2018-06-11 13:13:19 +00:00
package endpointgroups
import (
"net/http"
2019-10-07 02:42:01 +00:00
"reflect"
2018-06-11 13:13:19 +00:00
2018-09-10 10:01:38 +00:00
httperror "github.com/portainer/libhttp/error"
"github.com/portainer/libhttp/request"
"github.com/portainer/libhttp/response"
2021-02-23 03:21:39 +00:00
portainer "github.com/portainer/portainer/api"
2020-07-07 21:57:52 +00:00
"github.com/portainer/portainer/api/bolt/errors"
2020-06-16 07:58:16 +00:00
"github.com/portainer/portainer/api/internal/tag"
2018-06-11 13:13:19 +00:00
)
type endpointGroupUpdatePayload struct {
2021-02-23 03:21:39 +00:00
// Endpoint group name
Name string ` example:"my-endpoint-group" `
// Endpoint group description
Description string ` example:"description" `
// List of tag identifiers associated to the endpoint group
TagIDs [ ] portainer . TagID ` example:"3,4" `
2019-07-20 23:28:11 +00:00
UserAccessPolicies portainer . UserAccessPolicies
TeamAccessPolicies portainer . TeamAccessPolicies
2018-06-11 13:13:19 +00:00
}
func ( payload * endpointGroupUpdatePayload ) Validate ( r * http . Request ) error {
return nil
}
2021-02-23 03:21:39 +00:00
// @id EndpointGroupUpdate
// @summary Update an endpoint group
// @description Update an endpoint group.
// @description **Access policy**: administrator
// @tags endpoint_groups
// @security jwt
// @accept json
// @produce json
// @param id path int true "EndpointGroup identifier"
// @param body body endpointGroupUpdatePayload true "EndpointGroup details"
// @success 200 {object} portainer.EndpointGroup "Success"
// @failure 400 "Invalid request"
// @failure 404 "EndpointGroup not found"
// @failure 500 "Server error"
2021-09-13 03:42:53 +00:00
// @router /endpoint_groups/{id} [put]
2018-06-11 13:13:19 +00:00
func ( handler * Handler ) endpointGroupUpdate ( w http . ResponseWriter , r * http . Request ) * httperror . HandlerError {
endpointGroupID , err := request . RetrieveNumericRouteVariableValue ( r , "id" )
if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusBadRequest , "Invalid environment group identifier route variable" , err }
2018-06-11 13:13:19 +00:00
}
var payload endpointGroupUpdatePayload
err = request . DecodeAndValidateJSONPayload ( r , & payload )
if err != nil {
return & httperror . HandlerError { http . StatusBadRequest , "Invalid request payload" , err }
}
2020-05-20 05:23:15 +00:00
endpointGroup , err := handler . DataStore . EndpointGroup ( ) . EndpointGroup ( portainer . EndpointGroupID ( endpointGroupID ) )
2020-07-07 21:57:52 +00:00
if err == errors . ErrObjectNotFound {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusNotFound , "Unable to find an environment group with the specified identifier inside the database" , err }
2018-06-11 13:13:19 +00:00
} else if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find an environment group with the specified identifier inside the database" , err }
2018-06-11 13:13:19 +00:00
}
if payload . Name != "" {
endpointGroup . Name = payload . Name
}
if payload . Description != "" {
endpointGroup . Description = payload . Description
}
2020-05-14 02:14:28 +00:00
tagsChanged := false
2020-03-29 09:54:14 +00:00
if payload . TagIDs != nil {
2020-06-16 07:58:16 +00:00
payloadTagSet := tag . Set ( payload . TagIDs )
endpointGroupTagSet := tag . Set ( ( endpointGroup . TagIDs ) )
union := tag . Union ( payloadTagSet , endpointGroupTagSet )
intersection := tag . Intersection ( payloadTagSet , endpointGroupTagSet )
2020-05-14 02:14:28 +00:00
tagsChanged = len ( union ) > len ( intersection )
if tagsChanged {
2020-06-16 07:58:16 +00:00
removeTags := tag . Difference ( endpointGroupTagSet , payloadTagSet )
2020-05-14 02:14:28 +00:00
for tagID := range removeTags {
2020-05-20 05:23:15 +00:00
tag , err := handler . DataStore . Tag ( ) . Tag ( tagID )
2020-05-14 02:14:28 +00:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find a tag inside the database" , err }
}
delete ( tag . EndpointGroups , endpointGroup . ID )
2020-05-20 05:23:15 +00:00
err = handler . DataStore . Tag ( ) . UpdateTag ( tag . ID , tag )
2020-05-14 02:14:28 +00:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist tag changes inside the database" , err }
}
}
endpointGroup . TagIDs = payload . TagIDs
for _ , tagID := range payload . TagIDs {
2020-05-20 05:23:15 +00:00
tag , err := handler . DataStore . Tag ( ) . Tag ( tagID )
2020-05-14 02:14:28 +00:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find a tag inside the database" , err }
}
tag . EndpointGroups [ endpointGroup . ID ] = true
2020-05-20 05:23:15 +00:00
err = handler . DataStore . Tag ( ) . UpdateTag ( tag . ID , tag )
2020-05-14 02:14:28 +00:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist tag changes inside the database" , err }
}
}
}
2018-06-15 07:18:25 +00:00
}
2018-06-11 13:13:19 +00:00
2021-06-16 08:15:29 +00:00
updateAuthorizations := false
2019-10-07 02:42:01 +00:00
if payload . UserAccessPolicies != nil && ! reflect . DeepEqual ( payload . UserAccessPolicies , endpointGroup . UserAccessPolicies ) {
2019-05-24 06:04:58 +00:00
endpointGroup . UserAccessPolicies = payload . UserAccessPolicies
2021-06-16 08:15:29 +00:00
updateAuthorizations = true
2019-05-24 06:04:58 +00:00
}
2019-10-07 02:42:01 +00:00
if payload . TeamAccessPolicies != nil && ! reflect . DeepEqual ( payload . TeamAccessPolicies , endpointGroup . TeamAccessPolicies ) {
2019-05-24 06:04:58 +00:00
endpointGroup . TeamAccessPolicies = payload . TeamAccessPolicies
2021-06-16 08:15:29 +00:00
updateAuthorizations = true
}
if updateAuthorizations {
endpoints , err := handler . DataStore . Endpoint ( ) . Endpoints ( )
if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to retrieve environments from the database" , err }
2021-06-16 08:15:29 +00:00
}
for _ , endpoint := range endpoints {
if endpoint . GroupID == endpointGroup . ID {
if endpoint . Type == portainer . KubernetesLocalEnvironment || endpoint . Type == portainer . AgentOnKubernetesEnvironment || endpoint . Type == portainer . EdgeAgentOnKubernetesEnvironment {
err = handler . AuthorizationService . CleanNAPWithOverridePolicies ( & endpoint , endpointGroup )
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to update user authorizations" , err }
}
}
}
}
2018-06-11 13:13:19 +00:00
}
2020-05-20 05:23:15 +00:00
err = handler . DataStore . EndpointGroup ( ) . UpdateEndpointGroup ( endpointGroup . ID , endpointGroup )
2018-06-11 13:13:19 +00:00
if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist environment group changes inside the database" , err }
2018-06-11 13:13:19 +00:00
}
2020-05-14 02:14:28 +00:00
if tagsChanged {
2020-05-20 05:23:15 +00:00
endpoints , err := handler . DataStore . Endpoint ( ) . Endpoints ( )
2020-05-14 02:14:28 +00:00
if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to retrieve environments from the database" , err }
2020-05-14 02:14:28 +00:00
}
for _ , endpoint := range endpoints {
if endpoint . GroupID == endpointGroup . ID {
err = handler . updateEndpointRelations ( & endpoint , endpointGroup )
if err != nil {
2021-09-08 08:42:17 +00:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist environment relations changes inside the database" , err }
2020-05-14 02:14:28 +00:00
}
}
}
}
2018-06-11 13:13:19 +00:00
return response . JSON ( w , endpointGroup )
}