Home Explore Help
Sign In
SMusatov
/
netdata
mirror of https://github.com/netdata/netdata.git
1
0
Fork 0
Files Wiki
Tree: 0d5fa83e22
Branches Tags
netdata
/
web
/
api
/
web_api_v1.c

web_api_v1.c 31 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824 
  1. // SPDX-License-Identifier: GPL-3.0-or-later
    2. 

  2. 

  3. #include "web_api_v1.h"
    4. 

  4. 

  5. static struct {
    6. 

  6.     const char *name;
    7. 

  7.     uint32_t hash;
    8. 

  8.     RRDR_OPTIONS value;
    9. 

  9. } api_v1_data_options[] = {
    10. 

  10.         {  "nonzero"         , 0    , RRDR_OPTION_NONZERO}
    11. 

  11.         , {"flip"            , 0    , RRDR_OPTION_REVERSED}
    12. 

  12.         , {"reversed"        , 0    , RRDR_OPTION_REVERSED}
    13. 

  13.         , {"reverse"         , 0    , RRDR_OPTION_REVERSED}
    14. 

  14.         , {"jsonwrap"        , 0    , RRDR_OPTION_JSON_WRAP}
    15. 

  15.         , {"min2max"         , 0    , RRDR_OPTION_MIN2MAX}
    16. 

  16.         , {"ms"              , 0    , RRDR_OPTION_MILLISECONDS}
    17. 

  17.         , {"milliseconds"    , 0    , RRDR_OPTION_MILLISECONDS}
    18. 

  18.         , {"abs"             , 0    , RRDR_OPTION_ABSOLUTE}
    19. 

  19.         , {"absolute"        , 0    , RRDR_OPTION_ABSOLUTE}
    20. 

  20.         , {"absolute_sum"    , 0    , RRDR_OPTION_ABSOLUTE}
    21. 

  21.         , {"absolute-sum"    , 0    , RRDR_OPTION_ABSOLUTE}
    22. 

  22.         , {"display_absolute", 0    , RRDR_OPTION_DISPLAY_ABS}
    23. 

  23.         , {"display-absolute", 0    , RRDR_OPTION_DISPLAY_ABS}
    24. 

  24.         , {"seconds"         , 0    , RRDR_OPTION_SECONDS}
    25. 

  25.         , {"null2zero"       , 0    , RRDR_OPTION_NULL2ZERO}
    26. 

  26.         , {"objectrows"      , 0    , RRDR_OPTION_OBJECTSROWS}
    27. 

  27.         , {"google_json"     , 0    , RRDR_OPTION_GOOGLE_JSON}
    28. 

  28.         , {"google-json"     , 0    , RRDR_OPTION_GOOGLE_JSON}
    29. 

  29.         , {"percentage"      , 0    , RRDR_OPTION_PERCENTAGE}
    30. 

  30.         , {"unaligned"       , 0    , RRDR_OPTION_NOT_ALIGNED}
    31. 

  31.         , {"match_ids"       , 0    , RRDR_OPTION_MATCH_IDS}
    32. 

  32.         , {"match-ids"       , 0    , RRDR_OPTION_MATCH_IDS}
    33. 

  33.         , {"match_names"     , 0    , RRDR_OPTION_MATCH_NAMES}
    34. 

  34.         , {"match-names"     , 0    , RRDR_OPTION_MATCH_NAMES}
    35. 

  35.         , {                  NULL, 0, 0}
    36. 

  36. };
    37. 

  37. 

  38. static struct {
    39. 

  39.     const char *name;
    40. 

  40.     uint32_t hash;
    41. 

  41.     uint32_t value;
    42. 

  42. } api_v1_data_formats[] = {
    43. 

  43.         {  DATASOURCE_FORMAT_DATATABLE_JSON , 0 , DATASOURCE_DATATABLE_JSON}
    44. 

  44.         , {DATASOURCE_FORMAT_DATATABLE_JSONP, 0 , DATASOURCE_DATATABLE_JSONP}
    45. 

  45.         , {DATASOURCE_FORMAT_JSON           , 0 , DATASOURCE_JSON}
    46. 

  46.         , {DATASOURCE_FORMAT_JSONP          , 0 , DATASOURCE_JSONP}
    47. 

  47.         , {DATASOURCE_FORMAT_SSV            , 0 , DATASOURCE_SSV}
    48. 

  48.         , {DATASOURCE_FORMAT_CSV            , 0 , DATASOURCE_CSV}
    49. 

  49.         , {DATASOURCE_FORMAT_TSV            , 0 , DATASOURCE_TSV}
    50. 

  50.         , {"tsv-excel"                      , 0 , DATASOURCE_TSV}
    51. 

  51.         , {DATASOURCE_FORMAT_HTML           , 0 , DATASOURCE_HTML}
    52. 

  52.         , {DATASOURCE_FORMAT_JS_ARRAY       , 0 , DATASOURCE_JS_ARRAY}
    53. 

  53.         , {DATASOURCE_FORMAT_SSV_COMMA      , 0 , DATASOURCE_SSV_COMMA}
    54. 

  54.         , {DATASOURCE_FORMAT_CSV_JSON_ARRAY , 0 , DATASOURCE_CSV_JSON_ARRAY}
    55. 

  55.         , {DATASOURCE_FORMAT_CSV_MARKDOWN   , 0 , DATASOURCE_CSV_MARKDOWN}
    56. 

  56.         , {                                 NULL, 0, 0}
    57. 

  57. };
    58. 

  58. 

  59. static struct {
    60. 

  60.     const char *name;
    61. 

  61.     uint32_t hash;
    62. 

  62.     uint32_t value;
    63. 

  63. } api_v1_data_google_formats[] = {
    64. 

  64.         // this is not error - when google requests json, it expects javascript
    65. 

  65.         // https://developers.google.com/chart/interactive/docs/dev/implementing_data_source#responseformat
    66. 

  66.         {  "json"     , 0    , DATASOURCE_DATATABLE_JSONP}
    67. 

  67.         , {"html"     , 0    , DATASOURCE_HTML}
    68. 

  68.         , {"csv"      , 0    , DATASOURCE_CSV}
    69. 

  69.         , {"tsv-excel", 0    , DATASOURCE_TSV}
    70. 

  70.         , {           NULL, 0, 0}
    71. 

  71. };
    72. 

  72. 

  73. void web_client_api_v1_init(void) {
    74. 

  74.     int i;
    75. 

  75. 

  76.     for(i = 0; api_v1_data_options[i].name ; i++)
    77. 

  77.         api_v1_data_options[i].hash = simple_hash(api_v1_data_options[i].name);
    78. 

  78. 

  79.     for(i = 0; api_v1_data_formats[i].name ; i++)
    80. 

  80.         api_v1_data_formats[i].hash = simple_hash(api_v1_data_formats[i].name);
    81. 

  81. 

  82.     for(i = 0; api_v1_data_google_formats[i].name ; i++)
    83. 

  83.         api_v1_data_google_formats[i].hash = simple_hash(api_v1_data_google_formats[i].name);
    84. 

  84. 

  85.     web_client_api_v1_init_grouping();
    86. 

  86. 

  87. 	uuid_t uuid;
    88. 

  88. 

  89. 	// generate
    90. 

  90. 	uuid_generate(uuid);
    91. 

  91. 

  92. 	// unparse (to string)
    93. 

  93. 	char uuid_str[37];
    94. 

  94. 	uuid_unparse_lower(uuid, uuid_str);
    95. 

  95. }
    96. 

  96. 

  97. char *get_mgmt_api_key(void) {
    98. 

  98.     char filename[FILENAME_MAX + 1];
    99. 

  99.     snprintfz(filename, FILENAME_MAX, "%s/netdata.api.key", netdata_configured_varlib_dir);
    100. 

  100.     char *api_key_filename=config_get(CONFIG_SECTION_REGISTRY, "netdata management api key file", filename);
    101. 

  101.     static char guid[GUID_LEN + 1] = "";
    102. 

  102. 

  103.     if(likely(guid[0]))
    104. 

  104.         return guid;
    105. 

  105. 

  106.     // read it from disk
    107. 

  107.     int fd = open(api_key_filename, O_RDONLY);
    108. 

  108.     if(fd != -1) {
    109. 

  109.         char buf[GUID_LEN + 1];
    110. 

  110.         if(read(fd, buf, GUID_LEN) != GUID_LEN)
    111. 

  111.             error("Failed to read management API key from '%s'", api_key_filename);
    112. 

  112.         else {
    113. 

  113.             buf[GUID_LEN] = '\0';
    114. 

  114.             if(regenerate_guid(buf, guid) == -1) {
    115. 

  115.                 error("Failed to validate management API key '%s' from '%s'.",
    116. 

  116.                       buf, api_key_filename);
    117. 

  117. 

  118.                 guid[0] = '\0';
    119. 

  119.             }
    120. 

  120.         }
    121. 

  121.         close(fd);
    122. 

  122.     }
    123. 

  123. 

  124.     // generate a new one?
    125. 

  125.     if(!guid[0]) {
    126. 

  126.         uuid_t uuid;
    127. 

  127. 

  128.         uuid_generate_time(uuid);
    129. 

  129.         uuid_unparse_lower(uuid, guid);
    130. 

  130.         guid[GUID_LEN] = '\0';
    131. 

  131. 

  132.         // save it
    133. 

  133.         fd = open(api_key_filename, O_WRONLY|O_CREAT|O_TRUNC, 444);
    134. 

  134.         if(fd == -1)
    135. 

  135.             fatal("Cannot create unique management API key file '%s'. Please fix this.", api_key_filename);
    136. 

  136. 

  137.         if(write(fd, guid, GUID_LEN) != GUID_LEN)
    138. 

  138.             fatal("Cannot write the unique management API key file '%s'. Please fix this.", api_key_filename);
    139. 

  139. 

  140.         close(fd);
    141. 

  141.     }
    142. 

  142. 

  143.     return guid;
    144. 

  144. }
    145. 

  145. 

  146. void web_client_api_v1_management_init(void) {
    147. 

  147. 	api_secret = get_mgmt_api_key();
    148. 

  148. }
    149. 

  149. 

  150. inline uint32_t web_client_api_request_v1_data_options(char *o) {
    151. 

  151.     uint32_t ret = 0x00000000;
    152. 

  152.     char *tok;
    153. 

  153. 

  154.     while(o && *o && (tok = mystrsep(&o, ", |"))) {
    155. 

  155.         if(!*tok) continue;
    156. 

  156. 

  157.         uint32_t hash = simple_hash(tok);
    158. 

  158.         int i;
    159. 

  159.         for(i = 0; api_v1_data_options[i].name ; i++) {
    160. 

  160.             if (unlikely(hash == api_v1_data_options[i].hash && !strcmp(tok, api_v1_data_options[i].name))) {
    161. 

  161.                 ret |= api_v1_data_options[i].value;
    162. 

  162.                 break;
    163. 

  163.             }
    164. 

  164.         }
    165. 

  165.     }
    166. 

  166. 

  167.     return ret;
    168. 

  168. }
    169. 

  169. 

  170. inline uint32_t web_client_api_request_v1_data_format(char *name) {
    171. 

  171.     uint32_t hash = simple_hash(name);
    172. 

  172.     int i;
    173. 

  173. 

  174.     for(i = 0; api_v1_data_formats[i].name ; i++) {
    175. 

  175.         if (unlikely(hash == api_v1_data_formats[i].hash && !strcmp(name, api_v1_data_formats[i].name))) {
    176. 

  176.             return api_v1_data_formats[i].value;
    177. 

  177.         }
    178. 

  178.     }
    179. 

  179. 

  180.     return DATASOURCE_JSON;
    181. 

  181. }
    182. 

  182. 

  183. inline uint32_t web_client_api_request_v1_data_google_format(char *name) {
    184. 

  184.     uint32_t hash = simple_hash(name);
    185. 

  185.     int i;
    186. 

  186. 

  187.     for(i = 0; api_v1_data_google_formats[i].name ; i++) {
    188. 

  188.         if (unlikely(hash == api_v1_data_google_formats[i].hash && !strcmp(name, api_v1_data_google_formats[i].name))) {
    189. 

  189.             return api_v1_data_google_formats[i].value;
    190. 

  190.         }
    191. 

  191.     }
    192. 

  192. 

  193.     return DATASOURCE_JSON;
    194. 

  194. }
    195. 

  195. 

  196. 

  197. inline int web_client_api_request_v1_alarms(RRDHOST *host, struct web_client *w, char *url) {
    198. 

  198.     int all = 0;
    199. 

  199. 

  200.     while(url) {
    201. 

  201.         char *value = mystrsep(&url, "&");
    202. 

  202.         if (!value || !*value) continue;
    203. 

  203. 

  204.         if(!strcmp(value, "all")) all = 1;
    205. 

  205.         else if(!strcmp(value, "active")) all = 0;
    206. 

  206.     }
    207. 

  207. 

  208.     buffer_flush(w->response.data);
    209. 

  209.     w->response.data->contenttype = CT_APPLICATION_JSON;
    210. 

  210.     health_alarms2json(host, w->response.data, all);
    211. 

  211.     buffer_no_cacheable(w->response.data);
    212. 

  212.     return 200;
    213. 

  213. }
    214. 

  214. 

  215. inline int web_client_api_request_v1_alarm_log(RRDHOST *host, struct web_client *w, char *url) {
    216. 

  216.     uint32_t after = 0;
    217. 

  217. 

  218.     while(url) {
    219. 

  219.         char *value = mystrsep(&url, "&");
    220. 

  220.         if (!value || !*value) continue;
    221. 

  221. 

  222.         char *name = mystrsep(&value, "=");
    223. 

  223.         if(!name || !*name) continue;
    224. 

  224.         if(!value || !*value) continue;
    225. 

  225. 

  226.         if(!strcmp(name, "after")) after = (uint32_t)strtoul(value, NULL, 0);
    227. 

  227.     }
    228. 

  228. 

  229.     buffer_flush(w->response.data);
    230. 

  230.     w->response.data->contenttype = CT_APPLICATION_JSON;
    231. 

  231.     health_alarm_log2json(host, w->response.data, after);
    232. 

  232.     return 200;
    233. 

  233. }
    234. 

  234. 

  235. inline int web_client_api_request_single_chart(RRDHOST *host, struct web_client *w, char *url, void callback(RRDSET *st, BUFFER *buf)) {
    236. 

  236.     int ret = 400;
    237. 

  237.     char *chart = NULL;
    238. 

  238. 

  239.     buffer_flush(w->response.data);
    240. 

  240. 

  241.     while(url) {
    242. 

  242.         char *value = mystrsep(&url, "&");
    243. 

  243.         if(!value || !*value) continue;
    244. 

  244. 

  245.         char *name = mystrsep(&value, "=");
    246. 

  246.         if(!name || !*name) continue;
    247. 

  247.         if(!value || !*value) continue;
    248. 

  248. 

  249.         // name and value are now the parameters
    250. 

  250.         // they are not null and not empty
    251. 

  251. 

  252.         if(!strcmp(name, "chart")) chart = value;
    253. 

  253.         //else {
    254. 

  254.         /// buffer_sprintf(w->response.data, "Unknown parameter '%s' in request.", name);
    255. 

  255.         //  goto cleanup;
    256. 

  256.         //}
    257. 

  257.     }
    258. 

  258. 

  259.     if(!chart || !*chart) {
    260. 

  260.         buffer_sprintf(w->response.data, "No chart id is given at the request.");
    261. 

  261.         goto cleanup;
    262. 

  262.     }
    263. 

  263. 

  264.     RRDSET *st = rrdset_find(host, chart);
    265. 

  265.     if(!st) st = rrdset_find_byname(host, chart);
    266. 

  266.     if(!st) {
    267. 

  267.         buffer_strcat(w->response.data, "Chart is not found: ");
    268. 

  268.         buffer_strcat_htmlescape(w->response.data, chart);
    269. 

  269.         ret = 404;
    270. 

  270.         goto cleanup;
    271. 

  271.     }
    272. 

  272. 

  273.     w->response.data->contenttype = CT_APPLICATION_JSON;
    274. 

  274.     st->last_accessed_time = now_realtime_sec();
    275. 

  275.     callback(st, w->response.data);
    276. 

  276.     return 200;
    277. 

  277. 

  278.     cleanup:
    279. 

  279.     return ret;
    280. 

  280. }
    281. 

  281. 

  282. inline int web_client_api_request_v1_alarm_variables(RRDHOST *host, struct web_client *w, char *url) {
    283. 

  283.     return web_client_api_request_single_chart(host, w, url, health_api_v1_chart_variables2json);
    284. 

  284. }
    285. 

  285. 

  286. inline int web_client_api_request_v1_charts(RRDHOST *host, struct web_client *w, char *url) {
    287. 

  287.     (void)url;
    288. 

  288. 

  289.     buffer_flush(w->response.data);
    290. 

  290.     w->response.data->contenttype = CT_APPLICATION_JSON;
    291. 

  291.     charts2json(host, w->response.data);
    292. 

  292.     return 200;
    293. 

  293. }
    294. 

  294. 

  295. inline int web_client_api_request_v1_chart(RRDHOST *host, struct web_client *w, char *url) {
    296. 

  296.     return web_client_api_request_single_chart(host, w, url, rrd_stats_api_v1_chart);
    297. 

  297. }
    298. 

  298. 

  299. void fix_google_param(char *s) {
    300. 

  300.     if(unlikely(!s)) return;
    301. 

  301. 

  302.     for( ; *s ;s++) {
    303. 

  303.         if(!isalnum(*s) && *s != '.' && *s != '_' && *s != '-')
    304. 

  304.             *s = '_';
    305. 

  305.     }
    306. 

  306. }
    307. 

  307. 

  308. // returns the HTTP code
    309. 

  309. inline int web_client_api_request_v1_data(RRDHOST *host, struct web_client *w, char *url) {
    310. 

  310.     debug(D_WEB_CLIENT, "%llu: API v1 data with URL '%s'", w->id, url);
    311. 

  311. 

  312.     int ret = 400;
    313. 

  313.     BUFFER *dimensions = NULL;
    314. 

  314. 

  315.     buffer_flush(w->response.data);
    316. 

  316. 

  317.     char    *google_version = "0.6",
    318. 

  318.             *google_reqId = "0",
    319. 

  319.             *google_sig = "0",
    320. 

  320.             *google_out = "json",
    321. 

  321.             *responseHandler = NULL,
    322. 

  322.             *outFileName = NULL;
    323. 

  323. 

  324.     time_t last_timestamp_in_data = 0, google_timestamp = 0;
    325. 

  325. 

  326.     char *chart = NULL
    327. 

  327.     , *before_str = NULL
    328. 

  328.     , *after_str = NULL
    329. 

  329.     , *group_time_str = NULL
    330. 

  330.     , *points_str = NULL;
    331. 

  331. 

  332.     int group = RRDR_GROUPING_AVERAGE;
    333. 

  333.     uint32_t format = DATASOURCE_JSON;
    334. 

  334.     uint32_t options = 0x00000000;
    335. 

  335. 

  336.     while(url) {
    337. 

  337.         char *value = mystrsep(&url, "&");
    338. 

  338.         if(!value || !*value) continue;
    339. 

  339. 

  340.         char *name = mystrsep(&value, "=");
    341. 

  341.         if(!name || !*name) continue;
    342. 

  342.         if(!value || !*value) continue;
    343. 

  343. 

  344.         debug(D_WEB_CLIENT, "%llu: API v1 data query param '%s' with value '%s'", w->id, name, value);
    345. 

  345. 

  346.         // name and value are now the parameters
    347. 

  347.         // they are not null and not empty
    348. 

  348. 

  349.         if(!strcmp(name, "chart")) chart = value;
    350. 

  350.         else if(!strcmp(name, "dimension") || !strcmp(name, "dim") || !strcmp(name, "dimensions") || !strcmp(name, "dims")) {
    351. 

  351.             if(!dimensions) dimensions = buffer_create(100);
    352. 

  352.             buffer_strcat(dimensions, "|");
    353. 

  353.             buffer_strcat(dimensions, value);
    354. 

  354.         }
    355. 

  355.         else if(!strcmp(name, "after")) after_str = value;
    356. 

  356.         else if(!strcmp(name, "before")) before_str = value;
    357. 

  357.         else if(!strcmp(name, "points")) points_str = value;
    358. 

  358.         else if(!strcmp(name, "gtime")) group_time_str = value;
    359. 

  359.         else if(!strcmp(name, "group")) {
    360. 

  360.             group = web_client_api_request_v1_data_group(value, RRDR_GROUPING_AVERAGE);
    361. 

  361.         }
    362. 

  362.         else if(!strcmp(name, "format")) {
    363. 

  363.             format = web_client_api_request_v1_data_format(value);
    364. 

  364.         }
    365. 

  365.         else if(!strcmp(name, "options")) {
    366. 

  366.             options |= web_client_api_request_v1_data_options(value);
    367. 

  367.         }
    368. 

  368.         else if(!strcmp(name, "callback")) {
    369. 

  369.             responseHandler = value;
    370. 

  370.         }
    371. 

  371.         else if(!strcmp(name, "filename")) {
    372. 

  372.             outFileName = value;
    373. 

  373.         }
    374. 

  374.         else if(!strcmp(name, "tqx")) {
    375. 

  375.             // parse Google Visualization API options
    376. 

  376.             // https://developers.google.com/chart/interactive/docs/dev/implementing_data_source
    377. 

  377.             char *tqx_name, *tqx_value;
    378. 

  378. 

  379.             while(value) {
    380. 

  380.                 tqx_value = mystrsep(&value, ";");
    381. 

  381.                 if(!tqx_value || !*tqx_value) continue;
    382. 

  382. 

  383.                 tqx_name = mystrsep(&tqx_value, ":");
    384. 

  384.                 if(!tqx_name || !*tqx_name) continue;
    385. 

  385.                 if(!tqx_value || !*tqx_value) continue;
    386. 

  386. 

  387.                 if(!strcmp(tqx_name, "version"))
    388. 

  388.                     google_version = tqx_value;
    389. 

  389.                 else if(!strcmp(tqx_name, "reqId"))
    390. 

  390.                     google_reqId = tqx_value;
    391. 

  391.                 else if(!strcmp(tqx_name, "sig")) {
    392. 

  392.                     google_sig = tqx_value;
    393. 

  393.                     google_timestamp = strtoul(google_sig, NULL, 0);
    394. 

  394.                 }
    395. 

  395.                 else if(!strcmp(tqx_name, "out")) {
    396. 

  396.                     google_out = tqx_value;
    397. 

  397.                     format = web_client_api_request_v1_data_google_format(google_out);
    398. 

  398.                 }
    399. 

  399.                 else if(!strcmp(tqx_name, "responseHandler"))
    400. 

  400.                     responseHandler = tqx_value;
    401. 

  401.                 else if(!strcmp(tqx_name, "outFileName"))
    402. 

  402.                     outFileName = tqx_value;
    403. 

  403.             }
    404. 

  404.         }
    405. 

  405.     }
    406. 

  406. 

  407.     // validate the google parameters given
    408. 

  408.     fix_google_param(google_out);
    409. 

  409.     fix_google_param(google_sig);
    410. 

  410.     fix_google_param(google_reqId);
    411. 

  411.     fix_google_param(google_version);
    412. 

  412.     fix_google_param(responseHandler);
    413. 

  413.     fix_google_param(outFileName);
    414. 

  414. 

  415.     if(!chart || !*chart) {
    416. 

  416.         buffer_sprintf(w->response.data, "No chart id is given at the request.");
    417. 

  417.         goto cleanup;
    418. 

  418.     }
    419. 

  419. 

  420.     RRDSET *st = rrdset_find(host, chart);
    421. 

  421.     if(!st) st = rrdset_find_byname(host, chart);
    422. 

  422.     if(!st) {
    423. 

  423.         buffer_strcat(w->response.data, "Chart is not found: ");
    424. 

  424.         buffer_strcat_htmlescape(w->response.data, chart);
    425. 

  425.         ret = 404;
    426. 

  426.         goto cleanup;
    427. 

  427.     }
    428. 

  428.     st->last_accessed_time = now_realtime_sec();
    429. 

  429. 

  430.     long long before = (before_str && *before_str)?str2l(before_str):0;
    431. 

  431.     long long after  = (after_str  && *after_str) ?str2l(after_str):0;
    432. 

  432.     int       points = (points_str && *points_str)?str2i(points_str):0;
    433. 

  433.     long      group_time = (group_time_str && *group_time_str)?str2l(group_time_str):0;
    434. 

  434. 

  435.     debug(D_WEB_CLIENT, "%llu: API command 'data' for chart '%s', dimensions '%s', after '%lld', before '%lld', points '%d', group '%d', format '%u', options '0x%08x'"
    436. 

  436.           , w->id
    437. 

  437.           , chart
    438. 

  438.           , (dimensions)?buffer_tostring(dimensions):""
    439. 

  439.           , after
    440. 

  440.           , before
    441. 

  441.           , points
    442. 

  442.           , group
    443. 

  443.           , format
    444. 

  444.           , options
    445. 

  445.     );
    446. 

  446. 

  447.     if(outFileName && *outFileName) {
    448. 

  448.         buffer_sprintf(w->response.header, "Content-Disposition: attachment; filename=\"%s\"\r\n", outFileName);
    449. 

  449.         debug(D_WEB_CLIENT, "%llu: generating outfilename header: '%s'", w->id, outFileName);
    450. 

  450.     }
    451. 

  451. 

  452.     if(format == DATASOURCE_DATATABLE_JSONP) {
    453. 

  453.         if(responseHandler == NULL)
    454. 

  454.             responseHandler = "google.visualization.Query.setResponse";
    455. 

  455. 

  456.         debug(D_WEB_CLIENT_ACCESS, "%llu: GOOGLE JSON/JSONP: version = '%s', reqId = '%s', sig = '%s', out = '%s', responseHandler = '%s', outFileName = '%s'",
    457. 

  457.                 w->id, google_version, google_reqId, google_sig, google_out, responseHandler, outFileName
    458. 

  458.         );
    459. 

  459. 

  460.         buffer_sprintf(w->response.data,
    461. 

  461.                 "%s({version:'%s',reqId:'%s',status:'ok',sig:'%ld',table:",
    462. 

  462.                 responseHandler, google_version, google_reqId, st->last_updated.tv_sec);
    463. 

  463.     }
    464. 

  464.     else if(format == DATASOURCE_JSONP) {
    465. 

  465.         if(responseHandler == NULL)
    466. 

  466.             responseHandler = "callback";
    467. 

  467. 

  468.         buffer_strcat(w->response.data, responseHandler);
    469. 

  469.         buffer_strcat(w->response.data, "(");
    470. 

  470.     }
    471. 

  471. 

  472.     ret = rrdset2anything_api_v1(st, w->response.data, dimensions, format, points, after, before, group, group_time
    473. 

  473.                                  , options, &last_timestamp_in_data);
    474. 

  474. 

  475.     if(format == DATASOURCE_DATATABLE_JSONP) {
    476. 

  476.         if(google_timestamp < last_timestamp_in_data)
    477. 

  477.             buffer_strcat(w->response.data, "});");
    478. 

  478. 

  479.         else {
    480. 

  480.             // the client already has the latest data
    481. 

  481.             buffer_flush(w->response.data);
    482. 

  482.             buffer_sprintf(w->response.data,
    483. 

  483.                     "%s({version:'%s',reqId:'%s',status:'error',errors:[{reason:'not_modified',message:'Data not modified'}]});",
    484. 

  484.                     responseHandler, google_version, google_reqId);
    485. 

  485.         }
    486. 

  486.     }
    487. 

  487.     else if(format == DATASOURCE_JSONP)
    488. 

  488.         buffer_strcat(w->response.data, ");");
    489. 

  489. 

  490.     cleanup:
    491. 

  491.     buffer_free(dimensions);
    492. 

  492.     return ret;
    493. 

  493. }
    494. 

  494. 

  495. // Pings a netdata server:
    496. 

  496. // /api/v1/registry?action=hello
    497. 

  497. //
    498. 

  498. // Access to a netdata registry:
    499. 

  499. // /api/v1/registry?action=access&machine=${machine_guid}&name=${hostname}&url=${url}
    500. 

  500. //
    501. 

  501. // Delete from a netdata registry:
    502. 

  502. // /api/v1/registry?action=delete&machine=${machine_guid}&name=${hostname}&url=${url}&delete_url=${delete_url}
    503. 

  503. //
    504. 

  504. // Search for the URLs of a machine:
    505. 

  505. // /api/v1/registry?action=search&machine=${machine_guid}&name=${hostname}&url=${url}&for=${machine_guid}
    506. 

  506. //
    507. 

  507. // Impersonate:
    508. 

  508. // /api/v1/registry?action=switch&machine=${machine_guid}&name=${hostname}&url=${url}&to=${new_person_guid}
    509. 

  509. inline int web_client_api_request_v1_registry(RRDHOST *host, struct web_client *w, char *url) {
    510. 

  510.     static uint32_t hash_action = 0, hash_access = 0, hash_hello = 0, hash_delete = 0, hash_search = 0,
    511. 

  511.             hash_switch = 0, hash_machine = 0, hash_url = 0, hash_name = 0, hash_delete_url = 0, hash_for = 0,
    512. 

  512.             hash_to = 0 /*, hash_redirects = 0 */;
    513. 

  513. 

  514.     if(unlikely(!hash_action)) {
    515. 

  515.         hash_action = simple_hash("action");
    516. 

  516.         hash_access = simple_hash("access");
    517. 

  517.         hash_hello = simple_hash("hello");
    518. 

  518.         hash_delete = simple_hash("delete");
    519. 

  519.         hash_search = simple_hash("search");
    520. 

  520.         hash_switch = simple_hash("switch");
    521. 

  521.         hash_machine = simple_hash("machine");
    522. 

  522.         hash_url = simple_hash("url");
    523. 

  523.         hash_name = simple_hash("name");
    524. 

  524.         hash_delete_url = simple_hash("delete_url");
    525. 

  525.         hash_for = simple_hash("for");
    526. 

  526.         hash_to = simple_hash("to");
    527. 

  527. /*
    528. 

  528.         hash_redirects = simple_hash("redirects");
    529. 

  529. */
    530. 

  530.     }
    531. 

  531. 

  532.     char person_guid[GUID_LEN + 1] = "";
    533. 

  533. 

  534.     debug(D_WEB_CLIENT, "%llu: API v1 registry with URL '%s'", w->id, url);
    535. 

  535. 

  536.     // TODO
    537. 

  537.     // The browser may send multiple cookies with our id
    538. 

  538. 

  539.     char *cookie = strstr(w->response.data->buffer, NETDATA_REGISTRY_COOKIE_NAME "=");
    540. 

  540.     if(cookie)
    541. 

  541.         strncpyz(person_guid, &cookie[sizeof(NETDATA_REGISTRY_COOKIE_NAME)], 36);
    542. 

  542. 

  543.     char action = '\0';
    544. 

  544.     char *machine_guid = NULL,
    545. 

  545.             *machine_url = NULL,
    546. 

  546.             *url_name = NULL,
    547. 

  547.             *search_machine_guid = NULL,
    548. 

  548.             *delete_url = NULL,
    549. 

  549.             *to_person_guid = NULL;
    550. 

  550. /*
    551. 

  551.     int redirects = 0;
    552. 

  552. */
    553. 

  553. 

  554.     while(url) {
    555. 

  555.         char *value = mystrsep(&url, "&");
    556. 

  556.         if (!value || !*value) continue;
    557. 

  557. 

  558.         char *name = mystrsep(&value, "=");
    559. 

  559.         if (!name || !*name) continue;
    560. 

  560.         if (!value || !*value) continue;
    561. 

  561. 

  562.         debug(D_WEB_CLIENT, "%llu: API v1 registry query param '%s' with value '%s'", w->id, name, value);
    563. 

  563. 

  564.         uint32_t hash = simple_hash(name);
    565. 

  565. 

  566.         if(hash == hash_action && !strcmp(name, "action")) {
    567. 

  567.             uint32_t vhash = simple_hash(value);
    568. 

  568. 

  569.             if(vhash == hash_access && !strcmp(value, "access")) action = 'A';
    570. 

  570.             else if(vhash == hash_hello && !strcmp(value, "hello")) action = 'H';
    571. 

  571.             else if(vhash == hash_delete && !strcmp(value, "delete")) action = 'D';
    572. 

  572.             else if(vhash == hash_search && !strcmp(value, "search")) action = 'S';
    573. 

  573.             else if(vhash == hash_switch && !strcmp(value, "switch")) action = 'W';
    574. 

  574. #ifdef NETDATA_INTERNAL_CHECKS
    575. 

  575.             else error("unknown registry action '%s'", value);
    576. 

  576. #endif /* NETDATA_INTERNAL_CHECKS */
    577. 

  577.         }
    578. 

  578. /*
    579. 

  579.         else if(hash == hash_redirects && !strcmp(name, "redirects"))
    580. 

  580.             redirects = atoi(value);
    581. 

  581. */
    582. 

  582.         else if(hash == hash_machine && !strcmp(name, "machine"))
    583. 

  583.             machine_guid = value;
    584. 

  584. 

  585.         else if(hash == hash_url && !strcmp(name, "url"))
    586. 

  586.             machine_url = value;
    587. 

  587. 

  588.         else if(action == 'A') {
    589. 

  589.             if(hash == hash_name && !strcmp(name, "name"))
    590. 

  590.                 url_name = value;
    591. 

  591.         }
    592. 

  592.         else if(action == 'D') {
    593. 

  593.             if(hash == hash_delete_url && !strcmp(name, "delete_url"))
    594. 

  594.                 delete_url = value;
    595. 

  595.         }
    596. 

  596.         else if(action == 'S') {
    597. 

  597.             if(hash == hash_for && !strcmp(name, "for"))
    598. 

  598.                 search_machine_guid = value;
    599. 

  599.         }
    600. 

  600.         else if(action == 'W') {
    601. 

  601.             if(hash == hash_to && !strcmp(name, "to"))
    602. 

  602.                 to_person_guid = value;
    603. 

  603.         }
    604. 

  604. #ifdef NETDATA_INTERNAL_CHECKS
    605. 

  605.         else error("unused registry URL parameter '%s' with value '%s'", name, value);
    606. 

  606. #endif /* NETDATA_INTERNAL_CHECKS */
    607. 

  607.     }
    608. 

  608. 

  609.     if(unlikely(respect_web_browser_do_not_track_policy && web_client_has_donottrack(w))) {
    610. 

  610.         buffer_flush(w->response.data);
    611. 

  611.         buffer_sprintf(w->response.data, "Your web browser is sending 'DNT: 1' (Do Not Track). The registry requires persistent cookies on your browser to work.");
    612. 

  612.         return 400;
    613. 

  613.     }
    614. 

  614. 

  615.     if(unlikely(action == 'H')) {
    616. 

  616.         // HELLO request, dashboard ACL
    617. 

  617.         if(unlikely(!web_client_can_access_dashboard(w)))
    618. 

  618.             return web_client_permission_denied(w);
    619. 

  619.     }
    620. 

  620.     else {
    621. 

  621.         // everything else, registry ACL
    622. 

  622.         if(unlikely(!web_client_can_access_registry(w)))
    623. 

  623.             return web_client_permission_denied(w);
    624. 

  624.     }
    625. 

  625. 

  626.     switch(action) {
    627. 

  627.         case 'A':
    628. 

  628.             if(unlikely(!machine_guid || !machine_url || !url_name)) {
    629. 

  629.                 error("Invalid registry request - access requires these parameters: machine ('%s'), url ('%s'), name ('%s')", machine_guid ? machine_guid : "UNSET", machine_url ? machine_url : "UNSET", url_name ? url_name : "UNSET");
    630. 

  630.                 buffer_flush(w->response.data);
    631. 

  631.                 buffer_strcat(w->response.data, "Invalid registry Access request.");
    632. 

  632.                 return 400;
    633. 

  633.             }
    634. 

  634. 

  635.             web_client_enable_tracking_required(w);
    636. 

  636.             return registry_request_access_json(host, w, person_guid, machine_guid, machine_url, url_name, now_realtime_sec());
    637. 

  637. 

  638.         case 'D':
    639. 

  639.             if(unlikely(!machine_guid || !machine_url || !delete_url)) {
    640. 

  640.                 error("Invalid registry request - delete requires these parameters: machine ('%s'), url ('%s'), delete_url ('%s')", machine_guid?machine_guid:"UNSET", machine_url?machine_url:"UNSET", delete_url?delete_url:"UNSET");
    641. 

  641.                 buffer_flush(w->response.data);
    642. 

  642.                 buffer_strcat(w->response.data, "Invalid registry Delete request.");
    643. 

  643.                 return 400;
    644. 

  644.             }
    645. 

  645. 

  646.             web_client_enable_tracking_required(w);
    647. 

  647.             return registry_request_delete_json(host, w, person_guid, machine_guid, machine_url, delete_url, now_realtime_sec());
    648. 

  648. 

  649.         case 'S':
    650. 

  650.             if(unlikely(!machine_guid || !machine_url || !search_machine_guid)) {
    651. 

  651.                 error("Invalid registry request - search requires these parameters: machine ('%s'), url ('%s'), for ('%s')", machine_guid?machine_guid:"UNSET", machine_url?machine_url:"UNSET", search_machine_guid?search_machine_guid:"UNSET");
    652. 

  652.                 buffer_flush(w->response.data);
    653. 

  653.                 buffer_strcat(w->response.data, "Invalid registry Search request.");
    654. 

  654.                 return 400;
    655. 

  655.             }
    656. 

  656. 

  657.             web_client_enable_tracking_required(w);
    658. 

  658.             return registry_request_search_json(host, w, person_guid, machine_guid, machine_url, search_machine_guid, now_realtime_sec());
    659. 

  659. 

  660.         case 'W':
    661. 

  661.             if(unlikely(!machine_guid || !machine_url || !to_person_guid)) {
    662. 

  662.                 error("Invalid registry request - switching identity requires these parameters: machine ('%s'), url ('%s'), to ('%s')", machine_guid?machine_guid:"UNSET", machine_url?machine_url:"UNSET", to_person_guid?to_person_guid:"UNSET");
    663. 

  663.                 buffer_flush(w->response.data);
    664. 

  664.                 buffer_strcat(w->response.data, "Invalid registry Switch request.");
    665. 

  665.                 return 400;
    666. 

  666.             }
    667. 

  667. 

  668.             web_client_enable_tracking_required(w);
    669. 

  669.             return registry_request_switch_json(host, w, person_guid, machine_guid, machine_url, to_person_guid, now_realtime_sec());
    670. 

  670. 

  671.         case 'H':
    672. 

  672.             return registry_request_hello_json(host, w);
    673. 

  673. 

  674.         default:
    675. 

  675.             buffer_flush(w->response.data);
    676. 

  676.             buffer_strcat(w->response.data, "Invalid registry request - you need to set an action: hello, access, delete, search");
    677. 

  677.             return 400;
    678. 

  678.     }
    679. 

  679. }
    680. 

  680. 

  681. static inline void web_client_api_request_v1_info_summary_alarm_statuses(RRDHOST *host, BUFFER *wb) {
    682. 

  682.     int alarm_normal = 0, alarm_warn = 0, alarm_crit = 0;
    683. 

  683.     RRDCALC *rc;
    684. 

  684.     rrdhost_rdlock(host);
    685. 

  685.     for(rc = host->alarms; rc ; rc = rc->next) {
    686. 

  686.         if(unlikely(!rc->rrdset || !rc->rrdset->last_collected_time.tv_sec))
    687. 

  687.             continue;
    688. 

  688. 

  689.         switch(rc->status) {
    690. 

  690.             case RRDCALC_STATUS_WARNING:
    691. 

  691.                 alarm_warn++;
    692. 

  692.                 break;
    693. 

  693.             case RRDCALC_STATUS_CRITICAL:
    694. 

  694.                 alarm_crit++;
    695. 

  695.                 break;
    696. 

  696.             default:
    697. 

  697.                 alarm_normal++;
    698. 

  698.         }
    699. 

  699.     }
    700. 

  700.     rrdhost_unlock(host);
    701. 

  701.     buffer_sprintf(wb, "\t\t\"normal\": %d,\n", alarm_normal);
    702. 

  702.     buffer_sprintf(wb, "\t\t\"warning\": %d,\n", alarm_warn);
    703. 

  703.     buffer_sprintf(wb, "\t\t\"critical\": %d\n", alarm_crit);
    704. 

  704. }
    705. 

  705. 

  706. static inline void web_client_api_request_v1_info_mirrored_hosts(BUFFER *wb) {
    707. 

  707.     RRDHOST *rc;
    708. 

  708.     int count = 0;
    709. 

  709.     rrd_rdlock();
    710. 

  710.     rrdhost_foreach_read(rc) {
    711. 

  711.         if(count > 0) buffer_strcat(wb, ",\n");
    712. 

  712.         buffer_sprintf(wb, "\t\t\"%s\"", rc->hostname);
    713. 

  713.         count++;
    714. 

  714.     }
    715. 

  715.     buffer_strcat(wb, "\n");
    716. 

  716.     rrd_unlock();
    717. 

  717. }
    718. 

  718. 

  719. inline int web_client_api_request_v1_info(RRDHOST *host, struct web_client *w, char *url) {
    720. 

  720.     (void)url;
    721. 

  721.     if (!netdata_ready) return 503;
    722. 

  722. 

  723.     BUFFER *wb = w->response.data;
    724. 

  724.     buffer_flush(wb);
    725. 

  725.     wb->contenttype = CT_APPLICATION_JSON;
    726. 

  726. 

  727.     buffer_strcat(wb, "{\n");
    728. 

  728.     buffer_sprintf(wb, "\t\"version\": \"%s\",\n", host->program_version);
    729. 

  729.     buffer_sprintf(wb, "\t\"uid\": \"%s\",\n", host->machine_guid);
    730. 

  730. 

  731.     buffer_strcat(wb, "\t\"mirrored_hosts\": [\n");
    732. 

  732.     web_client_api_request_v1_info_mirrored_hosts(wb);
    733. 

  733.     buffer_strcat(wb, "\t],\n");
    734. 

  734. 

  735.     buffer_strcat(wb, "\t\"alarms\": {\n");
    736. 

  736.     web_client_api_request_v1_info_summary_alarm_statuses(host, wb);
    737. 

  737.     buffer_strcat(wb, "\t},\n");
    738. 

  738. 

  739.     buffer_sprintf(wb, "\t\"os_name\": %s,\n", (host->system_info->os_name) ? host->system_info->os_name : "\"\"");
    740. 

  740.     buffer_sprintf(wb, "\t\"os_id\": \"%s\",\n", (host->system_info->os_id) ? host->system_info->os_id : "");
    741. 

  741.     buffer_sprintf(wb, "\t\"os_id_like\": \"%s\",\n", (host->system_info->os_id_like) ? host->system_info->os_id_like : "");
    742. 

  742.     buffer_sprintf(wb, "\t\"os_version\": \"%s\",\n", (host->system_info->os_version) ? host->system_info->os_version : "");
    743. 

  743.     buffer_sprintf(wb, "\t\"os_version_id\": \"%s\",\n", (host->system_info->os_version_id) ? host->system_info->os_version_id : "");
    744. 

  744.     buffer_sprintf(wb, "\t\"os_detection\": \"%s\",\n", (host->system_info->os_detection) ? host->system_info->os_detection : "");
    745. 

  745.     buffer_sprintf(wb, "\t\"kernel_name\": \"%s\",\n", (host->system_info->kernel_name) ? host->system_info->kernel_name : "");
    746. 

  746.     buffer_sprintf(wb, "\t\"kernel_version\": \"%s\",\n", (host->system_info->kernel_version) ? host->system_info->kernel_version : "");
    747. 

  747.     buffer_sprintf(wb, "\t\"architecture\": \"%s\",\n", (host->system_info->architecture) ? host->system_info->architecture : "");
    748. 

  748.     buffer_sprintf(wb, "\t\"virtualization\": \"%s\",\n", (host->system_info->virtualization) ? host->system_info->virtualization : "");
    749. 

  749.     buffer_sprintf(wb, "\t\"virt_detection\": \"%s\",\n", (host->system_info->virt_detection) ? host->system_info->virt_detection : "");
    750. 

  750.     buffer_sprintf(wb, "\t\"container\": \"%s\",\n", (host->system_info->container) ? host->system_info->container : "");
    751. 

  751.     buffer_sprintf(wb, "\t\"container_detection\": \"%s\",\n", (host->system_info->container_detection) ? host->system_info->container_detection : "");
    752. 

  752. 

  753.     buffer_strcat(wb, "\t\"collectors\": [");
    754. 

  754.     chartcollectors2json(host, wb);
    755. 

  755.     buffer_strcat(wb, "\n\t]\n");
    756. 

  756. 

  757.     buffer_strcat(wb, "}");
    758. 

  758.     buffer_no_cacheable(wb);
    759. 

  759.     return 200;
    760. 

  760. }
    761. 

  761. 

  762. static struct api_command {
    763. 

  763.     const char *command;
    764. 

  764.     uint32_t hash;
    765. 

  765.     WEB_CLIENT_ACL acl;
    766. 

  766.     int (*callback)(RRDHOST *host, struct web_client *w, char *url);
    767. 

  767. } api_commands[] = {
    768. 

  768.         { "info",            0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_info            },
    769. 

  769.         { "data",            0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_data            },
    770. 

  770.         { "chart",           0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_chart           },
    771. 

  771.         { "charts",          0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_charts          },
    772. 

  772. 

  773.         // registry checks the ACL by itself, so we allow everything
    774. 

  774.         { "registry",        0, WEB_CLIENT_ACL_NOCHECK,   web_client_api_request_v1_registry        },
    775. 

  775. 

  776.         // badges can be fetched with both dashboard and badge permissions
    777. 

  777.         { "badge.svg",       0, WEB_CLIENT_ACL_DASHBOARD|WEB_CLIENT_ACL_BADGE, web_client_api_request_v1_badge },
    778. 

  778. 

  779.         { "alarms",          0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_alarms          },
    780. 

  780.         { "alarm_log",       0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_alarm_log       },
    781. 

  781.         { "alarm_variables", 0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_alarm_variables },
    782. 

  782.         { "allmetrics",      0, WEB_CLIENT_ACL_DASHBOARD, web_client_api_request_v1_allmetrics      },
    783. 

  783.         { "manage/health",   0, WEB_CLIENT_ACL_MGMT,      web_client_api_request_v1_mgmt_health     },
    784. 

  784.         // terminator
    785. 

  785.         { NULL,              0, WEB_CLIENT_ACL_NONE,      NULL                                      },
    786. 

  786. };
    787. 

  787. 

  788. inline int web_client_api_request_v1(RRDHOST *host, struct web_client *w, char *url) {
    789. 

  789.     static int initialized = 0;
    790. 

  790.     int i;
    791. 

  791. 

  792.     if(unlikely(initialized == 0)) {
    793. 

  793.         initialized = 1;
    794. 

  794. 

  795.         for(i = 0; api_commands[i].command ; i++)
    796. 

  796.             api_commands[i].hash = simple_hash(api_commands[i].command);
    797. 

  797.     }
    798. 

  798. 

  799.     // get the command
    800. 

  800.     char *tok = mystrsep(&url, "?");
    801. 

  801.     if(tok && *tok) {
    802. 

  802.         debug(D_WEB_CLIENT, "%llu: Searching for API v1 command '%s'.", w->id, tok);
    803. 

  803.         uint32_t hash = simple_hash(tok);
    804. 

  804. 

  805.         for(i = 0; api_commands[i].command ;i++) {
    806. 

  806.             if(unlikely(hash == api_commands[i].hash && !strcmp(tok, api_commands[i].command))) {
    807. 

  807.                 if(unlikely(api_commands[i].acl != WEB_CLIENT_ACL_NOCHECK) &&  !(w->acl & api_commands[i].acl))
    808. 

  808.                     return web_client_permission_denied(w);
    809. 

  809. 

  810.                 return api_commands[i].callback(host, w, url);
    811. 

  811.             }
    812. 

  812.         }
    813. 

  813. 

  814.         buffer_flush(w->response.data);
    815. 

  815.         buffer_strcat(w->response.data, "Unsupported v1 API command: ");
    816. 

  816.         buffer_strcat_htmlescape(w->response.data, tok);
    817. 

  817.         return 404;
    818. 

  818.     }
    819. 

  819.     else {
    820. 

  820.         buffer_flush(w->response.data);
    821. 

  821.         buffer_sprintf(w->response.data, "Which API v1 command?");
    822. 

  822.         return 400;
    823. 

  823.     }
    824. 

  824. }
    825.