Skip to content

Allow server admins manage server notes #619

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
andrii-suse merged 1 commit into from
Aug 29, 2025
Merged

Allow server admins manage server notes #619

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion lib/MirrorCache/Schema/ResultSet/Server.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -413,12 +413,13 @@ sub find_with_stability {
my $sql;

$sql = <<'END_SQL';
select s.id, s.hostname, s.public_notes, shttp.rating as rating_http, shttps.rating as rating_https, sipv4.rating as rating_ipv4, sipv6.rating as rating_ipv6
select s.id, s.hostname, s.public_notes, shttp.rating as rating_http, shttps.rating as rating_https, sipv4.rating as rating_ipv4, sipv6.rating as rating_ipv6, sa.username as admin_username
from server s
left join server_stability shttp on s.id = shttp.server_id and shttp.capability = 'http'
left join server_stability shttps on s.id = shttps.server_id and shttps.capability = 'https'
left join server_stability sipv4 on s.id = sipv4.server_id and sipv4.capability = 'ipv4'
left join server_stability sipv6 on s.id = sipv6.server_id and sipv6.capability = 'ipv6'
left join server_admin sa on s.id = sa.server_id
where s.hostname = ?
END_SQL
my $prep = $dbh->prepare($sql);
Expand Down
6 changes: 3 additions & 3 deletions lib/MirrorCache/WebAPI.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,9 +201,6 @@ sub _setup_webui {
$rest_operator_r->delete('/server/:id')->to('table#destroy', table => 'Server');
$rest_operator_r->put('/server/location/:id')->name('rest_put_server_location')->to('server_location#update_location');
$rest_operator_r->put('/server/check_file')->name('rest_put_server_check_file')->to('server_check_file#start');
$rest_operator_r->post('/server/note/#hostname')->name('rest_put_server_note')->to('server_note#ins');
$rest_operator_r->get('/server/note/#hostname')->name('rest_get_server_note')->to('server_note#list');
$rest_operator_r->get('/server/contact/#hostname')->name('rest_get_server_contact')->to('server_note#list_contact');
$rest_operator_r->post('/sync_tree')->name('rest_post_sync_tree')->to('folder_jobs#sync_tree');

$rest_operator_r->post('/project')->to('table#create', table => 'Project');
Expand All @@ -221,6 +218,9 @@ sub _setup_webui {
$rest_usr_r->put('/myserver/location/:id')->name('rest_put_myserver_location')->to('myserver_location#update_location');
$rest_usr_r->post('/sync')->name('rest_post_sync')->to('folder_jobs#sync');
$rest_usr_r->post('/request_sync')->name('rest_post_request_sync')->to('folder_jobs#request_sync');
$rest_usr_r->post('/server/note/#hostname')->name('rest_put_server_note')->to('server_note#ins');
$rest_usr_r->get('/server/note/#hostname')->name('rest_get_server_note')->to('server_note#list');
$rest_usr_r->get('/server/contact/#hostname')->name('rest_get_server_contact')->to('server_note#list_contact');

$rest_r->get('/folder')->name('rest_folder')->to('table#list', table => 'Folder');
$rest_r->get('/repmirror')->name('rest_repmirror')->to('report_mirror#list');
Expand Down
6 changes: 5 additions & 1 deletion lib/MirrorCache/WebAPI/Controller/App/Server.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ sub show {
or return $self->reply->not_found;

my $admin_email = '';
if ($self->is_operator) {
my $current_username = $self->current_username;
my $is_owner = 0;
$is_owner = 1 if ($current_username && $current_username eq ($f->{admin_username} // '' ));
if ($self->is_operator || $self->is_admin || $is_owner) {
$admin_email = $self->schema->storage->dbh->selectrow_array("SELECT msg FROM server_note WHERE hostname = ? AND kind = 'Email' ORDER BY dt DESC LIMIT 1", undef, $hostname);
}
my $subsidiary;
Expand All @@ -83,6 +86,7 @@ sub show {
rating_https => $f->{rating_https},
rating_ipv4 => $f->{rating_ipv4},
rating_ipv6 => $f->{rating_ipv6},
is_owner => $is_owner,
};

return $self->render('app/server/show', server => $server);
Expand Down
29 changes: 25 additions & 4 deletions lib/MirrorCache/WebAPI/Controller/Rest/ServerNote.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,32 @@ package MirrorCache::WebAPI::Controller::Rest::ServerNote;
use Mojo::Base 'Mojolicious::Controller';
use Data::Dumper;

sub _has_permission {
my ($self, $hostname) = @_;
return 1 if $self->is_operator || $self->is_admin;

my $dbh = $self->schema->storage->dbh;
my $prep = $dbh->prepare('select username from server_admin where server_id = (select id from server where hostname = ?)');
$prep->execute($hostname);
my $res = $dbh->selectrow_hashref($prep);
print STDERR Dumper($res, $self->current_username);
if (my $username = $res->{username}) {
return 1 if $self->current_username eq $username;
}
return 0;
}

sub ins {
my ($self) = @_;

my $hostname = $self->param('hostname');
return $self->render(code => 400, text => "Mandatory argument is missing") unless $hostname;
return $self->render(status => 400, text => "Mandatory argument is missing") unless $hostname;
my $acc = $self->current_username;
my $kind = $self->param('kind');
my $msg = $self->param('msg');

return $self->render(status => 403, text => "User is not owner") unless $self->_has_permission($hostname);

my $prep = $self->schema->storage->dbh->prepare('insert into server_note(hostname, dt, acc, kind, msg) values(?, now(), ?, ?, ?)');
$prep->execute($hostname, $acc, $kind, $msg);

Expand All @@ -36,7 +53,10 @@ sub list {
my ($self) = @_;

my $hostname = $self->param("hostname");
return $self->render(code => 400, text => "Mandatory argument is missing") unless $hostname;
return $self->render(status => 400, text => "Mandatory argument is missing") unless $hostname;

return $self->render(status => 403, text => "User is not owner") unless $self->_has_permission($hostname);


my $sql = "select * from server_note where hostname = ?::text order by dt desc";
$sql =~ s/::text//g unless $self->schema->pg;
Expand All @@ -50,7 +70,8 @@ sub list_contact {
my ($self) = @_;

my $hostname = $self->param("hostname");
return $self->render(code => 400, text => "Mandatory argument is missing") unless $hostname;
return $self->render(status => 400, text => "Mandatory argument is missing") unless $hostname;
return $self->render(status => 403, text => "User is not owner") unless $self->_has_permission($hostname);

my $sql = "select * from server_note where hostname = ?::text and not outdated and kind = 'email'";
$sql =~ s/::text//g unless $self->schema->pg;
Expand All @@ -64,7 +85,7 @@ sub list_incident {
my ($self) = @_;

my $id = $self->param("id");
return $self->render(code => 400, text => "Mandatory argument is missing") unless $id;
return $self->render(status => 400, text => "Mandatory argument is missing") unless $id;

my $sql = "select * from server_capability_check where server_id = ? order by dt desc";

Expand Down
4 changes: 2 additions & 2 deletions lib/MirrorCache/WebAPI/Controller/Rest/Table.pm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ sub list {
my $table = $self->param("table");
my %search;
my %x;
my $region = $self->req->param('region');
my $region = $self->req->param('region') // "";

if ($table eq 'Server' || $table eq 'MyServer') {
%x = (
Expand All @@ -66,7 +66,6 @@ sub list {
);

my $a = 'region';
my $pattern = '(^|,)' . $region . '(,|$)';
my $regexp = $self->schema->pg ? '~' : 'REGEXP';
my $isnull = "IS NULL";
unless ($region) {
Expand All @@ -76,6 +75,7 @@ sub list {
];

} else {
my $pattern = '(^|,)' . $region . '(,|$)';
$search{'-and'} = [
'-or' => [
[ "server_capability_declaration.capability" => $a ],
Expand Down
7 changes: 5 additions & 2 deletions templates/app/server/show.html.ep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,13 @@ span.ratingunknown {

% content_for 'ready_function' => begin
is_operator = <%= (is_operator) ? 'true' : 'false' %>;
is_admin = <%= (is_admin) ? 'true' : 'false' %>;
server_id = <%= $server->{id} %>;
subsidiary = "<%= $server->{subsidiary} %>";
provider = "<%= $server->{provider} %>";
if (is_operator) {
username = "<%= $server->{admin_username} %>";
is_owner = <%= $server->{is_owner} %>;
if (is_owner || is_admin || is_operator) {
hostname = "<%= $server->{hostname} %>";
if (!provider) {
setupServerNote(hostname);
Expand Down Expand Up @@ -83,7 +86,7 @@ span.ratingunknown {
</div>
</div>

% if (is_operator) {
% if (is_operator || is_admin || $server->{is_owner} ) {
<h3>Private notes</h3>
% if ($server->{provider}) {
<div>
Expand Down