2021-03-26 00:17:52 +08:00
|
|
|
package controller
|
|
|
|
|
|
|
|
|
|
import (
|
2021-04-16 02:48:10 +08:00
|
|
|
"encoding/base64"
|
|
|
|
|
"encoding/json"
|
|
|
|
|
"errors"
|
|
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
2021-08-10 03:32:04 +08:00
|
|
|
|
2021-05-01 11:07:25 +08:00
|
|
|
"github.com/go-playground/validator/v10"
|
2021-04-16 02:48:10 +08:00
|
|
|
"github.com/gorilla/mux"
|
2021-07-22 06:55:19 +08:00
|
|
|
"github.com/gravitl/netmaker/database"
|
2021-04-16 02:48:10 +08:00
|
|
|
"github.com/gravitl/netmaker/functions"
|
2021-10-06 03:02:09 +08:00
|
|
|
"github.com/gravitl/netmaker/logic"
|
2021-04-16 02:48:10 +08:00
|
|
|
"github.com/gravitl/netmaker/models"
|
2021-05-09 22:52:42 +08:00
|
|
|
"github.com/gravitl/netmaker/servercfg"
|
2021-07-27 02:11:46 +08:00
|
|
|
"github.com/gravitl/netmaker/serverctl"
|
2021-03-26 00:17:52 +08:00
|
|
|
)
|
|
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
const ALL_NETWORK_ACCESS = "THIS_USER_HAS_ALL"
|
|
|
|
|
const NO_NETWORKS_PRESENT = "THIS_USER_HAS_NONE"
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
func networkHandlers(r *mux.Router) {
|
2021-07-15 04:47:05 +08:00
|
|
|
r.HandleFunc("/api/networks", securityCheck(false, http.HandlerFunc(getNetworks))).Methods("GET")
|
2021-07-03 11:25:36 +08:00
|
|
|
r.HandleFunc("/api/networks", securityCheck(true, http.HandlerFunc(createNetwork))).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(false, http.HandlerFunc(getNetwork))).Methods("GET")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(false, http.HandlerFunc(updateNetwork))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/nodelimit", securityCheck(true, http.HandlerFunc(updateNetworkNodeLimit))).Methods("PUT")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}", securityCheck(true, http.HandlerFunc(deleteNetwork))).Methods("DELETE")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/keyupdate", securityCheck(false, http.HandlerFunc(keyUpdate))).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys", securityCheck(false, http.HandlerFunc(createAccessKey))).Methods("POST")
|
|
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys", securityCheck(false, http.HandlerFunc(getAccessKeys))).Methods("GET")
|
2021-07-15 04:47:05 +08:00
|
|
|
r.HandleFunc("/api/networks/{networkname}/signuptoken", securityCheck(false, http.HandlerFunc(getSignupToken))).Methods("GET")
|
2021-07-03 11:25:36 +08:00
|
|
|
r.HandleFunc("/api/networks/{networkname}/keys/{name}", securityCheck(false, http.HandlerFunc(deleteAccessKey))).Methods("DELETE")
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Security check is middleware for every function and just checks to make sure that its the master calling
|
2021-04-13 12:42:35 +08:00
|
|
|
//Only admin should have access to all these network-level actions
|
2021-03-26 00:17:52 +08:00
|
|
|
//or maybe some Users once implemented
|
2021-07-03 11:25:36 +08:00
|
|
|
func securityCheck(reqAdmin bool, next http.Handler) http.HandlerFunc {
|
2021-03-26 00:17:52 +08:00
|
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
var errorResponse = models.ErrorResponse{
|
2021-05-03 03:54:12 +08:00
|
|
|
Code: http.StatusUnauthorized, Message: "W1R3: It's not you it's me.",
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-03 03:54:12 +08:00
|
|
|
bearerToken := r.Header.Get("Authorization")
|
2021-07-15 04:47:05 +08:00
|
|
|
err, networks, username := SecurityCheck(reqAdmin, params["networkname"], bearerToken)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-28 22:04:07 +08:00
|
|
|
if strings.Contains(err.Error(), "does not exist") {
|
|
|
|
|
errorResponse.Code = http.StatusNotFound
|
|
|
|
|
}
|
2021-05-03 03:54:12 +08:00
|
|
|
errorResponse.Message = err.Error()
|
2021-03-26 00:17:52 +08:00
|
|
|
returnErrorResponse(w, r, errorResponse)
|
2021-04-13 11:19:01 +08:00
|
|
|
return
|
2021-05-03 03:54:12 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
networksJson, err := json.Marshal(&networks)
|
|
|
|
|
if err != nil {
|
|
|
|
|
errorResponse.Message = err.Error()
|
|
|
|
|
returnErrorResponse(w, r, errorResponse)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
r.Header.Set("user", username)
|
|
|
|
|
r.Header.Set("networks", string(networksJson))
|
2021-05-03 03:54:12 +08:00
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
|
2021-08-10 03:32:04 +08:00
|
|
|
func SecurityCheck(reqAdmin bool, netname string, token string) (error, []string, string) {
|
2021-07-15 04:47:05 +08:00
|
|
|
|
2021-05-03 03:54:12 +08:00
|
|
|
var hasBearer = true
|
|
|
|
|
var tokenSplit = strings.Split(token, " ")
|
|
|
|
|
var authToken = ""
|
2021-04-16 02:48:10 +08:00
|
|
|
|
2021-05-03 03:54:12 +08:00
|
|
|
if len(tokenSplit) < 2 {
|
|
|
|
|
hasBearer = false
|
|
|
|
|
} else {
|
|
|
|
|
authToken = tokenSplit[1]
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
userNetworks := []string{}
|
2021-05-03 03:54:12 +08:00
|
|
|
//all endpoints here require master so not as complicated
|
2021-07-15 04:47:05 +08:00
|
|
|
isMasterAuthenticated := authenticateMaster(authToken)
|
|
|
|
|
username := ""
|
|
|
|
|
if !hasBearer || !isMasterAuthenticated {
|
2021-10-27 00:27:29 +08:00
|
|
|
userName, networks, isadmin, err := logic.VerifyUserToken(authToken)
|
2021-07-15 04:47:05 +08:00
|
|
|
username = userName
|
2021-07-02 12:03:46 +08:00
|
|
|
if err != nil {
|
2021-08-06 00:23:36 +08:00
|
|
|
return errors.New("error verifying user token"), nil, username
|
2021-07-02 12:03:46 +08:00
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
if !isadmin && reqAdmin {
|
2021-08-06 00:23:36 +08:00
|
|
|
return errors.New("you are unauthorized to access this endpoint"), nil, username
|
2021-07-15 04:47:05 +08:00
|
|
|
}
|
|
|
|
|
userNetworks = networks
|
|
|
|
|
if isadmin {
|
|
|
|
|
userNetworks = []string{ALL_NETWORK_ACCESS}
|
2021-08-06 00:23:36 +08:00
|
|
|
} else {
|
|
|
|
|
networkexists, err := functions.NetworkExists(netname)
|
2021-08-10 03:32:04 +08:00
|
|
|
if err != nil && !database.IsEmptyRecord(err) {
|
2021-08-06 00:23:36 +08:00
|
|
|
return err, nil, ""
|
|
|
|
|
}
|
|
|
|
|
if netname != "" && !networkexists {
|
|
|
|
|
return errors.New("this network does not exist"), nil, ""
|
|
|
|
|
}
|
2021-05-30 04:18:22 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
} else if isMasterAuthenticated {
|
|
|
|
|
userNetworks = []string{ALL_NETWORK_ACCESS}
|
2021-05-30 04:18:22 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
if len(userNetworks) == 0 {
|
|
|
|
|
userNetworks = append(userNetworks, NO_NETWORKS_PRESENT)
|
|
|
|
|
}
|
|
|
|
|
return nil, userNetworks, username
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
2021-04-16 02:48:10 +08:00
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
//Consider a more secure way of setting master key
|
|
|
|
|
func authenticateMaster(tokenString string) bool {
|
2021-11-16 00:42:52 +08:00
|
|
|
return tokenString == servercfg.GetMasterKey()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Consider a more secure way of setting master key
|
|
|
|
|
func authenticateDNSToken(tokenString string) bool {
|
2021-11-17 01:20:48 +08:00
|
|
|
tokens := strings.Split(tokenString, " ")
|
|
|
|
|
if len(tokens) < 2 {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
return tokens[1] == servercfg.GetDNSKey()
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
//simple get all networks function
|
|
|
|
|
func getNetworks(w http.ResponseWriter, r *http.Request) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
headerNetworks := r.Header.Get("networks")
|
|
|
|
|
networksSlice := []string{}
|
|
|
|
|
marshalErr := json.Unmarshal([]byte(headerNetworks), &networksSlice)
|
|
|
|
|
if marshalErr != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(marshalErr, "internal"))
|
2021-04-13 11:19:01 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
allnetworks := []models.Network{}
|
|
|
|
|
err := errors.New("Networks Error")
|
|
|
|
|
if networksSlice[0] == ALL_NETWORK_ACCESS {
|
2021-10-27 00:27:29 +08:00
|
|
|
allnetworks, err = logic.GetNetworks()
|
2021-09-28 05:51:20 +08:00
|
|
|
if err != nil && !database.IsEmptyRecord(err) {
|
2021-07-15 04:47:05 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
for _, network := range networksSlice {
|
2021-10-27 00:27:29 +08:00
|
|
|
netObject, parentErr := logic.GetParentNetwork(network)
|
2021-07-15 04:47:05 +08:00
|
|
|
if parentErr == nil {
|
|
|
|
|
allnetworks = append(allnetworks, netObject)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-11-17 01:20:48 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
|
|
|
|
for i, net := range allnetworks {
|
|
|
|
|
net.AccessKeys = logic.RemoveKeySensitiveInfo(net.AccessKeys)
|
|
|
|
|
allnetworks[i] = net
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "fetched networks.", 2)
|
2021-05-30 23:26:10 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2021-08-06 01:32:06 +08:00
|
|
|
json.NewEncoder(w).Encode(allnetworks)
|
2021-05-30 23:26:10 +08:00
|
|
|
}
|
|
|
|
|
|
2021-07-24 06:24:34 +08:00
|
|
|
func ValidateNetworkUpdate(network models.Network) error {
|
2021-04-16 20:02:12 +08:00
|
|
|
v := validator.New()
|
|
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
_ = v.RegisterValidation("netid_valid", func(fl validator.FieldLevel) bool {
|
|
|
|
|
if fl.Field().String() == "" {
|
2021-07-11 22:28:50 +08:00
|
|
|
return true
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
inCharSet := functions.NameInNetworkCharSet(fl.Field().String())
|
|
|
|
|
return inCharSet
|
|
|
|
|
})
|
2021-07-11 22:28:50 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
err := v.Struct(network)
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
for _, e := range err.(validator.ValidationErrors) {
|
2021-08-10 03:32:04 +08:00
|
|
|
functions.PrintUserLog("validator", e.Error(), 1)
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return err
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
//Simple get network function
|
|
|
|
|
func getNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
// set header.
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
|
|
|
|
network, err := GetNetwork(netname)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-17 01:20:48 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
|
|
|
|
network.AccessKeys = logic.RemoveKeySensitiveInfo(network.AccessKeys)
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "fetched network "+netname, 2)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
func GetNetwork(name string) (models.Network, error) {
|
2021-04-16 02:48:10 +08:00
|
|
|
var network models.Network
|
2021-07-22 06:55:19 +08:00
|
|
|
record, err := database.FetchRecord(database.NETWORKS_TABLE_NAME, name)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-07-22 06:55:19 +08:00
|
|
|
return network, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err = json.Unmarshal([]byte(record), &network); err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
return models.Network{}, err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
return network, nil
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-06 06:09:21 +08:00
|
|
|
func keyUpdate(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
|
|
|
|
network, err := KeyUpdate(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
2021-04-13 11:19:01 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "updated key on network "+netname, 2)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
|
|
|
|
}
|
2021-04-13 11:19:01 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
func KeyUpdate(netname string) (models.Network, error) {
|
2021-08-07 01:39:14 +08:00
|
|
|
err := functions.NetworkNodesUpdateAction(netname, models.NODE_UPDATE_KEY)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
return models.Network{}, err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-08-03 06:06:26 +08:00
|
|
|
return models.Network{}, nil
|
2021-04-06 06:09:21 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 14:55:49 +08:00
|
|
|
//Update a network
|
2021-04-16 02:48:10 +08:00
|
|
|
func AlertNetwork(netid string) error {
|
2021-04-13 14:55:49 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
var network models.Network
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netid)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-04-13 14:55:49 +08:00
|
|
|
updatetime := time.Now().Unix()
|
2021-07-22 06:55:19 +08:00
|
|
|
network.NodesLastModified = updatetime
|
|
|
|
|
network.NetworkLastModified = updatetime
|
|
|
|
|
data, err := json.Marshal(&network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
database.Insert(netid, string(data), database.NETWORKS_TABLE_NAME)
|
|
|
|
|
return nil
|
2021-04-13 14:55:49 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
//Update a network
|
|
|
|
|
func updateNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var network models.Network
|
2021-07-15 04:47:05 +08:00
|
|
|
netname := params["networkname"]
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-24 06:24:34 +08:00
|
|
|
var newNetwork models.Network
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&newNetwork)
|
2021-04-16 20:02:12 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-23 22:47:49 +08:00
|
|
|
|
2021-10-27 00:27:29 +08:00
|
|
|
rangeupdate, localrangeupdate, err := logic.UpdateNetwork(&network, &newNetwork)
|
2021-05-04 05:51:38 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-11-23 22:47:49 +08:00
|
|
|
// if newNetwork.IsDualStack != currentNetwork.IsDualStack && newNetwork.IsDualStack == "no" {
|
|
|
|
|
// // Remove IPv6 address from network nodes
|
|
|
|
|
// RemoveNetworkNodeIPv6Addresses(currentNetwork.NetID)
|
|
|
|
|
// }
|
|
|
|
|
|
2021-07-24 06:24:34 +08:00
|
|
|
if rangeupdate {
|
2021-10-27 00:27:29 +08:00
|
|
|
err = logic.UpdateNetworkNodeAddresses(network.NetID)
|
2021-07-24 06:24:34 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if localrangeupdate {
|
2021-10-27 00:27:29 +08:00
|
|
|
err = logic.UpdateNetworkLocalAddresses(network.NetID)
|
2021-07-24 06:24:34 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "updated network "+netname, 1)
|
2021-05-04 05:51:38 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2021-07-24 06:24:34 +08:00
|
|
|
json.NewEncoder(w).Encode(newNetwork)
|
2021-05-04 05:51:38 +08:00
|
|
|
}
|
|
|
|
|
|
2021-07-03 11:25:36 +08:00
|
|
|
func updateNetworkNodeLimit(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var network models.Network
|
|
|
|
|
netname := params["networkname"]
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
|
2021-07-24 06:24:34 +08:00
|
|
|
var networkChange models.Network
|
2021-07-15 04:47:05 +08:00
|
|
|
|
|
|
|
|
_ = json.NewDecoder(r.Body).Decode(&networkChange)
|
|
|
|
|
|
|
|
|
|
if networkChange.NodeLimit != 0 {
|
2021-07-22 06:55:19 +08:00
|
|
|
network.NodeLimit = networkChange.NodeLimit
|
|
|
|
|
data, err := json.Marshal(&network)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
database.Insert(network.NetID, string(data), database.NETWORKS_TABLE_NAME)
|
|
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "updated network node limit on, "+netname, 1)
|
2021-07-15 04:47:05 +08:00
|
|
|
}
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(network)
|
|
|
|
|
}
|
2021-07-03 11:25:36 +08:00
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
//Delete a network
|
2021-03-26 00:17:52 +08:00
|
|
|
//Will stop you if there's any nodes associated
|
2021-04-13 12:42:35 +08:00
|
|
|
func deleteNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
// Set header
|
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
var params = mux.Vars(r)
|
2021-05-01 11:07:25 +08:00
|
|
|
network := params["networkname"]
|
2021-07-22 06:55:19 +08:00
|
|
|
err := DeleteNetwork(network)
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-13 11:19:01 +08:00
|
|
|
if err != nil {
|
2021-05-28 22:04:07 +08:00
|
|
|
errtype := "badrequest"
|
2021-07-15 04:47:05 +08:00
|
|
|
if strings.Contains(err.Error(), "Node check failed") {
|
2021-05-28 22:04:07 +08:00
|
|
|
errtype = "forbidden"
|
|
|
|
|
}
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, errtype))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "deleted network "+network, 1)
|
2021-05-01 11:07:25 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2021-07-22 06:55:19 +08:00
|
|
|
json.NewEncoder(w).Encode("success")
|
2021-05-01 11:07:25 +08:00
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-22 06:55:19 +08:00
|
|
|
func DeleteNetwork(network string) error {
|
2021-10-06 03:02:09 +08:00
|
|
|
nodeCount, err := functions.GetNetworkNonServerNodeCount(network)
|
2021-08-06 01:11:21 +08:00
|
|
|
if nodeCount == 0 || database.IsEmptyRecord(err) {
|
2021-10-06 03:02:09 +08:00
|
|
|
// delete server nodes first then db records
|
|
|
|
|
servers, err := logic.GetSortedNetworkServerNodes(network)
|
|
|
|
|
if err == nil {
|
|
|
|
|
for _, s := range servers {
|
2021-10-20 21:22:05 +08:00
|
|
|
if err = logic.DeleteNode(&s, true); err != nil {
|
|
|
|
|
functions.PrintUserLog("", "could not removed server "+s.Name+" before deleting network "+network, 2)
|
2021-10-06 03:02:09 +08:00
|
|
|
} else {
|
2021-10-20 21:22:05 +08:00
|
|
|
functions.PrintUserLog("", "removed server "+s.Name+" before deleting network "+network, 2)
|
2021-10-06 03:02:09 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2021-10-20 21:22:05 +08:00
|
|
|
functions.PrintUserLog("", "could not remove servers before deleting network "+network, 1)
|
2021-10-06 03:02:09 +08:00
|
|
|
}
|
2021-08-06 01:03:05 +08:00
|
|
|
return database.DeleteRecord(database.NETWORKS_TABLE_NAME, network)
|
2021-05-01 11:07:25 +08:00
|
|
|
}
|
2021-08-06 01:03:05 +08:00
|
|
|
return errors.New("node check failed. All nodes must be deleted before deleting network")
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
//Create a network
|
2021-03-26 00:17:52 +08:00
|
|
|
//Pretty simple
|
2021-04-13 12:42:35 +08:00
|
|
|
func createNetwork(w http.ResponseWriter, r *http.Request) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
var network models.Network
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-04-16 02:48:10 +08:00
|
|
|
// we decode our body request params
|
2021-04-13 12:42:35 +08:00
|
|
|
err := json.NewDecoder(r.Body).Decode(&network)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-05-01 11:07:25 +08:00
|
|
|
err = CreateNetwork(network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "created network "+network.NetID, 1)
|
2021-05-01 11:07:25 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
//json.NewEncoder(w).Encode(result)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func CreateNetwork(network models.Network) error {
|
2021-04-16 19:34:48 +08:00
|
|
|
|
2021-07-24 06:24:34 +08:00
|
|
|
network.SetDefaults()
|
|
|
|
|
network.SetNodesLastModified()
|
|
|
|
|
network.SetNetworkLastModified()
|
|
|
|
|
network.KeyUpdateTimeStamp = time.Now().Unix()
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-10-27 00:27:29 +08:00
|
|
|
err := logic.ValidateNetwork(&network, false)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 11:07:25 +08:00
|
|
|
//returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-22 06:55:19 +08:00
|
|
|
data, err := json.Marshal(&network)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 11:07:25 +08:00
|
|
|
return err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
if err = database.Insert(network.NetID, string(data), database.NETWORKS_TABLE_NAME); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-28 05:51:20 +08:00
|
|
|
if servercfg.IsClientMode() != "off" {
|
2021-09-11 03:48:18 +08:00
|
|
|
var success bool
|
|
|
|
|
success, err = serverctl.AddNetwork(network.NetID)
|
|
|
|
|
if err != nil || !success {
|
|
|
|
|
DeleteNetwork(network.NetID)
|
|
|
|
|
if err == nil {
|
|
|
|
|
err = errors.New("Failed to add server to network " + network.DisplayName)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return err
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// BEGIN KEY MANAGEMENT SECTION
|
|
|
|
|
func createAccessKey(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
var accesskey models.AccessKey
|
|
|
|
|
//start here
|
2021-07-15 04:47:05 +08:00
|
|
|
netname := params["networkname"]
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
err = json.NewDecoder(r.Body).Decode(&accesskey)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-05-01 19:57:49 +08:00
|
|
|
key, err := CreateAccessKey(accesskey, network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-07-24 06:24:34 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "created access key "+accesskey.Name+" on "+netname, 1)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(key)
|
|
|
|
|
//w.Write([]byte(accesskey.AccessString))
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
func CreateAccessKey(accesskey models.AccessKey, network models.Network) (models.AccessKey, error) {
|
2021-05-28 22:04:07 +08:00
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
if accesskey.Name == "" {
|
2021-04-16 02:48:10 +08:00
|
|
|
accesskey.Name = functions.GenKeyName()
|
|
|
|
|
}
|
2021-05-28 22:04:07 +08:00
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
if accesskey.Value == "" {
|
|
|
|
|
accesskey.Value = functions.GenKey()
|
|
|
|
|
}
|
2021-04-16 20:02:12 +08:00
|
|
|
if accesskey.Uses == 0 {
|
|
|
|
|
accesskey.Uses = 1
|
|
|
|
|
}
|
2021-05-28 22:04:07 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
checkkeys, err := GetKeys(network.NetID)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return models.AccessKey{}, errors.New("could not retrieve network keys")
|
|
|
|
|
}
|
2021-05-28 22:04:07 +08:00
|
|
|
|
|
|
|
|
for _, key := range checkkeys {
|
2021-05-01 19:57:49 +08:00
|
|
|
if key.Name == accesskey.Name {
|
2021-07-22 06:55:19 +08:00
|
|
|
return models.AccessKey{}, errors.New("duplicate AccessKey Name")
|
2021-05-01 19:57:49 +08:00
|
|
|
}
|
|
|
|
|
}
|
2021-04-13 12:42:35 +08:00
|
|
|
privAddr := ""
|
2021-07-24 06:24:34 +08:00
|
|
|
if network.IsLocal != "" {
|
|
|
|
|
privAddr = network.LocalRange
|
2021-04-13 12:42:35 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-10 01:31:50 +08:00
|
|
|
netID := network.NetID
|
2021-04-06 02:47:07 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
var accessToken models.AccessToken
|
|
|
|
|
s := servercfg.GetServerConfig()
|
2021-07-11 22:18:31 +08:00
|
|
|
servervals := models.ServerConfig{
|
2021-10-06 03:02:09 +08:00
|
|
|
CoreDNSAddr: s.CoreDNSAddr,
|
|
|
|
|
APIConnString: s.APIConnString,
|
|
|
|
|
APIHost: s.APIHost,
|
|
|
|
|
APIPort: s.APIPort,
|
|
|
|
|
GRPCConnString: s.GRPCConnString,
|
|
|
|
|
GRPCHost: s.GRPCHost,
|
|
|
|
|
GRPCPort: s.GRPCPort,
|
|
|
|
|
GRPCSSL: s.GRPCSSL,
|
|
|
|
|
CheckinInterval: s.CheckinInterval,
|
2021-07-15 04:47:05 +08:00
|
|
|
}
|
|
|
|
|
accessToken.ServerConfig = servervals
|
2021-07-11 12:49:31 +08:00
|
|
|
accessToken.ClientConfig.Network = netID
|
|
|
|
|
accessToken.ClientConfig.Key = accesskey.Value
|
|
|
|
|
accessToken.ClientConfig.LocalRange = privAddr
|
|
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
tokenjson, err := json.Marshal(accessToken)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return accesskey, err
|
|
|
|
|
}
|
2021-07-11 12:49:31 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson))
|
2021-07-11 12:49:31 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
//validate accesskey
|
|
|
|
|
v := validator.New()
|
2021-05-28 22:04:07 +08:00
|
|
|
err = v.Struct(accesskey)
|
2021-05-01 19:57:49 +08:00
|
|
|
if err != nil {
|
|
|
|
|
for _, e := range err.(validator.ValidationErrors) {
|
2021-08-10 03:32:04 +08:00
|
|
|
functions.PrintUserLog("validator", e.Error(), 1)
|
2021-05-01 19:57:49 +08:00
|
|
|
}
|
|
|
|
|
return models.AccessKey{}, err
|
|
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
|
2021-04-13 12:42:35 +08:00
|
|
|
network.AccessKeys = append(network.AccessKeys, accesskey)
|
2021-07-22 06:55:19 +08:00
|
|
|
data, err := json.Marshal(&network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return models.AccessKey{}, err
|
|
|
|
|
}
|
|
|
|
|
if err = database.Insert(network.NetID, string(data), database.NETWORKS_TABLE_NAME); err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
return models.AccessKey{}, err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
return accesskey, nil
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
2021-05-26 00:48:04 +08:00
|
|
|
func GetSignupToken(netID string) (models.AccessKey, error) {
|
|
|
|
|
|
|
|
|
|
var accesskey models.AccessKey
|
2021-07-11 12:49:31 +08:00
|
|
|
var accessToken models.AccessToken
|
2021-07-15 04:47:05 +08:00
|
|
|
s := servercfg.GetServerConfig()
|
|
|
|
|
servervals := models.ServerConfig{
|
|
|
|
|
APIConnString: s.APIConnString,
|
|
|
|
|
APIHost: s.APIHost,
|
|
|
|
|
APIPort: s.APIPort,
|
|
|
|
|
GRPCConnString: s.GRPCConnString,
|
|
|
|
|
GRPCHost: s.GRPCHost,
|
|
|
|
|
GRPCPort: s.GRPCPort,
|
|
|
|
|
GRPCSSL: s.GRPCSSL,
|
|
|
|
|
}
|
|
|
|
|
accessToken.ServerConfig = servervals
|
2021-07-11 12:49:31 +08:00
|
|
|
|
|
|
|
|
tokenjson, err := json.Marshal(accessToken)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return accesskey, err
|
|
|
|
|
}
|
2021-05-26 00:48:04 +08:00
|
|
|
|
2021-07-15 04:47:05 +08:00
|
|
|
accesskey.AccessString = base64.StdEncoding.EncodeToString([]byte(tokenjson))
|
|
|
|
|
return accesskey, nil
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
func getSignupToken(w http.ResponseWriter, r *http.Request) {
|
2021-07-15 04:47:05 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
|
|
|
|
netID := params["networkname"]
|
2021-05-26 00:48:04 +08:00
|
|
|
|
|
|
|
|
token, err := GetSignupToken(netID)
|
2021-07-15 04:47:05 +08:00
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "got signup token "+netID, 2)
|
|
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(token)
|
2021-05-26 00:48:04 +08:00
|
|
|
}
|
|
|
|
|
|
2021-03-26 00:17:52 +08:00
|
|
|
//pretty simple get
|
|
|
|
|
func getAccessKeys(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-05-01 19:57:49 +08:00
|
|
|
network := params["networkname"]
|
|
|
|
|
keys, err := GetKeys(network)
|
|
|
|
|
if err != nil {
|
|
|
|
|
returnErrorResponse(w, r, formatError(err, "internal"))
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-11-15 05:50:20 +08:00
|
|
|
if !servercfg.IsDisplayKeys() {
|
2021-11-17 01:20:48 +08:00
|
|
|
keys = logic.RemoveKeySensitiveInfo(keys)
|
2021-11-15 05:50:20 +08:00
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "fetched access keys on network "+network, 2)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
json.NewEncoder(w).Encode(keys)
|
|
|
|
|
}
|
|
|
|
|
func GetKeys(net string) ([]models.AccessKey, error) {
|
2021-03-26 00:17:52 +08:00
|
|
|
|
2021-07-22 06:55:19 +08:00
|
|
|
record, err := database.FetchRecord(database.NETWORKS_TABLE_NAME, net)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return []models.AccessKey{}, err
|
|
|
|
|
}
|
|
|
|
|
network, err := functions.ParseNetwork(record)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
return []models.AccessKey{}, err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-05-01 19:57:49 +08:00
|
|
|
return network.AccessKeys, nil
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//delete key. Has to do a little funky logic since it's not a collection item
|
|
|
|
|
func deleteAccessKey(w http.ResponseWriter, r *http.Request) {
|
2021-04-16 02:48:10 +08:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
|
var params = mux.Vars(r)
|
2021-03-26 00:17:52 +08:00
|
|
|
keyname := params["name"]
|
2021-05-01 19:57:49 +08:00
|
|
|
netname := params["networkname"]
|
|
|
|
|
err := DeleteKey(keyname, netname)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
2021-04-16 02:48:10 +08:00
|
|
|
return
|
|
|
|
|
}
|
2021-07-15 04:47:05 +08:00
|
|
|
functions.PrintUserLog(r.Header.Get("user"), "deleted access key "+keyname+" on network "+netname, 1)
|
2021-05-01 19:57:49 +08:00
|
|
|
w.WriteHeader(http.StatusOK)
|
|
|
|
|
}
|
|
|
|
|
func DeleteKey(keyname, netname string) error {
|
2021-10-27 00:27:29 +08:00
|
|
|
network, err := logic.GetParentNetwork(netname)
|
2021-05-01 19:57:49 +08:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2021-03-26 00:17:52 +08:00
|
|
|
//basically, turn the list of access keys into the list of access keys before and after the item
|
|
|
|
|
//have not done any error handling for if there's like...1 item. I think it works? need to test.
|
2021-04-18 04:52:53 +08:00
|
|
|
found := false
|
2021-05-01 19:57:49 +08:00
|
|
|
var updatedKeys []models.AccessKey
|
|
|
|
|
for _, currentkey := range network.AccessKeys {
|
2021-03-26 00:17:52 +08:00
|
|
|
if currentkey.Name == keyname {
|
2021-04-18 04:52:53 +08:00
|
|
|
found = true
|
2021-05-01 19:57:49 +08:00
|
|
|
} else {
|
|
|
|
|
updatedKeys = append(updatedKeys, currentkey)
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
|
|
|
|
}
|
2021-04-18 04:52:53 +08:00
|
|
|
if !found {
|
2021-05-01 19:57:49 +08:00
|
|
|
return errors.New("key " + keyname + " does not exist")
|
2021-04-18 04:52:53 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
network.AccessKeys = updatedKeys
|
|
|
|
|
data, err := json.Marshal(&network)
|
2021-04-16 02:48:10 +08:00
|
|
|
if err != nil {
|
2021-05-01 19:57:49 +08:00
|
|
|
return err
|
2021-04-16 02:48:10 +08:00
|
|
|
}
|
2021-07-22 06:55:19 +08:00
|
|
|
if err := database.Insert(network.NetID, string(data), database.NETWORKS_TABLE_NAME); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-01 19:57:49 +08:00
|
|
|
return nil
|
2021-03-26 00:17:52 +08:00
|
|
|
}
|
