AdguardTeam/AdGuardHome
1
1
Fork 0
mirror of https://github.com/AdguardTeam/AdGuardHome.git synced 2024-12-15 11:22:49 +03:00
Code Issues Packages Projects Releases Wiki Activity
df61741f60
AdGuardHome/internal/home/clientshttp.go
Dimitry Kolyshev df61741f60 Pull request: 1163 safesearch http api vol.3 
Merge in DNS/adguard-home from 1163-safesearch-1-3 to master

Squashed commit of the following:

commit f26c5fb4f7a27dc61b10c28d6672d5307796784c
Merge: e7a1b885 143616ca
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Mar 23 18:45:25 2023 +0700

    Merge remote-tracking branch 'origin/master' into 1163-safesearch-1-3

    # Conflicts:
    #	CHANGELOG.md

commit e7a1b885d67628c187ce08327338cf3138012f03
Merge: 01b73d76 eb5d8a49
Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com>
Date:   Wed Mar 22 13:55:23 2023 +0200

    Merge branch '1163-safesearch-1-3' of ssh://bit.adguard.com:7999/dns/adguard-home into 1163-safesearch-1-3

commit 01b73d763c6ee76de995093cc7107f113c7785ce
Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com>
Date:   Wed Mar 22 13:52:02 2023 +0200

    client: add safe search extended settings to clients

commit eb5d8a499ac1036e5077d2b4aa84479381577e10
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Mar 22 18:50:23 2023 +0700

    all: docs

commit 2043a8fba7f664ef365ccc5abac14a85035eb4b7
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Mar 22 09:42:50 2023 +0700

    all: docs

commit bb1d2f6c0252891ccac3d3727eb23288a24d4bda
Merge: 95f9fd3d c3edab43
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Wed Mar 22 09:42:00 2023 +0700

    Merge remote-tracking branch 'origin/master' into 1163-safesearch-1-3

commit 95f9fd3dd1e8abcdf1a156e81aff8e52f320f4c3
Author: Vladislav Abdulmyanov <v.abdulmyanov@adguard.com>
Date:   Tue Mar 21 15:25:39 2023 +0200

    client: move to new safe search api

commit ac823a911f0d6ab6f1813d11a0ca082d54cc9131
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Mar 20 22:40:29 2023 +0700

    all: docs

commit aaa287b125c7c7a775b821e0dd272199229a7538
Merge: 16fa7031 48431f8b
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Mar 20 22:39:14 2023 +0700

    Merge remote-tracking branch 'origin/master' into 1163-safesearch-1-3

commit 16fa7031ab2aec31139ace54ffa0155cde8e9135
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Mar 20 22:39:03 2023 +0700

    all: docs

commit 498f7d3cbb842eda218b0fd06fc3bb3601b81f80
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Mar 20 18:59:47 2023 +0700

    filtering: imp code

commit aab7b70e2355ba86577e5156c1d5569b21b4b358
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Mon Mar 20 18:40:18 2023 +0700

    filtering: imp code

commit d2870a18ffdb1d293993487073912168d6b75a38
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Fri Mar 17 21:57:58 2023 +0700

    filtering: imp code

commit 868f5d1ed29c3af702114079e7ffe46e136eb901
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Fri Mar 17 19:06:36 2023 +0700

    all: imp docs

commit f6d70b06ed873684501ce17f647ccf07a85dd50b
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Fri Mar 17 19:05:40 2023 +0700

    filtering: imp code

commit 7cd9a37dde6262a8cf4f0f13f9946e011cc0e2cf
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Mar 16 14:56:51 2023 +0700

    home: imp code

commit 84d8817512e47a517ed2880ffa9dde5ffda1d288
Author: Dimitry Kolyshev <dkolyshev@adguard.com>
Date:   Thu Mar 16 09:39:41 2023 +0700

    all: safesearch http api
2023-03-23 15:25:58 +03:00

309 lines
8.7 KiB
Go
Raw Blame History

package home
import (
"encoding/json"
"fmt"
"net/http"
"net/netip"
"github.com/AdguardTeam/AdGuardHome/internal/aghhttp"
"github.com/AdguardTeam/AdGuardHome/internal/filtering"
)
// clientJSON is a common structure used by several handlers to deal with
// clients. Some of the fields are only necessary in one or two handlers and
// are thus made pointers with an omitempty tag.
//
// TODO(a.garipov): Consider using nullbool and an optional string here? Or
// split into several structs?
type clientJSON struct {
// Disallowed, if non-nil and false, means that the client's IP is
// allowed. Otherwise, the IP is blocked.
Disallowed *bool `json:"disallowed,omitempty"`
// DisallowedRule is the rule due to which the client is disallowed.
// If Disallowed is true and this string is empty, the client IP is
// disallowed by the "allowed IP list", that is it is not included in
// the allowlist.
DisallowedRule *string `json:"disallowed_rule,omitempty"`
WHOISInfo *RuntimeClientWHOISInfo `json:"whois_info,omitempty"`
SafeSearchConf *filtering.SafeSearchConfig `json:"safe_search"`
Name string `json:"name"`
BlockedServices []string `json:"blocked_services"`
IDs []string `json:"ids"`
Tags []string `json:"tags"`
Upstreams []string `json:"upstreams"`
FilteringEnabled bool `json:"filtering_enabled"`
ParentalEnabled bool `json:"parental_enabled"`
SafeBrowsingEnabled bool `json:"safebrowsing_enabled"`
// Deprecated: use safeSearchConf.
SafeSearchEnabled bool `json:"safesearch_enabled"`
UseGlobalBlockedServices bool `json:"use_global_blocked_services"`
UseGlobalSettings bool `json:"use_global_settings"`
}
type runtimeClientJSON struct {
WHOISInfo *RuntimeClientWHOISInfo `json:"whois_info"`
Name string `json:"name"`
IP netip.Addr `json:"ip"`
Source clientSource `json:"source"`
}
type clientListJSON struct {
Clients []*clientJSON `json:"clients"`
RuntimeClients []runtimeClientJSON `json:"auto_clients"`
Tags []string `json:"supported_tags"`
}
// handleGetClients is the handler for GET /control/clients HTTP API.
func (clients *clientsContainer) handleGetClients(w http.ResponseWriter, r *http.Request) {
data := clientListJSON{}
clients.lock.Lock()
defer clients.lock.Unlock()
for _, c := range clients.list {
cj := clientToJSON(c)
data.Clients = append(data.Clients, cj)
}
for ip, rc := range clients.ipToRC {
cj := runtimeClientJSON{
WHOISInfo: rc.WHOISInfo,
Name: rc.Host,
Source: rc.Source,
IP: ip,
}
data.RuntimeClients = append(data.RuntimeClients, cj)
}
data.Tags = clientTags
_ = aghhttp.WriteJSONResponse(w, r, data)
}
// jsonToClient converts JSON object to Client object.
func jsonToClient(cj clientJSON) (c *Client) {
var safeSearchConf filtering.SafeSearchConfig
if cj.SafeSearchConf != nil {
safeSearchConf = *cj.SafeSearchConf
} else {
// TODO(d.kolyshev): Remove after cleaning the deprecated
// [clientJSON.SafeSearchEnabled] field.
safeSearchConf = filtering.SafeSearchConfig{Enabled: cj.SafeSearchEnabled}
// Set default service flags for enabled safesearch.
if safeSearchConf.Enabled {
safeSearchConf.Bing = true
safeSearchConf.DuckDuckGo = true
safeSearchConf.Google = true
safeSearchConf.Pixabay = true
safeSearchConf.Yandex = true
safeSearchConf.YouTube = true
}
}
return &Client{
Name: cj.Name,
IDs: cj.IDs,
Tags: cj.Tags,
UseOwnSettings: !cj.UseGlobalSettings,
FilteringEnabled: cj.FilteringEnabled,
ParentalEnabled: cj.ParentalEnabled,
SafeBrowsingEnabled: cj.SafeBrowsingEnabled,
safeSearchConf: safeSearchConf,
UseOwnBlockedServices: !cj.UseGlobalBlockedServices,
BlockedServices: cj.BlockedServices,
Upstreams: cj.Upstreams,
}
}
// clientToJSON converts Client object to JSON.
func clientToJSON(c *Client) (cj *clientJSON) {
// TODO(d.kolyshev): Remove after cleaning the deprecated
// [clientJSON.SafeSearchEnabled] field.
cloneVal := c.safeSearchConf
safeSearchConf := &cloneVal
return &clientJSON{
Name: c.Name,
IDs: c.IDs,
Tags: c.Tags,
UseGlobalSettings: !c.UseOwnSettings,
FilteringEnabled: c.FilteringEnabled,
ParentalEnabled: c.ParentalEnabled,
SafeSearchEnabled: safeSearchConf.Enabled,
SafeSearchConf: safeSearchConf,
SafeBrowsingEnabled: c.SafeBrowsingEnabled,
UseGlobalBlockedServices: !c.UseOwnBlockedServices,
BlockedServices: c.BlockedServices,
Upstreams: c.Upstreams,
}
}
// handleAddClient is the handler for POST /control/clients/add HTTP API.
func (clients *clientsContainer) handleAddClient(w http.ResponseWriter, r *http.Request) {
cj := clientJSON{}
err := json.NewDecoder(r.Body).Decode(&cj)
if err != nil {
aghhttp.Error(r, w, http.StatusBadRequest, "failed to process request body: %s", err)
return
}
c := jsonToClient(cj)
ok, err := clients.Add(c)
if err != nil {
aghhttp.Error(r, w, http.StatusBadRequest, "%s", err)
return
}
if !ok {
aghhttp.Error(r, w, http.StatusBadRequest, "Client already exists")
return
}
onConfigModified()
}
// handleDelClient is the handler for POST /control/clients/delete HTTP API.
func (clients *clientsContainer) handleDelClient(w http.ResponseWriter, r *http.Request) {
cj := clientJSON{}
err := json.NewDecoder(r.Body).Decode(&cj)
if err != nil {
aghhttp.Error(r, w, http.StatusBadRequest, "failed to process request body: %s", err)
return
}
if len(cj.Name) == 0 {
aghhttp.Error(r, w, http.StatusBadRequest, "client's name must be non-empty")
return
}
if !clients.Del(cj.Name) {
aghhttp.Error(r, w, http.StatusBadRequest, "Client not found")
return
}
onConfigModified()
}
type updateJSON struct {
Name string `json:"name"`
Data clientJSON `json:"data"`
}
// handleUpdateClient is the handler for POST /control/clients/update HTTP API.
func (clients *clientsContainer) handleUpdateClient(w http.ResponseWriter, r *http.Request) {
dj := updateJSON{}
err := json.NewDecoder(r.Body).Decode(&dj)
if err != nil {
aghhttp.Error(r, w, http.StatusBadRequest, "failed to process request body: %s", err)
return
}
if len(dj.Name) == 0 {
aghhttp.Error(r, w, http.StatusBadRequest, "Invalid request")
return
}
c := jsonToClient(dj.Data)
err = clients.Update(dj.Name, c)
if err != nil {
aghhttp.Error(r, w, http.StatusBadRequest, "%s", err)
return
}
onConfigModified()
}
// handleFindClient is the handler for GET /control/clients/find HTTP API.
func (clients *clientsContainer) handleFindClient(w http.ResponseWriter, r *http.Request) {
q := r.URL.Query()
data := []map[string]*clientJSON{}
for i := 0; i < len(q); i++ {
idStr := q.Get(fmt.Sprintf("ip%d", i))
if idStr == "" {
break
}
ip, _ := netip.ParseAddr(idStr)
c, ok := clients.Find(idStr)
var cj *clientJSON
if !ok {
cj = clients.findRuntime(ip, idStr)
} else {
cj = clientToJSON(c)
disallowed, rule := clients.dnsServer.IsBlockedClient(ip, idStr)
cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
}
data = append(data, map[string]*clientJSON{
idStr: cj,
})
}
_ = aghhttp.WriteJSONResponse(w, r, data)
}
// findRuntime looks up the IP in runtime and temporary storages, like
// /etc/hosts tables, DHCP leases, or blocklists. cj is guaranteed to be
// non-nil.
func (clients *clientsContainer) findRuntime(ip netip.Addr, idStr string) (cj *clientJSON) {
rc, ok := clients.findRuntimeClient(ip)
if !ok {
// It is still possible that the IP used to be in the runtime clients
// list, but then the server was reloaded. So, check the DNS server's
// blocked IP list.
//
// See https://github.com/AdguardTeam/AdGuardHome/issues/2428.
disallowed, rule := clients.dnsServer.IsBlockedClient(ip, idStr)
cj = &clientJSON{
IDs: []string{idStr},
Disallowed: &disallowed,
DisallowedRule: &rule,
WHOISInfo: &RuntimeClientWHOISInfo{},
}
return cj
}
cj = &clientJSON{
Name: rc.Host,
IDs: []string{idStr},
WHOISInfo: rc.WHOISInfo,
}
disallowed, rule := clients.dnsServer.IsBlockedClient(ip, idStr)
cj.Disallowed, cj.DisallowedRule = &disallowed, &rule
return cj
}
// RegisterClientsHandlers registers HTTP handlers
func (clients *clientsContainer) registerWebHandlers() {
httpRegister(http.MethodGet, "/control/clients", clients.handleGetClients)
httpRegister(http.MethodPost, "/control/clients/add", clients.handleAddClient)
httpRegister(http.MethodPost, "/control/clients/delete", clients.handleDelClient)
httpRegister(http.MethodPost, "/control/clients/update", clients.handleUpdateClient)
httpRegister(http.MethodGet, "/control/clients/find", clients.handleFindClient)
}
Reference in New Issue View Git Blame Copy Permalink