Mercurial > prosody-modules

annotate mod_http_admin_api/mod_http_admin_api.lua @ 4352:f6da234b21b8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http_admin_api: Add groups property to users
author Matthew Wild <mwild1@gmail.com>
date Sun, 17 Jan 2021 17:51:23 +0000
parents c0b1b2a61e3c
children 535d80be110d
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
1 local usermanager = require "core.usermanager";
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
2
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3 local json = require "util.json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
5 module:depends("http");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
7 local invites = module:depends("invites");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
8 local tokens = module:depends("tokenauth");
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
9 local mod_pep = module:depends("pep");
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
10
4352
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
11 local group_memberships = module:open_store("groups", "map");
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
12
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local json_content_type = "application/json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 local www_authenticate_header = ("Bearer realm=%q"):format(module.host.."/"..module.name);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
17 local function check_credentials(request)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
18 local auth_type, auth_data = string.match(request.headers.authorization or "", "^(%S+)%s(.+)$");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
19 if not (auth_type and auth_data) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
20 return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
21 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
22
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
23 if auth_type == "Bearer" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
24 local token_info = tokens.get_token_info(auth_data);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
25 if not token_info or not token_info.session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
26 return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
27 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
28 return token_info.session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
29 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
30 return nil;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
31 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
32
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
33 function check_auth(routes)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
34 local function check_request_auth(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
35 local session = check_credentials(event.request);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
36 if not session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
37 event.response.headers.authorization = www_authenticate_header;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
38 return false, 401;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
39 elseif session.auth_scope ~= "prosody:scope:admin" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
40 return false, 403;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
41 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
42 event.session = session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
43 return true;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
44 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
45
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
46 for route, handler in pairs(routes) do
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
47 routes[route] = function (event, ...)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
48 local permit, code = check_request_auth(event);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
49 if not permit then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
50 return code;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
51 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
52 return handler(event, ...);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
53 end;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
54 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
55 return routes;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
56 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
57
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
58 local function token_info_to_invite_info(token_info)
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
59 local additional_data = token_info.additional_data;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
60 local groups = additional_data and additional_data.groups or nil;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
61 local source = additional_data and additional_data.source or nil;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
62 return {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
63 id = token_info.token;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
64 type = token_info.type;
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
65 reusable = token_info.reusable;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
66 inviter = token_info.inviter;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
67 jid = token_info.jid;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
68 landing_page = token_info.landing_page;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 created_at = token_info.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 expires = token_info.expires;
4349
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
71 groups = groups;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable
Matthew Wild <mwild1@gmail.com>
parents: 4345
diff changeset
72 source = source;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
73 };
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 function list_invites(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
77 local invites_list = {};
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
78 for token, invite in invites.pending_account_invites() do --luacheck: ignore 213/token
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 table.insert(invites_list, token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 table.sort(invites_list, function (a, b)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
82 return a.created_at < b.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
83 end);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
84
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 event.response.headers["Content-Type"] = json_content_type;
4350
270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array
Matthew Wild <mwild1@gmail.com>
parents: 4349
diff changeset
86 return json.encode_array(invites_list);
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
87 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
88
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
89 function get_invite_by_id(event, invite_id)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
90 local invite = invites.get_account_invite_info(invite_id);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
91 if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
92 return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
93 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
94
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
95 event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
96 return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
97 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
98
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
99 function create_invite(event)
4351
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
100 local invite_options;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
101
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
102 local request = event.request;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
103 if request.body and #request.body > 0 then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
104 if request.headers.content_type ~= json_content_type then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
105 module:log("warn", "Invalid content type");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
106 return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
107 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
108 invite_options = json.decode(event.request.body);
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
109 if not invite_options then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
110 module:log("warn", "Invalid JSON");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
111 return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
112 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
113 end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
114
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
115 local invite;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
116 if invite_options and invite_options.reusable then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
117 invite = invites.create_group(invite_options.group, invite_options.ttl, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
118 source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
119 });
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
120 else
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
121 invite = invites.create_account(nil, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
122 source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
123 groups = { invite_options.group };
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
124 });
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites
Matthew Wild <mwild1@gmail.com>
parents: 4350
diff changeset
125 end
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
126 if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
127 return 500;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
128 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
129
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
130 event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
131 return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
132 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
133
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
134 function delete_invite(event, invite_id) --luacheck: ignore 212/event
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
135 if not invites.delete_account_invite(invite_id) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
136 return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
137 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
138 return 200;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
139 end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
140
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
141 local function get_user_info(username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
142 if not usermanager.user_exists(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
143 return nil;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
144 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
145 local display_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
146 do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
147 local pep_service = mod_pep.get_pep_service(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
148 local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
149 if ok and nick_item then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
150 display_name = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
151 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
152 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
153
4352
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
154 local groups;
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
155 do
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
156 local group_set = group_memberships:get_all(username);
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
157 if group_set and next(group_set) then
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
158 groups = {};
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
159 for group_id in pairs(group_set) do
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
160 table.insert(groups, group_id);
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
161 end
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
162 end
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
163 end
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
164
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
165 return {
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
166 username = username;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
167 display_name = display_name;
4352
f6da234b21b8 mod_http_admin_api: Add groups property to users
Matthew Wild <mwild1@gmail.com>
parents: 4351
diff changeset
168 groups = groups;
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
169 };
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
170 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
171
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
172 function list_users(event)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
173 local user_list = {};
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
174 for username in usermanager.users(module.host) do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
175 table.insert(user_list, get_user_info(username));
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
176 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
177
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
178 event.response.headers["Content-Type"] = json_content_type;
4350
270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array
Matthew Wild <mwild1@gmail.com>
parents: 4349
diff changeset
179 return json.encode_array(user_list);
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
180 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
181
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
182 function get_user_by_name(event, username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
183 local user_info = get_user_info(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
184 if not user_info then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
185 return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
186 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
187
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
188 event.response.headers["Content-Type"] = json_content_type;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
189 return json.encode(user_info);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
190 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
191
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
192 function delete_user(event, username) --luacheck: ignore 212/event
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
193 if not usermanager.delete_user(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
194 return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
195 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
196 return 200;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
197 end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
198
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
199 module:provides("http", {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
200 route = check_auth {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
201 ["GET /invites"] = list_invites;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
202 ["GET /invites/*"] = get_invite_by_id;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
203 ["PUT /invites"] = create_invite;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
204 ["DELETE /invites/*"] = delete_invite;
4345
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
205
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
206 ["GET /users"] = list_users;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
207 ["GET /users/*"] = get_user_by_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users
Matthew Wild <mwild1@gmail.com>
parents: 4343
diff changeset
208 ["DELETE /users/*"] = delete_user;
4343
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
209 };
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
210 });