imterah/hermes
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 1 Packages Wiki Activity Actions

feature: Adds lookup API endpoint.

Browse source
This commit is contained in:
greysoh 2024-04-22 11:51:37 -04:00
parent 2ae917acd9
commit 9d3b5f82a0
Signed by: imterah
GPG key ID: 8FA7DD57BA6CEA37
7 changed files with 214 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

18
routes/NextNet API/Backend API/Lookup Backend.bru Normal file
View file

@ -0,0 +1,18 @@
meta {
name: Lookup Backend
type: http
seq: 3
}
post {
url: http://127.0.0.1:3000/api/v1/backends/remove
body: json
auth: none
}
body:json {
{
"token": "f1b89cc337073476289ade17ffbe7a6419b4bd52aa7ede26114bffd76fa263b5cb1bcaf389462e1d9e7acb7f4b6a7c28152a9cc9af83e3ec862f1892b1",
"id": "2"
}
}

18
routes/NextNet API/Forward API/Lookup Forward.bru Normal file
View file

@ -0,0 +1,18 @@
meta {
name: Lookup Forward
type: http
seq: 3
}
post {
url: http://127.0.0.1:3000/api/v1/forward/remove
body: json
auth: none
}
body:json {
{
"token": "f1b89cc337073476289ade17ffbe7a6419b4bd52aa7ede26114bffd76fa263b5cb1bcaf389462e1d9e7acb7f4b6a7c28152a9cc9af83e3ec862f1892b1",
"id": "2"
}
}

4
src/index.ts
View file

@ -9,9 +9,11 @@ import { route as getPermissions } from "./routes/getPermissions.js";
import { route as backendCreate } from "./routes/backends/create.js";
import { route as backendRemove } from "./routes/backends/remove.js";
import { route as backendLookup } from "./routes/backends/lookup.js";
import { route as forwardCreate } from "./routes/forward/create.js";
import { route as forwardRemove } from "./routes/forward/remove.js";
import { route as forwardLookup } from "./routes/forward/lookup.js";
import { route as userCreate } from "./routes/user/create.js";
import { route as userRemove } from "./routes/user/remove.js";
@ -46,9 +48,11 @@ getPermissions(fastify, prisma, sessionTokens, serverOptions);
backendCreate(fastify, prisma, sessionTokens, serverOptions);
backendRemove(fastify, prisma, sessionTokens, serverOptions);
backendLookup(fastify, prisma, sessionTokens, serverOptions);
forwardCreate(fastify, prisma, sessionTokens, serverOptions);
forwardRemove(fastify, prisma, sessionTokens, serverOptions);
forwardLookup(fastify, prisma, sessionTokens, serverOptions);
userCreate(fastify, prisma, sessionTokens, serverOptions);
userRemove(fastify, prisma, sessionTokens, serverOptions);

72
src/routes/backends/lookup.ts Normal file
View file

@ -0,0 +1,72 @@
import type { PrismaClient } from "@prisma/client";
import type { FastifyInstance } from "fastify";
import { ServerOptions, SessionToken } from "../../libs/types.js";
import { hasPermissionByToken } from "../../libs/permissions.js";
export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Record<number, SessionToken[]>, options: ServerOptions) {
function hasPermission(token: string, permissionList: string[]): Promise<boolean> {
return hasPermissionByToken(permissionList, token, tokens, prisma);
};
/**
* Creates a new route to use
*/
fastify.post("/api/v1/backends/lookup", {
schema: {
body: {
type: "object",
required: ["token"],
properties: {
token: { type: "string" },
id: { type: "number" },
name: { type: "string" },
description: { type: "string" },
backend: { type: "string" }
}
}
}
}, async(req, res) => {
// @ts-ignore
const body: {
token: string,
id?: number,
name?: string,
description?: string,
backend?: string
} = req.body;
if (!await hasPermission(body.token, [
"backends.visible" // wtf?
])) {
return res.status(403).send({
error: "Unauthorized"
});
};
const canSeeSecrets = await hasPermission(body.token, [
"backends.secretVis"
]);
const backends = await prisma.desinationProvider.findMany({
where: {
id: body.id,
name: body.name,
description: body.description,
backend: body.backend
}
});
return {
success: true,
data: backends.map((i) => ({
name: i.name,
description: i.description,
backend: i.backend,
connectionDetails: canSeeSecrets ? i.connectionDetails : ""
}))
}
});
}

6
src/routes/forward/create.ts
View file

@ -30,7 +30,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
destinationPort: { type: "number" },
providerID: { type: "number" },
enabled: { type: "boolean"}
autoStart: { type: "boolean" }
}
}
}
@ -49,7 +49,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
providerID: number,
enabled?: boolean
autoStart?: boolean
} = req.body;
if (!await hasPermission(body.token, [
@ -82,7 +82,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
destProviderID: body.providerID,
enabled: Boolean(body.enabled)
enabled: Boolean(body.autoStart)
}
});

96
src/routes/forward/lookup.ts Normal file
View file

@ -0,0 +1,96 @@
import type { PrismaClient } from "@prisma/client";
import type { FastifyInstance } from "fastify";
import { ServerOptions, SessionToken } from "../../libs/types.js";
import { hasPermissionByToken } from "../../libs/permissions.js";
export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Record<number, SessionToken[]>, options: ServerOptions) {
function hasPermission(token: string, permissionList: string[]): Promise<boolean> {
return hasPermissionByToken(permissionList, token, tokens, prisma);
};
/**
* Creates a new route to use
*/
fastify.post("/api/v1/forward/lookup", {
schema: {
body: {
type: "object",
required: ["token"],
properties: {
token: { type: "string" },
id: { type: "number" },
name: { type: "string" },
description: { type: "string" },
sourceIP: { type: "string" },
sourcePort: { type: "number" },
destPort: { type: "number" },
providerID: { type: "number" },
autoStart: { type: "boolean" }
}
}
}
}, async(req, res) => {
// @ts-ignore
const body: {
token: string,
id?: number,
name?: string,
description?: string,
sourceIP?: string,
sourcePort?: number,
destinationPort?: number,
providerID?: number,
autoStart?: boolean
} = req.body;
if (!await hasPermission(body.token, [
"routes.visible" // wtf?
])) {
return res.status(403).send({
error: "Unauthorized"
});
};
const forwardRules = await prisma.forwardRule.findMany({
where: {
id: body.id,
name: body.name,
description: body.description,
sourceIP: body.sourceIP,
sourcePort: body.sourcePort,
destPort: body.destinationPort,
destProviderID: body.providerID,
enabled: body.autoStart
}
});
return {
success: true,
data: forwardRules.map((i) => ({
id: i.id,
name: i.name,
description: i.description,
sourceIP: i.sourceIP,
sourcePort: i.sourcePort,
destPort: i.destPort,
providerID: i.destProviderID,
autoStart: i.enabled // TODO: Add enabled flag in here to see if we're running or not
}))
};
});
}

3
src/routes/user/lookup.ts
View file

@ -17,6 +17,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
properties: {
token: { type: "string" },
id: { type: "number" },
name: { type: "string" },
email: { type: "string" },
isServiceAccount: { type: "boolean" }
@ -27,6 +28,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
// @ts-ignore
const body: {
token: string,
id?: number,
name?: string,
email?: string,
isServiceAccount?: boolean
@ -42,6 +44,7 @@ export function route(fastify: FastifyInstance, prisma: PrismaClient, tokens: Re
const users = await prisma.user.findMany({
where: {
id: body.id,
name: body.name,
email: body.email,
isRootServiceAccount: body.isServiceAccount