WWW-Suffit-API
view release on metacpan or search on metacpan
lib/WWW/Suffit/Server/API/Admin.pm view on Meta::CPAN
Adds system route to route list
# curl -v -H "Authorization: OWL eyJh...Bh7g" \
-X POST -d '{
"routes": ["api-checkits", "api-backups"]
}' \
https://owl.localhost:8695/api/admin/sysroute
> POST /api/admin/sysroute HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...Bh7g
> Content-Length: 59
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Date: Mon, 15 May 2023 16:43:20 GMT
< Server: OWL/1.00
< Content-Type: application/json;charset=UTF-8
< Content-Length: 30
<
{
"code": "E0000",
"status": true
}
=head2 GET /api/admin/user
Gets list of all existing users
# curl -v -H "Authorization: OWL eyJh...Bh7g" \
https://owl.localhost:8695/api/admin/user
> GET /api/admin/user HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...Bh7g
>
< HTTP/1.1 200 OK
< Server: OWL/1.00
< Date: Mon, 15 May 2023 11:53:55 GMT
< Content-Length: 10517
< Content-Type: application/json;charset=UTF-8
<
[
{
"algorithm": "SHA256",
"attributes": "",
"comment": "Test user for internal testing only",
"created": 1678741533,
"email": "test@owl.localhost",
"flags": 0,
"id": 3,
"name": "Test User",
"not_after": null,
"not_before": 1678741533,
"password": "9f86...0a08",
"private_key": "",
"public_key": "",
"role": "Test user",
"username": "test"
}
]
=head2 POST /api/admin/user
Adds user's data
# curl -v -H "Authorization: OWL eyJh...j1rM" \
-X POST -d '{
"username": "bob",
"name": "Bob",
"email": "bob@example.com",
"password": "bob",
"algorithm": "SHA256",
"role": "Test user",
"flags": 0,
"not_after": null,
"public_key": null,
"private_key": null,
"attributes": null,
"comment": "Test user for unit testing only"
}' \
https://owl.localhost:8695/api/admin/user
> POST /api/admin/user HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...j1rM
> Content-Length: 367
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Date: Fri, 12 May 2023 12:15:50 GMT
< Content-Type: application/json;charset=UTF-8
< Content-Length: 1530
< Server: OWL/1.00
<
{
"algorithm": "SHA256",
"attributes": "",
"comment": "Test user for unit testing only",
"created": 1683893750,
"email": "bob@example.com",
"flags": 0,
"id": 13,
"name": "Bob",
"not_after": 0,
"not_before": 1683893750,
"password": "81b6...8ce9",
"private_key": "-----BEGIN RSA PRIVATE KEY-----...",
"public_key": "-----BEGIN RSA PUBLIC KEY-----...",
"role": "Test user",
"status": true,
"username": "bob"
}
=head2 GET /api/admin/user/USERNAME
GET /api/admin/user/<USERNAME>
GET /api/admin/user/?username=<USERNAME>
Gets user's data by username
# curl -v -H "Authorization: OWL eyJh...Bh7g" \
https://owl.localhost:8695/api/admin/user/test
> GET /api/admin/user/test HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...Bh7g
>
< HTTP/1.1 200 OK
< Server: OWL/1.00
< Content-Length: 1544
< Content-Type: application/json;charset=UTF-8
< Date: Mon, 15 May 2023 12:03:36 GMT
<
{
"algorithm": "SHA256",
"attributes": "",
"comment": "Test user for internal testing only",
"created": 1678741533,
"email": "test@owl.localhost",
"flags": 0,
"id": 3,
"name": "Test User",
"not_after": null,
"not_before": 1678741533,
"password": "9f86...0a08",
"private_key": "",
"public_key": "",
"role": "Test user",
"status": true,
"username": "test"
}
=head2 PUT /api/admin/user/USERNAME
Sets user's data
# curl -v -H "Authorization: OWL eyJh...j1rM" \
-X PUT -d '{
"id": 13,
"username": "bob",
"name": "Bob Bob",
"email": "bob@example.com",
"password": "bob",
"algorithm": "SHA256",
"role": "Test user",
"flags": 0,
"not_after": null,
"public_key": null,
"private_key": null,
"attributes": null,
"comment": "Test user for unit testing only"
}' \
https://owl.localhost:8695/api/admin/user/bob
> PUT /api/admin/user/bob HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...j1rM
> Content-Length: 389
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Date: Fri, 12 May 2023 12:21:07 GMT
< Content-Type: application/json;charset=UTF-8
< Server: OWL/1.00
< Content-Length: 1536
<
{
"algorithm": "SHA256",
"attributes": "",
"comment": "Test user for unit testing only",
"created": 1683893750,
"email": "bob@example.com",
"flags": 0,
"id": 13,
"name": "Bob Bob",
"not_after": 0,
"not_before": 1683894066,
"password": "81b6...8ce9",
"private_key": "-----BEGIN RSA PRIVATE KEY-----...",
"public_key": "-----BEGIN RSA PUBLIC KEY-----...",
"role": "Test user",
"status": true,
"username": "bob"
}
=head2 DELETE /api/admin/user/USERNAME
Delete user by username
# curl -v -X DELETE -H "Authorization: OWL eyJh...Bh7g" \
https://owl.localhost:8695/api/admin/user/bob.bob
> DELETE /api/admin/user/bob.bob HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...Bh7g
>
< HTTP/1.1 200 OK
< Content-Length: 30
< Date: Mon, 15 May 2023 12:11:42 GMT
< Content-Type: application/json;charset=UTF-8
< Server: OWL/1.00
<
{
"code": "E0000",
"status": true
}
=head2 GET /api/admin/user/USERNAME/groups
Returns list user's groups
# curl -v -H "Authorization: OWL eyJh...Bh7g" \
https://owl.localhost:8695/api/admin/user/test/groups
> GET /api/admin/user/test/groups HTTP/1.1
> Host: owl.localhost:8695
> User-Agent: curl/7.68.0
> Accept: */*
> Authorization: OWL eyJh...Bh7g
>
< HTTP/1.1 200 OK
< Date: Mon, 15 May 2023 12:27:43 GMT
< Server: OWL/1.00
< Content-Length: 64
< Content-Type: application/json;charset=UTF-8
<
[
{
"description": "Unprivileged users",
"groupname": "user",
"id": 2
}
]
=head2 PUT /api/admin/user/USERNAME/passwd
Set password for user
lib/WWW/Suffit/Server/API/Admin.pm view on Meta::CPAN
return $self->render(json => [@users]);
}
sub user_set {
my $self = shift;
my %data = ();
my $authdb = $self->authdb->clean;
# Get data from request
my $id = $self->req->json('/id') || 0;
$data{id} = $id;
# Get username
my $username = trim($self->param('username') // $self->req->json('/username') // '');
return $self->reply->json_error(400 => "E1200" => "Incorrect username")
unless length($username) && (length($username) <= 64) && $username =~ USERNAME_REGEXP;
$data{username} = $username;
# Get email
my $email = trim($self->req->json('/email') // '');
return $self->reply->json_error(400 => "E1205" => "Incorrect email address")
unless length($email) && (length($email) <= 255) && $email =~ EMAIL_REGEXP;
$data{email} = $email;
# Get name
my $name = trim($self->req->json('/name') // '');
return $self->reply->json_error(400 => "E1206" => "Incorrect full name")
unless length($name) && (length($name) <= 255);
$data{name} = $name;
# Get password
my $password = trim($self->req->json('/password') // '');
unless ($id) { # If add user - check password!
return $self->reply->json_error(400 => "E1202" => "Incorrect password")
unless length($password) && (length($password) <= 255);
}
$data{password} = $password;
# Get algorithm
my $algorithm = uc(trim($self->req->json('/algorithm') // ''));
return $self->reply->json_error(400 => "E1207" => "Incorrect digest algorithm")
unless length($algorithm) && grep {$_ eq $algorithm} @{(DIGEST_ALGORITHMS())};
$data{algorithm} = $algorithm;
# Get role
my $role = trim($self->req->json('/role') // '');
return $self->reply->json_error(400 => "E1208" => "Incorrect role")
unless length($role) && (length($role) <= 255);
$data{role} = $role;
# Get flags
my $flags = trim($self->req->json('/flags') || 0);
return $self->reply->json_error(400 => "E1209" => "Incorrect flags")
unless is_integer($flags);
$data{flags} = $flags;
# Get not_after
my $is_disabled = $self->req->json('/disabled') || 0;
$data{not_after} = $is_disabled ? time() : undef;
# Text fields
foreach my $k (qw/public_key private_key attributes comment/) {
my $v = $self->req->json("/$k") // '';
$data{$k} = $v;
}
# Gen RSA keys
unless (length($data{public_key}) || length($data{private_key})) {
my %ks = $self->gen_rsakeys();
return $self->reply->json_error(500 => "E1215" => $ks{error}) if $ks{error};
$data{$_} = $ks{$_} for qw/public_key private_key/;
}
# Set user data
$authdb->user_set(%data)
or return $self->reply->json_error($authdb->code, $authdb->error || "E1216: Can't set user data to authorization database");
# Get pure data from AuthDB
my %user_data = $authdb->user_get($username);
return $self->reply->json_error($authdb->code, $authdb->error) if $authdb->error;
# Check id
return $self->reply->json_error(500 => "E1217" => "Can't get data from authorization database by username")
unless $user_data{id};
# Render ok
return $self->reply->json_ok({%user_data});
}
sub user_groups {
my $self = shift;
my $authdb = $self->authdb->clean;
# Get username from path
my $username = trim($self->param('username') // '');
return $self->reply->json_error(400 => "E1200" => "Incorrect username")
unless length($username) && (length($username) <= 64) && $username =~ USERNAME_REGEXP;
# Groups list
my @groups = $authdb->user_groups($username);
return $self->reply->json_error($authdb->code, $authdb->error) if $authdb->error;
# Render collection
return $self->render(json => [@groups]);
}
sub user_passwd {
my $self = shift;
my %data = ();
my $authdb = $self->authdb->clean;
# Get username
my $username = trim($self->param('username') // $self->req->json('/username') // '');
return $self->reply->json_error(400 => "E1200" => "Incorrect username")
unless length($username) && (length($username) <= 64) && $username =~ USERNAME_REGEXP;
$data{username} = $username;
# Get password
my $password = trim($self->req->json('/password') // '');
return $self->reply->json_error(400 => "E1202" => "Incorrect password")
unless length($password) && (length($password) <= 255);
$data{password} = $password;
# Store data
$authdb->user_passwd(%data)
or return $self->reply->json_error($authdb->code, $authdb->error || "E1223: Can't set password");
# Render ok
return $self->reply->json_ok;
}
sub user_search {
my $self = shift;
my $authdb = $self->authdb->clean;
( run in 1.478 second using v1.01-cache-2.11-cpan-39bf76dae61 )