1 /* Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ */
2
3 #include "remote/infohandler.hpp"
4 #include "remote/httputility.hpp"
5 #include "base/application.hpp"
6
7 using namespace icinga;
8
9 REGISTER_URLHANDLER("/", InfoHandler);
10
HandleRequest(AsioTlsStream & stream,const ApiUser::Ptr & user,boost::beast::http::request<boost::beast::http::string_body> & request,const Url::Ptr & url,boost::beast::http::response<boost::beast::http::string_body> & response,const Dictionary::Ptr & params,boost::asio::yield_context & yc,HttpServerConnection & server)11 bool InfoHandler::HandleRequest(
12 AsioTlsStream& stream,
13 const ApiUser::Ptr& user,
14 boost::beast::http::request<boost::beast::http::string_body>& request,
15 const Url::Ptr& url,
16 boost::beast::http::response<boost::beast::http::string_body>& response,
17 const Dictionary::Ptr& params,
18 boost::asio::yield_context& yc,
19 HttpServerConnection& server
20 )
21 {
22 namespace http = boost::beast::http;
23
24 if (url->GetPath().size() > 2)
25 return false;
26
27 if (request.method() != http::verb::get)
28 return false;
29
30 if (url->GetPath().empty()) {
31 response.result(http::status::found);
32 response.set(http::field::location, "/v1");
33 return true;
34 }
35
36 if (url->GetPath()[0] != "v1" || url->GetPath().size() != 1)
37 return false;
38
39 response.result(http::status::ok);
40
41 std::vector<String> permInfo;
42 Array::Ptr permissions = user->GetPermissions();
43
44 if (permissions) {
45 ObjectLock olock(permissions);
46 for (const Value& permission : permissions) {
47 String name;
48 bool hasFilter = false;
49 if (permission.IsObjectType<Dictionary>()) {
50 Dictionary::Ptr dpermission = permission;
51 name = dpermission->Get("permission");
52 hasFilter = dpermission->Contains("filter");
53 } else
54 name = permission;
55
56 if (hasFilter)
57 name += " (filtered)";
58
59 permInfo.emplace_back(std::move(name));
60 }
61 }
62
63 if (request[http::field::accept] == "application/json") {
64 Dictionary::Ptr result1 = new Dictionary({
65 { "user", user->GetName() },
66 { "permissions", Array::FromVector(permInfo) },
67 { "version", Application::GetAppVersion() },
68 { "info", "More information about API requests is available in the documentation at https://icinga.com/docs/icinga2/latest/" }
69 });
70
71 Dictionary::Ptr result = new Dictionary({
72 { "results", new Array({ result1 }) }
73 });
74
75 HttpUtility::SendJsonBody(response, params, result);
76 } else {
77 response.set(http::field::content_type, "text/html");
78
79 String body = "<html><head><title>Icinga 2</title></head><h1>Hello from Icinga 2 (Version: " + Application::GetAppVersion() + ")!</h1>";
80 body += "<p>You are authenticated as <b>" + user->GetName() + "</b>. ";
81
82 if (!permInfo.empty()) {
83 body += "Your user has the following permissions:</p> <ul>";
84
85 for (const String& perm : permInfo) {
86 body += "<li>" + perm + "</li>";
87 }
88
89 body += "</ul>";
90 } else
91 body += "Your user does not have any permissions.</p>";
92
93 body += R"(<p>More information about API requests is available in the <a href="https://icinga.com/docs/icinga2/latest/" target="_blank">documentation</a>.</p></html>)";
94 response.body() = body;
95 response.content_length(response.body().size());
96 }
97
98 return true;
99 }
100
101