2018-06-11 15:13:19 +02:00
package endpointgroups
import (
"net/http"
2019-10-07 15:42:01 +13:00
"reflect"
2018-06-11 15:13:19 +02:00
2018-09-10 12:01:38 +02:00
httperror "github.com/portainer/libhttp/error"
"github.com/portainer/libhttp/request"
"github.com/portainer/libhttp/response"
2021-02-23 05:21:39 +02:00
portainer "github.com/portainer/portainer/api"
2020-07-08 00:57:52 +03:00
"github.com/portainer/portainer/api/bolt/errors"
2020-06-16 10:58:16 +03:00
"github.com/portainer/portainer/api/internal/tag"
2018-06-11 15:13:19 +02:00
)
type endpointGroupUpdatePayload struct {
2021-02-23 05:21:39 +02:00
// Endpoint group name
Name string ` example:"my-endpoint-group" `
// Endpoint group description
Description string ` example:"description" `
// List of tag identifiers associated to the endpoint group
TagIDs [ ] portainer . TagID ` example:"3,4" `
2019-07-20 16:28:11 -07:00
UserAccessPolicies portainer . UserAccessPolicies
TeamAccessPolicies portainer . TeamAccessPolicies
2018-06-11 15:13:19 +02:00
}
func ( payload * endpointGroupUpdatePayload ) Validate ( r * http . Request ) error {
return nil
}
2021-02-23 05:21:39 +02:00
// @id EndpointGroupUpdate
// @summary Update an endpoint group
// @description Update an endpoint group.
// @description **Access policy**: administrator
// @tags endpoint_groups
// @security jwt
// @accept json
// @produce json
// @param id path int true "EndpointGroup identifier"
// @param body body endpointGroupUpdatePayload true "EndpointGroup details"
// @success 200 {object} portainer.EndpointGroup "Success"
// @failure 400 "Invalid request"
// @failure 404 "EndpointGroup not found"
// @failure 500 "Server error"
2021-09-13 15:42:53 +12:00
// @router /endpoint_groups/{id} [put]
2018-06-11 15:13:19 +02:00
func ( handler * Handler ) endpointGroupUpdate ( w http . ResponseWriter , r * http . Request ) * httperror . HandlerError {
endpointGroupID , err := request . RetrieveNumericRouteVariableValue ( r , "id" )
if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusBadRequest , "Invalid environment group identifier route variable" , err }
2018-06-11 15:13:19 +02:00
}
var payload endpointGroupUpdatePayload
err = request . DecodeAndValidateJSONPayload ( r , & payload )
if err != nil {
return & httperror . HandlerError { http . StatusBadRequest , "Invalid request payload" , err }
}
2020-05-20 17:23:15 +12:00
endpointGroup , err := handler . DataStore . EndpointGroup ( ) . EndpointGroup ( portainer . EndpointGroupID ( endpointGroupID ) )
2020-07-08 00:57:52 +03:00
if err == errors . ErrObjectNotFound {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusNotFound , "Unable to find an environment group with the specified identifier inside the database" , err }
2018-06-11 15:13:19 +02:00
} else if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find an environment group with the specified identifier inside the database" , err }
2018-06-11 15:13:19 +02:00
}
if payload . Name != "" {
endpointGroup . Name = payload . Name
}
if payload . Description != "" {
endpointGroup . Description = payload . Description
}
2020-05-14 05:14:28 +03:00
tagsChanged := false
2020-03-29 12:54:14 +03:00
if payload . TagIDs != nil {
2020-06-16 10:58:16 +03:00
payloadTagSet := tag . Set ( payload . TagIDs )
endpointGroupTagSet := tag . Set ( ( endpointGroup . TagIDs ) )
union := tag . Union ( payloadTagSet , endpointGroupTagSet )
intersection := tag . Intersection ( payloadTagSet , endpointGroupTagSet )
2020-05-14 05:14:28 +03:00
tagsChanged = len ( union ) > len ( intersection )
if tagsChanged {
2020-06-16 10:58:16 +03:00
removeTags := tag . Difference ( endpointGroupTagSet , payloadTagSet )
2020-05-14 05:14:28 +03:00
for tagID := range removeTags {
2020-05-20 17:23:15 +12:00
tag , err := handler . DataStore . Tag ( ) . Tag ( tagID )
2020-05-14 05:14:28 +03:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find a tag inside the database" , err }
}
delete ( tag . EndpointGroups , endpointGroup . ID )
2020-05-20 17:23:15 +12:00
err = handler . DataStore . Tag ( ) . UpdateTag ( tag . ID , tag )
2020-05-14 05:14:28 +03:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist tag changes inside the database" , err }
}
}
endpointGroup . TagIDs = payload . TagIDs
for _ , tagID := range payload . TagIDs {
2020-05-20 17:23:15 +12:00
tag , err := handler . DataStore . Tag ( ) . Tag ( tagID )
2020-05-14 05:14:28 +03:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to find a tag inside the database" , err }
}
tag . EndpointGroups [ endpointGroup . ID ] = true
2020-05-20 17:23:15 +12:00
err = handler . DataStore . Tag ( ) . UpdateTag ( tag . ID , tag )
2020-05-14 05:14:28 +03:00
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist tag changes inside the database" , err }
}
}
}
2018-06-15 09:18:25 +02:00
}
2018-06-11 15:13:19 +02:00
2021-06-16 20:15:29 +12:00
updateAuthorizations := false
2019-10-07 15:42:01 +13:00
if payload . UserAccessPolicies != nil && ! reflect . DeepEqual ( payload . UserAccessPolicies , endpointGroup . UserAccessPolicies ) {
2019-05-24 18:04:58 +12:00
endpointGroup . UserAccessPolicies = payload . UserAccessPolicies
2021-06-16 20:15:29 +12:00
updateAuthorizations = true
2019-05-24 18:04:58 +12:00
}
2019-10-07 15:42:01 +13:00
if payload . TeamAccessPolicies != nil && ! reflect . DeepEqual ( payload . TeamAccessPolicies , endpointGroup . TeamAccessPolicies ) {
2019-05-24 18:04:58 +12:00
endpointGroup . TeamAccessPolicies = payload . TeamAccessPolicies
2021-06-16 20:15:29 +12:00
updateAuthorizations = true
}
if updateAuthorizations {
endpoints , err := handler . DataStore . Endpoint ( ) . Endpoints ( )
if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to retrieve environments from the database" , err }
2021-06-16 20:15:29 +12:00
}
for _ , endpoint := range endpoints {
if endpoint . GroupID == endpointGroup . ID {
if endpoint . Type == portainer . KubernetesLocalEnvironment || endpoint . Type == portainer . AgentOnKubernetesEnvironment || endpoint . Type == portainer . EdgeAgentOnKubernetesEnvironment {
err = handler . AuthorizationService . CleanNAPWithOverridePolicies ( & endpoint , endpointGroup )
if err != nil {
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to update user authorizations" , err }
}
}
}
}
2018-06-11 15:13:19 +02:00
}
2020-05-20 17:23:15 +12:00
err = handler . DataStore . EndpointGroup ( ) . UpdateEndpointGroup ( endpointGroup . ID , endpointGroup )
2018-06-11 15:13:19 +02:00
if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist environment group changes inside the database" , err }
2018-06-11 15:13:19 +02:00
}
2020-05-14 05:14:28 +03:00
if tagsChanged {
2020-05-20 17:23:15 +12:00
endpoints , err := handler . DataStore . Endpoint ( ) . Endpoints ( )
2020-05-14 05:14:28 +03:00
if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to retrieve environments from the database" , err }
2020-05-14 05:14:28 +03:00
}
for _ , endpoint := range endpoints {
if endpoint . GroupID == endpointGroup . ID {
err = handler . updateEndpointRelations ( & endpoint , endpointGroup )
if err != nil {
2021-09-08 20:42:17 +12:00
return & httperror . HandlerError { http . StatusInternalServerError , "Unable to persist environment relations changes inside the database" , err }
2020-05-14 05:14:28 +03:00
}
}
}
}
2018-06-11 15:13:19 +02:00
return response . JSON ( w , endpointGroup )
}
