1package framework
2
3import (
4	"context"
5	"fmt"
6	"sort"
7	"strings"
8
9	"github.com/hashicorp/errwrap"
10	"github.com/hashicorp/vault/sdk/helper/license"
11	"github.com/hashicorp/vault/sdk/logical"
12)
13
14// Helper which returns a generic regex string for creating endpoint patterns
15// that are identified by the given name in the backends
16func GenericNameRegex(name string) string {
17	return fmt.Sprintf("(?P<%s>\\w(([\\w-.]+)?\\w)?)", name)
18}
19
20// GenericNameWithAtRegex returns a generic regex that allows alphanumeric
21// characters along with -, . and @.
22func GenericNameWithAtRegex(name string) string {
23	return fmt.Sprintf("(?P<%s>\\w(([\\w-.@]+)?\\w)?)", name)
24}
25
26// Helper which returns a regex string for optionally accepting the a field
27// from the API URL
28func OptionalParamRegex(name string) string {
29	return fmt.Sprintf("(/(?P<%s>.+))?", name)
30}
31
32// Helper which returns a regex string for capturing an entire endpoint path
33// as the given name.
34func MatchAllRegex(name string) string {
35	return fmt.Sprintf(`(?P<%s>.*)`, name)
36}
37
38// PathAppend is a helper for appending lists of paths into a single
39// list.
40func PathAppend(paths ...[]*Path) []*Path {
41	result := make([]*Path, 0, 10)
42	for _, ps := range paths {
43		result = append(result, ps...)
44	}
45
46	return result
47}
48
49// Path is a single path that the backend responds to.
50type Path struct {
51	// Pattern is the pattern of the URL that matches this path.
52	//
53	// This should be a valid regular expression. Named captures will be
54	// exposed as fields that should map to a schema in Fields. If a named
55	// capture is not a field in the Fields map, then it will be ignored.
56	Pattern string
57
58	// Fields is the mapping of data fields to a schema describing that
59	// field. Named captures in the Pattern also map to fields. If a named
60	// capture name matches a PUT body name, the named capture takes
61	// priority.
62	//
63	// Note that only named capture fields are available in every operation,
64	// whereas all fields are available in the Write operation.
65	Fields map[string]*FieldSchema
66
67	// Operations is the set of operations supported and the associated OperationsHandler.
68	//
69	// If both Create and Update operations are present, documentation and examples from
70	// the Update definition will be used. Similarly if both Read and List are present,
71	// Read will be used for documentation.
72	Operations map[logical.Operation]OperationHandler
73
74	// Callbacks are the set of callbacks that are called for a given
75	// operation. If a callback for a specific operation is not present,
76	// then logical.ErrUnsupportedOperation is automatically generated.
77	//
78	// The help operation is the only operation that the Path will
79	// automatically handle if the Help field is set. If both the Help
80	// field is set and there is a callback registered here, then the
81	// callback will be called.
82	//
83	// Deprecated: Operations should be used instead and will take priority if present.
84	Callbacks map[logical.Operation]OperationFunc
85
86	// ExistenceCheck, if implemented, is used to query whether a given
87	// resource exists or not. This is used for ACL purposes: if an Update
88	// action is specified, and the existence check returns false, the action
89	// is not allowed since the resource must first be created. The reverse is
90	// also true. If not specified, the Update action is forced and the user
91	// must have UpdateCapability on the path.
92	ExistenceCheck ExistenceFunc
93
94	// FeatureRequired, if implemented, will validate if the given feature is
95	// enabled for the set of paths
96	FeatureRequired license.Features
97
98	// Deprecated denotes that this path is considered deprecated. This may
99	// be reflected in help and documentation.
100	Deprecated bool
101
102	// Help is text describing how to use this path. This will be used
103	// to auto-generate the help operation. The Path will automatically
104	// generate a parameter listing and URL structure based on the
105	// regular expression, so the help text should just contain a description
106	// of what happens.
107	//
108	// HelpSynopsis is a one-sentence description of the path. This will
109	// be automatically line-wrapped at 80 characters.
110	//
111	// HelpDescription is a long-form description of the path. This will
112	// be automatically line-wrapped at 80 characters.
113	HelpSynopsis    string
114	HelpDescription string
115
116	// DisplayAttrs provides hints for UI and documentation generators. They
117	// will be included in OpenAPI output if set.
118	DisplayAttrs *DisplayAttributes
119}
120
121// OperationHandler defines and describes a specific operation handler.
122type OperationHandler interface {
123	Handler() OperationFunc
124	Properties() OperationProperties
125}
126
127// OperationProperties describes an operation for documentation, help text,
128// and other clients. A Summary should always be provided, whereas other
129// fields can be populated as needed.
130type OperationProperties struct {
131	// Summary is a brief (usually one line) description of the operation.
132	Summary string
133
134	// Description is extended documentation of the operation and may contain
135	// Markdown-formatted text markup.
136	Description string
137
138	// Examples provides samples of the expected request data. The most
139	// relevant example should be first in the list, as it will be shown in
140	// documentation that supports only a single example.
141	Examples []RequestExample
142
143	// Responses provides a list of response description for a given response
144	// code. The most relevant response should be first in the list, as it will
145	// be shown in documentation that only allows a single example.
146	Responses map[int][]Response
147
148	// Unpublished indicates that this operation should not appear in public
149	// documentation or help text. The operation may still have documentation
150	// attached that can be used internally.
151	Unpublished bool
152
153	// Deprecated indicates that this operation should be avoided.
154	Deprecated bool
155
156	// DisplayAttrs provides hints for UI and documentation generators. They
157	// will be included in OpenAPI output if set.
158	DisplayAttrs *DisplayAttributes
159}
160
161type DisplayAttributes struct {
162	// Name is the name of the field suitable as a label or documentation heading.
163	Name string `json:"name,omitempty"`
164
165	// Value is a sample value to display for this field. This may be used
166	// to indicate a default value, but it is for display only and completely separate
167	// from any Default member handling.
168	Value interface{} `json:"value,omitempty"`
169
170	// Sensitive indicates that the value should be masked by default in the UI.
171	Sensitive bool `json:"sensitive,omitempty"`
172
173	// Navigation indicates that the path should be available as a navigation tab
174	Navigation bool `json:"navigation,omitempty"`
175
176	// ItemType is the type of item this path operates on
177	ItemType string `json:"itemType,omitempty"`
178
179	// Group is the suggested UI group to place this field in.
180	Group string `json:"group,omitempty"`
181
182	// Action is the verb to use for the operation.
183	Action string `json:"action,omitempty"`
184
185	// EditType is the type of form field needed for a property
186	// e.g. "textarea" or "file"
187	EditType string `json:"editType,omitempty"`
188}
189
190// RequestExample is example of request data.
191type RequestExample struct {
192	Description string                 // optional description of the request
193	Data        map[string]interface{} // map version of sample JSON request data
194
195	// Optional example response to the sample request. This approach is considered
196	// provisional for now, and this field may be changed or removed.
197	Response *Response
198}
199
200// Response describes and optional demonstrations an operation response.
201type Response struct {
202	Description string            // summary of the the response and should always be provided
203	MediaType   string            // media type of the response, defaulting to "application/json" if empty
204	Example     *logical.Response // example response data
205}
206
207// PathOperation is a concrete implementation of OperationHandler.
208type PathOperation struct {
209	Callback    OperationFunc
210	Summary     string
211	Description string
212	Examples    []RequestExample
213	Responses   map[int][]Response
214	Unpublished bool
215	Deprecated  bool
216}
217
218func (p *PathOperation) Handler() OperationFunc {
219	return p.Callback
220}
221
222func (p *PathOperation) Properties() OperationProperties {
223	return OperationProperties{
224		Summary:     strings.TrimSpace(p.Summary),
225		Description: strings.TrimSpace(p.Description),
226		Responses:   p.Responses,
227		Examples:    p.Examples,
228		Unpublished: p.Unpublished,
229		Deprecated:  p.Deprecated,
230	}
231}
232
233func (p *Path) helpCallback(b *Backend) OperationFunc {
234	return func(ctx context.Context, req *logical.Request, data *FieldData) (*logical.Response, error) {
235		var tplData pathTemplateData
236		tplData.Request = req.Path
237		tplData.RoutePattern = p.Pattern
238		tplData.Synopsis = strings.TrimSpace(p.HelpSynopsis)
239		if tplData.Synopsis == "" {
240			tplData.Synopsis = "<no synopsis>"
241		}
242		tplData.Description = strings.TrimSpace(p.HelpDescription)
243		if tplData.Description == "" {
244			tplData.Description = "<no description>"
245		}
246
247		// Alphabetize the fields
248		fieldKeys := make([]string, 0, len(p.Fields))
249		for k, _ := range p.Fields {
250			fieldKeys = append(fieldKeys, k)
251		}
252		sort.Strings(fieldKeys)
253
254		// Build the field help
255		tplData.Fields = make([]pathTemplateFieldData, len(fieldKeys))
256		for i, k := range fieldKeys {
257			schema := p.Fields[k]
258			description := strings.TrimSpace(schema.Description)
259			if description == "" {
260				description = "<no description>"
261			}
262
263			tplData.Fields[i] = pathTemplateFieldData{
264				Key:         k,
265				Type:        schema.Type.String(),
266				Description: description,
267				Deprecated:  schema.Deprecated,
268			}
269		}
270
271		help, err := executeTemplate(pathHelpTemplate, &tplData)
272		if err != nil {
273			return nil, errwrap.Wrapf("error executing template: {{err}}", err)
274		}
275
276		// Build OpenAPI response for this path
277		doc := NewOASDocument()
278		if err := documentPath(p, b.SpecialPaths(), b.BackendType, doc); err != nil {
279			b.Logger().Warn("error generating OpenAPI", "error", err)
280		}
281
282		return logical.HelpResponse(help, nil, doc), nil
283	}
284}
285
286type pathTemplateData struct {
287	Request      string
288	RoutePattern string
289	Synopsis     string
290	Description  string
291	Fields       []pathTemplateFieldData
292}
293
294type pathTemplateFieldData struct {
295	Key         string
296	Type        string
297	Deprecated  bool
298	Description string
299	URL         bool
300}
301
302const pathHelpTemplate = `
303Request:        {{.Request}}
304Matching Route: {{.RoutePattern}}
305
306{{.Synopsis}}
307
308{{ if .Fields -}}
309## PARAMETERS
310{{range .Fields}}
311{{indent 4 .Key}} ({{.Type}})
312{{if .Deprecated}}
313{{printf "(DEPRECATED) %s" .Description | indent 8}}
314{{else}}
315{{indent 8 .Description}}
316{{end}}{{end}}{{end}}
317## DESCRIPTION
318
319{{.Description}}
320`
321