github.com/mad-app/mattermost-server@v5.11.1+incompatible/api4/plugin.go (about) 1 // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 // EXPERIMENTAL - SUBJECT TO CHANGE 5 6 package api4 7 8 import ( 9 "net/http" 10 11 "github.com/mattermost/mattermost-server/mlog" 12 "github.com/mattermost/mattermost-server/model" 13 ) 14 15 const ( 16 MAXIMUM_PLUGIN_FILE_SIZE = 50 * 1024 * 1024 17 ) 18 19 func (api *API) InitPlugin() { 20 mlog.Debug("EXPERIMENTAL: Initializing plugin api") 21 22 api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(uploadPlugin)).Methods("POST") 23 api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(getPlugins)).Methods("GET") 24 api.BaseRoutes.Plugin.Handle("", api.ApiSessionRequired(removePlugin)).Methods("DELETE") 25 26 api.BaseRoutes.Plugins.Handle("/statuses", api.ApiSessionRequired(getPluginStatuses)).Methods("GET") 27 api.BaseRoutes.Plugin.Handle("/enable", api.ApiSessionRequired(enablePlugin)).Methods("POST") 28 api.BaseRoutes.Plugin.Handle("/disable", api.ApiSessionRequired(disablePlugin)).Methods("POST") 29 30 api.BaseRoutes.Plugins.Handle("/webapp", api.ApiHandler(getWebappPlugins)).Methods("GET") 31 } 32 33 func uploadPlugin(c *Context, w http.ResponseWriter, r *http.Request) { 34 if !*c.App.Config().PluginSettings.Enable || !*c.App.Config().PluginSettings.EnableUploads { 35 c.Err = model.NewAppError("uploadPlugin", "app.plugin.upload_disabled.app_error", nil, "", http.StatusNotImplemented) 36 return 37 } 38 39 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 40 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 41 return 42 } 43 44 if err := r.ParseMultipartForm(MAXIMUM_PLUGIN_FILE_SIZE); err != nil { 45 http.Error(w, err.Error(), http.StatusBadRequest) 46 return 47 } 48 49 m := r.MultipartForm 50 51 pluginArray, ok := m.File["plugin"] 52 if !ok { 53 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.no_file.app_error", nil, "", http.StatusBadRequest) 54 return 55 } 56 57 if len(pluginArray) <= 0 { 58 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.array.app_error", nil, "", http.StatusBadRequest) 59 return 60 } 61 62 file, err := pluginArray[0].Open() 63 if err != nil { 64 c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.file.app_error", nil, "", http.StatusBadRequest) 65 return 66 } 67 defer file.Close() 68 69 force := false 70 if len(m.Value["force"]) > 0 && m.Value["force"][0] == "true" { 71 force = true 72 } 73 manifest, unpackErr := c.App.InstallPlugin(file, force) 74 75 if unpackErr != nil { 76 c.Err = unpackErr 77 return 78 } 79 80 w.WriteHeader(http.StatusCreated) 81 w.Write([]byte(manifest.ToJson())) 82 } 83 84 func getPlugins(c *Context, w http.ResponseWriter, r *http.Request) { 85 if !*c.App.Config().PluginSettings.Enable { 86 c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 87 return 88 } 89 90 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 91 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 92 return 93 } 94 95 response, err := c.App.GetPlugins() 96 if err != nil { 97 c.Err = err 98 return 99 } 100 101 w.Write([]byte(response.ToJson())) 102 } 103 104 func getPluginStatuses(c *Context, w http.ResponseWriter, r *http.Request) { 105 if !*c.App.Config().PluginSettings.Enable { 106 c.Err = model.NewAppError("getPluginStatuses", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 107 return 108 } 109 110 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 111 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 112 return 113 } 114 115 response, err := c.App.GetClusterPluginStatuses() 116 if err != nil { 117 c.Err = err 118 return 119 } 120 121 w.Write([]byte(response.ToJson())) 122 } 123 124 func removePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 125 c.RequirePluginId() 126 if c.Err != nil { 127 return 128 } 129 130 if !*c.App.Config().PluginSettings.Enable { 131 c.Err = model.NewAppError("removePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 132 return 133 } 134 135 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 136 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 137 return 138 } 139 140 err := c.App.RemovePlugin(c.Params.PluginId) 141 if err != nil { 142 c.Err = err 143 return 144 } 145 146 ReturnStatusOK(w) 147 } 148 149 func getWebappPlugins(c *Context, w http.ResponseWriter, r *http.Request) { 150 if !*c.App.Config().PluginSettings.Enable { 151 c.Err = model.NewAppError("getWebappPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 152 return 153 } 154 155 manifests, err := c.App.GetActivePluginManifests() 156 if err != nil { 157 c.Err = err 158 return 159 } 160 161 clientManifests := []*model.Manifest{} 162 for _, m := range manifests { 163 if m.HasClient() { 164 clientManifests = append(clientManifests, m.ClientManifest()) 165 } 166 } 167 168 w.Write([]byte(model.ManifestListToJson(clientManifests))) 169 } 170 171 func enablePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 172 c.RequirePluginId() 173 if c.Err != nil { 174 return 175 } 176 177 if !*c.App.Config().PluginSettings.Enable { 178 c.Err = model.NewAppError("activatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 179 return 180 } 181 182 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 183 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 184 return 185 } 186 187 if err := c.App.EnablePlugin(c.Params.PluginId); err != nil { 188 c.Err = err 189 return 190 } 191 192 ReturnStatusOK(w) 193 } 194 195 func disablePlugin(c *Context, w http.ResponseWriter, r *http.Request) { 196 c.RequirePluginId() 197 if c.Err != nil { 198 return 199 } 200 201 if !*c.App.Config().PluginSettings.Enable { 202 c.Err = model.NewAppError("deactivatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) 203 return 204 } 205 206 if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) { 207 c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) 208 return 209 } 210 211 if err := c.App.DisablePlugin(c.Params.PluginId); err != nil { 212 c.Err = err 213 return 214 } 215 216 ReturnStatusOK(w) 217 }