static configs

2025-10-08 02:06:06 +08:00 · 2021-08-09 17:04:16 -04:00
parent 31e81342fb
commit 59cf51a659
2 changed files with 40 additions and 18 deletions
--- a/controllers/extClientHttpController.go
+++ b/controllers/extClientHttpController.go
@@ -19,7 +19,7 @@ import (

 func extClientHandlers(r *mux.Router) {

-	r.HandleFunc("/api/extclients", securityCheck(true, http.HandlerFunc(getAllExtClients))).Methods("GET")
+	r.HandleFunc("/api/extclients", securityCheck(false, http.HandlerFunc(getAllExtClients))).Methods("GET")
 	r.HandleFunc("/api/extclients/{network}", securityCheck(false, http.HandlerFunc(getNetworkExtClients))).Methods("GET")
 	r.HandleFunc("/api/extclients/{network}/{clientid}", securityCheck(false, http.HandlerFunc(getExtClient))).Methods("GET")
 	r.HandleFunc("/api/extclients/{network}/{clientid}/{type}", securityCheck(false, http.HandlerFunc(getExtClientConf))).Methods("GET")
@@ -77,15 +77,36 @@ func GetNetworkExtClients(network string) ([]models.ExtClient, error) {
 //A separate function to get all extclients, not just extclients for a particular network.
 //Not quite sure if this is necessary. Probably necessary based on front end but may want to review after iteration 1 if it's being used or not
 func getAllExtClients(w http.ResponseWriter, r *http.Request) {
+
 	w.Header().Set("Content-Type", "application/json")
-	extclients, err := functions.GetAllExtClients()
-	if err != nil {
+
+	headerNetworks := r.Header.Get("networks")
+	networksSlice := []string{}
+	marshalErr := json.Unmarshal([]byte(headerNetworks), &networksSlice)
+	if marshalErr != nil {
+		returnErrorResponse(w, r, formatError(marshalErr, "internal"))
+		return
+	}
+	clients := []models.ExtClient{}
+	err := errors.New("Networks Error")
+	if networksSlice[0] == ALL_NETWORK_ACCESS {
+		clients, err = functions.GetAllExtClients()
+		if err != nil && !database.IsEmptyRecord(err){
 			returnErrorResponse(w, r, formatError(err, "internal"))
 			return
 		}
+	} else {
+		for _, network := range networksSlice {
+			extclients, err := GetNetworkExtClients(network)
+			if err == nil {
+				clients = append(clients, extclients...)
+			}
+		}
+	}
+
 	//Return all the extclients in JSON format
 	w.WriteHeader(http.StatusOK)
-	json.NewEncoder(w).Encode(extclients)
+	json.NewEncoder(w).Encode(clients)
 }

 //Get an individual extclient. Nothin fancy here folks.
--- a/controllers/serverHttpController.go
+++ b/controllers/serverHttpController.go
@@ -12,16 +12,16 @@ import (
 )

 func serverHandlers(r *mux.Router) {
-    r.HandleFunc("/api/server/addnetwork/{network}", securityCheckServer(http.HandlerFunc(addNetwork))).Methods("POST")
-    r.HandleFunc("/api/server/getconfig", securityCheckServer(http.HandlerFunc(getConfig))).Methods("GET")
-    r.HandleFunc("/api/server/getwgconfig", securityCheckServer(http.HandlerFunc(getWGConfig))).Methods("GET")
-    r.HandleFunc("/api/server/removenetwork/{network}", securityCheckServer(http.HandlerFunc(removeNetwork))).Methods("DELETE")
+    r.HandleFunc("/api/server/addnetwork/{network}", securityCheckServer(true, http.HandlerFunc(addNetwork))).Methods("POST")
+    r.HandleFunc("/api/server/getconfig", securityCheckServer(false, http.HandlerFunc(getConfig))).Methods("GET")
+    r.HandleFunc("/api/server/getwgconfig", securityCheckServer(true, http.HandlerFunc(getWGConfig))).Methods("GET")
+    r.HandleFunc("/api/server/removenetwork/{network}", securityCheckServer(true, http.HandlerFunc(removeNetwork))).Methods("DELETE")
 }

 //Security check is middleware for every function and just checks to make sure that its the master calling
 //Only admin should have access to all these network-level actions
 //or maybe some Users once implemented
-func securityCheckServer(next http.Handler) http.HandlerFunc {
+func securityCheckServer(adminonly bool, next http.Handler) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		var errorResponse = models.ErrorResponse{
 			Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
@@ -42,14 +42,15 @@ func securityCheckServer(next http.Handler) http.HandlerFunc {
 		}
 		//all endpoints here require master so not as complicated
 		//still might not be a good  way of doing this
-                _, _, isadmin, _ := functions.VerifyUserToken(authToken)
-
-		if !isadmin && !authenticateMasterServer(authToken) {
+                user, _, isadmin, err := functions.VerifyUserToken(authToken)
                errorResponse = models.ErrorResponse{
                        Code: http.StatusUnauthorized, Message: "W1R3: You are unauthorized to access this endpoint.",
                }
+                if !adminonly && (err != nil || user == "") {
+                        returnErrorResponse(w, r, errorResponse)
+                }
+		if !isadmin && !authenticateMasterServer(authToken) {
                        returnErrorResponse(w, r, errorResponse)
-				return
                }
 		next.ServeHTTP(w, r)
 	}