github.com/mad-app/mattermost-server@v5.11.1+incompatible/api4/plugin.go (about)

     1  // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  // EXPERIMENTAL - SUBJECT TO CHANGE
     5  
     6  package api4
     7  
     8  import (
     9  	"net/http"
    10  
    11  	"github.com/mattermost/mattermost-server/mlog"
    12  	"github.com/mattermost/mattermost-server/model"
    13  )
    14  
    15  const (
    16  	MAXIMUM_PLUGIN_FILE_SIZE = 50 * 1024 * 1024
    17  )
    18  
    19  func (api *API) InitPlugin() {
    20  	mlog.Debug("EXPERIMENTAL: Initializing plugin api")
    21  
    22  	api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(uploadPlugin)).Methods("POST")
    23  	api.BaseRoutes.Plugins.Handle("", api.ApiSessionRequired(getPlugins)).Methods("GET")
    24  	api.BaseRoutes.Plugin.Handle("", api.ApiSessionRequired(removePlugin)).Methods("DELETE")
    25  
    26  	api.BaseRoutes.Plugins.Handle("/statuses", api.ApiSessionRequired(getPluginStatuses)).Methods("GET")
    27  	api.BaseRoutes.Plugin.Handle("/enable", api.ApiSessionRequired(enablePlugin)).Methods("POST")
    28  	api.BaseRoutes.Plugin.Handle("/disable", api.ApiSessionRequired(disablePlugin)).Methods("POST")
    29  
    30  	api.BaseRoutes.Plugins.Handle("/webapp", api.ApiHandler(getWebappPlugins)).Methods("GET")
    31  }
    32  
    33  func uploadPlugin(c *Context, w http.ResponseWriter, r *http.Request) {
    34  	if !*c.App.Config().PluginSettings.Enable || !*c.App.Config().PluginSettings.EnableUploads {
    35  		c.Err = model.NewAppError("uploadPlugin", "app.plugin.upload_disabled.app_error", nil, "", http.StatusNotImplemented)
    36  		return
    37  	}
    38  
    39  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    40  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    41  		return
    42  	}
    43  
    44  	if err := r.ParseMultipartForm(MAXIMUM_PLUGIN_FILE_SIZE); err != nil {
    45  		http.Error(w, err.Error(), http.StatusBadRequest)
    46  		return
    47  	}
    48  
    49  	m := r.MultipartForm
    50  
    51  	pluginArray, ok := m.File["plugin"]
    52  	if !ok {
    53  		c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.no_file.app_error", nil, "", http.StatusBadRequest)
    54  		return
    55  	}
    56  
    57  	if len(pluginArray) <= 0 {
    58  		c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.array.app_error", nil, "", http.StatusBadRequest)
    59  		return
    60  	}
    61  
    62  	file, err := pluginArray[0].Open()
    63  	if err != nil {
    64  		c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.file.app_error", nil, "", http.StatusBadRequest)
    65  		return
    66  	}
    67  	defer file.Close()
    68  
    69  	force := false
    70  	if len(m.Value["force"]) > 0 && m.Value["force"][0] == "true" {
    71  		force = true
    72  	}
    73  	manifest, unpackErr := c.App.InstallPlugin(file, force)
    74  
    75  	if unpackErr != nil {
    76  		c.Err = unpackErr
    77  		return
    78  	}
    79  
    80  	w.WriteHeader(http.StatusCreated)
    81  	w.Write([]byte(manifest.ToJson()))
    82  }
    83  
    84  func getPlugins(c *Context, w http.ResponseWriter, r *http.Request) {
    85  	if !*c.App.Config().PluginSettings.Enable {
    86  		c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
    87  		return
    88  	}
    89  
    90  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
    91  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
    92  		return
    93  	}
    94  
    95  	response, err := c.App.GetPlugins()
    96  	if err != nil {
    97  		c.Err = err
    98  		return
    99  	}
   100  
   101  	w.Write([]byte(response.ToJson()))
   102  }
   103  
   104  func getPluginStatuses(c *Context, w http.ResponseWriter, r *http.Request) {
   105  	if !*c.App.Config().PluginSettings.Enable {
   106  		c.Err = model.NewAppError("getPluginStatuses", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
   107  		return
   108  	}
   109  
   110  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   111  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   112  		return
   113  	}
   114  
   115  	response, err := c.App.GetClusterPluginStatuses()
   116  	if err != nil {
   117  		c.Err = err
   118  		return
   119  	}
   120  
   121  	w.Write([]byte(response.ToJson()))
   122  }
   123  
   124  func removePlugin(c *Context, w http.ResponseWriter, r *http.Request) {
   125  	c.RequirePluginId()
   126  	if c.Err != nil {
   127  		return
   128  	}
   129  
   130  	if !*c.App.Config().PluginSettings.Enable {
   131  		c.Err = model.NewAppError("removePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
   132  		return
   133  	}
   134  
   135  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   136  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   137  		return
   138  	}
   139  
   140  	err := c.App.RemovePlugin(c.Params.PluginId)
   141  	if err != nil {
   142  		c.Err = err
   143  		return
   144  	}
   145  
   146  	ReturnStatusOK(w)
   147  }
   148  
   149  func getWebappPlugins(c *Context, w http.ResponseWriter, r *http.Request) {
   150  	if !*c.App.Config().PluginSettings.Enable {
   151  		c.Err = model.NewAppError("getWebappPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
   152  		return
   153  	}
   154  
   155  	manifests, err := c.App.GetActivePluginManifests()
   156  	if err != nil {
   157  		c.Err = err
   158  		return
   159  	}
   160  
   161  	clientManifests := []*model.Manifest{}
   162  	for _, m := range manifests {
   163  		if m.HasClient() {
   164  			clientManifests = append(clientManifests, m.ClientManifest())
   165  		}
   166  	}
   167  
   168  	w.Write([]byte(model.ManifestListToJson(clientManifests)))
   169  }
   170  
   171  func enablePlugin(c *Context, w http.ResponseWriter, r *http.Request) {
   172  	c.RequirePluginId()
   173  	if c.Err != nil {
   174  		return
   175  	}
   176  
   177  	if !*c.App.Config().PluginSettings.Enable {
   178  		c.Err = model.NewAppError("activatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
   179  		return
   180  	}
   181  
   182  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   183  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   184  		return
   185  	}
   186  
   187  	if err := c.App.EnablePlugin(c.Params.PluginId); err != nil {
   188  		c.Err = err
   189  		return
   190  	}
   191  
   192  	ReturnStatusOK(w)
   193  }
   194  
   195  func disablePlugin(c *Context, w http.ResponseWriter, r *http.Request) {
   196  	c.RequirePluginId()
   197  	if c.Err != nil {
   198  		return
   199  	}
   200  
   201  	if !*c.App.Config().PluginSettings.Enable {
   202  		c.Err = model.NewAppError("deactivatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented)
   203  		return
   204  	}
   205  
   206  	if !c.App.SessionHasPermissionTo(c.App.Session, model.PERMISSION_MANAGE_SYSTEM) {
   207  		c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM)
   208  		return
   209  	}
   210  
   211  	if err := c.App.DisablePlugin(c.Params.PluginId); err != nil {
   212  		c.Err = err
   213  		return
   214  	}
   215  
   216  	ReturnStatusOK(w)
   217  }