Home Explore Help
Sign In
SMusatov
/
netdata
mirror of https://github.com/netdata/netdata.git
1
0
Fork 0
Files Wiki
Branch: v1.41
Branches Tags
netdata
/
web
/
api
/
web_api.c

web_api.c 9.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245 
  1. // SPDX-License-Identifier: GPL-3.0-or-later
    2. 

  2. 

  3. #include "web_api.h"
    4. 

  4. 

  5. bool netdata_is_protected_by_bearer = false; // this is controlled by cloud, at the point the agent logs in - this should also be saved to /var/lib/netdata
    6. 

  6. DICTIONARY *netdata_authorized_bearers = NULL;
    7. 

  7. 

  8. static bool web_client_check_acl_and_bearer(struct web_client *w, WEB_CLIENT_ACL endpoint_acl) {
    9. 

  9.     if(endpoint_acl == WEB_CLIENT_ACL_NOCHECK)
    10. 

  10.         // the endpoint is totally public
    11. 

  11.         return true;
    12. 

  12. 

  13.     bool acl_allows = w->acl & endpoint_acl;
    14. 

  14.     if(!acl_allows)
    15. 

  15.         // the channel we received the request from (w->acl) is not compatible with the endpoint
    16. 

  16.         return false;
    17. 

  17. 

  18.     if(!netdata_is_protected_by_bearer && !(endpoint_acl & WEB_CLIENT_ACL_BEARER_REQUIRED))
    19. 

  19.         // bearer protection is not enabled and is not required by the endpoint
    20. 

  20.         return true;
    21. 

  21. 

  22.     if(!(endpoint_acl & (WEB_CLIENT_ACL_BEARER_REQUIRED|WEB_CLIENT_ACL_BEARER_OPTIONAL)))
    23. 

  23.         // endpoint does not require a bearer
    24. 

  24.         return true;
    25. 

  25. 

  26.     if((w->acl & (WEB_CLIENT_ACL_ACLK|WEB_CLIENT_ACL_WEBRTC)) || api_check_bearer_token(w))
    27. 

  27.         // the request is coming from ACLK or WEBRTC (authorized already),
    28. 

  28.         // or we have a valid bearer on the request
    29. 

  29.         return true;
    30. 

  30. 

  31.     return false;
    32. 

  32. }
    33. 

  33. 

  34. int web_client_api_request_vX(RRDHOST *host, struct web_client *w, char *url_path_endpoint, struct web_api_command *api_commands) {
    35. 

  35.     if(unlikely(!url_path_endpoint || !*url_path_endpoint)) {
    36. 

  36.         buffer_flush(w->response.data);
    37. 

  37.         buffer_sprintf(w->response.data, "Which API command?");
    38. 

  38.         return HTTP_RESP_BAD_REQUEST;
    39. 

  39.     }
    40. 

  40. 

  41.     uint32_t hash = simple_hash(url_path_endpoint);
    42. 

  42. 

  43.     for(int i = 0; api_commands[i].command ; i++) {
    44. 

  44.         if(unlikely(hash == api_commands[i].hash && !strcmp(url_path_endpoint, api_commands[i].command))) {
    45. 

  45.             if(unlikely(!web_client_check_acl_and_bearer(w, api_commands[i].acl)))
    46. 

  46.                 return web_client_bearer_required(w);
    47. 

  47. 

  48.             char *query_string = (char *)buffer_tostring(w->url_query_string_decoded);
    49. 

  49. 

  50.             if(*query_string == '?')
    51. 

  51.                 query_string = &query_string[1];
    52. 

  52. 

  53.             return api_commands[i].callback(host, w, query_string);
    54. 

  54.         }
    55. 

  55.     }
    56. 

  56. 

  57.     buffer_flush(w->response.data);
    58. 

  58.     buffer_strcat(w->response.data, "Unsupported API command: ");
    59. 

  59.     buffer_strcat_htmlescape(w->response.data, url_path_endpoint);
    60. 

  60.     return HTTP_RESP_NOT_FOUND;
    61. 

  61. }
    62. 

  62. 

  63. RRDCONTEXT_TO_JSON_OPTIONS rrdcontext_to_json_parse_options(char *o) {
    64. 

  64.     RRDCONTEXT_TO_JSON_OPTIONS options = RRDCONTEXT_OPTION_NONE;
    65. 

  65.     char *tok;
    66. 

  66. 

  67.     while(o && *o && (tok = strsep_skip_consecutive_separators(&o, ", |"))) {
    68. 

  68.         if(!*tok) continue;
    69. 

  69. 

  70.         if(!strcmp(tok, "full") || !strcmp(tok, "all"))
    71. 

  71.             options |= RRDCONTEXT_OPTIONS_ALL;
    72. 

  72.         else if(!strcmp(tok, "charts") || !strcmp(tok, "instances"))
    73. 

  73.             options |= RRDCONTEXT_OPTION_SHOW_INSTANCES;
    74. 

  74.         else if(!strcmp(tok, "dimensions") || !strcmp(tok, "metrics"))
    75. 

  75.             options |= RRDCONTEXT_OPTION_SHOW_METRICS;
    76. 

  76.         else if(!strcmp(tok, "queue"))
    77. 

  77.             options |= RRDCONTEXT_OPTION_SHOW_QUEUED;
    78. 

  78.         else if(!strcmp(tok, "flags"))
    79. 

  79.             options |= RRDCONTEXT_OPTION_SHOW_FLAGS;
    80. 

  80.         else if(!strcmp(tok, "uuids"))
    81. 

  81.             options |= RRDCONTEXT_OPTION_SHOW_UUIDS;
    82. 

  82.         else if(!strcmp(tok, "deleted"))
    83. 

  83.             options |= RRDCONTEXT_OPTION_SHOW_DELETED;
    84. 

  84.         else if(!strcmp(tok, "labels"))
    85. 

  85.             options |= RRDCONTEXT_OPTION_SHOW_LABELS;
    86. 

  86.         else if(!strcmp(tok, "deepscan"))
    87. 

  87.             options |= RRDCONTEXT_OPTION_DEEPSCAN;
    88. 

  88.         else if(!strcmp(tok, "hidden"))
    89. 

  89.             options |= RRDCONTEXT_OPTION_SHOW_HIDDEN;
    90. 

  90.     }
    91. 

  91. 

  92.     return options;
    93. 

  93. }
    94. 

  94. 

  95. int web_client_api_request_weights(RRDHOST *host, struct web_client *w, char *url, WEIGHTS_METHOD method, WEIGHTS_FORMAT format, size_t api_version) {
    96. 

  96.     if (!netdata_ready)
    97. 

  97.         return HTTP_RESP_BACKEND_FETCH_FAILED;
    98. 

  98. 

  99.     time_t baseline_after = 0, baseline_before = 0, after = 0, before = 0;
    100. 

  100.     size_t points = 0;
    101. 

  101.     RRDR_OPTIONS options = 0;
    102. 

  102.     RRDR_TIME_GROUPING time_group_method = RRDR_GROUPING_AVERAGE;
    103. 

  103.     time_t timeout_ms = 0;
    104. 

  104.     size_t tier = 0;
    105. 

  105.     const char *time_group_options = NULL, *scope_contexts = NULL, *scope_nodes = NULL, *contexts = NULL, *nodes = NULL,
    106. 

  106.         *instances = NULL, *dimensions = NULL, *labels = NULL, *alerts = NULL;
    107. 

  107. 

  108.     struct group_by_pass group_by = {
    109. 

  109.             .group_by = RRDR_GROUP_BY_NONE,
    110. 

  110.             .group_by_label = NULL,
    111. 

  111.             .aggregation = RRDR_GROUP_BY_FUNCTION_AVERAGE,
    112. 

  112.     };
    113. 

  113. 

  114.     while (url) {
    115. 

  115.         char *value = strsep_skip_consecutive_separators(&url, "&");
    116. 

  116.         if (!value || !*value)
    117. 

  117.             continue;
    118. 

  118. 

  119.         char *name = strsep_skip_consecutive_separators(&value, "=");
    120. 

  120.         if (!name || !*name)
    121. 

  121.             continue;
    122. 

  122.         if (!value || !*value)
    123. 

  123.             continue;
    124. 

  124. 

  125.         if (!strcmp(name, "baseline_after"))
    126. 

  126.             baseline_after = str2l(value);
    127. 

  127. 

  128.         else if (!strcmp(name, "baseline_before"))
    129. 

  129.             baseline_before = str2l(value);
    130. 

  130. 

  131.         else if (!strcmp(name, "after") || !strcmp(name, "highlight_after"))
    132. 

  132.             after = str2l(value);
    133. 

  133. 

  134.         else if (!strcmp(name, "before") || !strcmp(name, "highlight_before"))
    135. 

  135.             before = str2l(value);
    136. 

  136. 

  137.         else if (!strcmp(name, "points") || !strcmp(name, "max_points"))
    138. 

  138.             points = str2ul(value);
    139. 

  139. 

  140.         else if (!strcmp(name, "timeout"))
    141. 

  141.             timeout_ms = str2l(value);
    142. 

  142. 

  143.         else if((api_version == 1 && !strcmp(name, "group")) || (api_version >= 2 && !strcmp(name, "time_group")))
    144. 

  144.             time_group_method = time_grouping_parse(value, RRDR_GROUPING_AVERAGE);
    145. 

  145. 

  146.         else if((api_version == 1 && !strcmp(name, "group_options")) || (api_version >= 2 && !strcmp(name, "time_group_options")))
    147. 

  147.             time_group_options = value;
    148. 

  148. 

  149.         else if(!strcmp(name, "options"))
    150. 

  150.             options |= web_client_api_request_v1_data_options(value);
    151. 

  151. 

  152.         else if(!strcmp(name, "method"))
    153. 

  153.             method = weights_string_to_method(value);
    154. 

  154. 

  155.         else if(api_version == 1 && (!strcmp(name, "context") || !strcmp(name, "contexts")))
    156. 

  156.             scope_contexts = value;
    157. 

  157. 

  158.         else if(api_version >= 2 && !strcmp(name, "scope_nodes")) scope_nodes = value;
    159. 

  159.         else if(api_version >= 2 && !strcmp(name, "scope_contexts")) scope_contexts = value;
    160. 

  160.         else if(api_version >= 2 && !strcmp(name, "nodes")) nodes = value;
    161. 

  161.         else if(api_version >= 2 && !strcmp(name, "contexts")) contexts = value;
    162. 

  162.         else if(api_version >= 2 && !strcmp(name, "instances")) instances = value;
    163. 

  163.         else if(api_version >= 2 && !strcmp(name, "dimensions")) dimensions = value;
    164. 

  164.         else if(api_version >= 2 && !strcmp(name, "labels")) labels = value;
    165. 

  165.         else if(api_version >= 2 && !strcmp(name, "alerts")) alerts = value;
    166. 

  166.         else if(api_version >= 2 && (!strcmp(name, "group_by") || !strcmp(name, "group_by[0]"))) {
    167. 

  167.             group_by.group_by = group_by_parse(value);
    168. 

  168.         }
    169. 

  169.         else if(api_version >= 2 && (!strcmp(name, "group_by_label") || !strcmp(name, "group_by_label[0]"))) {
    170. 

  170.             group_by.group_by_label = value;
    171. 

  171.         }
    172. 

  172.         else if(api_version >= 2 && (!strcmp(name, "aggregation") || !strcmp(name, "aggregation[0]"))) {
    173. 

  173.             group_by.aggregation = group_by_aggregate_function_parse(value);
    174. 

  174.         }
    175. 

  175. 

  176.         else if(!strcmp(name, "tier")) {
    177. 

  177.             tier = str2ul(value);
    178. 

  178.             if(tier < storage_tiers)
    179. 

  179.                 options |= RRDR_OPTION_SELECTED_TIER;
    180. 

  180.             else
    181. 

  181.                 tier = 0;
    182. 

  182.         }
    183. 

  183.     }
    184. 

  184. 

  185.     if(options == 0)
    186. 

  186.         // the user did not set any options
    187. 

  187.         options  = RRDR_OPTION_NOT_ALIGNED | RRDR_OPTION_NULL2ZERO | RRDR_OPTION_NONZERO;
    188. 

  188.     else
    189. 

  189.         // the user set some options, add also these
    190. 

  190.         options |= RRDR_OPTION_NOT_ALIGNED | RRDR_OPTION_NULL2ZERO;
    191. 

  191. 

  192.     if(options & RRDR_OPTION_PERCENTAGE)
    193. 

  193.         options |= RRDR_OPTION_ABSOLUTE;
    194. 

  194. 

  195.     if(options & RRDR_OPTION_DEBUG)
    196. 

  196.         options &= ~RRDR_OPTION_MINIFY;
    197. 

  197. 

  198.     BUFFER *wb = w->response.data;
    199. 

  199.     buffer_flush(wb);
    200. 

  200.     wb->content_type = CT_APPLICATION_JSON;
    201. 

  201. 

  202.     QUERY_WEIGHTS_REQUEST qwr = {
    203. 

  203.             .version = api_version,
    204. 

  204.             .host = (api_version == 1) ? NULL : host,
    205. 

  205.             .scope_nodes = scope_nodes,
    206. 

  206.             .scope_contexts = scope_contexts,
    207. 

  207.             .nodes = nodes,
    208. 

  208.             .contexts = contexts,
    209. 

  209.             .instances = instances,
    210. 

  210.             .dimensions = dimensions,
    211. 

  211.             .labels = labels,
    212. 

  212.             .alerts = alerts,
    213. 

  213.             .group_by = {
    214. 

  214.                 .group_by = group_by.group_by,
    215. 

  215.                 .group_by_label = group_by.group_by_label,
    216. 

  216.                 .aggregation = group_by.aggregation,
    217. 

  217.             },
    218. 

  218.             .method = method,
    219. 

  219.             .format = format,
    220. 

  220.             .time_group_method = time_group_method,
    221. 

  221.             .time_group_options = time_group_options,
    222. 

  222.             .baseline_after = baseline_after,
    223. 

  223.             .baseline_before = baseline_before,
    224. 

  224.             .after = after,
    225. 

  225.             .before = before,
    226. 

  226.             .points = points,
    227. 

  227.             .options = options,
    228. 

  228.             .tier = tier,
    229. 

  229.             .timeout_ms = timeout_ms,
    230. 

  230. 

  231.             .interrupt_callback = web_client_interrupt_callback,
    232. 

  232.             .interrupt_callback_data = w,
    233. 

  233.     };
    234. 

  234. 

  235.     return web_api_v12_weights(wb, &qwr);
    236. 

  236. }
    237. 

  237. 

  238. bool web_client_interrupt_callback(void *data) {
    239. 

  239.     struct web_client *w = data;
    240. 

  240. 

  241.     if(w->interrupt.callback)
    242. 

  242.         return w->interrupt.callback(w, w->interrupt.callback_data);
    243. 

  243. 

  244.     return sock_has_output_error(w->ofd);
    245. 

  245. }
    246.