annotate mod_http_admin_api/mod_http_admin_api.lua @ 4351:c0b1b2a61e3c

mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
author Matthew Wild <mwild1@gmail.com>
date Sun, 17 Jan 2021 17:50:42 +0000
parents 270025e76bf8
children f6da234b21b8
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
1 local usermanager = require "core.usermanager";
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
2
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local json = require "util.json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 module:depends("http");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local invites = module:depends("invites");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local tokens = module:depends("tokenauth");
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
9 local mod_pep = module:depends("pep");
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
11 local json_content_type = "application/json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local www_authenticate_header = ("Bearer realm=%q"):format(module.host.."/"..module.name);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local function check_credentials(request)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16 local auth_type, auth_data = string.match(request.headers.authorization or "", "^(%S+)%s(.+)$");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 if not (auth_type and auth_data) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 if auth_type == "Bearer" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22 local token_info = tokens.get_token_info(auth_data);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 if not token_info or not token_info.session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 return token_info.session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 return nil;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 function check_auth(routes)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32 local function check_request_auth(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 local session = check_credentials(event.request);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 if not session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 event.response.headers.authorization = www_authenticate_header;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 return false, 401;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 elseif session.auth_scope ~= "prosody:scope:admin" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 return false, 403;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 event.session = session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 return true;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 for route, handler in pairs(routes) do
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45 routes[route] = function (event, ...)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 local permit, code = check_request_auth(event);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 if not permit then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 return code;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 return handler(event, ...);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 end;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 return routes;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 local function token_info_to_invite_info(token_info)
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
57 local additional_data = token_info.additional_data;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
58 local groups = additional_data and additional_data.groups or nil;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
59 local source = additional_data and additional_data.source or nil;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
60 return {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
61 id = token_info.token;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 type = token_info.type;
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
63 reusable = token_info.reusable;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 inviter = token_info.inviter;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
65 jid = token_info.jid;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 landing_page = token_info.landing_page;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 created_at = token_info.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 expires = token_info.expires;
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
69 groups = groups;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
70 source = source;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 };
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 function list_invites(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 local invites_list = {};
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 for token, invite in invites.pending_account_invites() do --luacheck: ignore 213/token
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 table.insert(invites_list, token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 table.sort(invites_list, function (a, b)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 return a.created_at < b.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 end);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 event.response.headers["Content-Type"] = json_content_type;
4350
270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array
Matthew Wild <mwild1@gmail.com>
parents: 4349
diff changeset
84 return json.encode_array(invites_list);
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
86
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 function get_invite_by_id(event, invite_id)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88 local invite = invites.get_account_invite_info(invite_id);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94 return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 function create_invite(event)
4351
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
98 local invite_options;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
99
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
100 local request = event.request;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
101 if request.body and #request.body > 0 then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
102 if request.headers.content_type ~= json_content_type then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
103 module:log("warn", "Invalid content type");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
104 return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
105 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
106 invite_options = json.decode(event.request.body);
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
107 if not invite_options then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
108 module:log("warn", "Invalid JSON");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
109 return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
110 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
111 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
112
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
113 local invite;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
114 if invite_options and invite_options.reusable then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
115 invite = invites.create_group(invite_options.group, invite_options.ttl, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
116 source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
117 });
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
118 else
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
119 invite = invites.create_account(nil, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
120 source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
121 groups = { invite_options.group };
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
122 });
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
123 end
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
124 if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
125 return 500;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129 return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132 function delete_invite(event, invite_id) --luacheck: ignore 212/event
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133 if not invites.delete_account_invite(invite_id) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 return 200;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
139 local function get_user_info(username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
140 if not usermanager.user_exists(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
141 return nil;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
142 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
143 local display_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
144 do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
145 local pep_service = mod_pep.get_pep_service(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
146 local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
147 if ok and nick_item then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
148 display_name = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
149 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
150 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
151
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
152 return {
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
153 username = username;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
154 display_name = display_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
155 };
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
156 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
157
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
158 function list_users(event)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
159 local user_list = {};
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
160 for username in usermanager.users(module.host) do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
161 table.insert(user_list, get_user_info(username));
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
162 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
163
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
164 event.response.headers["Content-Type"] = json_content_type;
4350
270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array
Matthew Wild <mwild1@gmail.com>
parents: 4349
diff changeset
165 return json.encode_array(user_list);
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
166 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
167
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
168 function get_user_by_name(event, username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
169 local user_info = get_user_info(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
170 if not user_info then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
171 return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
172 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
173
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
174 event.response.headers["Content-Type"] = json_content_type;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
175 return json.encode(user_info);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
176 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
177
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
178 function delete_user(event, username) --luacheck: ignore 212/event
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
179 if not usermanager.delete_user(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
180 return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
181 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
182 return 200;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
183 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
184
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
185 module:provides("http", {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
186 route = check_auth {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
187 ["GET /invites"] = list_invites;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
188 ["GET /invites/*"] = get_invite_by_id;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
189 ["PUT /invites"] = create_invite;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
190 ["DELETE /invites/*"] = delete_invite;
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
191
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
192 ["GET /users"] = list_users;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
193 ["GET /users/*"] = get_user_by_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
194 ["DELETE /users/*"] = delete_user;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
195 };
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
196 });