kiwi-vpn/api/kiwi_vpn_api/routers/admin.py

82 lines
2.1 KiB
Python
Raw Normal View History

2022-03-20 03:45:40 +00:00
"""
/admin endpoints.
"""
2022-03-18 18:22:17 +00:00
from fastapi import APIRouter, Depends, HTTPException, status
2022-03-18 22:43:02 +00:00
from ..config import Config
2022-03-20 02:32:40 +00:00
from ..db import Connection
from ..db.schemas import User, UserCapability, UserCreate
2022-03-20 03:45:40 +00:00
from ._common import Responses, get_current_user
2022-03-18 18:22:17 +00:00
router = APIRouter(prefix="/admin")
@router.put(
2022-03-19 17:11:52 +00:00
"/install",
2022-03-18 18:22:17 +00:00
responses={
2022-03-20 03:45:40 +00:00
status.HTTP_200_OK: Responses.OK,
status.HTTP_400_BAD_REQUEST: Responses.INSTALLED,
2022-03-18 18:22:17 +00:00
},
)
2022-03-19 17:11:52 +00:00
async def install(
config: Config,
2022-03-20 02:32:40 +00:00
admin_user: UserCreate,
2022-03-19 02:38:32 +00:00
current_config: Config | None = Depends(Config.load),
2022-03-18 18:22:17 +00:00
):
2022-03-20 03:45:40 +00:00
"""
PUT ./install: Install `kiwi-vpn`.
"""
# fail if already installed
2022-03-18 18:22:17 +00:00
if current_config is not None:
2022-03-19 17:11:52 +00:00
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
2022-03-18 18:22:17 +00:00
2022-03-20 03:45:40 +00:00
# create config file, connect to database
2022-03-19 17:11:52 +00:00
await config.save()
Connection.connect(await config.db.db_engine)
2022-03-18 18:22:17 +00:00
2022-03-20 03:45:40 +00:00
# create an administrative user
2022-03-20 00:12:56 +00:00
with Connection.use() as db:
2022-03-20 03:45:40 +00:00
User.create(
2022-03-19 17:11:52 +00:00
db=db,
2022-03-19 23:56:21 +00:00
user=admin_user,
2022-03-19 17:11:52 +00:00
crypt_context=await config.crypto.crypt_context,
2022-03-20 03:45:40 +00:00
).add_capabilities(
2022-03-19 19:24:43 +00:00
db=db,
2022-03-20 02:32:40 +00:00
capabilities=[UserCapability.admin],
2022-03-19 19:24:43 +00:00
)
2022-03-19 17:11:52 +00:00
@router.put(
"/config",
2022-03-18 18:22:17 +00:00
responses={
2022-03-20 03:45:40 +00:00
status.HTTP_200_OK: Responses.OK,
status.HTTP_400_BAD_REQUEST: Responses.NOT_INSTALLED,
status.HTTP_401_UNAUTHORIZED: Responses.NEEDS_USER,
status.HTTP_403_FORBIDDEN: Responses.NEEDS_ADMIN,
2022-03-18 18:22:17 +00:00
},
)
2022-03-19 17:11:52 +00:00
async def set_config(
new_config: Config,
2022-03-19 02:38:32 +00:00
current_config: Config | None = Depends(Config.load),
2022-03-20 03:45:40 +00:00
current_user: User | None = Depends(get_current_user),
2022-03-18 18:22:17 +00:00
):
2022-03-20 03:45:40 +00:00
"""
PUT ./config: Edit `kiwi-vpn` main config.
"""
# fail if not installed
2022-03-18 18:22:17 +00:00
if current_config is None:
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
2022-03-20 03:45:40 +00:00
# fail if not requested by an admin
2022-03-19 18:31:03 +00:00
if (current_user is None
2022-03-20 02:32:40 +00:00
or UserCapability.admin not in current_user.capabilities):
2022-03-19 17:11:52 +00:00
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN)
2022-03-19 03:31:41 +00:00
2022-03-20 03:45:40 +00:00
# update config file, reconnect to database
2022-03-19 17:11:52 +00:00
await new_config.save()
Connection.connect(await new_config.db.db_engine)