57 lines
1.7 KiB
Go
57 lines
1.7 KiB
Go
package server
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/http"
|
|
)
|
|
|
|
// GET /api/v1/admin/settings
|
|
// POST /api/v1/admin/settings {key,value}
|
|
func (s *Server) HandleAdminSettings(w http.ResponseWriter, r *http.Request) {
|
|
if s.store == nil {
|
|
writeJSON(w, http.StatusInternalServerError, `{"error":1,"message":"store not ready"}`)
|
|
return
|
|
}
|
|
if r.Method == http.MethodGet {
|
|
settings, err := s.store.ListSettings()
|
|
if err != nil {
|
|
writeJSON(w, http.StatusInternalServerError, `{"error":1,"message":"list settings failed"}`)
|
|
return
|
|
}
|
|
b, _ := json.Marshal(map[string]any{"error": 0, "settings": settings})
|
|
writeJSON(w, http.StatusOK, string(b))
|
|
return
|
|
}
|
|
if r.Method != http.MethodPost {
|
|
writeJSON(w, http.StatusMethodNotAllowed, `{"error":1,"message":"method not allowed"}`)
|
|
return
|
|
}
|
|
var req struct {
|
|
Key string `json:"key"`
|
|
Value string `json:"value"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&req); err != nil || req.Key == "" {
|
|
writeJSON(w, http.StatusBadRequest, `{"error":1,"message":"bad request"}`)
|
|
return
|
|
}
|
|
// allowlist
|
|
switch req.Key {
|
|
case "advanced_impersonate", "advanced_force_network", "advanced_cross_tenant":
|
|
default:
|
|
writeJSON(w, http.StatusBadRequest, `{"error":1,"message":"invalid key"}`)
|
|
return
|
|
}
|
|
if req.Value == "" {
|
|
req.Value = "0"
|
|
}
|
|
if err := s.store.SetSetting(req.Key, req.Value); err != nil {
|
|
writeJSON(w, http.StatusInternalServerError, `{"error":1,"message":"set failed"}`)
|
|
return
|
|
}
|
|
if ac := GetAccessContext(r); ac != nil {
|
|
_ = s.store.AddAuditLog(ac.Kind, fmt.Sprintf("%d", ac.UserID), "setting_change", "setting", req.Key, req.Value, r.RemoteAddr)
|
|
}
|
|
writeJSON(w, http.StatusOK, `{"error":0,"message":"ok"}`)
|
|
}
|