mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
e89b26e8f3
* format using `goimports -local github.com/mattermost/mattermost-server/v5 -w` * added goimports lint check to .golangci.yml * format using `goimports -local github.com/mattermost/mattermost-server/v5 -w` for a corner case * make app-layers, *-mocks and store-layers for ci check Co-authored-by: Mahmudul Haque <mahmudulhaque@protonmail.com> Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
179 lines
6.0 KiB
Go
179 lines
6.0 KiB
Go
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
|
|
// See LICENSE.txt for license information.
|
|
|
|
package api4
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/NYTimes/gziphandler"
|
|
|
|
"github.com/mattermost/mattermost-server/v5/web"
|
|
)
|
|
|
|
type Context = web.Context
|
|
|
|
// ApiHandler provides a handler for API endpoints which do not require the user to be logged in order for access to be
|
|
// granted.
|
|
func (api *API) ApiHandler(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: false,
|
|
TrustRequester: false,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
}
|
|
|
|
// ApiSessionRequired provides a handler for API endpoints which require the user to be logged in in order for access to
|
|
// be granted.
|
|
func (api *API) ApiSessionRequired(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: true,
|
|
TrustRequester: false,
|
|
RequireMfa: true,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// CloudApiKeyRequired provides a handler for webhook endpoints to access Cloud installations from CWS
|
|
func (api *API) CloudApiKeyRequired(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: false,
|
|
RequireCloudKey: true,
|
|
TrustRequester: false,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// ApiSessionRequiredMfa provides a handler for API endpoints which require a logged-in user session but when accessed,
|
|
// if MFA is enabled, the MFA process is not yet complete, and therefore the requirement to have completed the MFA
|
|
// authentication must be waived.
|
|
func (api *API) ApiSessionRequiredMfa(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: true,
|
|
TrustRequester: false,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// ApiHandlerTrustRequester provides a handler for API endpoints which do not require the user to be logged in and are
|
|
// allowed to be requested directly rather than via javascript/XMLHttpRequest, such as site branding images or the
|
|
// websocket.
|
|
func (api *API) ApiHandlerTrustRequester(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: false,
|
|
TrustRequester: true,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// ApiSessionRequiredTrustRequester provides a handler for API endpoints which do require the user to be logged in and
|
|
// are allowed to be requested directly rather than via javascript/XMLHttpRequest, such as emoji or file uploads.
|
|
func (api *API) ApiSessionRequiredTrustRequester(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: true,
|
|
TrustRequester: true,
|
|
RequireMfa: true,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// DisableWhenBusy provides a handler for API endpoints which should be disabled when the server is under load,
|
|
// responding with HTTP 503 (Service Unavailable).
|
|
func (api *API) ApiSessionRequiredDisableWhenBusy(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: true,
|
|
TrustRequester: false,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: false,
|
|
DisableWhenBusy: true,
|
|
}
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
|
|
}
|
|
|
|
// ApiLocal provides a handler for API endpoints to be used in local
|
|
// mode, this is, through a UNIX socket and without an authenticated
|
|
// session, but with one that has no user set and no permission
|
|
// restrictions
|
|
func (api *API) ApiLocal(h func(*Context, http.ResponseWriter, *http.Request)) http.Handler {
|
|
handler := &web.Handler{
|
|
GetGlobalAppOptions: api.GetGlobalAppOptions,
|
|
HandleFunc: h,
|
|
HandlerName: web.GetHandlerName(h),
|
|
RequireSession: false,
|
|
TrustRequester: false,
|
|
RequireMfa: false,
|
|
IsStatic: false,
|
|
IsLocal: true,
|
|
}
|
|
|
|
if *api.ConfigService.Config().ServiceSettings.WebserverMode == "gzip" {
|
|
return gziphandler.GzipHandler(handler)
|
|
}
|
|
return handler
|
|
}
|