akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
Files
72bfca2dc37c872fc0bd32a92e7fda03f9fca1dc
Charon/backend/internal/api/handlers/notification_provider_handler.go
T
GitHub Actions 718358314f chore: Update notification provider to support Discord only 
- Refactored notification provider tests to use Discord webhook URLs.
- Updated frontend forms and API interactions to restrict provider type to Discord.
- Modified translations to reflect the change in supported provider types.
- Enhanced UI to indicate deprecated status for non-Discord providers.
- Adjusted documentation to align with the new provider structure.
2026-02-21 06:23:46 +00:00

287 lines
9.7 KiB
Go
Raw Blame History

package handlers
import (
"encoding/json"
"fmt"
"net/http"
"strings"
"time"
"github.com/Wikid82/charon/backend/internal/models"
"github.com/Wikid82/charon/backend/internal/services"
"github.com/gin-gonic/gin"
"gorm.io/gorm"
)
type NotificationProviderHandler struct {
service *services.NotificationService
securityService *services.SecurityService
dataRoot string
}
type notificationProviderUpsertRequest struct {
Name string `json:"name"`
Type string `json:"type"`
URL string `json:"url"`
Config string `json:"config"`
Template string `json:"template"`
Enabled bool `json:"enabled"`
NotifyProxyHosts bool `json:"notify_proxy_hosts"`
NotifyRemoteServers bool `json:"notify_remote_servers"`
NotifyDomains bool `json:"notify_domains"`
NotifyCerts bool `json:"notify_certs"`
NotifyUptime bool `json:"notify_uptime"`
NotifySecurityWAFBlocks bool `json:"notify_security_waf_blocks"`
NotifySecurityACLDenies bool `json:"notify_security_acl_denies"`
NotifySecurityRateLimitHits bool `json:"notify_security_rate_limit_hits"`
NotifySecurityCrowdSecDecisions bool `json:"notify_security_crowdsec_decisions"`
}
func (r notificationProviderUpsertRequest) toModel() models.NotificationProvider {
return models.NotificationProvider{
Name: r.Name,
Type: r.Type,
URL: r.URL,
Config: r.Config,
Template: r.Template,
Enabled: r.Enabled,
NotifyProxyHosts: r.NotifyProxyHosts,
NotifyRemoteServers: r.NotifyRemoteServers,
NotifyDomains: r.NotifyDomains,
NotifyCerts: r.NotifyCerts,
NotifyUptime: r.NotifyUptime,
NotifySecurityWAFBlocks: r.NotifySecurityWAFBlocks,
NotifySecurityACLDenies: r.NotifySecurityACLDenies,
NotifySecurityRateLimitHits: r.NotifySecurityRateLimitHits,
NotifySecurityCrowdSecDecisions: r.NotifySecurityCrowdSecDecisions,
}
}
func NewNotificationProviderHandler(service *services.NotificationService) *NotificationProviderHandler {
return NewNotificationProviderHandlerWithDeps(service, nil, "")
}
func NewNotificationProviderHandlerWithDeps(service *services.NotificationService, securityService *services.SecurityService, dataRoot string) *NotificationProviderHandler {
return &NotificationProviderHandler{service: service, securityService: securityService, dataRoot: dataRoot}
}
func (h *NotificationProviderHandler) List(c *gin.Context) {
providers, err := h.service.ListProviders()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to list providers"})
return
}
c.JSON(http.StatusOK, providers)
}
func (h *NotificationProviderHandler) Create(c *gin.Context) {
if !requireAdmin(c) {
return
}
var req notificationProviderUpsertRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Discord-only enforcement for this rollout
if req.Type != "discord" {
c.JSON(http.StatusBadRequest, gin.H{
"error": "only discord provider type is supported in this release; additional providers will be enabled in future releases after validation",
"code": "PROVIDER_TYPE_DISCORD_ONLY",
})
return
}
provider := req.toModel()
// Server-managed migration fields are set by the migration reconciliation logic
// and must not be set from user input
provider.Engine = ""
provider.MigrationState = ""
provider.MigrationError = ""
provider.LastMigratedAt = nil
provider.LegacyURL = ""
if err := h.service.CreateProvider(&provider); err != nil {
// If it's a validation error from template parsing, return 400
if isProviderValidationError(err) {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
if respondPermissionError(c, h.securityService, "notification_provider_save_failed", err, h.dataRoot) {
return
}
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to create provider"})
return
}
c.JSON(http.StatusCreated, provider)
}
func (h *NotificationProviderHandler) Update(c *gin.Context) {
if !requireAdmin(c) {
return
}
id := c.Param("id")
var req notificationProviderUpsertRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
// Check if existing provider is non-Discord (deprecated)
var existing models.NotificationProvider
if err := h.service.DB.Where("id = ?", id).First(&existing).Error; err != nil {
if err == gorm.ErrRecordNotFound {
c.JSON(http.StatusNotFound, gin.H{"error": "provider not found"})
return
}
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to fetch provider"})
return
}
// Block type mutation for existing non-Discord providers
if existing.Type != "discord" && req.Type != existing.Type {
c.JSON(http.StatusBadRequest, gin.H{
"error": "cannot change provider type for deprecated non-discord providers; delete and recreate as discord provider instead",
"code": "DEPRECATED_PROVIDER_TYPE_IMMUTABLE",
})
return
}
// Block enable mutation for existing non-Discord providers
if existing.Type != "discord" && req.Enabled && !existing.Enabled {
c.JSON(http.StatusBadRequest, gin.H{
"error": "cannot enable deprecated non-discord providers; only discord providers can be enabled",
"code": "DEPRECATED_PROVIDER_CANNOT_ENABLE",
})
return
}
// Discord-only enforcement for this rollout (new providers or type changes)
if req.Type != "discord" {
c.JSON(http.StatusBadRequest, gin.H{
"error": "only discord provider type is supported in this release; additional providers will be enabled in future releases after validation",
"code": "PROVIDER_TYPE_DISCORD_ONLY",
})
return
}
provider := req.toModel()
provider.ID = id
// Server-managed migration fields must not be modified via user input
provider.Engine = ""
provider.MigrationState = ""
provider.MigrationError = ""
provider.LastMigratedAt = nil
provider.LegacyURL = ""
if err := h.service.UpdateProvider(&provider); err != nil {
if isProviderValidationError(err) {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
if respondPermissionError(c, h.securityService, "notification_provider_save_failed", err, h.dataRoot) {
return
}
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to update provider"})
return
}
c.JSON(http.StatusOK, provider)
}
func isProviderValidationError(err error) bool {
if err == nil {
return false
}
errMsg := err.Error()
return strings.Contains(errMsg, "invalid custom template") ||
strings.Contains(errMsg, "rendered template") ||
strings.Contains(errMsg, "failed to parse template") ||
strings.Contains(errMsg, "failed to render template") ||
strings.Contains(errMsg, "invalid Discord webhook URL")
}
func (h *NotificationProviderHandler) Delete(c *gin.Context) {
if !requireAdmin(c) {
return
}
id := c.Param("id")
if err := h.service.DeleteProvider(id); err != nil {
if respondPermissionError(c, h.securityService, "notification_provider_delete_failed", err, h.dataRoot) {
return
}
c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to delete provider"})
return
}
c.JSON(http.StatusOK, gin.H{"message": "Provider deleted"})
}
func (h *NotificationProviderHandler) Test(c *gin.Context) {
var provider models.NotificationProvider
if err := c.ShouldBindJSON(&provider); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
if err := h.service.TestProvider(provider); err != nil {
// Create internal notification for the failure
_, _ = h.service.Create(models.NotificationTypeError, "Test Failed", fmt.Sprintf("Provider %s test failed: %v", provider.Name, err))
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
c.JSON(http.StatusOK, gin.H{"message": "Test notification sent"})
}
// Templates returns a list of built-in templates a provider can use.
func (h *NotificationProviderHandler) Templates(c *gin.Context) {
c.JSON(http.StatusOK, []gin.H{
{"id": "minimal", "name": "Minimal", "description": "Small JSON payload with title, message and time."},
{"id": "detailed", "name": "Detailed", "description": "Full JSON payload with host, services and all data."},
{"id": "custom", "name": "Custom", "description": "Use your own JSON template in the Config field."},
})
}
// Preview renders the template for a provider and returns the resulting JSON object or an error.
func (h *NotificationProviderHandler) Preview(c *gin.Context) {
var raw map[string]any
if err := c.ShouldBindJSON(&raw); err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return
}
var provider models.NotificationProvider
// Marshal raw into provider to get proper types
if b, err := json.Marshal(raw); err == nil {
_ = json.Unmarshal(b, &provider)
}
var payload map[string]any
if d, ok := raw["data"].(map[string]any); ok {
payload = d
}
if payload == nil {
payload = map[string]any{}
}
// Add some defaults for preview
if _, ok := payload["Title"]; !ok {
payload["Title"] = "Preview Title"
}
if _, ok := payload["Message"]; !ok {
payload["Message"] = "Preview Message"
}
payload["Time"] = time.Now().Format(time.RFC3339)
payload["EventType"] = "preview"
rendered, parsed, err := h.service.RenderTemplate(provider, payload)
if err != nil {
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error(), "rendered": rendered})
return
}
c.JSON(http.StatusOK, gin.H{"rendered": rendered, "parsed": parsed})
}
Reference in New Issue View Git Blame Copy Permalink