ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2024-11-13 02:17:25 +01:00
Code Issues Packages Releases Activity

Merge pull request #213 from ClusterCockpit/hotfix

Browse Source 
Hotfix
This commit is contained in:
Jan Eitzinger 2023-09-07 16:39:01 +02:00 committed by GitHub
commit ab08600486
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 94 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.goreleaser.yaml
View File

@ -101,5 +101,6 @@ release:
draft: false draft: false
footer: | footer: |
Supports job archive version 1 and database version 6. Supports job archive version 1 and database version 6.
Please check out the [Release Notes](https://github.com/ClusterCockpit/cc-backend/blob/master/ReleaseNotes.md) for further details on breaking changes.
# vim: set ts=2 sw=2 tw=0 fo=cnqoj # vim: set ts=2 sw=2 tw=0 fo=cnqoj

2
Makefile
View File

@ -2,7 +2,7 @@ TARGET = ./cc-backend
VAR = ./var VAR = ./var
CFG = config.json .env CFG = config.json .env
FRONTEND = ./web/frontend FRONTEND = ./web/frontend
VERSION = 1.2.0 VERSION = 1.2.1
GIT_HASH := $(shell git rev-parse --short HEAD || echo 'development') GIT_HASH := $(shell git rev-parse --short HEAD || echo 'development')
CURRENT_TIME = $(shell date +"%Y-%m-%d:T%H:%M:%S") CURRENT_TIME = $(shell date +"%Y-%m-%d:T%H:%M:%S")
LD_FLAGS = '-s -X main.date=${CURRENT_TIME} -X main.version=${VERSION} -X main.commit=${GIT_HASH}' LD_FLAGS = '-s -X main.date=${CURRENT_TIME} -X main.version=${VERSION} -X main.commit=${GIT_HASH}'

6
ReleaseNotes.md
View File

@ -1,4 +1,4 @@
# `cc-backend` version 1.2.0 # `cc-backend` version 1.2.1
Supports job archive version 1 and database version 6. Supports job archive version 1 and database version 6.
@ -25,6 +25,10 @@ is not the number of cores the core hours will be too high by a factor!
validity. Some key names have changed, please refer to validity. Some key names have changed, please refer to
[config documentation](./configs/README.md) for details. [config documentation](./configs/README.md) for details.
* The following API endpoints are only accessible from IPs registered using the apiAllowedIPs configuration option:
- `/users/` [GET, POST, DELETE]
- `/user/{id}` [POST]
** NOTE ** ** NOTE **
If you are using the sqlite3 backend the `PRAGMA` option `foreign_keys` must be If you are using the sqlite3 backend the `PRAGMA` option `foreign_keys` must be
explicitly set to ON. If using the sqlite3 console it is per default set to explicitly set to ON. If using the sqlite3 console it is per default set to

41
api/swagger.json
View File

@ -29,7 +29,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "Job query"
], ],
"summary": "Lists all jobs", "summary": "Lists all jobs",
"parameters": [ "parameters": [
@ -127,7 +127,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -199,7 +199,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -269,7 +269,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -342,7 +342,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Adds a new job as \"running\"", "summary": "Adds a new job as \"running\"",
"parameters": [ "parameters": [
@ -408,7 +408,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Marks job as completed and triggers archiving", "summary": "Marks job as completed and triggers archiving",
"parameters": [ "parameters": [
@ -483,7 +483,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Marks job as completed and triggers archiving", "summary": "Marks job as completed and triggers archiving",
"parameters": [ "parameters": [
@ -565,7 +565,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Adds one or more tags to a job", "summary": "Adds one or more tags to a job",
"parameters": [ "parameters": [
@ -638,7 +638,7 @@
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "Job query"
], ],
"summary": "Get complete job meta and metric data", "summary": "Get complete job meta and metric data",
"parameters": [ "parameters": [
@ -715,7 +715,7 @@
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "Modifies user defined by username (id) in one of four possible ways.\nIf more than one formValue is set then only the highest priority field is used.", "description": "Modifies user defined by username (id) in one of four possible ways.\nIf more than one formValue is set then only the highest priority field is used.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -723,7 +723,7 @@
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"add and modify" "User"
], ],
"summary": "Updates an existing user", "summary": "Updates an existing user",
"parameters": [ "parameters": [
@ -820,12 +820,12 @@
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "Returns a JSON-encoded list of users.\nRequired query-parameter defines if all users or only users with additional special roles are returned.", "description": "Returns a JSON-encoded list of users.\nRequired query-parameter defines if all users or only users with additional special roles are returned.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"produces": [ "produces": [
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "User"
], ],
"summary": "Returns a list of users", "summary": "Returns a list of users",
"parameters": [ "parameters": [
@ -879,7 +879,7 @@
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "User specified in form data will be saved to database.", "description": "User specified in form data will be saved to database.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -887,7 +887,7 @@
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"add and modify" "User"
], ],
"summary": "Adds a new user", "summary": "Adds a new user",
"parameters": [ "parameters": [
@ -983,7 +983,7 @@
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "User defined by username in form data will be deleted from database.", "description": "User defined by username in form data will be deleted from database.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -991,7 +991,7 @@
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"remove" "User"
], ],
"summary": "Deletes a user", "summary": "Deletes a user",
"parameters": [ "parameters": [
@ -1757,10 +1757,5 @@
"name": "X-Auth-Token", "name": "X-Auth-Token",
"in": "header" "in": "header"
} }
}, }
"tags": [
{
"name": "Job API"
}
]
} }

38
api/swagger.yaml
View File

@ -607,7 +607,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Lists all jobs summary: Lists all jobs
tags: tags:
- query - Job query
/jobs/{id}: /jobs/{id}:
post: post:
consumes: consumes:
@ -665,7 +665,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Get complete job meta and metric data summary: Get complete job meta and metric data
tags: tags:
- query - Job query
/jobs/delete_job/: /jobs/delete_job/:
delete: delete:
consumes: consumes:
@ -715,7 +715,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Remove a job from the sql database summary: Remove a job from the sql database
tags: tags:
- remove - Job remove
/jobs/delete_job/{id}: /jobs/delete_job/{id}:
delete: delete:
description: Job to remove is specified by database ID. This will not remove description: Job to remove is specified by database ID. This will not remove
@ -762,7 +762,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Remove a job from the sql database summary: Remove a job from the sql database
tags: tags:
- remove - Job remove
/jobs/delete_job_before/{ts}: /jobs/delete_job_before/{ts}:
delete: delete:
description: Remove all jobs with start time before timestamp. The jobs will description: Remove all jobs with start time before timestamp. The jobs will
@ -809,7 +809,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Remove a job from the sql database summary: Remove a job from the sql database
tags: tags:
- remove - Job remove
/jobs/start_job/: /jobs/start_job/:
post: post:
consumes: consumes:
@ -856,7 +856,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Adds a new job as "running" summary: Adds a new job as "running"
tags: tags:
- add and modify - Job add and modify
/jobs/stop_job/: /jobs/stop_job/:
post: post:
description: |- description: |-
@ -905,7 +905,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Marks job as completed and triggers archiving summary: Marks job as completed and triggers archiving
tags: tags:
- add and modify - Job add and modify
/jobs/stop_job/{id}: /jobs/stop_job/{id}:
post: post:
consumes: consumes:
@ -961,7 +961,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Marks job as completed and triggers archiving summary: Marks job as completed and triggers archiving
tags: tags:
- add and modify - Job add and modify
/jobs/tag_job/{id}: /jobs/tag_job/{id}:
post: post:
consumes: consumes:
@ -1010,7 +1010,7 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Adds one or more tags to a job summary: Adds one or more tags to a job
tags: tags:
- add and modify - Job add and modify
/user/{id}: /user/{id}:
post: post:
consumes: consumes:
@ -1018,6 +1018,7 @@ paths:
description: |- description: |-
Modifies user defined by username (id) in one of four possible ways. Modifies user defined by username (id) in one of four possible ways.
If more than one formValue is set then only the highest priority field is used. If more than one formValue is set then only the highest priority field is used.
Only accessible from IPs registered with apiAllowedIPs configuration option.
parameters: parameters:
- description: Database ID of User - description: Database ID of User
in: path in: path
@ -1083,12 +1084,14 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Updates an existing user summary: Updates an existing user
tags: tags:
- add and modify - User
/users/: /users/:
delete: delete:
consumes: consumes:
- multipart/form-data - multipart/form-data
description: User defined by username in form data will be deleted from database. description: |-
User defined by username in form data will be deleted from database.
Only accessible from IPs registered with apiAllowedIPs configuration option.
parameters: parameters:
- description: User ID to delete - description: User ID to delete
in: formData in: formData
@ -1124,11 +1127,12 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Deletes a user summary: Deletes a user
tags: tags:
- remove - User
get: get:
description: |- description: |-
Returns a JSON-encoded list of users. Returns a JSON-encoded list of users.
Required query-parameter defines if all users or only users with additional special roles are returned. Required query-parameter defines if all users or only users with additional special roles are returned.
Only accessible from IPs registered with apiAllowedIPs configuration option.
parameters: parameters:
- description: If returned list should contain all users or only users with - description: If returned list should contain all users or only users with
additional special roles additional special roles
@ -1165,11 +1169,13 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Returns a list of users summary: Returns a list of users
tags: tags:
- query - User
post: post:
consumes: consumes:
- multipart/form-data - multipart/form-data
description: User specified in form data will be saved to database. description: |-
User specified in form data will be saved to database.
Only accessible from IPs registered with apiAllowedIPs configuration option.
parameters: parameters:
- description: Unique user ID - description: Unique user ID
in: formData in: formData
@ -1235,12 +1241,10 @@ paths:
- ApiKeyAuth: [] - ApiKeyAuth: []
summary: Adds a new user summary: Adds a new user
tags: tags:
- add and modify - User
securityDefinitions: securityDefinitions:
ApiKeyAuth: ApiKeyAuth:
in: header in: header
name: X-Auth-Token name: X-Auth-Token
type: apiKey type: apiKey
swagger: "2.0" swagger: "2.0"
tags:
- name: Job API

1
configs/README.md
View File

@ -9,6 +9,7 @@ It is supported to set these by means of a `.env` file in the project root.
## Configuration Options ## Configuration Options
* `addr`: Type string. Address where the http (or https) server will listen on (for example: 'localhost:80'). Default `:8080`. * `addr`: Type string. Address where the http (or https) server will listen on (for example: 'localhost:80'). Default `:8080`.
* `apiAllowedIPs`: Type string array. Addresses from which the secured API endpoints (/users and other auth related endpoints) can be reached
* `user`: Type string. Drop root permissions once .env was read and the port was taken. Only applicable if using privileged port. * `user`: Type string. Drop root permissions once .env was read and the port was taken. Only applicable if using privileged port.
* `group`: Type string. Drop root permissions once .env was read and the port was taken. Only applicable if using privileged port. * `group`: Type string. Drop root permissions once .env was read and the port was taken. Only applicable if using privileged port.
* `disable-authentication`: Type bool. Disable authentication (for everything: API, Web-UI, ...). Default `false`. * `disable-authentication`: Type bool. Disable authentication (for everything: API, Web-UI, ...). Default `false`.

2
configs/config-demo.json
View File

@ -5,7 +5,7 @@
"path": "./var/job-archive" "path": "./var/job-archive"
}, },
"jwts": { "jwts": {
"max-age": "2m" "max-age": "2000h"
}, },
"clusters": [ "clusters": [
{ {

2
configs/config.json
View File

@ -43,7 +43,7 @@
"jwts": { "jwts": {
"cookieName": "", "cookieName": "",
"validateUser": false, "validateUser": false,
"max-age": "2m", "max-age": "2000h",
"trustedIssuer": "" "trustedIssuer": ""
}, },
"short-running-jobs-duration": 300 "short-running-jobs-duration": 300

46
internal/api/docs.go
View File

@ -1,4 +1,5 @@
// Code generated by swaggo/swag. DO NOT EDIT // Code generated by swaggo/swag. DO NOT EDIT.
package api package api
import "github.com/swaggo/swag" import "github.com/swaggo/swag"
@ -35,7 +36,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "Job query"
], ],
"summary": "Lists all jobs", "summary": "Lists all jobs",
"parameters": [ "parameters": [
@ -133,7 +134,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -205,7 +206,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -275,7 +276,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"remove" "Job remove"
], ],
"summary": "Remove a job from the sql database", "summary": "Remove a job from the sql database",
"parameters": [ "parameters": [
@ -348,7 +349,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Adds a new job as \"running\"", "summary": "Adds a new job as \"running\"",
"parameters": [ "parameters": [
@ -414,7 +415,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Marks job as completed and triggers archiving", "summary": "Marks job as completed and triggers archiving",
"parameters": [ "parameters": [
@ -489,7 +490,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Marks job as completed and triggers archiving", "summary": "Marks job as completed and triggers archiving",
"parameters": [ "parameters": [
@ -571,7 +572,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"add and modify" "Job add and modify"
], ],
"summary": "Adds one or more tags to a job", "summary": "Adds one or more tags to a job",
"parameters": [ "parameters": [
@ -644,7 +645,7 @@ const docTemplate = `{
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "Job query"
], ],
"summary": "Get complete job meta and metric data", "summary": "Get complete job meta and metric data",
"parameters": [ "parameters": [
@ -721,7 +722,7 @@ const docTemplate = `{
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "Modifies user defined by username (id) in one of four possible ways.\nIf more than one formValue is set then only the highest priority field is used.", "description": "Modifies user defined by username (id) in one of four possible ways.\nIf more than one formValue is set then only the highest priority field is used.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -729,7 +730,7 @@ const docTemplate = `{
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"add and modify" "User"
], ],
"summary": "Updates an existing user", "summary": "Updates an existing user",
"parameters": [ "parameters": [
@ -826,12 +827,12 @@ const docTemplate = `{
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "Returns a JSON-encoded list of users.\nRequired query-parameter defines if all users or only users with additional special roles are returned.", "description": "Returns a JSON-encoded list of users.\nRequired query-parameter defines if all users or only users with additional special roles are returned.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"produces": [ "produces": [
"application/json" "application/json"
], ],
"tags": [ "tags": [
"query" "User"
], ],
"summary": "Returns a list of users", "summary": "Returns a list of users",
"parameters": [ "parameters": [
@ -885,7 +886,7 @@ const docTemplate = `{
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "User specified in form data will be saved to database.", "description": "User specified in form data will be saved to database.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -893,7 +894,7 @@ const docTemplate = `{
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"add and modify" "User"
], ],
"summary": "Adds a new user", "summary": "Adds a new user",
"parameters": [ "parameters": [
@ -989,7 +990,7 @@ const docTemplate = `{
"ApiKeyAuth": [] "ApiKeyAuth": []
} }
], ],
"description": "User defined by username in form data will be deleted from database.", "description": "User defined by username in form data will be deleted from database.\nOnly accessible from IPs registered with apiAllowedIPs configuration option.",
"consumes": [ "consumes": [
"multipart/form-data" "multipart/form-data"
], ],
@ -997,7 +998,7 @@ const docTemplate = `{
"text/plain" "text/plain"
], ],
"tags": [ "tags": [
"remove" "User"
], ],
"summary": "Deletes a user", "summary": "Deletes a user",
"parameters": [ "parameters": [
@ -1763,12 +1764,7 @@ const docTemplate = `{
"name": "X-Auth-Token", "name": "X-Auth-Token",
"in": "header" "in": "header"
} }
}, }
"tags": [
{
"name": "Job API"
}
]
}` }`
// SwaggerInfo holds exported Swagger Info so clients can modify it // SwaggerInfo holds exported Swagger Info so clients can modify it
@ -1781,6 +1777,8 @@ var SwaggerInfo = &swag.Spec{
Description: "API for batch job control.", Description: "API for batch job control.",
InfoInstanceName: "swagger", InfoInstanceName: "swagger",
SwaggerTemplate: docTemplate, SwaggerTemplate: docTemplate,
LeftDelim: "{{",
RightDelim: "}}",
} }
func init() { func init() {

36
internal/api/rest.go
View File

@ -37,8 +37,6 @@ import (
// @version 1.0.0 // @version 1.0.0
// @description API for batch job control. // @description API for batch job control.
// @tag.name Job API
// @contact.name ClusterCockpit Project // @contact.name ClusterCockpit Project
// @contact.url https://github.com/ClusterCockpit // @contact.url https://github.com/ClusterCockpit
// @contact.email support@clustercockpit.org // @contact.email support@clustercockpit.org
@ -212,6 +210,10 @@ func securedCheck(r *http.Request) error {
IPAddress = r.RemoteAddr IPAddress = r.RemoteAddr
} }
if strings.Contains(IPAddress, ":") {
IPAddress = strings.Split(IPAddress, ":")[0]
}
// check if IP is allowed // check if IP is allowed
if !util.Contains(config.Keys.ApiAllowedIPs, IPAddress) { if !util.Contains(config.Keys.ApiAllowedIPs, IPAddress) {
return fmt.Errorf("unknown ip: %v", IPAddress) return fmt.Errorf("unknown ip: %v", IPAddress)
@ -223,7 +225,7 @@ func securedCheck(r *http.Request) error {
// getJobs godoc // getJobs godoc
// @summary Lists all jobs // @summary Lists all jobs
// @tags query // @tags Job query
// @description Get a list of all jobs. Filters can be applied using query parameters. // @description Get a list of all jobs. Filters can be applied using query parameters.
// @description Number of results can be limited by page. Results are sorted by descending startTime. // @description Number of results can be limited by page. Results are sorted by descending startTime.
// @produce json // @produce json
@ -369,7 +371,7 @@ func (api *RestApi) getJobs(rw http.ResponseWriter, r *http.Request) {
// getJobById godoc // getJobById godoc
// @summary Get complete job meta and metric data // @summary Get complete job meta and metric data
// @tags query // @tags Job query
// @description Job to get is specified by database ID // @description Job to get is specified by database ID
// @description Returns full job resource information according to 'JobMeta' scheme and all metrics according to 'JobData'. // @description Returns full job resource information according to 'JobMeta' scheme and all metrics according to 'JobData'.
// @accept json // @accept json
@ -464,7 +466,7 @@ func (api *RestApi) getJobById(rw http.ResponseWriter, r *http.Request) {
// tagJob godoc // tagJob godoc
// @summary Adds one or more tags to a job // @summary Adds one or more tags to a job
// @tags add and modify // @tags Job add and modify
// @description Adds tag(s) to a job specified by DB ID. Name and Type of Tag(s) can be chosen freely. // @description Adds tag(s) to a job specified by DB ID. Name and Type of Tag(s) can be chosen freely.
// @description If tagged job is already finished: Tag will be written directly to respective archive files. // @description If tagged job is already finished: Tag will be written directly to respective archive files.
// @accept json // @accept json
@ -531,7 +533,7 @@ func (api *RestApi) tagJob(rw http.ResponseWriter, r *http.Request) {
// startJob godoc // startJob godoc
// @summary Adds a new job as "running" // @summary Adds a new job as "running"
// @tags add and modify // @tags Job add and modify
// @description Job specified in request body will be saved to database as "running" with new DB ID. // @description Job specified in request body will be saved to database as "running" with new DB ID.
// @description Job specifications follow the 'JobMeta' scheme, API will fail to execute if requirements are not met. // @description Job specifications follow the 'JobMeta' scheme, API will fail to execute if requirements are not met.
// @accept json // @accept json
@ -612,7 +614,7 @@ func (api *RestApi) startJob(rw http.ResponseWriter, r *http.Request) {
// stopJobById godoc // stopJobById godoc
// @summary Marks job as completed and triggers archiving // @summary Marks job as completed and triggers archiving
// @tags add and modify // @tags Job add and modify
// @description Job to stop is specified by database ID. Only stopTime and final state are required in request body. // @description Job to stop is specified by database ID. Only stopTime and final state are required in request body.
// @description Returns full job resource information according to 'JobMeta' scheme. // @description Returns full job resource information according to 'JobMeta' scheme.
// @accept json // @accept json
@ -669,7 +671,7 @@ func (api *RestApi) stopJobById(rw http.ResponseWriter, r *http.Request) {
// stopJobByRequest godoc // stopJobByRequest godoc
// @summary Marks job as completed and triggers archiving // @summary Marks job as completed and triggers archiving
// @tags add and modify // @tags Job add and modify
// @description Job to stop is specified by request body. All fields are required in this case. // @description Job to stop is specified by request body. All fields are required in this case.
// @description Returns full job resource information according to 'JobMeta' scheme. // @description Returns full job resource information according to 'JobMeta' scheme.
// @produce json // @produce json
@ -718,7 +720,7 @@ func (api *RestApi) stopJobByRequest(rw http.ResponseWriter, r *http.Request) {
// deleteJobById godoc // deleteJobById godoc
// @summary Remove a job from the sql database // @summary Remove a job from the sql database
// @tags remove // @tags Job remove
// @description Job to remove is specified by database ID. This will not remove the job from the job archive. // @description Job to remove is specified by database ID. This will not remove the job from the job archive.
// @produce json // @produce json
// @param id path int true "Database ID of Job" // @param id path int true "Database ID of Job"
@ -765,7 +767,7 @@ func (api *RestApi) deleteJobById(rw http.ResponseWriter, r *http.Request) {
// deleteJobByRequest godoc // deleteJobByRequest godoc
// @summary Remove a job from the sql database // @summary Remove a job from the sql database
// @tags remove // @tags Job remove
// @description Job to delete is specified by request body. All fields are required in this case. // @description Job to delete is specified by request body. All fields are required in this case.
// @accept json // @accept json
// @produce json // @produce json
@ -823,7 +825,7 @@ func (api *RestApi) deleteJobByRequest(rw http.ResponseWriter, r *http.Request)
// deleteJobBefore godoc // deleteJobBefore godoc
// @summary Remove a job from the sql database // @summary Remove a job from the sql database
// @tags remove // @tags Job remove
// @description Remove all jobs with start time before timestamp. The jobs will not be removed from the job archive. // @description Remove all jobs with start time before timestamp. The jobs will not be removed from the job archive.
// @produce json // @produce json
// @param ts path int true "Unix epoch timestamp" // @param ts path int true "Unix epoch timestamp"
@ -955,8 +957,9 @@ func (api *RestApi) getJobMetrics(rw http.ResponseWriter, r *http.Request) {
// createUser godoc // createUser godoc
// @summary Adds a new user // @summary Adds a new user
// @tags add and modify // @tags User
// @description User specified in form data will be saved to database. // @description User specified in form data will be saved to database.
// @description Only accessible from IPs registered with apiAllowedIPs configuration option.
// @accept mpfd // @accept mpfd
// @produce plain // @produce plain
// @param username formData string true "Unique user ID" // @param username formData string true "Unique user ID"
@ -1022,8 +1025,9 @@ func (api *RestApi) createUser(rw http.ResponseWriter, r *http.Request) {
// deleteUser godoc // deleteUser godoc
// @summary Deletes a user // @summary Deletes a user
// @tags remove // @tags User
// @description User defined by username in form data will be deleted from database. // @description User defined by username in form data will be deleted from database.
// @description Only accessible from IPs registered with apiAllowedIPs configuration option.
// @accept mpfd // @accept mpfd
// @produce plain // @produce plain
// @param username formData string true "User ID to delete" // @param username formData string true "User ID to delete"
@ -1058,9 +1062,10 @@ func (api *RestApi) deleteUser(rw http.ResponseWriter, r *http.Request) {
// getUsers godoc // getUsers godoc
// @summary Returns a list of users // @summary Returns a list of users
// @tags query // @tags User
// @description Returns a JSON-encoded list of users. // @description Returns a JSON-encoded list of users.
// @description Required query-parameter defines if all users or only users with additional special roles are returned. // @description Required query-parameter defines if all users or only users with additional special roles are returned.
// @description Only accessible from IPs registered with apiAllowedIPs configuration option.
// @produce json // @produce json
// @param not-just-user query bool true "If returned list should contain all users or only users with additional special roles" // @param not-just-user query bool true "If returned list should contain all users or only users with additional special roles"
// @success 200 {array} api.ApiReturnedUser "List of users returned successfully" // @success 200 {array} api.ApiReturnedUser "List of users returned successfully"
@ -1093,9 +1098,10 @@ func (api *RestApi) getUsers(rw http.ResponseWriter, r *http.Request) {
// updateUser godoc // updateUser godoc
// @summary Updates an existing user // @summary Updates an existing user
// @tags add and modify // @tags User
// @description Modifies user defined by username (id) in one of four possible ways. // @description Modifies user defined by username (id) in one of four possible ways.
// @description If more than one formValue is set then only the highest priority field is used. // @description If more than one formValue is set then only the highest priority field is used.
// @description Only accessible from IPs registered with apiAllowedIPs configuration option.
// @accept mpfd // @accept mpfd
// @produce plain // @produce plain
// @param id path string true "Database ID of User" // @param id path string true "Database ID of User"

4
pkg/schema/config.go
View File

@ -15,7 +15,7 @@ type LdapConfig struct {
SearchDN string `json:"search_dn"` SearchDN string `json:"search_dn"`
UserBind string `json:"user_bind"` UserBind string `json:"user_bind"`
UserFilter string `json:"user_filter"` UserFilter string `json:"user_filter"`
UserAttr string `json:"username_attr"` UserAttr string `json:"username_attr"`
SyncInterval string `json:"sync_interval"` // Parsed using time.ParseDuration. SyncInterval string `json:"sync_interval"` // Parsed using time.ParseDuration.
SyncDelOldUsers bool `json:"sync_del_old_users"` SyncDelOldUsers bool `json:"sync_del_old_users"`
@ -76,7 +76,7 @@ type ProgramConfig struct {
// Address where the http (or https) server will listen on (for example: 'localhost:80'). // Address where the http (or https) server will listen on (for example: 'localhost:80').
Addr string `json:"addr"` Addr string `json:"addr"`
// Addresses from which the /api/secured/* API endpoints can be reached // Addresses from which secured API endpoints can be reached
ApiAllowedIPs []string `json:"apiAllowedIPs"` ApiAllowedIPs []string `json:"apiAllowedIPs"`
// Drop root permissions once .env was read and the port was taken. // Drop root permissions once .env was read and the port was taken.