Add missing endpoints (ignored by gitignore)

2026-05-20 00:57:00 +00:00 · 2020-08-25 12:23:09 +02:00 · 2020-08-25 12:23:09 +02:00 · 1fceeebd0c
commit 1fceeebd0c
parent 1c45a71b1c
6 changed files with 361 additions and 0 deletions
--- a/scripts/lua/rest/v1/add/ntopng/user.lua
+++ b/scripts/lua/rest/v1/add/ntopng/user.lua
@ -0,0 +1,87 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require ("dkjson")
+local rest_utils = require("rest_utils")
+local tracker = require("tracker")
+
+--
+-- Add a new ntopng user
+-- Example: curl -u admin:admin -d '{"username": "mario", "full_name": "Super Mario", "password": "strongpwd", "confirm_password": "strongpwd", "user_role": "unprivileged", "allowed_interface": "", "allowed_networks": "0.0.0.0/0,::/0", "user_language": "en"}' http://localhost:3000/lua/rest/v1/add/ntopng/user.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+local res = {}
+
+if not haveAdminPrivileges() then
+   rest_utils.answer(rest_utils.consts.err.not_granted, res)
+   return
+end
+
+local username = _POST["username"]
+local full_name = _POST["full_name"]
+local password = _POST["password"]
+local confirm_password = _POST["confirm_password"]
+local host_role = _POST["user_role"]
+local networks = _POST["allowed_networks"]
+local allowed_interface = _POST["allowed_interface"]
+local language = _POST["user_language"]
+local allow_pcap_download = _POST["allow_pcap_download"]
+local host_pool_id = _POST["host_pool_id"]
+local limited_lifetime = _POST["lifetime_limited"]
+local lifetime_secs = tonumber((_POST["lifetime_secs"] or -1))
+
+if username == nil or full_name == nil or password == nil or
+   confirm_password == nil or host_role == nil or networks == nil or
+   allowed_interface == nil then
+   rest_utils.answer(rest_utils.consts.err.invalid_args, res)
+   return
+end
+
+if(password ~= confirm_password) then
+   -- "Passwords do not match: typo?"
+   rest_utils.answer(rest_utils.consts.err.password_mismatch, res)
+   return
+end
+
+username = string.lower(username)
+
+local all_users = ntop.getUsers()
+
+if(all_users[username] ~= nil) then
+   -- User already existing
+   rest_utils.answer(rest_utils.consts.err.user_already_existing, res)
+   return
+end
+
+
+local allow_pcap_download_enabled = false
+if _POST["allow_pcap_download"] and _POST["allow_pcap_download"] == "1" then
+   allow_pcap_download_enabled = true
+end
+
+if not ntop.addUser(username, full_name, password, host_role, networks, 
+		    getInterfaceName(allowed_interface), host_pool_id, language, allow_pcap_download_enabled) then
+   rest_utils.answer(rest_utils.consts.err.add_user_failed, res)
+   return
+end
+
+if limited_lifetime and not ntop.addUserLifetime(username, lifetime_secs) then
+   rest_utils.answer(rest_utils.consts.err.add_user_failed, res)
+   return
+end
+
+rest_utils.answer(rc, res)
+   
+-- TRACKER HOOK
+-- Note: already tracked by ntop.addUser
+-- tracker.log('add_ntopng_user', { username = username })
+
--- a/scripts/lua/rest/v1/delete/ntopng/user.lua
+++ b/scripts/lua/rest/v1/delete/ntopng/user.lua
@ -0,0 +1,47 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require ("dkjson")
+local rest_utils = require("rest_utils")
+local tracker = require("tracker")
+
+--
+-- Remove a ntopng user
+-- Example: curl -u admin:admin -d '{"username": "mario"}' http://localhost:3000/lua/rest/v1/delete/ntopng/user.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+local res = {}
+
+if not haveAdminPrivileges() then
+   rest_utils.answer(rest_utils.consts.err.not_granted, res)
+   return
+end
+
+local username = _POST["username"]
+
+if username == nil then
+   rest_utils.answer(rest_utils.consts.err.invalid_args, res)
+   return
+end
+
+username = string.lower(username)
+
+if not ntop.deleteUser(username) then
+   rest_utils.answer(rest_utils.consts.err.delete_user_failed, res)
+   return
+end
+
+rest_utils.answer(rc, res)
+
+-- TRACKER HOOK
+-- Note: already tracked by ntop.deleteUser
+-- tracker.log('delete_ntopng_user', { username = username })
--- a/scripts/lua/rest/v1/edit/ntopng/user.lua
+++ b/scripts/lua/rest/v1/edit/ntopng/user.lua
@ -0,0 +1,131 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require ("dkjson")
+local rest_utils = require("rest_utils")
+
+--
+-- Edit a ntopng user
+-- Example: curl -u admin:admin -d '{"username": "mario", "full_name": "Mario Rossi", "user_role": "unprivileged", "allowed_interface": "", "allowed_networks": "0.0.0.0/0,::/0", "user_language": "en"}' http://localhost:3000/lua/rest/v1/edit/ntopng/user.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+local res = {}
+
+if not haveAdminPrivileges() then
+   rest_utils.answer(rest_utils.consts.err.not_granted, res)
+   return
+end
+
+local username = _POST["username"]
+local full_name = _POST["full_name"]
+local host_role = _POST["user_role"]
+local host_pool_id = _POST["host_pool_id"]
+local networks = _POST["allowed_networks"]
+local allowed_interface = _POST["allowed_interface"]
+local language = _POST["user_language"]
+local allow_pcap_download = _POST["allow_pcap_download"]
+local password = _POST["password"]
+local confirm_password = _POST["confirm_password"]
+
+if username == nil then
+   rest_utils.answer(rest_utils.consts.err.invalid_args, res)
+   return
+end
+
+if host_role == nil and
+   networks == nil and
+   allowed_interface == nil and
+   allow_pcap_download == nil and 
+   language == nil and
+   full_name == nil and
+   (password == nil or confirm_password == nil) and
+   host_pool_id == nil then
+   rest_utils.answer(rest_utils.consts.err.invalid_args, res)
+   return
+end
+
+username = string.lower(username)
+
+local all_users = ntop.getUsers()
+if(all_users[username] == nil) then
+   -- User doesn't exist
+   rest_utils.answer(rest_utils.consts.err.user_does_not_exist, res)
+   return
+end
+
+if(full_name ~= nil) then
+   if(not ntop.changeUserFullName(username, full_name)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(host_role ~= nil) then
+   if(not ntop.changeUserRole(username, host_role)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(networks ~= nil) then
+   if(not ntop.changeAllowedNets(username, networks)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(host_pool_id ~= nil) then
+   if(not ntop.changeUserHostPool(username, host_pool_id)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(allowed_interface ~= nil) then
+   if(not ntop.changeAllowedIfname(username, getInterfaceName(allowed_interface))) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(allow_pcap_download ~= nil) then
+   local allow_pcap_download_enabled = false
+   if(tonumber(allow_pcap_download) == 1) then
+      allow_pcap_download_enabled = true;
+   end
+   if(not ntop.changeUserPermission(username, allow_pcap_download_enabled)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(language ~= nil) then
+   if(not ntop.changeUserLanguage(username, language)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+      return
+   end
+end
+
+if(password ~= nil and confirm_password ~= nil) then
+   -- Note: the old password is not required here as the admin is doing the request
+
+   if(password ~= confirm_password) then
+      rest_utils.answer(rest_utils.consts.err.password_mismatch, res)
+      return
+   end
+
+   if(ntop.resetUserPassword(_SESSION["user"], username, "", password)) then
+      rest_utils.answer(rest_utils.consts.err.edit_user_failed, res)
+   end
+end
+
+rest_utils.answer(rc, res)
--- a/scripts/lua/rest/v1/get/ntopng/interfaces.lua
+++ b/scripts/lua/rest/v1/get/ntopng/interfaces.lua
@ -0,0 +1,27 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require("dkjson")
+local rest_utils = require("rest_utils")
+
+--
+-- Return all the actively monitored ntopng interfaces along with their ids
+-- Example: curl -u admin:admin  http://localhost:3000/lua/rest/v1/get/ntopng/interfaces.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+local res = {}
+
+for ifid, ifname in pairs(interface.getIfNames()) do
+   res[#res + 1] = {ifid = tonumber(ifid), ifname = ifname}
+end
+
+rest_utils.answer(rc, res)
--- a/scripts/lua/rest/v1/get/ntopng/session.lua
+++ b/scripts/lua/rest/v1/get/ntopng/session.lua
@ -0,0 +1,39 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require ("dkjson")
+local rest_utils = require("rest_utils")
+
+--
+-- Get a new ntopng user session (Cookie)
+-- Example: curl -u admin:admin -d '{"username": "mario"}' http://localhost:3000/lua/rest/v1/get/ntopng/session.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+local res = {}
+
+local username = _POST["username"]
+
+if username == nil then
+   rest_utils.answer(rest_utils.consts.err.invalid_args)
+   return
+end
+
+username = string.lower(username)
+
+res.session = ntop.createUserSession(username)
+
+if isEmptyString(res.session) then
+   rest_utils.answer(rest_utils.consts.err.invalid_args)
+   return
+end
+
+rest_utils.answer(rc, res)
--- a/scripts/lua/rest/v1/get/ntopng/users.lua
+++ b/scripts/lua/rest/v1/get/ntopng/users.lua
@ -0,0 +1,30 @@
+--
+-- (C) 2013-20 - ntop.org
+--
+
+local dirs = ntop.getDirs()
+package.path = dirs.installdir .. "/scripts/lua/modules/?.lua;" .. package.path
+package.path = dirs.installdir .. "/scripts/lua/modules/pools/?.lua;" .. package.path
+
+require "lua_utils"
+local json = require ("dkjson")
+local rest_utils = require("rest_utils")
+
+--
+-- Get all available users
+-- Example: curl -u admin:admin http://localhost:3000/lua/rest/v1/get/ntopng/users.lua
+--
+-- NOTE: in case of invalid login, no error is returned but redirected to login
+--
+
+local rc = rest_utils.consts.success.ok
+
+if not haveAdminPrivileges() then
+   local res = {}
+   rest_utils.answer(rest_utils.consts.err.not_granted, res)
+   return
+end
+
+local all_users = ntop.getUsers()
+
+rest_utils.answer(rc, all_users)