prosody-modules: mod_http_admin_api/mod_http_admin

4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	1	local usermanager = require "core.usermanager";
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	2
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	3	local json = require "util.json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	4
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	5	module:depends("http");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	6
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	7	local invites = module:depends("invites");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	8	local tokens = module:depends("tokenauth");
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	9	local mod_pep = module:depends("pep");
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	10
4356 f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	11	local group_memberships = module:open_store("groups", "map");
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	12
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	13	local json_content_type = "application/json";
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	14
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	15	local www_authenticate_header = ("Bearer realm=%q"):format(module.host.."/"..module.name);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	16
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	17	local function check_credentials(request)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	18	local auth_type, auth_data = string.match(request.headers.authorization or "", "^(%S+)%s(.+)$");
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	19	if not (auth_type and auth_data) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	20	return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	21	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	22
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	23	if auth_type == "Bearer" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	24	local token_info = tokens.get_token_info(auth_data);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	25	if not token_info or not token_info.session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	26	return false;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	27	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	28	return token_info.session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	29	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	30	return nil;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	31	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	32
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	33	function check_auth(routes)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	34	local function check_request_auth(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	35	local session = check_credentials(event.request);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	36	if not session then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	37	event.response.headers.authorization = www_authenticate_header;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	38	return false, 401;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	39	elseif session.auth_scope ~= "prosody:scope:admin" then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	40	return false, 403;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	41	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	42	event.session = session;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	43	return true;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	44	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	45
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	46	for route, handler in pairs(routes) do
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	47	routes[route] = function (event, ...)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	48	local permit, code = check_request_auth(event);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	49	if not permit then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	50	return code;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	51	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	52	return handler(event, ...);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	53	end;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	54	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	55	return routes;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	56	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	57
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	58	local function token_info_to_invite_info(token_info)
4353 5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	59	local additional_data = token_info.additional_data;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	60	local groups = additional_data and additional_data.groups or nil;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	61	local source = additional_data and additional_data.source or nil;
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	62	return {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	63	id = token_info.token;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	64	type = token_info.type;
4353 5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	65	reusable = token_info.reusable;
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	66	inviter = token_info.inviter;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	67	jid = token_info.jid;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	68	landing_page = token_info.landing_page;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	69	created_at = token_info.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	70	expires = token_info.expires;
4353 5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	71	groups = groups;
5ca36c36ab05 mod_http_admin_api: Expose new invite properties: groups, source and reusable Matthew Wild <mwild1@gmail.com> parents: 4349 diff changeset	72	source = source;
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	73	};
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	74	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	75
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	76	function list_invites(event)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	77	local invites_list = {};
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	78	for token, invite in invites.pending_account_invites() do --luacheck: ignore 213/token
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	79	table.insert(invites_list, token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	80	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	81	table.sort(invites_list, function (a, b)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	82	return a.created_at < b.created_at;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	83	end);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	84
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	85	event.response.headers["Content-Type"] = json_content_type;
4354 270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array Matthew Wild <mwild1@gmail.com> parents: 4353 diff changeset	86	return json.encode_array(invites_list);
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	87	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	88
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	89	function get_invite_by_id(event, invite_id)
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	90	local invite = invites.get_account_invite_info(invite_id);
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	91	if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	92	return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	93	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	94
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	95	event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	96	return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	97	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	98
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	99	function create_invite(event)
4355 c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	100	local invite_options;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	101
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	102	local request = event.request;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	103	if request.body and #request.body > 0 then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	104	if request.headers.content_type ~= json_content_type then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	105	module:log("warn", "Invalid content type");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	106	return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	107	end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	108	invite_options = json.decode(event.request.body);
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	109	if not invite_options then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	110	module:log("warn", "Invalid JSON");
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	111	return 400;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	112	end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	113	end
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	114
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	115	local invite;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	116	if invite_options and invite_options.reusable then
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	117	invite = invites.create_group(invite_options.group, invite_options.ttl, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	118	source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	119	});
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	120	else
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	121	invite = invites.create_account(nil, {
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	122	source = "admin_api/"..event.session.username;
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	123	groups = { invite_options.group };
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	124	});
c0b1b2a61e3c mod_http_admin_api: Add support for creating reusable/group/custom-ttl invites Matthew Wild <mwild1@gmail.com> parents: 4354 diff changeset	125	end
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	126	if not invite then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	127	return 500;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	128	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	129
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	130	event.response.headers["Content-Type"] = json_content_type;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	131	return json.encode(token_info_to_invite_info(invite));
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	132	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	133
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	134	function delete_invite(event, invite_id) --luacheck: ignore 212/event
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	135	if not invites.delete_account_invite(invite_id) then
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	136	return 404;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	137	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	138	return 200;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	139	end
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	140
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	141	local function get_user_info(username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	142	if not usermanager.user_exists(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	143	return nil;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	144	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	145	local display_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	146	do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	147	local pep_service = mod_pep.get_pep_service(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	148	local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	149	if ok and nick_item then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	150	display_name = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	151	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	152	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	153
4356 f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	154	local groups;
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	155	do
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	156	local group_set = group_memberships:get_all(username);
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	157	if group_set and next(group_set) then
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	158	groups = {};
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	159	for group_id in pairs(group_set) do
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	160	table.insert(groups, group_id);
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	161	end
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	162	end
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	163	end
f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	164
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	165	return {
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	166	username = username;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	167	display_name = display_name;
4356 f6da234b21b8 mod_http_admin_api: Add groups property to users Matthew Wild <mwild1@gmail.com> parents: 4355 diff changeset	168	groups = groups;
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	169	};
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	170	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	171
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	172	function list_users(event)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	173	local user_list = {};
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	174	for username in usermanager.users(module.host) do
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	175	table.insert(user_list, get_user_info(username));
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	176	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	177
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	178	event.response.headers["Content-Type"] = json_content_type;
4354 270025e76bf8 mod_http_admin_api: Use json.encode_array() when returning an array Matthew Wild <mwild1@gmail.com> parents: 4353 diff changeset	179	return json.encode_array(user_list);
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	180	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	181
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	182	function get_user_by_name(event, username)
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	183	local user_info = get_user_info(username);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	184	if not user_info then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	185	return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	186	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	187
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	188	event.response.headers["Content-Type"] = json_content_type;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	189	return json.encode(user_info);
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	190	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	191
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	192	function delete_user(event, username) --luacheck: ignore 212/event
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	193	if not usermanager.delete_user(username, module.host) then
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	194	return 404;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	195	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	196	return 200;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	197	end
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	198
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	199	module:provides("http", {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	200	route = check_auth {
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	201	["GET /invites"] = list_invites;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	202	["GET /invites/*"] = get_invite_by_id;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	203	["PUT /invites"] = create_invite;
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	204	["DELETE /invites/*"] = delete_invite;
4349 1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	205
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	206	["GET /users"] = list_users;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	207	["GET /users/*"] = get_user_by_name;
1bb08e9ffa82 mod_http_admin_api: Add methods for managing users Matthew Wild <mwild1@gmail.com> parents: 4347 diff changeset	208	["DELETE /users/*"] = delete_user;
4347 ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	209	};
ee313922b8d1 mod_http_admin_api: HTTP API for managing users and invites Matthew Wild <mwild1@gmail.com> parents: diff changeset	210	});

author	Matthew Wild <mwild1@gmail.com>
	Sun, 17 Jan 2021 17:51:23 +0000
changeset 4356	f6da234b21b8
parent 4355	c0b1b2a61e3c
child 4357	535d80be110d
permissions	-rw-r--r--