github.com/keys-pub/mattermost-server@v4.10.10+incompatible/api4/plugin.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 // EXPERIMENTAL - SUBJECT TO CHANGE 5 6 package api4 7 8 import ( 9 "net/http" 10 11 "github.com/mattermost/mattermost-server/mlog" 12 "github.com/mattermost/mattermost-server/model" 13 ) 14 15 const ( 16 MAXIMUM_PLUGIN_FILE_SIZE = 50 * 1024 * 1024 17 ) 18 19 func (api *API) InitPlugin() { 20 mlog.Debug("EXPERIMENTAL: Initializing plugin api") 21 22 api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(uploadPlugin)).Methods("POST") 23 api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(getPlugins)).Methods("GET") 24 api.BaseRoutes.Plugin.Handle("", api.ApiSessionRequired(removePlugin)).Methods("DELETE") 25 26 api.BaseRoutes.Plugin.Handle("/activate", api.ApiSessionRequired(activatePlugin)).Methods("POST") 27 api.BaseRoutes.Plugin.Handle("/deactivate", api.ApiSessionRequired(deactivatePlugin)).Methods("POST") 28 29 api.BaseRoutes.Plugins.Handle("/webapp", api.ApiHandler(getWebappPlugins)).Methods("GET") 30 31 } 32 33 func uploadPlugin(c *Context, w http.ResponseWriter, r *http.Request) { 34 if !*c.App.Config().PluginSettings.Enable || !*c.App.Config().PluginSettings.EnableUploads { 35 c.Err = model.NewAppError("uploadPlugin", "app.plugin.upload_disabled.app_error", nil, "", http.StatusNotImplemented) 36 return 37 } 38 39 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { 40 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 41 return 42 } 43 44 if err := r.ParseMultipartForm(MAXIMUM_PLUGIN_FILE_SIZE); err != nil { 45 http.Error(w, err.Error(), http.StatusBadRequest) 46 return 47 } 48 49 m := r.MultipartForm 50 51 pluginArray, ok := m.File["plugin"] 52 if !ok { 53 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.no_file.app_error", nil, "", http.StatusBadRequest) 54 return 55 } 56 57 if len(pluginArray) <= 0 { 58 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.array.app_error", nil, "", http.StatusBadRequest) 59 return 60 } 61 62 file, err := pluginArray[0].Open() 63 if err != nil { 64 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.file.app_error", nil, "", http.StatusBadRequest) 65 return 66 } 67 defer file.Close() 68 69 manifest, unpackErr := c.App.InstallPlugin(file) 70 71 if unpackErr != nil { 72 c.Err = unpackErr 73 return 74 } 75 76 w.WriteHeader(http.StatusCreated) 77 w.Write([]byte(manifest.ToJson())) 78 } 79 80 func getPlugins(c *Context, w http.ResponseWriter, r *http.Request) { 81 if !*c.App.Config().PluginSettings.Enable { 82 c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 83 return 84 } 85 86 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { 87 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 88 return 89 } 90 91 response, err := c.App.GetPlugins() 92 if err != nil { 93 c.Err = err 94 return 95 } 96 97 w.Write([]byte(response.ToJson())) 98 } 99 100 func removePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 101 c.RequirePluginId() 102 if c.Err != nil { 103 return 104 } 105 106 if !*c.App.Config().PluginSettings.Enable { 107 c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 108 return 109 } 110 111 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { 112 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 113 return 114 } 115 116 err := c.App.RemovePlugin(c.Params.PluginId) 117 if err != nil { 118 c.Err = err 119 return 120 } 121 122 ReturnStatusOK(w) 123 } 124 125 func getWebappPlugins(c *Context, w http.ResponseWriter, r *http.Request) { 126 if !*c.App.Config().PluginSettings.Enable { 127 c.Err = model.NewAppError("getWebappPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 128 return 129 } 130 131 manifests, err := c.App.GetActivePluginManifests() 132 if err != nil { 133 c.Err = err 134 return 135 } 136 137 clientManifests := []*model.Manifest{} 138 for _, m := range manifests { 139 if m.HasClient() { 140 clientManifests = append(clientManifests, m.ClientManifest()) 141 } 142 } 143 144 w.Write([]byte(model.ManifestListToJson(clientManifests))) 145 } 146 147 func activatePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 148 c.RequirePluginId() 149 if c.Err != nil { 150 return 151 } 152 153 if !*c.App.Config().PluginSettings.Enable { 154 c.Err = model.NewAppError("activatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 155 return 156 } 157 158 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { 159 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 160 return 161 } 162 163 if err := c.App.EnablePlugin(c.Params.PluginId); err != nil { 164 c.Err = err 165 return 166 } 167 168 ReturnStatusOK(w) 169 } 170 171 func deactivatePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 172 c.RequirePluginId() 173 if c.Err != nil { 174 return 175 } 176 177 if !*c.App.Config().PluginSettings.Enable { 178 c.Err = model.NewAppError("deactivatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 179 return 180 } 181 182 if !c.App.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { 183 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 184 return 185 } 186 187 if err := c.App.DisablePlugin(c.Params.PluginId); err != nil { 188 c.Err = err 189 return 190 } 191 192 ReturnStatusOK(w) 193 }