1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
14 "git.arvados.org/arvados.git/lib/controller/api"
15 "git.arvados.org/arvados.git/sdk/go/arvados"
16 "git.arvados.org/arvados.git/sdk/go/auth"
17 "git.arvados.org/arvados.git/sdk/go/ctxlog"
18 "git.arvados.org/arvados.git/sdk/go/httpserver"
19 "github.com/gorilla/mux"
20 "github.com/sirupsen/logrus"
30 // Return an error if request body exceeds this size. 0 means
34 // If wrapCalls is not nil, it is called once for each API
35 // method, and the returned method is used in its place. This
36 // can be used to install hooks before and after each API call
37 // and alter responses; see localdb.WrapCallsInTransaction for
39 WrapCalls func(api.RoutableFunc) api.RoutableFunc
42 // New returns a new router (which implements the http.Handler
43 // interface) that serves requests by calling Arvados API methods on
45 func New(backend arvados.API, config Config) *router {
55 func (rtr *router) addRoutes() {
56 for _, route := range []struct {
57 endpoint arvados.APIEndpoint
58 defaultOpts func() interface{}
62 arvados.EndpointConfigGet,
63 func() interface{} { return &struct{}{} },
64 func(ctx context.Context, opts interface{}) (interface{}, error) {
65 return rtr.backend.ConfigGet(ctx)
69 arvados.EndpointVocabularyGet,
70 func() interface{} { return &struct{}{} },
71 func(ctx context.Context, opts interface{}) (interface{}, error) {
72 return rtr.backend.VocabularyGet(ctx)
76 arvados.EndpointLogin,
77 func() interface{} { return &arvados.LoginOptions{} },
78 func(ctx context.Context, opts interface{}) (interface{}, error) {
79 return rtr.backend.Login(ctx, *opts.(*arvados.LoginOptions))
83 arvados.EndpointLogout,
84 func() interface{} { return &arvados.LogoutOptions{} },
85 func(ctx context.Context, opts interface{}) (interface{}, error) {
86 return rtr.backend.Logout(ctx, *opts.(*arvados.LogoutOptions))
90 arvados.EndpointCollectionCreate,
91 func() interface{} { return &arvados.CreateOptions{} },
92 func(ctx context.Context, opts interface{}) (interface{}, error) {
93 return rtr.backend.CollectionCreate(ctx, *opts.(*arvados.CreateOptions))
97 arvados.EndpointCollectionUpdate,
98 func() interface{} { return &arvados.UpdateOptions{} },
99 func(ctx context.Context, opts interface{}) (interface{}, error) {
100 return rtr.backend.CollectionUpdate(ctx, *opts.(*arvados.UpdateOptions))
104 arvados.EndpointCollectionGet,
105 func() interface{} { return &arvados.GetOptions{} },
106 func(ctx context.Context, opts interface{}) (interface{}, error) {
107 return rtr.backend.CollectionGet(ctx, *opts.(*arvados.GetOptions))
111 arvados.EndpointCollectionList,
112 func() interface{} { return &arvados.ListOptions{Limit: -1} },
113 func(ctx context.Context, opts interface{}) (interface{}, error) {
114 return rtr.backend.CollectionList(ctx, *opts.(*arvados.ListOptions))
118 arvados.EndpointCollectionProvenance,
119 func() interface{} { return &arvados.GetOptions{} },
120 func(ctx context.Context, opts interface{}) (interface{}, error) {
121 return rtr.backend.CollectionProvenance(ctx, *opts.(*arvados.GetOptions))
125 arvados.EndpointCollectionUsedBy,
126 func() interface{} { return &arvados.GetOptions{} },
127 func(ctx context.Context, opts interface{}) (interface{}, error) {
128 return rtr.backend.CollectionUsedBy(ctx, *opts.(*arvados.GetOptions))
132 arvados.EndpointCollectionDelete,
133 func() interface{} { return &arvados.DeleteOptions{} },
134 func(ctx context.Context, opts interface{}) (interface{}, error) {
135 return rtr.backend.CollectionDelete(ctx, *opts.(*arvados.DeleteOptions))
139 arvados.EndpointCollectionTrash,
140 func() interface{} { return &arvados.DeleteOptions{} },
141 func(ctx context.Context, opts interface{}) (interface{}, error) {
142 return rtr.backend.CollectionTrash(ctx, *opts.(*arvados.DeleteOptions))
146 arvados.EndpointCollectionUntrash,
147 func() interface{} { return &arvados.UntrashOptions{} },
148 func(ctx context.Context, opts interface{}) (interface{}, error) {
149 return rtr.backend.CollectionUntrash(ctx, *opts.(*arvados.UntrashOptions))
153 arvados.EndpointContainerCreate,
154 func() interface{} { return &arvados.CreateOptions{} },
155 func(ctx context.Context, opts interface{}) (interface{}, error) {
156 return rtr.backend.ContainerCreate(ctx, *opts.(*arvados.CreateOptions))
160 arvados.EndpointContainerUpdate,
161 func() interface{} { return &arvados.UpdateOptions{} },
162 func(ctx context.Context, opts interface{}) (interface{}, error) {
163 return rtr.backend.ContainerUpdate(ctx, *opts.(*arvados.UpdateOptions))
167 arvados.EndpointContainerGet,
168 func() interface{} { return &arvados.GetOptions{} },
169 func(ctx context.Context, opts interface{}) (interface{}, error) {
170 return rtr.backend.ContainerGet(ctx, *opts.(*arvados.GetOptions))
174 arvados.EndpointContainerList,
175 func() interface{} { return &arvados.ListOptions{Limit: -1} },
176 func(ctx context.Context, opts interface{}) (interface{}, error) {
177 return rtr.backend.ContainerList(ctx, *opts.(*arvados.ListOptions))
181 arvados.EndpointContainerDelete,
182 func() interface{} { return &arvados.DeleteOptions{} },
183 func(ctx context.Context, opts interface{}) (interface{}, error) {
184 return rtr.backend.ContainerDelete(ctx, *opts.(*arvados.DeleteOptions))
188 arvados.EndpointContainerRequestCreate,
189 func() interface{} { return &arvados.CreateOptions{} },
190 func(ctx context.Context, opts interface{}) (interface{}, error) {
191 return rtr.backend.ContainerRequestCreate(ctx, *opts.(*arvados.CreateOptions))
195 arvados.EndpointContainerRequestUpdate,
196 func() interface{} { return &arvados.UpdateOptions{} },
197 func(ctx context.Context, opts interface{}) (interface{}, error) {
198 return rtr.backend.ContainerRequestUpdate(ctx, *opts.(*arvados.UpdateOptions))
202 arvados.EndpointContainerRequestGet,
203 func() interface{} { return &arvados.GetOptions{} },
204 func(ctx context.Context, opts interface{}) (interface{}, error) {
205 return rtr.backend.ContainerRequestGet(ctx, *opts.(*arvados.GetOptions))
209 arvados.EndpointContainerRequestList,
210 func() interface{} { return &arvados.ListOptions{Limit: -1} },
211 func(ctx context.Context, opts interface{}) (interface{}, error) {
212 return rtr.backend.ContainerRequestList(ctx, *opts.(*arvados.ListOptions))
216 arvados.EndpointContainerRequestDelete,
217 func() interface{} { return &arvados.DeleteOptions{} },
218 func(ctx context.Context, opts interface{}) (interface{}, error) {
219 return rtr.backend.ContainerRequestDelete(ctx, *opts.(*arvados.DeleteOptions))
223 arvados.EndpointContainerLock,
225 return &arvados.GetOptions{Select: []string{"uuid", "state", "priority", "auth_uuid", "locked_by_uuid"}}
227 func(ctx context.Context, opts interface{}) (interface{}, error) {
228 return rtr.backend.ContainerLock(ctx, *opts.(*arvados.GetOptions))
232 arvados.EndpointContainerUnlock,
234 return &arvados.GetOptions{Select: []string{"uuid", "state", "priority", "auth_uuid", "locked_by_uuid"}}
236 func(ctx context.Context, opts interface{}) (interface{}, error) {
237 return rtr.backend.ContainerUnlock(ctx, *opts.(*arvados.GetOptions))
241 arvados.EndpointContainerSSH,
242 func() interface{} { return &arvados.ContainerSSHOptions{} },
243 func(ctx context.Context, opts interface{}) (interface{}, error) {
244 return rtr.backend.ContainerSSH(ctx, *opts.(*arvados.ContainerSSHOptions))
248 arvados.EndpointGroupCreate,
249 func() interface{} { return &arvados.CreateOptions{} },
250 func(ctx context.Context, opts interface{}) (interface{}, error) {
251 return rtr.backend.GroupCreate(ctx, *opts.(*arvados.CreateOptions))
255 arvados.EndpointGroupUpdate,
256 func() interface{} { return &arvados.UpdateOptions{} },
257 func(ctx context.Context, opts interface{}) (interface{}, error) {
258 return rtr.backend.GroupUpdate(ctx, *opts.(*arvados.UpdateOptions))
262 arvados.EndpointGroupList,
263 func() interface{} { return &arvados.ListOptions{Limit: -1} },
264 func(ctx context.Context, opts interface{}) (interface{}, error) {
265 return rtr.backend.GroupList(ctx, *opts.(*arvados.ListOptions))
269 arvados.EndpointGroupContents,
270 func() interface{} { return &arvados.GroupContentsOptions{Limit: -1} },
271 func(ctx context.Context, opts interface{}) (interface{}, error) {
272 return rtr.backend.GroupContents(ctx, *opts.(*arvados.GroupContentsOptions))
276 arvados.EndpointGroupContentsUUIDInPath,
277 func() interface{} { return &arvados.GroupContentsOptions{Limit: -1} },
278 func(ctx context.Context, opts interface{}) (interface{}, error) {
279 return rtr.backend.GroupContents(ctx, *opts.(*arvados.GroupContentsOptions))
283 arvados.EndpointGroupShared,
284 func() interface{} { return &arvados.ListOptions{Limit: -1} },
285 func(ctx context.Context, opts interface{}) (interface{}, error) {
286 return rtr.backend.GroupShared(ctx, *opts.(*arvados.ListOptions))
290 arvados.EndpointGroupGet,
291 func() interface{} { return &arvados.GetOptions{} },
292 func(ctx context.Context, opts interface{}) (interface{}, error) {
293 return rtr.backend.GroupGet(ctx, *opts.(*arvados.GetOptions))
297 arvados.EndpointGroupDelete,
298 func() interface{} { return &arvados.DeleteOptions{} },
299 func(ctx context.Context, opts interface{}) (interface{}, error) {
300 return rtr.backend.GroupDelete(ctx, *opts.(*arvados.DeleteOptions))
304 arvados.EndpointGroupTrash,
305 func() interface{} { return &arvados.DeleteOptions{} },
306 func(ctx context.Context, opts interface{}) (interface{}, error) {
307 return rtr.backend.GroupTrash(ctx, *opts.(*arvados.DeleteOptions))
311 arvados.EndpointGroupUntrash,
312 func() interface{} { return &arvados.UntrashOptions{} },
313 func(ctx context.Context, opts interface{}) (interface{}, error) {
314 return rtr.backend.GroupUntrash(ctx, *opts.(*arvados.UntrashOptions))
318 arvados.EndpointLinkCreate,
319 func() interface{} { return &arvados.CreateOptions{} },
320 func(ctx context.Context, opts interface{}) (interface{}, error) {
321 return rtr.backend.LinkCreate(ctx, *opts.(*arvados.CreateOptions))
325 arvados.EndpointLinkUpdate,
326 func() interface{} { return &arvados.UpdateOptions{} },
327 func(ctx context.Context, opts interface{}) (interface{}, error) {
328 return rtr.backend.LinkUpdate(ctx, *opts.(*arvados.UpdateOptions))
332 arvados.EndpointLinkList,
333 func() interface{} { return &arvados.ListOptions{Limit: -1} },
334 func(ctx context.Context, opts interface{}) (interface{}, error) {
335 return rtr.backend.LinkList(ctx, *opts.(*arvados.ListOptions))
339 arvados.EndpointLinkGet,
340 func() interface{} { return &arvados.GetOptions{} },
341 func(ctx context.Context, opts interface{}) (interface{}, error) {
342 return rtr.backend.LinkGet(ctx, *opts.(*arvados.GetOptions))
346 arvados.EndpointLinkDelete,
347 func() interface{} { return &arvados.DeleteOptions{} },
348 func(ctx context.Context, opts interface{}) (interface{}, error) {
349 return rtr.backend.LinkDelete(ctx, *opts.(*arvados.DeleteOptions))
353 arvados.EndpointSpecimenCreate,
354 func() interface{} { return &arvados.CreateOptions{} },
355 func(ctx context.Context, opts interface{}) (interface{}, error) {
356 return rtr.backend.SpecimenCreate(ctx, *opts.(*arvados.CreateOptions))
360 arvados.EndpointSpecimenUpdate,
361 func() interface{} { return &arvados.UpdateOptions{} },
362 func(ctx context.Context, opts interface{}) (interface{}, error) {
363 return rtr.backend.SpecimenUpdate(ctx, *opts.(*arvados.UpdateOptions))
367 arvados.EndpointSpecimenGet,
368 func() interface{} { return &arvados.GetOptions{} },
369 func(ctx context.Context, opts interface{}) (interface{}, error) {
370 return rtr.backend.SpecimenGet(ctx, *opts.(*arvados.GetOptions))
374 arvados.EndpointSpecimenList,
375 func() interface{} { return &arvados.ListOptions{Limit: -1} },
376 func(ctx context.Context, opts interface{}) (interface{}, error) {
377 return rtr.backend.SpecimenList(ctx, *opts.(*arvados.ListOptions))
381 arvados.EndpointSpecimenDelete,
382 func() interface{} { return &arvados.DeleteOptions{} },
383 func(ctx context.Context, opts interface{}) (interface{}, error) {
384 return rtr.backend.SpecimenDelete(ctx, *opts.(*arvados.DeleteOptions))
388 arvados.EndpointAPIClientAuthorizationCreate,
389 func() interface{} { return &arvados.CreateOptions{} },
390 func(ctx context.Context, opts interface{}) (interface{}, error) {
391 return rtr.backend.APIClientAuthorizationCreate(ctx, *opts.(*arvados.CreateOptions))
395 arvados.EndpointAPIClientAuthorizationUpdate,
396 func() interface{} { return &arvados.UpdateOptions{} },
397 func(ctx context.Context, opts interface{}) (interface{}, error) {
398 return rtr.backend.APIClientAuthorizationUpdate(ctx, *opts.(*arvados.UpdateOptions))
402 arvados.EndpointAPIClientAuthorizationDelete,
403 func() interface{} { return &arvados.DeleteOptions{} },
404 func(ctx context.Context, opts interface{}) (interface{}, error) {
405 return rtr.backend.APIClientAuthorizationDelete(ctx, *opts.(*arvados.DeleteOptions))
409 arvados.EndpointAPIClientAuthorizationList,
410 func() interface{} { return &arvados.ListOptions{} },
411 func(ctx context.Context, opts interface{}) (interface{}, error) {
412 return rtr.backend.APIClientAuthorizationList(ctx, *opts.(*arvados.ListOptions))
416 arvados.EndpointAPIClientAuthorizationCurrent,
417 func() interface{} { return &arvados.GetOptions{} },
418 func(ctx context.Context, opts interface{}) (interface{}, error) {
419 return rtr.backend.APIClientAuthorizationCurrent(ctx, *opts.(*arvados.GetOptions))
423 arvados.EndpointAPIClientAuthorizationGet,
424 func() interface{} { return &arvados.GetOptions{} },
425 func(ctx context.Context, opts interface{}) (interface{}, error) {
426 return rtr.backend.APIClientAuthorizationGet(ctx, *opts.(*arvados.GetOptions))
430 arvados.EndpointUserCreate,
431 func() interface{} { return &arvados.CreateOptions{} },
432 func(ctx context.Context, opts interface{}) (interface{}, error) {
433 return rtr.backend.UserCreate(ctx, *opts.(*arvados.CreateOptions))
437 arvados.EndpointUserMerge,
438 func() interface{} { return &arvados.UserMergeOptions{} },
439 func(ctx context.Context, opts interface{}) (interface{}, error) {
440 return rtr.backend.UserMerge(ctx, *opts.(*arvados.UserMergeOptions))
444 arvados.EndpointUserActivate,
445 func() interface{} { return &arvados.UserActivateOptions{} },
446 func(ctx context.Context, opts interface{}) (interface{}, error) {
447 return rtr.backend.UserActivate(ctx, *opts.(*arvados.UserActivateOptions))
451 arvados.EndpointUserSetup,
452 func() interface{} { return &arvados.UserSetupOptions{} },
453 func(ctx context.Context, opts interface{}) (interface{}, error) {
454 return rtr.backend.UserSetup(ctx, *opts.(*arvados.UserSetupOptions))
458 arvados.EndpointUserUnsetup,
459 func() interface{} { return &arvados.GetOptions{} },
460 func(ctx context.Context, opts interface{}) (interface{}, error) {
461 return rtr.backend.UserUnsetup(ctx, *opts.(*arvados.GetOptions))
465 arvados.EndpointUserGetCurrent,
466 func() interface{} { return &arvados.GetOptions{} },
467 func(ctx context.Context, opts interface{}) (interface{}, error) {
468 return rtr.backend.UserGetCurrent(ctx, *opts.(*arvados.GetOptions))
472 arvados.EndpointUserGetSystem,
473 func() interface{} { return &arvados.GetOptions{} },
474 func(ctx context.Context, opts interface{}) (interface{}, error) {
475 return rtr.backend.UserGetSystem(ctx, *opts.(*arvados.GetOptions))
479 arvados.EndpointUserGet,
480 func() interface{} { return &arvados.GetOptions{} },
481 func(ctx context.Context, opts interface{}) (interface{}, error) {
482 return rtr.backend.UserGet(ctx, *opts.(*arvados.GetOptions))
486 arvados.EndpointUserUpdate,
487 func() interface{} { return &arvados.UpdateOptions{} },
488 func(ctx context.Context, opts interface{}) (interface{}, error) {
489 return rtr.backend.UserUpdate(ctx, *opts.(*arvados.UpdateOptions))
493 arvados.EndpointUserList,
494 func() interface{} { return &arvados.ListOptions{Limit: -1} },
495 func(ctx context.Context, opts interface{}) (interface{}, error) {
496 return rtr.backend.UserList(ctx, *opts.(*arvados.ListOptions))
500 arvados.EndpointUserBatchUpdate,
501 func() interface{} { return &arvados.UserBatchUpdateOptions{} },
502 func(ctx context.Context, opts interface{}) (interface{}, error) {
503 return rtr.backend.UserBatchUpdate(ctx, *opts.(*arvados.UserBatchUpdateOptions))
507 arvados.EndpointUserDelete,
508 func() interface{} { return &arvados.DeleteOptions{} },
509 func(ctx context.Context, opts interface{}) (interface{}, error) {
510 return rtr.backend.UserDelete(ctx, *opts.(*arvados.DeleteOptions))
514 arvados.EndpointUserAuthenticate,
515 func() interface{} { return &arvados.UserAuthenticateOptions{} },
516 func(ctx context.Context, opts interface{}) (interface{}, error) {
517 return rtr.backend.UserAuthenticate(ctx, *opts.(*arvados.UserAuthenticateOptions))
522 if rtr.config.WrapCalls != nil {
523 exec = rtr.config.WrapCalls(exec)
525 rtr.addRoute(route.endpoint, route.defaultOpts, exec)
527 rtr.mux.NotFoundHandler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
528 httpserver.Errors(w, []string{"API endpoint not found"}, http.StatusNotFound)
530 rtr.mux.MethodNotAllowedHandler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
531 httpserver.Errors(w, []string{"API endpoint not found"}, http.StatusMethodNotAllowed)
535 var altMethod = map[string]string{
536 "PATCH": "PUT", // Accept PUT as a synonym for PATCH
537 "GET": "HEAD", // Accept HEAD at any GET route
540 func (rtr *router) addRoute(endpoint arvados.APIEndpoint, defaultOpts func() interface{}, exec api.RoutableFunc) {
541 methods := []string{endpoint.Method}
542 if alt, ok := altMethod[endpoint.Method]; ok {
543 methods = append(methods, alt)
545 rtr.mux.Methods(methods...).Path("/" + endpoint.Path).HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
546 logger := ctxlog.FromContext(req.Context())
547 params, err := rtr.loadRequestParams(req, endpoint.AttrsKey)
549 logger.WithFields(logrus.Fields{
551 "method": endpoint.Method,
552 "endpoint": endpoint,
553 }).WithError(err).Debug("error loading request params")
554 rtr.sendError(w, err)
557 opts := defaultOpts()
558 err = rtr.transcode(params, opts)
560 logger.WithField("params", params).WithError(err).Debugf("error transcoding params to %T", opts)
561 rtr.sendError(w, err)
564 respOpts, err := rtr.responseOptions(opts)
566 logger.WithField("opts", opts).WithError(err).Debugf("error getting response options from %T", opts)
567 rtr.sendError(w, err)
571 creds := auth.CredentialsFromRequest(req)
572 err = creds.LoadTokensFromHTTPRequestBody(req)
574 rtr.sendError(w, fmt.Errorf("error loading tokens from request body: %s", err))
577 if rt, _ := params["reader_tokens"].([]interface{}); len(rt) > 0 {
578 for _, t := range rt {
579 if t, ok := t.(string); ok {
580 creds.Tokens = append(creds.Tokens, t)
584 ctx := auth.NewContext(req.Context(), creds)
585 ctx = arvados.ContextWithRequestID(ctx, req.Header.Get("X-Request-Id"))
586 logger.WithFields(logrus.Fields{
587 "apiEndpoint": endpoint,
588 "apiOptsType": fmt.Sprintf("%T", opts),
591 resp, err := exec(ctx, opts)
593 logger.WithError(err).Debugf("returning error type %T", err)
594 rtr.sendError(w, err)
597 rtr.sendResponse(w, req, resp, respOpts)
601 func (rtr *router) ServeHTTP(w http.ResponseWriter, r *http.Request) {
602 switch strings.SplitN(strings.TrimLeft(r.URL.Path, "/"), "/", 2)[0] {
603 case "login", "logout", "auth":
605 w.Header().Set("Access-Control-Allow-Origin", "*")
606 w.Header().Set("Access-Control-Allow-Methods", "GET, HEAD, PUT, POST, PATCH, DELETE")
607 w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, X-Http-Method-Override")
608 w.Header().Set("Access-Control-Max-Age", "86486400")
610 if r.Method == "OPTIONS" {
614 // Wrap r.Body in a http.MaxBytesReader(), otherwise
615 // r.ParseForm() uses a default max request body size
616 // of 10 megabytes. Note we rely on the Nginx
617 // configuration to enforce the real max body size.
618 max := int64(rtr.config.MaxRequestSize)
620 max = math.MaxInt64 - 1
622 r.Body = http.MaxBytesReader(w, r.Body, max)
624 if r.Method == "POST" {
627 if err.Error() == "http: request body too large" {
628 err = httpError(http.StatusRequestEntityTooLarge, err)
630 rtr.sendError(w, err)
633 if m := r.FormValue("_method"); m != "" {
637 } else if m = r.Header.Get("X-Http-Method-Override"); m != "" {
643 rtr.mux.ServeHTTP(w, r)
projects / arvados.git / blob