smallstep-certificates/authority/admin/api/admin.go

package api

import (
	"net/http"

	"github.com/go-chi/chi"
	"github.com/smallstep/certificates/api"
	"github.com/smallstep/certificates/authority/admin"
	"go.step.sm/linkedca"
)

// CreateAdminRequest represents the body for a CreateAdmin request.
type CreateAdminRequest struct {
	Subject     string              `json:"subject"`
	Provisioner string              `json:"provisioner"`
	Type        linkedca.Admin_Type `json:"type"`
}

// Validate validates a new-admin request body.
func (car *CreateAdminRequest) Validate() error {
	return nil
}

// GetAdminsResponse for returning a list of admins.
type GetAdminsResponse struct {
	Admins     []*linkedca.Admin `json:"admins"`
	NextCursor string            `json:"nextCursor"`
}

// UpdateAdminRequest represents the body for a UpdateAdmin request.
type UpdateAdminRequest struct {
	Type linkedca.Admin_Type `json:"type"`
}

// Validate validates a new-admin request body.
func (uar *UpdateAdminRequest) Validate() error {
	return nil
}

// DeleteResponse is the resource for successful DELETE responses.
type DeleteResponse struct {
	Status string `json:"status"`
}

// GetAdmin returns the requested admin, or an error.
func (h *Handler) GetAdmin(w http.ResponseWriter, r *http.Request) {
	id := chi.URLParam(r, "id")

	adm, ok := h.auth.LoadAdminByID(id)
	if !ok {
		api.WriteError(w, admin.NewError(admin.ErrorNotFoundType,
			"admin %s not found", id))
		return
	}
	api.JSON(w, adm)
}

// GetAdmins returns a segment of admins associated with the authority.
func (h *Handler) GetAdmins(w http.ResponseWriter, r *http.Request) {
	cursor, limit, err := api.ParseCursor(r)
	if err != nil {
		api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err,
			"error parsing cursor and limit from query params"))
		return
	}

	admins, nextCursor, err := h.auth.GetAdmins(cursor, limit)
	if err != nil {
		api.WriteError(w, admin.WrapErrorISE(err, "error retrieving paginated admins"))
		return
	}
	api.JSON(w, &GetAdminsResponse{
		Admins:     admins,
		NextCursor: nextCursor,
	})
}

// CreateAdmin creates a new admin.
func (h *Handler) CreateAdmin(w http.ResponseWriter, r *http.Request) {
	var body CreateAdminRequest
	if err := api.ReadJSON(r.Body, &body); err != nil {
		api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err, "error reading request body"))
		return
	}

	if err := body.Validate(); err != nil {
		api.WriteError(w, err)
		return
	}

	p, err := h.auth.LoadProvisionerByName(body.Provisioner)
	if err != nil {
		api.WriteError(w, admin.WrapErrorISE(err, "error loading provisioner %s", body.Provisioner))
		return
	}
	adm := &linkedca.Admin{
		ProvisionerId: p.GetID(),
		Subject:       body.Subject,
		Type:          body.Type,
	}
	// Store to authority collection.
	if err := h.auth.StoreAdmin(r.Context(), adm, p); err != nil {
		api.WriteError(w, admin.WrapErrorISE(err, "error storing admin"))
		return
	}

	api.JSON(w, adm)
}

// DeleteAdmin deletes admin.
func (h *Handler) DeleteAdmin(w http.ResponseWriter, r *http.Request) {
	id := chi.URLParam(r, "id")

	if err := h.auth.RemoveAdmin(r.Context(), id); err != nil {
		api.WriteError(w, admin.WrapErrorISE(err, "error deleting admin %s", id))
		return
	}

	api.JSON(w, &DeleteResponse{Status: "ok"})
}

// UpdateAdmin updates an existing admin.
func (h *Handler) UpdateAdmin(w http.ResponseWriter, r *http.Request) {
	var body UpdateAdminRequest
	if err := api.ReadJSON(r.Body, &body); err != nil {
		api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err, "error reading request body"))
		return
	}

	id := chi.URLParam(r, "id")

	adm, err := h.auth.UpdateAdmin(r.Context(), id, &linkedca.Admin{Type: body.Type})
	if err != nil {
		api.WriteError(w, admin.WrapErrorISE(err, "error updating admin %s", id))
		return
	}

	api.JSON(w, adm)
}
first commit 2021-05-03 19:48:20 +00:00			`package api`

			`import (`
			`"net/http"`

			`"github.com/go-chi/chi"`
			`"github.com/smallstep/certificates/api"`
wip 2021-05-18 04:07:25 +00:00			`"github.com/smallstep/certificates/authority/admin"`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`"go.step.sm/linkedca"`
first commit 2021-05-03 19:48:20 +00:00			`)`

			`// CreateAdminRequest represents the body for a CreateAdmin request.`
			`type CreateAdminRequest struct {`
wip 2021-05-26 04:13:01 +00:00			Subject string `json:"subject"`
			Provisioner string `json:"provisioner"`
			Type linkedca.Admin_Type `json:"type"`
first commit 2021-05-03 19:48:20 +00:00			`}`

			`// Validate validates a new-admin request body.`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`func (car *CreateAdminRequest) Validate() error {`
first commit 2021-05-03 19:48:20 +00:00			`return nil`
			`}`

wip 2021-05-18 23:50:54 +00:00			`// GetAdminsResponse for returning a list of admins.`
			`type GetAdminsResponse struct {`
wip 2021-05-26 04:13:01 +00:00			Admins []*linkedca.Admin `json:"admins"`
			NextCursor string `json:"nextCursor"`
wip 2021-05-18 23:50:54 +00:00			`}`

first commit 2021-05-03 19:48:20 +00:00			`// UpdateAdminRequest represents the body for a UpdateAdmin request.`
			`type UpdateAdminRequest struct {`
wip 2021-05-26 04:13:01 +00:00			Type linkedca.Admin_Type `json:"type"`
first commit 2021-05-03 19:48:20 +00:00			`}`

			`// Validate validates a new-admin request body.`
			`func (uar *UpdateAdminRequest) Validate() error {`
			`return nil`
			`}`

wip admin CRUD 2021-05-12 07:03:40 +00:00			`// DeleteResponse is the resource for successful DELETE responses.`
			`type DeleteResponse struct {`
			Status string `json:"status"`
			`}`

first commit 2021-05-03 19:48:20 +00:00			`// GetAdmin returns the requested admin, or an error.`
			`func (h Handler) GetAdmin(w http.ResponseWriter, r http.Request) {`
			`id := chi.URLParam(r, "id")`

Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`adm, ok := h.auth.LoadAdminByID(id)`
wip 2021-05-18 23:50:54 +00:00			`if !ok {`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`api.WriteError(w, admin.NewError(admin.ErrorNotFoundType,`
wip 2021-05-18 23:50:54 +00:00			`"admin %s not found", id))`
first commit 2021-05-03 19:48:20 +00:00			`return`
			`}`
wip 2021-05-18 23:50:54 +00:00			`api.JSON(w, adm)`
first commit 2021-05-03 19:48:20 +00:00			`}`

Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`// GetAdmins returns a segment of admins associated with the authority.`
first commit 2021-05-03 19:48:20 +00:00			`func (h Handler) GetAdmins(w http.ResponseWriter, r http.Request) {`
wip 2021-05-18 23:50:54 +00:00			`cursor, limit, err := api.ParseCursor(r)`
first commit 2021-05-03 19:48:20 +00:00			`if err != nil {`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err,`
wip 2021-05-18 23:50:54 +00:00			`"error parsing cursor and limit from query params"))`
first commit 2021-05-03 19:48:20 +00:00			`return`
			`}`
wip 2021-05-18 23:50:54 +00:00
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`admins, nextCursor, err := h.auth.GetAdmins(cursor, limit)`
			`if err != nil {`
			`api.WriteError(w, admin.WrapErrorISE(err, "error retrieving paginated admins"))`
			`return`
			`}`
wip 2021-05-18 23:50:54 +00:00			`api.JSON(w, &GetAdminsResponse{`
			`Admins: admins,`
			`NextCursor: nextCursor,`
			`})`
first commit 2021-05-03 19:48:20 +00:00			`}`

			`// CreateAdmin creates a new admin.`
			`func (h Handler) CreateAdmin(w http.ResponseWriter, r http.Request) {`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`var body CreateAdminRequest`
			`if err := api.ReadJSON(r.Body, &body); err != nil {`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err, "error reading request body"))`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`return`
			`}`

Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`if err := body.Validate(); err != nil {`
wip 2021-05-18 04:07:25 +00:00			`api.WriteError(w, err)`
			`return`
			`}`
wip admin CRUD 2021-05-12 07:03:40 +00:00
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`p, err := h.auth.LoadProvisionerByName(body.Provisioner)`
			`if err != nil {`
			`api.WriteError(w, admin.WrapErrorISE(err, "error loading provisioner %s", body.Provisioner))`
wip 2021-05-18 23:50:54 +00:00			`return`
			`}`
wip 2021-05-26 04:13:01 +00:00			`adm := &linkedca.Admin{`
			`ProvisionerId: p.GetID(),`
wip 2021-05-18 23:50:54 +00:00			`Subject: body.Subject,`
			`Type: body.Type,`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`}`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`// Store to authority collection.`
			`if err := h.auth.StoreAdmin(r.Context(), adm, p); err != nil {`
			`api.WriteError(w, admin.WrapErrorISE(err, "error storing admin"))`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`return`
			`}`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00
wip admin CRUD 2021-05-12 07:03:40 +00:00			`api.JSON(w, adm)`
			`}`

			`// DeleteAdmin deletes admin.`
			`func (h Handler) DeleteAdmin(w http.ResponseWriter, r http.Request) {`
			`id := chi.URLParam(r, "id")`

Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`if err := h.auth.RemoveAdmin(r.Context(), id); err != nil {`
			`api.WriteError(w, admin.WrapErrorISE(err, "error deleting admin %s", id))`
wip 2021-05-18 04:07:25 +00:00			`return`
			`}`

wip admin CRUD 2021-05-12 07:03:40 +00:00			`api.JSON(w, &DeleteResponse{Status: "ok"})`
first commit 2021-05-03 19:48:20 +00:00			`}`

			`// UpdateAdmin updates an existing admin.`
			`func (h Handler) UpdateAdmin(w http.ResponseWriter, r http.Request) {`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`var body UpdateAdminRequest`
			`if err := api.ReadJSON(r.Body, &body); err != nil {`
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`api.WriteError(w, admin.WrapError(admin.ErrorBadRequestType, err, "error reading request body"))`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`return`
			`}`

			`id := chi.URLParam(r, "id")`
first steps 2021-05-07 00:03:12 +00:00
Admin level API for provisioner mgmt v1 2021-05-03 19:48:20 +00:00			`adm, err := h.auth.UpdateAdmin(r.Context(), id, &linkedca.Admin{Type: body.Type})`
			`if err != nil {`
			`api.WriteError(w, admin.WrapErrorISE(err, "error updating admin %s", id))`
wip admin CRUD 2021-05-12 07:03:40 +00:00			`return`
			`}`

			`api.JSON(w, adm)`
first commit 2021-05-03 19:48:20 +00:00			`}`