github.com/cilium/cilium@v1.16.2/pkg/api/apidisable.go

github.com/cilium/cilium@v1.16.2/pkg/api/apidisable.go (about)

     1  // SPDX-License-Identifier: Apache-2.0
     2  // Copyright Authors of Cilium
     3  
     4  package api
     5  
     6  import (
     7  	"net/http"
     8  
     9  	"github.com/go-openapi/runtime/middleware"
    10  	"github.com/sirupsen/logrus"
    11  
    12  	"github.com/cilium/cilium/pkg/logging/logfields"
    13  )
    14  
    15  type AdminDisableHandler struct {
    16  	name string
    17  }
    18  
    19  func NewAdminDisableHandler(name string) *AdminDisableHandler {
    20  	return &AdminDisableHandler{
    21  		name: name,
    22  	}
    23  }
    24  
    25  func (a *AdminDisableHandler) ServeHTTP(wr http.ResponseWriter, req *http.Request) {
    26  	wr.WriteHeader(http.StatusForbidden)
    27  	log.WithFields(logrus.Fields{
    28  		logfields.Endpoint: a.name,
    29  	}).Info("Denied API request on administratively disabled API endpoint")
    30  	_, _ = wr.Write([]byte("This API is administratively disabled. Contact your administrator for more details."))
    31  }
    32  
    33  // DisableAPIs configures the API middleware for all of the paths in the
    34  // provided PathSet such that those APIs will be administratively disabled at
    35  // runtime.
    36  func DisableAPIs(paths PathSet, addMiddleware func(method, path string, builder middleware.Builder)) {
    37  	for k, pm := range paths {
    38  		addMiddleware(pm.Method, pm.Path, func(_ http.Handler) http.Handler {
    39  			return NewAdminDisableHandler(k)
    40  		})
    41  	}
    42  }