API: Add GET /api/v1/cluster/metrics endpoint #98 #5230

Signed-off-by: Michael Mayer <michael@photoprism.app>

internal/api/cluster_permissions_test.go

@@ -26,15 +26,20 @@ func TestClusterPermissions(t *testing.T) {
 		defer conf.SetAuthMode(config.AuthModePublic)
 
 		ClusterSummary(router)
+		ClusterMetrics(router)
 
 		r := PerformRequest(app, http.MethodGet, "/api/v1/cluster")
 		assert.Equal(t, http.StatusUnauthorized, r.Code)
+
+		r = PerformRequest(app, http.MethodGet, "/api/v1/cluster/metrics")
+		assert.Equal(t, http.StatusUnauthorized, r.Code)
 	})
 	t.Run("ForbiddenFromCDN", func(t *testing.T) {
 		app, router, conf := NewApiTest()
 		conf.Options().NodeRole = cluster.RolePortal
 
 		ClusterListNodes(router)
+		ClusterMetrics(router)
 
 		req, _ := http.NewRequest(http.MethodGet, "/api/v1/cluster/nodes", nil)
 		// Mark as CDN request, which Auth() forbids.
@@ -47,9 +52,13 @@ func TestClusterPermissions(t *testing.T) {
 		app, router, conf := NewApiTest()
 		conf.Options().NodeRole = cluster.RolePortal
 		ClusterSummary(router)
+		ClusterMetrics(router)
 		token := AuthenticateAdmin(app, router)
 		r := AuthenticatedRequest(app, http.MethodGet, "/api/v1/cluster", token)
 		assert.Equal(t, http.StatusOK, r.Code)
+
+		r = AuthenticatedRequest(app, http.MethodGet, "/api/v1/cluster/metrics", token)
+		assert.Equal(t, http.StatusOK, r.Code)
 	})
 
 	// Note: most fixture users have admin role; client-scope test below covers non-admin denial.
@@ -77,7 +86,11 @@ func TestClusterPermissions(t *testing.T) {
 		token := gjson.Get(w.Body.String(), "access_token").String()
 
 		ClusterSummary(router)
+		ClusterMetrics(router)
 		r := AuthenticatedRequest(app, http.MethodGet, "/api/v1/cluster", token)
 		assert.Equal(t, http.StatusForbidden, r.Code)
+
+		r = AuthenticatedRequest(app, http.MethodGet, "/api/v1/cluster/metrics", token)
+		assert.Equal(t, http.StatusForbidden, r.Code)
 	})
 }