fleet/server/service/endpoint_setup.go

package service

import (
	"context"

	"github.com/fleetdm/fleet/v4/server/fleet"
	"github.com/fleetdm/fleet/v4/server/ptr"
	"github.com/go-kit/kit/endpoint"
	"github.com/pkg/errors"
)

type setupRequest struct {
	Admin        *fleet.UserPayload `json:"admin"`
	OrgInfo      *fleet.OrgInfo     `json:"org_info"`
	ServerURL    *string            `json:"server_url,omitempty"`
	EnrollSecret *string            `json:"osquery_enroll_secret,omitempty"`
}

type setupResponse struct {
	Admin        *fleet.User    `json:"admin,omitempty"`
	OrgInfo      *fleet.OrgInfo `json:"org_info,omitempty"`
	ServerURL    *string        `json:"server_url"`
	EnrollSecret *string        `json:"osquery_enroll_secret"`
	Token        *string        `json:"token,omitempty"`
	Err          error          `json:"error,omitempty"`
}

func (r setupResponse) error() error { return r.Err }

func makeSetupEndpoint(svc fleet.Service) endpoint.Endpoint {
	return func(ctx context.Context, request interface{}) (interface{}, error) {
		req := request.(setupRequest)
		config := &fleet.AppConfig{}
		if req.OrgInfo != nil {
			config.OrgInfo = *req.OrgInfo
		}
		if req.ServerURL != nil {
			config.ServerSettings.ServerURL = *req.ServerURL
		}
		config, err := svc.NewAppConfig(ctx, *config)
		if err != nil {
			return setupResponse{Err: err}, nil
		}

		if req.Admin == nil {
			return setupResponse{Err: errors.New("setup request must provide admin")}, nil
		}

		// creating the user should be the last action. If there's a user
		// present and other errors occur, the setup endpoint closes.
		adminPayload := *req.Admin
		if adminPayload.Email == nil || *adminPayload.Email == "" {
			err := errors.Errorf("admin email cannot be empty")
			return setupResponse{Err: err}, nil
		}
		if adminPayload.Password == nil || *adminPayload.Password == "" {
			err := errors.Errorf("admin password cannot be empty")
			return setupResponse{Err: err}, nil
		}
		// Make the user an admin
		adminPayload.GlobalRole = ptr.String(fleet.RoleAdmin)
		admin, err := svc.CreateInitialUser(ctx, adminPayload)
		if err != nil {
			return setupResponse{Err: err}, nil
		}

		// If everything works to this point, log the user in and return token.  If
		// the login fails for some reason, ignore the error and don't return
		// a token, forcing the user to log in manually
		token := new(string)
		_, *token, err = svc.Login(ctx, *req.Admin.Email, *req.Admin.Password)
		if err != nil {
			token = nil
		}
		return setupResponse{
			Admin:     admin,
			OrgInfo:   &config.OrgInfo,
			ServerURL: req.ServerURL,
			Token:     token,
		}, nil
	}
}
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`package service`

			`import (`
Update go-kit to 0.4.0 (#1411) Notable refactoring: - Use stdlib "context" in place of "golang.org/x/net/context" - Go-kit no longer wraps errors, so we remove the unwrap in transport_error.go - Use MakeHandler when setting up endpoint tests (fixes test bug caught during this refactoring) Closes #1411. 2017-03-15 15:55:30 +00:00			`"context"`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00
Add v4 suffix in go.mod (#1224) 2021-06-26 04:46:51 +00:00			`"github.com/fleetdm/fleet/v4/server/fleet"`
			`"github.com/fleetdm/fleet/v4/server/ptr"`
Migrate old admin field to new global role (#609) - Migrate old admins to global admins - Migrate old non-admins to global maintainers - Remove old admin column - Give initial user global admin privilege - Comment out some tests (to be refactored for new permissions model later) 2021-04-07 01:27:10 +00:00			`"github.com/go-kit/kit/endpoint"`
ensure email and passwords are set during setup (#1786) 2018-05-17 14:29:04 +00:00			`"github.com/pkg/errors"`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`)`

			`type setupRequest struct {`
Handle missing server_url in setup (#1093) Improve error handling to avoid a nil pointer panic in the setup endpoint. 2021-06-15 18:25:52 +00:00			Admin *fleet.UserPayload `json:"admin"`
			OrgInfo *fleet.OrgInfo `json:"org_info"`
			ServerURL *string `json:"server_url,omitempty"`
			EnrollSecret *string `json:"osquery_enroll_secret,omitempty"`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`}`

			`type setupResponse struct {`
Handle missing server_url in setup (#1093) Improve error handling to avoid a nil pointer panic in the setup endpoint. 2021-06-15 18:25:52 +00:00			Admin *fleet.User `json:"admin,omitempty"`
			OrgInfo *fleet.OrgInfo `json:"org_info,omitempty"`
			ServerURL *string `json:"server_url"`
			EnrollSecret *string `json:"osquery_enroll_secret"`
			Token *string `json:"token,omitempty"`
			Err error `json:"error,omitempty"`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`}`

			`func (r setupResponse) error() error { return r.Err }`

Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet` 2021-06-06 22:07:29 +00:00			`func makeSetupEndpoint(svc fleet.Service) endpoint.Endpoint {`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`return func(ctx context.Context, request interface{}) (interface{}, error) {`
			`req := request.(setupRequest)`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`config := &fleet.AppConfig{}`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`if req.OrgInfo != nil {`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`config.OrgInfo = *req.OrgInfo`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`}`
Continue to update names in backend code and docs (#976) 2021-06-06 23:58:23 +00:00			`if req.ServerURL != nil {`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`config.ServerSettings.ServerURL = *req.ServerURL`
move osquery enroll secret to appconfig (#1004) For #995 2017-01-20 19:48:54 +00:00			`}`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`config, err := svc.NewAppConfig(ctx, *config)`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`if err != nil {`
			`return setupResponse{Err: err}, nil`
			`}`
Fix admin setup (#701) Fixes a null pointer issue and clarifies setup logic. 2021-05-03 16:31:51 +00:00
			`if req.Admin == nil {`
			`return setupResponse{Err: errors.New("setup request must provide admin")}, nil`
			`}`

move osquery enroll secret to appconfig (#1004) For #995 2017-01-20 19:48:54 +00:00			`// creating the user should be the last action. If there's a user`
			`// present and other errors occur, the setup endpoint closes.`
Fix admin setup (#701) Fixes a null pointer issue and clarifies setup logic. 2021-05-03 16:31:51 +00:00			`adminPayload := *req.Admin`
			`if adminPayload.Email == nil \|\| *adminPayload.Email == "" {`
			`err := errors.Errorf("admin email cannot be empty")`
			`return setupResponse{Err: err}, nil`
			`}`
			`if adminPayload.Password == nil \|\| *adminPayload.Password == "" {`
			`err := errors.Errorf("admin password cannot be empty")`
			`return setupResponse{Err: err}, nil`
			`}`
			`// Make the user an admin`
Remove kolide types and packages from backend (#974) Generally renamed `kolide` -> `fleet` 2021-06-06 22:07:29 +00:00			`adminPayload.GlobalRole = ptr.String(fleet.RoleAdmin)`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`admin, err := svc.CreateInitialUser(ctx, adminPayload)`
Fix admin setup (#701) Fixes a null pointer issue and clarifies setup logic. 2021-05-03 16:31:51 +00:00			`if err != nil {`
			`return setupResponse{Err: err}, nil`
move osquery enroll secret to appconfig (#1004) For #995 2017-01-20 19:48:54 +00:00			`}`

Log in user automatically after successful setup (#993) * Log in user automatically after successful setup * Handle login failure by omitting token from response 2017-01-17 20:24:13 +00:00			`// If everything works to this point, log the user in and return token. If`
			`// the login fails for some reason, ignore the error and don't return`
			`// a token, forcing the user to log in manually`
			`token := new(string)`
Remove username from UI (#1168) * Remove username from UI code * Remove username from tests * Remove username from database * Modify server endpoints for removing username * Implement backend aspects of removing username * Update API docs * Add name to fleetctl 2021-06-24 20:42:29 +00:00			`_, token, err = svc.Login(ctx, req.Admin.Email, *req.Admin.Password)`
Log in user automatically after successful setup (#993) * Log in user automatically after successful setup * Handle login failure by omitting token from response 2017-01-17 20:24:13 +00:00			`if err != nil {`
			`token = nil`
			`}`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`return setupResponse{`
Refactor app config (POC, for now) (#1685) 2021-08-20 15:27:41 +00:00			`Admin: admin,`
			`OrgInfo: &config.OrgInfo,`
			`ServerURL: req.ServerURL,`
Handle missing server_url in setup (#1093) Improve error handling to avoid a nil pointer panic in the setup endpoint. 2021-06-15 18:25:52 +00:00			`Token: token,`
create first time setup endpoint (#436) The endpoint is only active if there are no users in the datastore. While the endpoint is active, it also disables all the other API endpoints, and /config returns `{"require_setup":true}` for #378 2016-11-09 17:19:07 +00:00			`}, nil`
			`}`
			`}`