// universeFormat returns a sorted list of this cookbook's versions, formatted // to be compatible with the supermarket/berks /universe endpoint. func (c *Cookbook) universeFormat() map[string]interface{} { u := make(map[string]interface{}) for _, cbv := range c.sortedVersions() { v := make(map[string]interface{}) v["location_path"] = util.CustomObjURL(c, cbv.Version) v["location_type"] = "chef_server" v["dependencies"] = cbv.Metadata["dependencies"] u[cbv.Version] = v } return u }
// CookbookLatest returns the URL of the latest version of each cookbook on the // server. func CookbookLatest() map[string]interface{} { latest := make(map[string]interface{}) if config.UsingDB() { cs := CookbookLister("") for name, cbdata := range cs { if len(cbdata.(map[string]interface{})["versions"].([]interface{})) > 0 { latest[name] = cbdata.(map[string]interface{})["versions"].([]interface{})[0].(map[string]string)["url"] } } } else { for _, cb := range AllCookbooks() { latest[cb.Name] = util.CustomObjURL(cb, cb.LatestVersion().Version) } } return latest }
func (c *Cookbook) infoHashBase(numResults interface{}, constraint string) map[string]interface{} { cbHash := make(map[string]interface{}) cbHash["url"] = util.ObjURL(c) nr := 0 /* Working to maintain Chef server behavior here. We need to make "all" * give all versions of the cookbook and make no value give one version, * but keep 0 as invalid input that gives zero results back. This might * be an area worth breaking. */ var numVersions int allVersions := false if numResults != "" && numResults != "all" { numVersions, _ = strconv.Atoi(numResults.(string)) } else if numResults == "" { numVersions = 1 } else { allVersions = true } cbHash["versions"] = make([]interface{}, 0) var constraintVersion string var constraintOp string if constraint != "" { traints := strings.Split(constraint, " ") /* If the constraint isn't well formed like ">= 1.2.3", log the * fact and ignore the constraint. */ if len(traints) == 2 { constraintVersion = traints[1] constraintOp = traints[0] } else { logger.Warningf("Constraint '%s' for cookbook %s was badly formed -- bailing.\n", constraint, c.Name) return nil } } VerLoop: for _, cv := range c.sortedVersions() { if !allVersions && nr >= numVersions { break } /* Version constraint checking. */ if constraint != "" { conAction := verConstraintCheck(cv.Version, constraintVersion, constraintOp) switch conAction { case "skip": /* Skip this version, keep going. */ continue VerLoop case "break": /* Stop processing entirely. */ break VerLoop /* Default action is, of course, to continue on * like nothing happened. Later, we need to * panic over an invalid constraint. */ } } cvInfo := make(map[string]string) cvInfo["url"] = util.CustomObjURL(c, cv.Version) cvInfo["version"] = cv.Version cbHash["versions"] = append(cbHash["versions"].([]interface{}), cvInfo) nr++ } return cbHash }
func dataHandler(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") pathArray := splitPath(r.URL.Path) dbResponse := make(map[string]interface{}) opUser, oerr := actor.GetReqUser(r.Header.Get("X-OPS-USERID")) if oerr != nil { jsonErrorReport(w, r, oerr.Error(), oerr.Status()) return } if len(pathArray) == 1 { /* Either a list of data bags, or a POST to create a new one */ switch r.Method { case "GET": if opUser.IsValidator() { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } /* The list */ dbList := databag.GetList() for _, k := range dbList { dbResponse[k] = util.CustomURL(fmt.Sprintf("/data/%s", k)) } case "POST": if !opUser.IsAdmin() { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } dbData, jerr := parseObjJSON(r.Body) if jerr != nil { jsonErrorReport(w, r, jerr.Error(), http.StatusBadRequest) return } /* check that the name exists */ switch t := dbData["name"].(type) { case string: if t == "" { jsonErrorReport(w, r, "Field 'name' missing", http.StatusBadRequest) return } default: jsonErrorReport(w, r, "Field 'name' missing", http.StatusBadRequest) return } chefDbag, _ := databag.Get(dbData["name"].(string)) if chefDbag != nil { httperr := fmt.Errorf("Data bag %s already exists.", dbData["name"].(string)) jsonErrorReport(w, r, httperr.Error(), http.StatusConflict) return } chefDbag, nerr := databag.New(dbData["name"].(string)) if nerr != nil { jsonErrorReport(w, r, nerr.Error(), nerr.Status()) return } serr := chefDbag.Save() if serr != nil { jsonErrorReport(w, r, serr.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, chefDbag, "create"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } dbResponse["uri"] = util.ObjURL(chefDbag) w.WriteHeader(http.StatusCreated) default: /* The chef-pedant spec wants this response for * some reason. Mix it up, I guess. */ w.Header().Set("Allow", "GET, POST") jsonErrorReport(w, r, "GET, POST", http.StatusMethodNotAllowed) return } } else { dbName := pathArray[1] /* chef-pedant is unhappy about not reporting the HTTP status * as 404 by fetching the data bag before we see if the method * is allowed, so do a quick check for that here. */ if (len(pathArray) == 2 && r.Method == "PUT") || (len(pathArray) == 3 && r.Method == "POST") { var allowed string if len(pathArray) == 2 { allowed = "GET, POST, DELETE" } else { allowed = "GET, PUT, DELETE" } w.Header().Set("Allow", allowed) jsonErrorReport(w, r, "Method not allowed", http.StatusMethodNotAllowed) return } if opUser.IsValidator() || (!opUser.IsAdmin() && r.Method != "GET") { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } chefDbag, err := databag.Get(dbName) if err != nil { var errMsg string status := err.Status() if r.Method == "POST" { /* Posts get a special snowflake message */ errMsg = fmt.Sprintf("No data bag '%s' could be found. Please create this data bag before adding items to it.", dbName) } else { if len(pathArray) == 3 { /* This is nuts. */ if r.Method == "DELETE" { errMsg = fmt.Sprintf("Cannot load data bag %s item %s", dbName, pathArray[2]) } else { errMsg = fmt.Sprintf("Cannot load data bag item %s for data bag %s", pathArray[2], dbName) } } else { errMsg = err.Error() } } jsonErrorReport(w, r, errMsg, status) return } if len(pathArray) == 2 { /* getting list of data bag items and creating data bag * items. */ switch r.Method { case "GET": for _, k := range chefDbag.ListDBItems() { dbResponse[k] = util.CustomObjURL(chefDbag, k) } case "DELETE": /* The chef API docs don't say anything * about this existing, but it does, * and without it you can't delete data * bags at all. */ dbResponse["chef_type"] = "data_bag" dbResponse["json_class"] = "Chef::DataBag" dbResponse["name"] = chefDbag.Name err := chefDbag.Delete() if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, chefDbag, "delete"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } case "POST": rawData := databag.RawDataBagJSON(r.Body) dbitem, nerr := chefDbag.NewDBItem(rawData) if nerr != nil { jsonErrorReport(w, r, nerr.Error(), nerr.Status()) return } if lerr := loginfo.LogEvent(opUser, dbitem, "create"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } /* The data bag return values are all * kinds of weird. Sometimes it sends * just the raw data, sometimes it sends * the whole object, sometimes a special * snowflake version. Ugh. Have to loop * through to avoid updating the pointer * in the cache by just assigning * dbitem.RawData to dbResponse. Urk. */ for k, v := range dbitem.RawData { dbResponse[k] = v } dbResponse["data_bag"] = dbitem.DataBagName dbResponse["chef_type"] = dbitem.ChefType w.WriteHeader(http.StatusCreated) default: w.Header().Set("Allow", "GET, DELETE, POST") jsonErrorReport(w, r, "GET, DELETE, POST", http.StatusMethodNotAllowed) return } } else { /* getting, editing, and deleting existing data bag items. */ dbItemName := pathArray[2] if _, err := chefDbag.GetDBItem(dbItemName); err != nil { var httperr string if r.Method != "DELETE" { httperr = fmt.Sprintf("Cannot load data bag item %s for data bag %s", dbItemName, chefDbag.Name) } else { httperr = fmt.Sprintf("Cannot load data bag %s item %s", chefDbag.Name, dbItemName) } jsonErrorReport(w, r, httperr, http.StatusNotFound) return } switch r.Method { case "GET": dbi, err := chefDbag.GetDBItem(dbItemName) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } dbResponse = dbi.RawData case "DELETE": dbi, err := chefDbag.GetDBItem(dbItemName) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } /* Gotta short circuit this */ enc := json.NewEncoder(w) if err := enc.Encode(&dbi); err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } err = chefDbag.DeleteDBItem(dbItemName) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, dbi, "delete"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } return case "PUT": rawData := databag.RawDataBagJSON(r.Body) if rawID, ok := rawData["id"]; ok { switch rawID := rawID.(type) { case string: if rawID != dbItemName { jsonErrorReport(w, r, "DataBagItem name mismatch.", http.StatusBadRequest) return } default: jsonErrorReport(w, r, "Bad request", http.StatusBadRequest) return } } dbitem, err := chefDbag.UpdateDBItem(dbItemName, rawData) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, dbitem, "modify"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } /* Another weird data bag item response * which isn't at all unusual. */ for k, v := range dbitem.RawData { dbResponse[k] = v } dbResponse["data_bag"] = dbitem.DataBagName dbResponse["chef_type"] = dbitem.ChefType dbResponse["id"] = dbItemName default: w.Header().Set("Allow", "GET, DELETE, PUT") jsonErrorReport(w, r, "GET, DELETE, PUT", http.StatusMethodNotAllowed) return } } } enc := json.NewEncoder(w) if err := enc.Encode(&dbResponse); err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) } }
func cookbookHandler(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") pathArray := splitPath(r.URL.Path) cookbookResponse := make(map[string]interface{}) opUser, oerr := actor.GetReqUser(r.Header.Get("X-OPS-USERID")) if oerr != nil { jsonErrorReport(w, r, oerr.Error(), oerr.Status()) return } var numResults string r.ParseForm() if nrs, found := r.Form["num_versions"]; found { if len(nrs) < 0 { jsonErrorReport(w, r, "invalid num_versions", http.StatusBadRequest) return } numResults = nrs[0] err := util.ValidateNumVersions(numResults) if err != nil { jsonErrorReport(w, r, err.Error(), err.Status()) return } } force := "" if f, fok := r.Form["force"]; fok { if len(f) > 0 { force = f[0] } } pathArrayLen := len(pathArray) /* 1 and 2 length path arrays only support GET */ if pathArrayLen < 3 && r.Method != "GET" { jsonErrorReport(w, r, "Bad request.", http.StatusMethodNotAllowed) return } else if pathArrayLen < 3 && opUser.IsValidator() { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } /* chef-pedant is happier when checking if a validator can do something * surprisingly late in the game. It wants the perm checks to be * checked after the method for the end point is checked out as * something it's going to handle, so, for instance, issuing a DELETE * against an endpoint where that isn't allowed should respond with a * 405, rather than a 403, which also makes sense in areas where * validators shouldn't be able to do anything. *shrugs* */ if pathArrayLen == 1 { /* list all cookbooks */ for _, cb := range cookbook.AllCookbooks() { cookbookResponse[cb.Name] = cb.InfoHash(numResults) } } else if pathArrayLen == 2 { /* info about a cookbook and all its versions */ cookbookName := pathArray[1] /* Undocumented behavior - a cookbook name of _latest gets a * list of the latest versions of all the cookbooks, and _recipe * gets the recipes of the latest cookbooks. */ rlist := make([]string, 0) if cookbookName == "_latest" || cookbookName == "_recipes" { for _, cb := range cookbook.AllCookbooks() { if cookbookName == "_latest" { cookbookResponse[cb.Name] = util.CustomObjURL(cb, cb.LatestVersion().Version) } else { /* Damn it, this sends back an array of * all the recipes. Fill it in, and send * back the JSON ourselves. */ rlistTmp, err := cb.LatestVersion().RecipeList() if err != nil { jsonErrorReport(w, r, err.Error(), err.Status()) } rlist = append(rlist, rlistTmp...) } sort.Strings(rlist) } if cookbookName == "_recipes" { enc := json.NewEncoder(w) if err := enc.Encode(&rlist); err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) } return } } else { cb, err := cookbook.Get(cookbookName) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusNotFound) return } /* Strange thing here. The API docs say if num_versions * is not specified to return one cookbook, yet the * spec indicates that if it's not set that all * cookbooks should be returned. Most places *except * here* that's the case, so it can't be changed in * infoHashBase. Explicitly set numResults to all * here. */ if numResults == "" { numResults = "all" } cookbookResponse[cookbookName] = cb.InfoHash(numResults) } } else if pathArrayLen == 3 { /* get information about or manipulate a specific cookbook * version */ cookbookName := pathArray[1] var cookbookVersion string var vererr util.Gerror opUser, oerr := actor.GetReqUser(r.Header.Get("X-OPS-USERID")) if oerr != nil { jsonErrorReport(w, r, oerr.Error(), oerr.Status()) return } if r.Method == "GET" && pathArray[2] == "_latest" { // might be other special vers cookbookVersion = pathArray[2] } else { cookbookVersion, vererr = util.ValidateAsVersion(pathArray[2]) if vererr != nil { vererr := util.Errorf("Invalid cookbook version '%s'.", pathArray[2]) jsonErrorReport(w, r, vererr.Error(), vererr.Status()) return } } switch r.Method { case "DELETE", "GET": if opUser.IsValidator() { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } cb, err := cookbook.Get(cookbookName) if err != nil { if err.Status() == http.StatusNotFound { msg := fmt.Sprintf("Cannot find a cookbook named %s with version %s", cookbookName, cookbookVersion) jsonErrorReport(w, r, msg, err.Status()) } else { jsonErrorReport(w, r, err.Error(), err.Status()) } return } cbv, err := cb.GetVersion(cookbookVersion) if err != nil { jsonErrorReport(w, r, err.Error(), http.StatusNotFound) return } if r.Method == "DELETE" { if !opUser.IsAdmin() { jsonErrorReport(w, r, "You are not allowed to take this action.", http.StatusForbidden) return } err := cb.DeleteVersion(cookbookVersion) if err != nil { jsonErrorReport(w, r, err.Error(), err.Status()) return } if lerr := loginfo.LogEvent(opUser, cbv, "delete"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } /* If all versions are gone, remove the * cookbook - seems to be the desired * behavior. */ if cb.NumVersions() == 0 { if cerr := cb.Delete(); cerr != nil { jsonErrorReport(w, r, cerr.Error(), http.StatusInternalServerError) return } } } else { /* Special JSON rendition of the * cookbook with some but not all of * the fields. */ cookbookResponse = cbv.ToJSON(r.Method) /* Sometimes, but not always, chef needs * empty slices of maps for these * values. Arrrgh. */ /* Doing it this way is absolutely * insane. However, webui really wants * this information, while chef-pedant * absolutely does NOT want it there. * knife seems happy without it as well. * Until such time that this gets * resolved in a non-crazy manner, for * this only send that info back if it's * a webui request. */ if rs := r.Header.Get("X-Ops-Request-Source"); rs == "web" { chkDiv := []string{"definitions", "libraries", "attributes", "providers", "resources", "templates", "root_files", "files"} for _, cd := range chkDiv { if cookbookResponse[cd] == nil { cookbookResponse[cd] = make([]map[string]interface{}, 0) } } } } case "PUT": if !opUser.IsAdmin() { jsonErrorReport(w, r, "You are not allowed to perform this action", http.StatusForbidden) return } cbvData, jerr := parseObjJSON(r.Body) if jerr != nil { jsonErrorReport(w, r, jerr.Error(), http.StatusBadRequest) return } /* First, see if the cookbook already exists, & * if not create it. Second, see if this * specific version of the cookbook exists. If * so, update it, otherwise, create it and set * the latest version as needed. */ cb, err := cookbook.Get(cookbookName) if err != nil { cb, err = cookbook.New(cookbookName) if err != nil { jsonErrorReport(w, r, err.Error(), err.Status()) return } /* save it so we get the id with mysql * for creating versions & such */ serr := cb.Save() if serr != nil { jsonErrorReport(w, r, serr.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, cb, "create"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } } cbv, err := cb.GetVersion(cookbookVersion) /* Does the cookbook_name in the URL and what's * in the body match? */ switch t := cbvData["cookbook_name"].(type) { case string: /* Only send this particular * error if the cookbook version * hasn't been created yet. * Instead we want a slightly * different version later. */ if t != cookbookName && cbv == nil { terr := util.Errorf("Field 'name' invalid") jsonErrorReport(w, r, terr.Error(), terr.Status()) return } default: // rather unlikely, I think, to // be able to get here past the // cookbook get. Punk out and // don't do anything } if err != nil { var nerr util.Gerror cbv, nerr = cb.NewVersion(cookbookVersion, cbvData) if nerr != nil { // If the new version failed to // take, and there aren't any // other versions of the cookbook // it needs to be deleted. if cb.NumVersions() == 0 { cb.Delete() } jsonErrorReport(w, r, nerr.Error(), nerr.Status()) return } if lerr := loginfo.LogEvent(opUser, cbv, "create"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } w.WriteHeader(http.StatusCreated) } else { err := cbv.UpdateVersion(cbvData, force) if err != nil { jsonErrorReport(w, r, err.Error(), err.Status()) return } gerr := cb.Save() if gerr != nil { jsonErrorReport(w, r, gerr.Error(), http.StatusInternalServerError) return } if lerr := loginfo.LogEvent(opUser, cbv, "modify"); lerr != nil { jsonErrorReport(w, r, lerr.Error(), http.StatusInternalServerError) return } } /* API docs are wrong. The docs claim that this * should have no response body, but in fact it * wants some (not all) of the cookbook version * data. */ cookbookResponse = cbv.ToJSON(r.Method) default: jsonErrorReport(w, r, "Unrecognized method", http.StatusMethodNotAllowed) return } } else { /* Say what? Bad request. */ jsonErrorReport(w, r, "Bad request", http.StatusBadRequest) return } enc := json.NewEncoder(w) if err := enc.Encode(&cookbookResponse); err != nil { jsonErrorReport(w, r, err.Error(), http.StatusInternalServerError) } }