refactor: delete csrf check and some v1 api

2021-08-20 19:45:17 +08:00 · 2021-08-20 19:45:17 +08:00 · a2eab9e5ab
parent ca8a8701b4
commit a2eab9e5ab
1 changed files with 21 additions and 134 deletions
--- a/http/router.go
+++ b/http/router.go
@ -7,19 +7,20 @@ import (
 	"github.com/gin-contrib/gzip"
 	"github.com/gin-contrib/pprof"
 	"github.com/gin-gonic/gin"
-	"github.com/toolkits/csrf"

 	"github.com/didi/nightingale/v5/config"
 )

 func configRoutes(r *gin.Engine) {
-	csrfMid := csrf.Middleware(csrf.Options{
-		Secret: config.Config.HTTP.CsrfSecret,
-		ErrorFunc: func(c *gin.Context) {
-			c.JSON(452, gin.H{"err": "csrf token mismatch"})
-			c.Abort()
-		},
-	})
+	/*
+		csrfMid := csrf.Middleware(csrf.Options{
+			Secret: config.Config.HTTP.CsrfSecret,
+			ErrorFunc: func(c *gin.Context) {
+				c.JSON(452, gin.H{"err": "csrf token mismatch"})
+				c.Abort()
+			},
+		})
+	*/

 	if config.Config.HTTP.Pprof {
 		pprof.Register(r, "/api/debug/pprof")
@ -51,12 +52,14 @@ func configRoutes(r *gin.Engine) {
 	}

 	// for brower, expose location in nginx.conf
-	pages := r.Group("/api/n9e", csrfMid)
+	pages := r.Group("/api/n9e")

 	{
-		pages.GET("/csrf", func(c *gin.Context) {
-			renderData(c, csrf.GetToken(c), nil)
-		})
+		/*
+			pages.GET("/csrf", func(c *gin.Context) {
+				renderData(c, csrf.GetToken(c), nil)
+			})
+		*/

 		pages.GET("/roles", rolesGet)
 		pages.GET("/self/profile", selfProfileGet)
@ -180,7 +183,7 @@ func configRoutes(r *gin.Engine) {
 	}

 	// for brower, expose location in nginx.conf
-	pagesV2 := r.Group("/api/n9e/v2", csrfMid)
+	pagesV2 := r.Group("/api/n9e/v2")
 	{
 		pagesV2.POST("/collect-rules", login(), collectRulesAdd)
 	}
@ -188,135 +191,19 @@ func configRoutes(r *gin.Engine) {
 	// for thirdparty, do not expose location in nginx.conf
 	v1 := r.Group("/v1/n9e")
 	{
-		v1.GET("/roles", rolesGet)
-		v1.GET("/self/profile", selfProfileGet)
-		v1.PUT("/self/profile", selfProfilePut)
-		v1.PUT("/self/password", selfPasswordPut)
-		v1.GET("/self/token", selfTokenGets)
-		v1.POST("/self/token", selfTokenPost)
-		v1.PUT("/self/token", selfTokenPut)
-		v1.GET("/users", login(), userGets)
-		v1.POST("/users", admin(), userAddPost)
-		v1.GET("/user/:id/profile", login(), userProfileGet)
-		v1.PUT("/user/:id/profile", admin(), userProfilePut)
-		v1.PUT("/user/:id/status", admin(), userStatusPut)
-		v1.PUT("/user/:id/password", admin(), userPasswordPut)
-		v1.DELETE("/user/:id", admin(), userDel)
-
-		v1.GET("/user-groups", login(), userGroupListGet)
-		v1.GET("/user-groups/mine", login(), userGroupMineGet)
-		v1.POST("/user-groups", login(), userGroupAdd)
-		v1.PUT("/user-group/:id", login(), userGroupPut)
-		v1.GET("/user-group/:id", login(), userGroupGet)
-		v1.POST("/user-group/:id/members", login(), userGroupMemberAdd)
-		v1.DELETE("/user-group/:id/members", login(), userGroupMemberDel)
-		v1.DELETE("/user-group/:id", login(), userGroupDel)
-
-		v1.GET("/classpaths", login(), classpathListGets)
-		v1.POST("/classpaths", login(), classpathAdd)
-		v1.PUT("/classpath/:id", login(), classpathPut)
-		v1.DELETE("/classpath/:id", login(), classpathDel)
-		v1.POST("/classpath/:id/resources", login(), classpathAddResources)
-		v1.DELETE("/classpath/:id/resources", login(), classpathDelResources)
-		v1.GET("/classpath/:id/resources", login(), classpathGetsResources)
-
-		v1.GET("/classpaths/favorites", login(), classpathFavoriteGet)
-		v1.POST("/classpath/:id/favorites", login(), classpathFavoriteAdd)
-		v1.DELETE("/classpath/:id/favorites", login(), classpathFavoriteDel)
-
-		v1.GET("/resources", login(), resourcesQuery)
-		v1.PUT("/resources/note", resourceNotePut)
-		v1.PUT("/resources/tags", resourceTagsPut)
-		v1.PUT("/resources/classpaths", resourceClasspathsPut)
-		v1.PUT("/resources/mute", resourceMutePut)
-		v1.GET("/resource/:id", login(), resourceGet)
-		v1.DELETE("/resource/:id", login(), resourceDel)
-
-		v1.GET("/classpath/:id/collect-rules", login(), collectRuleGets)
-
-		v1.GET("/mutes", login(), muteGets)
-		v1.POST("/mutes", login(), muteAdd)
-		v1.GET("/mute/:id", login(), muteGet)
-		v1.DELETE("/mute/:id", login(), muteDel)
-
-		v1.GET("/dashboards", login(), dashboardGets)
-		v1.POST("/dashboards", login(), dashboardAdd)
-		v1.GET("/dashboard/:id", login(), dashboardGet)
-		v1.PUT("/dashboard/:id", login(), dashboardPut)
-		v1.DELETE("/dashboard/:id", login(), dashboardDel)
-		v1.POST("/dashboard/:id/favorites", login(), dashboardFavoriteAdd)
-		v1.DELETE("/dashboard/:id/favorites", login(), dashboardFavoriteDel)
-		v1.GET("/dashboard/:id/chart-groups", login(), chartGroupGets)
-		v1.POST("/dashboard/:id/chart-groups", login(), chartGroupAdd)
-
-		v1.PUT("/chart-groups", login(), chartGroupsPut)
-		v1.DELETE("/chart-group/:id", login(), chartGroupDel)
-		v1.GET("/chart-group/:id/charts", login(), chartGets)
-		v1.POST("/chart-group/:id/charts", login(), chartAdd)
-		v1.PUT("/chart/:id", login(), chartPut)
-		v1.DELETE("/chart/:id", login(), chartDel)
-		v1.PUT("/charts/configs", login(), chartConfigsPut)
-		v1.GET("/charts/tmps", login(), chartTmpGets)
-		v1.POST("/charts/tmps", login(), chartTmpAdd)
-
-		v1.GET("/alert-rule-groups", login(), alertRuleGroupGets)
-		v1.POST("/alert-rule-groups", login(), alertRuleGroupAdd)
-		v1.GET("/alert-rule-group/:id", login(), alertRuleGroupGet)
-		v1.PUT("/alert-rule-group/:id", login(), alertRuleGroupPut)
-		v1.DELETE("/alert-rule-group/:id", login(), alertRuleGroupDel)
-
-		v1.GET("/alert-rule-groups/favorites", login(), alertRuleGroupFavoriteGet)
-		v1.DELETE("/alert-rule-group/:id/favorites", login(), alertRuleGroupFavoriteDel)
-		v1.POST("/alert-rule-group/:id/favorites", login(), alertRuleGroupFavoriteAdd)
-
-		v1.GET("/alert-rule-group/:id/alert-rules", login(), alertRuleOfGroupGet)
-		v1.DELETE("/alert-rule-group/:id/alert-rules", login(), alertRuleOfGroupDel)
-
-		v1.POST("/alert-rules", login(), alertRuleAdd)
-		v1.PUT("/alert-rules/status", login(), alertRuleStatusPut)
-		v1.PUT("/alert-rules/notify-groups", login(), alertRuleNotifyGroupsPut)
-		v1.PUT("/alert-rules/notify-channels", login(), alertRuleNotifyChannelsPut)
-		v1.PUT("/alert-rules/append-tags", login(), alertRuleAppendTagsPut)
-		v1.GET("/alert-rule/:id", login(), alertRuleGet)
-		v1.PUT("/alert-rule/:id", login(), alertRulePut)
-		v1.DELETE("/alert-rule/:id", login(), alertRuleDel)
-
-		v1.GET("/alert-events", login(), alertEventGets)
-		v1.DELETE("/alert-events", login(), alertEventsDel)
-		v1.GET("/alert-event/:id", login(), alertEventGet)
-		v1.DELETE("/alert-event/:id", login(), alertEventDel)
-
-		v1.GET("/history-alert-events", login(), historyAlertEventGets)
-		v1.GET("/history-alert-event/:id", login(), historyAlertEventGet)
-
-		v1.POST("/collect-rules", login(), collectRuleAdd)
-		v1.DELETE("/collect-rules", login(), collectRuleDel)
-		v1.PUT("/collect-rule/:id", login(), collectRulePut)
-		v1.GET("/collect-rules-belong-to-ident", collectRuleGetsByIdent)
-		v1.GET("/collect-rules-summary", collectRuleSummaryGetByIdent)
-
-		v1.GET("/metric-descriptions", metricDescriptionGets)
-		v1.POST("/metric-descriptions", login(), metricDescriptionAdd)
-		v1.DELETE("/metric-descriptions", login(), metricDescriptionDel)
-		v1.PUT("/metric-description/:id", login(), metricDescriptionPut)
-
-		v1.GET("/contact-channels", contactChannelsGet)
-		v1.GET("/notify-channels", notifyChannelsGet)
-
-		v1.POST("/push", PushData)
-
-		v1.GET("/status", Status)
-
 		v1.POST("/query", GetData)
 		v1.POST("/instant-query", GetDataInstant)
 		v1.POST("/tag-keys", GetTagKeys)
 		v1.POST("/tag-values", GetTagValues)
-		v1.POST("/tag-metrics", GetMetrics)
 		v1.POST("/tag-pairs", GetTagPairs)
-		v1.GET("/check-promql", checkPromeQl)
+		v1.POST("/tag-metrics", GetMetrics)

 		v1.GET("/can-do-op-by-name", login(), canDoOpByName)
 		v1.GET("/can-do-op-by-token", login(), canDoOpByToken)
+		v1.POST("/push", PushData)
+
+		v1.GET("/collect-rules-belong-to-ident", collectRuleGetsByIdent)
+		v1.GET("/collect-rules-summary", collectRuleSummaryGetByIdent)
 	}

 	push := r.Group("/v1/n9e/series").Use(gzip.Gzip(gzip.DefaultCompression))