mirror of
https://github.com/mattermost/mattermost.git
synced 2025-02-25 18:55:24 -06:00
1138dd6770
* Move system console to use v4 endpoints and redux * Rename logs dir to get past gitignore * Fix test email * Update brand unit test * Updates per feedback
128 lines
3.3 KiB
Go
128 lines
3.3 KiB
Go
// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
|
|
// See License.txt for license information.
|
|
|
|
package api4
|
|
|
|
import (
|
|
"net/http"
|
|
"strconv"
|
|
|
|
l4g "github.com/alecthomas/log4go"
|
|
"github.com/mattermost/platform/app"
|
|
"github.com/mattermost/platform/model"
|
|
"github.com/mattermost/platform/utils"
|
|
"github.com/mssola/user_agent"
|
|
)
|
|
|
|
func InitCompliance() {
|
|
l4g.Debug(utils.T("api.compliance.init.debug"))
|
|
|
|
BaseRoutes.Compliance.Handle("/reports", ApiSessionRequired(createComplianceReport)).Methods("POST")
|
|
BaseRoutes.Compliance.Handle("/reports", ApiSessionRequired(getComplianceReports)).Methods("GET")
|
|
BaseRoutes.Compliance.Handle("/reports/{report_id:[A-Za-z0-9]+}", ApiSessionRequired(getComplianceReport)).Methods("GET")
|
|
BaseRoutes.Compliance.Handle("/reports/{report_id:[A-Za-z0-9]+}/download", ApiSessionRequiredTrustRequester(downloadComplianceReport)).Methods("GET")
|
|
}
|
|
|
|
func createComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
job := model.ComplianceFromJson(r.Body)
|
|
if job == nil {
|
|
c.SetInvalidParam("compliance")
|
|
return
|
|
}
|
|
|
|
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
|
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
|
return
|
|
}
|
|
|
|
job.UserId = c.Session.UserId
|
|
|
|
rjob, err := app.SaveComplianceReport(job)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
c.LogAudit("")
|
|
w.WriteHeader(http.StatusCreated)
|
|
w.Write([]byte(rjob.ToJson()))
|
|
}
|
|
|
|
func getComplianceReports(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
|
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
|
return
|
|
}
|
|
|
|
crs, err := app.GetComplianceReports(c.Params.Page, c.Params.PerPage)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
w.Write([]byte(crs.ToJson()))
|
|
}
|
|
|
|
func getComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
c.RequireReportId()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
|
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
|
return
|
|
}
|
|
|
|
job, err := app.GetComplianceReport(c.Params.ReportId)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
w.Write([]byte(job.ToJson()))
|
|
}
|
|
|
|
func downloadComplianceReport(c *Context, w http.ResponseWriter, r *http.Request) {
|
|
c.RequireReportId()
|
|
if c.Err != nil {
|
|
return
|
|
}
|
|
|
|
if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) {
|
|
c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
|
|
return
|
|
}
|
|
|
|
job, err := app.GetComplianceReport(c.Params.ReportId)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
reportBytes, err := app.GetComplianceFile(job)
|
|
if err != nil {
|
|
c.Err = err
|
|
return
|
|
}
|
|
|
|
c.LogAudit("downloaded " + job.Desc)
|
|
|
|
w.Header().Set("Cache-Control", "max-age=2592000, public")
|
|
w.Header().Set("Content-Length", strconv.Itoa(len(reportBytes)))
|
|
w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer
|
|
|
|
// attach extra headers to trigger a download on IE, Edge, and Safari
|
|
ua := user_agent.New(r.UserAgent())
|
|
bname, _ := ua.Browser()
|
|
|
|
w.Header().Set("Content-Disposition", "attachment;filename=\""+job.JobName()+".zip\"")
|
|
|
|
if bname == "Edge" || bname == "Internet Explorer" || bname == "Safari" {
|
|
// trim off anything before the final / so we just get the file's name
|
|
w.Header().Set("Content-Type", "application/octet-stream")
|
|
}
|
|
|
|
w.Write(reportBytes)
|
|
}
|