rbac
This commit is contained in:
@@ -110,7 +110,7 @@ func GetSSOFromAAAA(w http.ResponseWriter, r *http.Request) {
|
|||||||
services.ResponseInternalServerError500ProcessError(w, err)
|
services.ResponseInternalServerError500ProcessError(w, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
token := oauth.GenRandToken() // Generate new token to session ID
|
token := oauth.GenRandToken("aaaa") // Generate new token to session ID
|
||||||
affected, err := dborm.XormInsertSession(accid, r.RemoteAddr, token,
|
affected, err := dborm.XormInsertSession(accid, r.RemoteAddr, token,
|
||||||
config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
|
config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@@ -29,26 +29,26 @@ type XormInsertResponse struct {
|
|||||||
|
|
||||||
var (
|
var (
|
||||||
// database management rest pattern, discard
|
// database management rest pattern, discard
|
||||||
XormGetDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/elementType/{databaseName}/objectType/{tableName}"
|
XormGetDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/elementType/{elementTypeValue}/objectType/{objectTypeValue}"
|
||||||
XormSelectDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/select/{databaseName}/{tableName}"
|
XormSelectDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/select/{elementTypeValue}/{objectTypeValue}"
|
||||||
XormInsertDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/insert/{databaseName}/{tableName}"
|
XormInsertDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/insert/{elementTypeValue}/{objectTypeValue}"
|
||||||
XormUpdateDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/update/{databaseName}/{tableName}"
|
XormUpdateDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/update/{elementTypeValue}/{objectTypeValue}"
|
||||||
XormDeleteDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/delete/{databaseName}/{tableName}"
|
XormDeleteDataUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/delete/{elementTypeValue}/{objectTypeValue}"
|
||||||
|
|
||||||
CustomXormGetDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/elementType/{databaseName}/objectType/{tableName}"
|
CustomXormGetDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/elementType/{elementTypeValue}/objectType/{objectTypeValue}"
|
||||||
CustomXormSelectDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/select/{databaseName}/{tableName}"
|
CustomXormSelectDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/select/{elementTypeValue}/{objectTypeValue}"
|
||||||
CustomXormInsertDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/insert/{databaseName}/{tableName}"
|
CustomXormInsertDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/insert/{elementTypeValue}/{objectTypeValue}"
|
||||||
CustomXormUpdateDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/update/{databaseName}/{tableName}"
|
CustomXormUpdateDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/update/{elementTypeValue}/{objectTypeValue}"
|
||||||
CustomXormDeleteDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/delete/{databaseName}/{tableName}"
|
CustomXormDeleteDataUri = config.UriPrefix + "/databaseManagement/{apiVersion}/delete/{elementTypeValue}/{objectTypeValue}"
|
||||||
|
|
||||||
XormCommonUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/{databaseName}/{tableName}" // for internal
|
XormCommonUri = config.DefaultUriPrefix + "/databaseManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for internal
|
||||||
XormDatabaseUri = config.DefaultUriPrefix + "/database/{apiVersion}/{databaseName}/{tableName}" // for crontask
|
XormDatabaseUri = config.DefaultUriPrefix + "/database/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for crontask
|
||||||
XormExtDataUri = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/{dataStorage}/{dataObject}" // for external
|
XormExtDataUri = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for external
|
||||||
XormDataSQLUri = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/{dataStorage}/{dataObject}" // for external
|
XormDataSQLUri = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for external
|
||||||
|
|
||||||
CustomXormCommonUri = config.UriPrefix + "/databaseManagement/{apiVersion}/{databaseName}/{tableName}" // for internal
|
CustomXormCommonUri = config.UriPrefix + "/databaseManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for internal
|
||||||
CustomXormExtDataUri = config.UriPrefix + "/dataManagement/{apiVersion}/{dataStorage}/{dataObject}" // for external
|
CustomXormExtDataUri = config.UriPrefix + "/dataManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for external
|
||||||
CustomXormDataSQLUri = config.UriPrefix + "/dataManagement/{apiVersion}/{dataStorage}/{dataObject}" // for external
|
CustomXormDataSQLUri = config.UriPrefix + "/dataManagement/{apiVersion}/{elementTypeValue}/{objectTypeValue}" // for external
|
||||||
|
|
||||||
// 查询数据库连接情况
|
// 查询数据库连接情况
|
||||||
UriDbConnection = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/dbConnection"
|
UriDbConnection = config.DefaultUriPrefix + "/dataManagement/{apiVersion}/dbConnection"
|
||||||
@@ -58,33 +58,6 @@ var (
|
|||||||
|
|
||||||
var xormResponse XormResponse
|
var xormResponse XormResponse
|
||||||
|
|
||||||
// func init() {
|
|
||||||
// // database management
|
|
||||||
// routes.Register("GET", XormGetDataUri, DatabaseGetData, nil)
|
|
||||||
// routes.Register("GET", XormSelectDataUri, DatabaseGetData, nil)
|
|
||||||
// routes.Register("POST", XormInsertDataUri, DatabaseInsertData, nil)
|
|
||||||
// routes.Register("PUT", XormUpdateDataUri, DatabaseUpdateData, nil)
|
|
||||||
// routes.Register("DELETE", XormDeleteDataUri, DatabaseDeleteData, nil)
|
|
||||||
// // corss orgin domain
|
|
||||||
// routes.Register("OPTIONS", XormGetDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormSelectDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormInsertDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormUpdateDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormDeleteDataUri, routes.OptionsProc, nil)
|
|
||||||
|
|
||||||
// routes.Register("GET", XormCommonUri, DatabaseGetData, nil)
|
|
||||||
// routes.Register("POST", XormCommonUri, DatabaseInsertData, nil)
|
|
||||||
// routes.Register("PUT", XormCommonUri, DatabaseUpdateData, nil)
|
|
||||||
// routes.Register("DELETE", XormCommonUri, DatabaseDeleteData, nil)
|
|
||||||
|
|
||||||
// // corss orgin domain
|
|
||||||
// routes.Register("OPTIONS", XormInsertDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormUpdateDataUri, routes.OptionsProc, nil)
|
|
||||||
// routes.Register("OPTIONS", XormDeleteDataUri, routes.OptionsProc, nil)
|
|
||||||
|
|
||||||
// routes.Register("OPTIONS", XormCommonUri, routes.OptionsProc, nil)
|
|
||||||
// }
|
|
||||||
|
|
||||||
var XEngine *xorm.Engine
|
var XEngine *xorm.Engine
|
||||||
|
|
||||||
type DatabaseClient struct {
|
type DatabaseClient struct {
|
||||||
@@ -203,7 +176,7 @@ func ExtDatabaseExecSQL(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
//vars := mux.Vars(r)
|
//vars := mux.Vars(r)
|
||||||
//tblName := vars["dataObject"]
|
//tblName := vars["objectTypeValue"]
|
||||||
sql = GetUriSQLArray(r)
|
sql = GetUriSQLArray(r)
|
||||||
// select as must, todo ...
|
// select as must, todo ...
|
||||||
|
|
||||||
@@ -263,9 +236,9 @@ func ExtDatabaseGetData(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
pack := "dbrest"
|
pack := "dbrest"
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := ""
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["elementTypeValue"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["objectTypeValue"]
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname, pack)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
|
|
||||||
@@ -352,9 +325,9 @@ func ExtDatabaseInsertData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := ""
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["elementTypeValue"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["objectTypeValue"]
|
||||||
pack := "dbrest"
|
pack := "dbrest"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
@@ -408,9 +381,9 @@ func ExtDatabaseUpdateData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := ""
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["elementTypeValue"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["objectTypeValue"]
|
||||||
pack := "dbrest"
|
pack := "dbrest"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
log.Debugf("token:%s, method:%s, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
@@ -471,9 +444,9 @@ func ExtDatabaseDeleteData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := ""
|
||||||
dbname := vars["dataStorage"]
|
dbname := vars["elementTypeValue"]
|
||||||
tbname := vars["dataObject"]
|
tbname := vars["objectTypeValue"]
|
||||||
pack := "dbreset"
|
pack := "dbreset"
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, module:%, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
log.Debugf("token:%s, method:%s, module:%, dbname:%s, tbname:%s pack:%s", token, r.Method, module, dbname, tbname, pack)
|
||||||
@@ -524,7 +497,7 @@ func DatabaseGetData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
sql = GetUriSQLArray(r)
|
sql = GetUriSQLArray(r)
|
||||||
// select as must, todo ...
|
// select as must, todo ...
|
||||||
|
|
||||||
@@ -591,7 +564,7 @@ func DatabaseInsertData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tableName := vars["tableName"]
|
tableName := vars["objectTypeValue"]
|
||||||
log.Debug("Request body:", string(body), "tableName:", tableName)
|
log.Debug("Request body:", string(body), "tableName:", tableName)
|
||||||
insertData := make(map[string]interface{})
|
insertData := make(map[string]interface{})
|
||||||
_ = json.Unmarshal(body, &insertData)
|
_ = json.Unmarshal(body, &insertData)
|
||||||
@@ -631,7 +604,7 @@ func DatabaseUpdateData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
wc := services.GetUriWhereString(r)
|
wc := services.GetUriWhereString(r)
|
||||||
|
|
||||||
log.Debug("Request body:", string(body), "Table name:", tblName, "wc:", wc)
|
log.Debug("Request body:", string(body), "Table name:", tblName, "wc:", wc)
|
||||||
@@ -664,7 +637,7 @@ func DatabaseDeleteData(w http.ResponseWriter, r *http.Request) {
|
|||||||
log.Debug("DatabaseDeleteData processing... ")
|
log.Debug("DatabaseDeleteData processing... ")
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
wc := services.GetUriWhereString(r)
|
wc := services.GetUriWhereString(r)
|
||||||
|
|
||||||
log.Debug("Table name:", tblName, "wc:", wc)
|
log.Debug("Table name:", tblName, "wc:", wc)
|
||||||
@@ -743,7 +716,7 @@ func TaskDatabaseGetData(w http.ResponseWriter, r *http.Request) {
|
|||||||
var err error
|
var err error
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
sql = GetUriSQLArray(r)
|
sql = GetUriSQLArray(r)
|
||||||
// select as must, todo ...
|
// select as must, todo ...
|
||||||
|
|
||||||
@@ -810,7 +783,7 @@ func TaskDatabaseInsertData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tableName := vars["tableName"]
|
tableName := vars["objectTypeValue"]
|
||||||
log.Debug("Request body:", string(body), "tableName:", tableName)
|
log.Debug("Request body:", string(body), "tableName:", tableName)
|
||||||
insertData := make(map[string]interface{})
|
insertData := make(map[string]interface{})
|
||||||
_ = json.Unmarshal(body, &insertData)
|
_ = json.Unmarshal(body, &insertData)
|
||||||
@@ -850,7 +823,7 @@ func TaskDatabaseUpdateData(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
wc := services.GetUriWhereString(r)
|
wc := services.GetUriWhereString(r)
|
||||||
|
|
||||||
log.Debug("Request body:", string(body), "Table name:", tblName, "wc:", wc)
|
log.Debug("Request body:", string(body), "Table name:", tblName, "wc:", wc)
|
||||||
@@ -883,7 +856,7 @@ func TaskDatabaseDeleteData(w http.ResponseWriter, r *http.Request) {
|
|||||||
log.Debug("DatabaseDeleteData processing... ")
|
log.Debug("DatabaseDeleteData processing... ")
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
tblName := vars["tableName"]
|
tblName := vars["objectTypeValue"]
|
||||||
wc := services.GetUriWhereString(r)
|
wc := services.GetUriWhereString(r)
|
||||||
|
|
||||||
log.Debug("Table name:", tblName, "wc:", wc)
|
log.Debug("Table name:", tblName, "wc:", wc)
|
||||||
|
|||||||
@@ -36,9 +36,9 @@ type MMLRequest struct {
|
|||||||
|
|
||||||
var (
|
var (
|
||||||
// MML interface
|
// MML interface
|
||||||
UriMML = config.DefaultUriPrefix + "/{managementModule}/{apiVersion}/elementType/{elementTypeValue}/objectType/mml"
|
UriMML = config.DefaultUriPrefix + "/operationManagement/{apiVersion}/elementType/{elementTypeValue}/objectType/mml"
|
||||||
UriNeOmMml = config.DefaultUriPrefix + "/omManagement/{apiVersion}/mml/{netype}/{neid}"
|
UriNeOmMml = config.DefaultUriPrefix + "/omManagement/{apiVersion}/mml/{netype}/{neid}"
|
||||||
UriOmMmlExt = config.DefaultUriPrefix + "/{managementModule}/{apiVersion}/elementType/OMC/objectType/mml"
|
UriOmMmlExt = config.DefaultUriPrefix + "/{managedType}/{apiVersion}/elementType/OMC/objectType/mml"
|
||||||
UriOmMmlInt = config.DefaultUriPrefix + "/omManagement/{apiVersion}/mml/{neType}/{neId}"
|
UriOmMmlInt = config.DefaultUriPrefix + "/omManagement/{apiVersion}/mml/{neType}/{neId}"
|
||||||
|
|
||||||
CustomUriMML = config.UriPrefix + "/operationManagement/{apiVersion}/elementType/{elementTypeValue}/objectType/mml"
|
CustomUriMML = config.UriPrefix + "/operationManagement/{apiVersion}/elementType/{elementTypeValue}/objectType/mml"
|
||||||
@@ -58,7 +58,7 @@ func PostMMLToNF(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
pack := "mml"
|
pack := "mml"
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
module := vars["managementModule"]
|
module := vars["managedType"]
|
||||||
neType := vars["elementTypeValue"]
|
neType := vars["elementTypeValue"]
|
||||||
params := r.URL.Query()
|
params := r.URL.Query()
|
||||||
neId := params["ne_id"]
|
neId := params["ne_id"]
|
||||||
@@ -69,7 +69,7 @@ func PostMMLToNF(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
log.Debug("neType:", neType, "neId", neId)
|
log.Debug("neType:", neType, "neId", neId)
|
||||||
|
|
||||||
log.Debugf("token:%s, method:%s, managementModule:%s dbname:%s, tbname:%s pack:%s",
|
log.Debugf("token:%s, method:%s, managementType:%s dbname:%s, tbname:%s pack:%s",
|
||||||
token, r.Method, module, neType, neId[0], pack)
|
token, r.Method, module, neType, neId[0], pack)
|
||||||
|
|
||||||
var buf [8192]byte
|
var buf [8192]byte
|
||||||
|
|||||||
@@ -14,11 +14,11 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
UriOauthToken = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/oauth/token"
|
UriOauthToken = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/token"
|
||||||
UriOauthHandshake = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/oauth/handshake"
|
UriOauthHandshake = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/handshake"
|
||||||
|
|
||||||
CustomUriOauthToken = config.UriPrefix + "/securityManagement/{apiVersion}/oauth/token"
|
CustomUriOauthToken = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/token"
|
||||||
CustomUriOauthHandshake = config.UriPrefix + "/securityManagement/{apiVersion}/oauth/handshake"
|
CustomUriOauthHandshake = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/handshake"
|
||||||
)
|
)
|
||||||
|
|
||||||
func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
|
func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
|
||||||
@@ -87,7 +87,7 @@ func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
token := oauth.GenRandToken() // Generate new token to session ID
|
token := oauth.GenRandToken("omc") // Generate new token to session ID
|
||||||
sourceAddr := r.RemoteAddr
|
sourceAddr := r.RemoteAddr
|
||||||
affected, err := dborm.XormInsertSession(oAuthBody.UserName, sourceAddr, token,
|
affected, err := dborm.XormInsertSession(oAuthBody.UserName, sourceAddr, token,
|
||||||
config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
|
config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
|
||||||
|
|||||||
@@ -2,12 +2,14 @@ package midware
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"ems.agt/lib/log"
|
"ems.agt/lib/log"
|
||||||
"ems.agt/lib/services"
|
"ems.agt/lib/services"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
)
|
)
|
||||||
|
|
||||||
func LoggerTraceMiddleware(next http.Handler) http.Handler {
|
func LoggerTrace(next http.Handler) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
// Do stuff here
|
// Do stuff here
|
||||||
log.Trace("Http Trace Info:")
|
log.Trace("Http Trace Info:")
|
||||||
@@ -26,10 +28,48 @@ func LoggerTraceMiddleware(next http.Handler) http.Handler {
|
|||||||
//r.Body = ioutil.NopCloser(bytes.NewReader(body))
|
//r.Body = ioutil.NopCloser(bytes.NewReader(body))
|
||||||
//log.Trace("Body:", string(body))
|
//log.Trace("Body:", string(body))
|
||||||
// Call the next handler, which can be another middleware in the chain, or the final handler.
|
// Call the next handler, which can be another middleware in the chain, or the final handler.
|
||||||
|
// if r.Method == "OPTIONS" {
|
||||||
|
// services.ResponseStatusOK201Accepted(w)
|
||||||
|
// return
|
||||||
|
// }
|
||||||
|
|
||||||
|
next.ServeHTTP(w, r)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func OptionProcess(next http.Handler) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method == "OPTIONS" {
|
if r.Method == "OPTIONS" {
|
||||||
services.ResponseStatusOK201Accepted(w)
|
services.ResponseStatusOK201Accepted(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
next.ServeHTTP(w, r)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func CheckPermission(next http.Handler) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
token := r.Header.Get("AccessToken")
|
||||||
|
vars := mux.Vars(r)
|
||||||
|
management := vars["managedType"]
|
||||||
|
element := vars["elementTypeValue"]
|
||||||
|
object := vars["objectTypeValue"]
|
||||||
|
pack := "*"
|
||||||
|
if token != "" && element != "oauth" {
|
||||||
|
log.Debugf("token:%s, method:%s, management:%s, element:%s, object:%s, pack:%s", token, r.Method, management, element, object, pack)
|
||||||
|
exist, err := services.CheckUserPermission(token, strings.ToLower(r.Method), management, element, object, pack)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("Failed to get permission:", err)
|
||||||
|
services.ResponseForbidden403NotPermission(w)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if !exist {
|
||||||
|
log.Error("Not permission!")
|
||||||
|
services.ResponseForbidden403NotPermission(w)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
next.ServeHTTP(w, r)
|
next.ServeHTTP(w, r)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -78,9 +78,14 @@ func RandStringBytes(n int) string {
|
|||||||
return string(b)
|
return string(b)
|
||||||
}
|
}
|
||||||
|
|
||||||
func GenRandToken() string {
|
func GenRandToken(prefix string) string {
|
||||||
return RandStringBytes(8) + "-" + RandStringBytes(4) + "-" +
|
if prefix == "" {
|
||||||
RandStringBytes(4) + "-" + RandStringBytes(4) + "-" + RandStringBytes(12)
|
return RandStringBytes(8) + "-" + RandStringBytes(4) + "-" +
|
||||||
|
RandStringBytes(4) + "-" + RandStringBytes(4) + "-" + RandStringBytes(12)
|
||||||
|
} else {
|
||||||
|
return prefix + "-" + RandStringBytes(8) + "-" + RandStringBytes(4) + "-" +
|
||||||
|
RandStringBytes(4) + "-" + RandStringBytes(4) + "-" + RandStringBytes(12)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
type OAuthBody struct {
|
type OAuthBody struct {
|
||||||
|
|||||||
@@ -59,46 +59,42 @@ func init() {
|
|||||||
Register("GET", state.CustomUriLicenseInfoOne, state.GetOneLicenseInfoFromNF, nil)
|
Register("GET", state.CustomUriLicenseInfoOne, state.GetOneLicenseInfoFromNF, nil)
|
||||||
|
|
||||||
// database management
|
// database management
|
||||||
Register("GET", dbrest.XormGetDataUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.XormGetDataUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("GET", dbrest.XormSelectDataUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.XormSelectDataUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.XormInsertDataUri, dbrest.DatabaseInsertData, nil)
|
Register("POST", dbrest.XormInsertDataUri, dbrest.DatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.XormUpdateDataUri, dbrest.DatabaseUpdateData, nil)
|
Register("PUT", dbrest.XormUpdateDataUri, dbrest.DatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.XormDeleteDataUri, dbrest.DatabaseDeleteData, nil)
|
Register("DELETE", dbrest.XormDeleteDataUri, dbrest.DatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
Register("GET", dbrest.CustomXormGetDataUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.CustomXormGetDataUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("GET", dbrest.CustomXormSelectDataUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.CustomXormSelectDataUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.CustomXormInsertDataUri, dbrest.DatabaseInsertData, nil)
|
Register("POST", dbrest.CustomXormInsertDataUri, dbrest.DatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.CustomXormUpdateDataUri, dbrest.DatabaseUpdateData, nil)
|
Register("PUT", dbrest.CustomXormUpdateDataUri, dbrest.DatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.CustomXormDeleteDataUri, dbrest.DatabaseDeleteData, nil)
|
Register("DELETE", dbrest.CustomXormDeleteDataUri, dbrest.DatabaseDeleteData, midware.CheckPermission)
|
||||||
// 系统备份-数据库备份
|
|
||||||
Register("POST", dbrest.UriDbBackup, dbrest.DbBackup, nil)
|
|
||||||
// 系统备份-文件备份
|
|
||||||
Register("POST", dbrest.UriConfBackup, dbrest.ConfBackup, nil)
|
|
||||||
|
|
||||||
Register("GET", dbrest.XormCommonUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.XormCommonUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.XormCommonUri, dbrest.DatabaseInsertData, nil)
|
Register("POST", dbrest.XormCommonUri, dbrest.DatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.XormCommonUri, dbrest.DatabaseUpdateData, nil)
|
Register("PUT", dbrest.XormCommonUri, dbrest.DatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.XormCommonUri, dbrest.DatabaseDeleteData, nil)
|
Register("DELETE", dbrest.XormCommonUri, dbrest.DatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
Register("GET", dbrest.XormDatabaseUri, dbrest.TaskDatabaseGetData, nil)
|
Register("GET", dbrest.XormDatabaseUri, dbrest.TaskDatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.XormDatabaseUri, dbrest.TaskDatabaseInsertData, nil)
|
Register("POST", dbrest.XormDatabaseUri, dbrest.TaskDatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.XormDatabaseUri, dbrest.TaskDatabaseUpdateData, nil)
|
Register("PUT", dbrest.XormDatabaseUri, dbrest.TaskDatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.XormDatabaseUri, dbrest.TaskDatabaseDeleteData, nil)
|
Register("DELETE", dbrest.XormDatabaseUri, dbrest.TaskDatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
Register("GET", dbrest.CustomXormCommonUri, dbrest.DatabaseGetData, nil)
|
Register("GET", dbrest.CustomXormCommonUri, dbrest.DatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.CustomXormCommonUri, dbrest.DatabaseInsertData, nil)
|
Register("POST", dbrest.CustomXormCommonUri, dbrest.DatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.CustomXormCommonUri, dbrest.DatabaseUpdateData, nil)
|
Register("PUT", dbrest.CustomXormCommonUri, dbrest.DatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.CustomXormCommonUri, dbrest.DatabaseDeleteData, nil)
|
Register("DELETE", dbrest.CustomXormCommonUri, dbrest.DatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
Register("GET", dbrest.XormExtDataUri, dbrest.ExtDatabaseGetData, nil)
|
Register("GET", dbrest.XormExtDataUri, dbrest.ExtDatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.XormExtDataUri, dbrest.ExtDatabaseInsertData, nil)
|
Register("POST", dbrest.XormExtDataUri, dbrest.ExtDatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.XormExtDataUri, dbrest.ExtDatabaseUpdateData, nil)
|
Register("PUT", dbrest.XormExtDataUri, dbrest.ExtDatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.XormExtDataUri, dbrest.ExtDatabaseDeleteData, nil)
|
Register("DELETE", dbrest.XormExtDataUri, dbrest.ExtDatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
Register("GET", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseGetData, nil)
|
Register("GET", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseGetData, midware.CheckPermission)
|
||||||
Register("POST", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseInsertData, nil)
|
Register("POST", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseInsertData, midware.CheckPermission)
|
||||||
Register("PUT", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseUpdateData, nil)
|
Register("PUT", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseUpdateData, midware.CheckPermission)
|
||||||
Register("DELETE", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseDeleteData, nil)
|
Register("DELETE", dbrest.CustomXormExtDataUri, dbrest.ExtDatabaseDeleteData, midware.CheckPermission)
|
||||||
|
|
||||||
// alarm restful Register
|
// alarm restful Register
|
||||||
Register("POST", fm.UriAlarms, fm.PostAlarmFromNF, nil)
|
Register("POST", fm.UriAlarms, fm.PostAlarmFromNF, nil)
|
||||||
@@ -267,7 +263,8 @@ func NewRouter() *mux.Router {
|
|||||||
r.NotFoundHandler = services.CustomResponseNotFound404Handler()
|
r.NotFoundHandler = services.CustomResponseNotFound404Handler()
|
||||||
r.MethodNotAllowedHandler = services.CustomResponseMethodNotAllowed405Handler()
|
r.MethodNotAllowedHandler = services.CustomResponseMethodNotAllowed405Handler()
|
||||||
|
|
||||||
r.Use(midware.LoggerTraceMiddleware)
|
r.Use(midware.LoggerTrace)
|
||||||
|
r.Use(midware.OptionProcess)
|
||||||
|
|
||||||
for _, router := range routers {
|
for _, router := range routers {
|
||||||
r.Methods(router.Method).
|
r.Methods(router.Method).
|
||||||
|
|||||||
@@ -43,7 +43,7 @@ func NewSessManager(name string) *SessManager {
|
|||||||
func (smgr *SessManager) NewSession(w http.ResponseWriter, r *http.Request, plist []bool) string {
|
func (smgr *SessManager) NewSession(w http.ResponseWriter, r *http.Request, plist []bool) string {
|
||||||
smgr.lock.Lock()
|
smgr.lock.Lock()
|
||||||
defer smgr.lock.Unlock()
|
defer smgr.lock.Unlock()
|
||||||
token := oauth.GenRandToken() // Generate new token to session ID
|
token := oauth.GenRandToken("omc") // Generate new token to session ID
|
||||||
session := &Session{token: token, time: time.Now(), permission: plist, values: make(map[interface{}]interface{})}
|
session := &Session{token: token, time: time.Now(), permission: plist, values: make(map[interface{}]interface{})}
|
||||||
smgr.sessions[token] = session
|
smgr.sessions[token] = session
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user