github.com/masterhung0112/hk_server/v5@v5.0.0-20220302090640-ec71aef15e1c/api4/elasticsearch.go (about)

     1  // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
     2  // See LICENSE.txt for license information.
     3  
     4  package api4
     5  
     6  import (
     7  	"net/http"
     8  
     9  	"github.com/masterhung0112/hk_server/v5/audit"
    10  	"github.com/masterhung0112/hk_server/v5/model"
    11  )
    12  
    13  func (api *API) InitElasticsearch() {
    14  	api.BaseRoutes.Elasticsearch.Handle("/test", api.ApiSessionRequired(testElasticsearch)).Methods("POST")
    15  	api.BaseRoutes.Elasticsearch.Handle("/purge_indexes", api.ApiSessionRequired(purgeElasticsearchIndexes)).Methods("POST")
    16  }
    17  
    18  func testElasticsearch(c *Context, w http.ResponseWriter, r *http.Request) {
    19  	cfg := model.ConfigFromJson(r.Body)
    20  	if cfg == nil {
    21  		cfg = c.App.Config()
    22  	}
    23  
    24  	// PERMISSION_TEST_ELASTICSEARCH is an ancillary permission of PERMISSION_SYSCONSOLE_WRITE_ENVIRONMENT_ELASTICSEARCH,
    25  	// which should prevent read-only managers from password sniffing
    26  	if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_TEST_ELASTICSEARCH) {
    27  		c.SetPermissionError(model.PERMISSION_TEST_ELASTICSEARCH)
    28  		return
    29  	}
    30  
    31  	if *c.App.Config().ExperimentalSettings.RestrictSystemAdmin {
    32  		c.Err = model.NewAppError("testElasticsearch", "api.restricted_system_admin", nil, "", http.StatusForbidden)
    33  		return
    34  	}
    35  
    36  	if err := c.App.TestElasticsearch(cfg); err != nil {
    37  		c.Err = err
    38  		return
    39  	}
    40  
    41  	ReturnStatusOK(w)
    42  }
    43  
    44  func purgeElasticsearchIndexes(c *Context, w http.ResponseWriter, r *http.Request) {
    45  	auditRec := c.MakeAuditRecord("purgeElasticsearchIndexes", audit.Fail)
    46  	defer c.LogAuditRec(auditRec)
    47  
    48  	if !c.App.SessionHasPermissionTo(*c.AppContext.Session(), model.PERMISSION_PURGE_ELASTICSEARCH_INDEXES) {
    49  		c.SetPermissionError(model.PERMISSION_PURGE_ELASTICSEARCH_INDEXES)
    50  		return
    51  	}
    52  
    53  	if *c.App.Config().ExperimentalSettings.RestrictSystemAdmin {
    54  		c.Err = model.NewAppError("purgeElasticsearchIndexes", "api.restricted_system_admin", nil, "", http.StatusForbidden)
    55  		return
    56  	}
    57  
    58  	if err := c.App.PurgeElasticsearchIndexes(); err != nil {
    59  		c.Err = err
    60  		return
    61  	}
    62  
    63  	auditRec.Success()
    64  
    65  	ReturnStatusOK(w)
    66  }