permission.ErrUnauthorized } path := r.URL.Query().Get("callback") rec.Log(t.GetUserName(), "service-instance-proxy", serviceName, instanceName, path) return service.Proxy(serviceInstance.Service(), path, w, r) }