[medium] API support for action create via POST values

2014-02-18 07:36:47 -08:00 · 2014-02-18 07:36:47 -08:00 · 259845a4d3
--- a/doc/configuration.rst
+++ b/doc/configuration.rst
@ -296,3 +296,40 @@ iptables to redirect the port on the rabbitmq server.
 .. code:: bash

 	iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5671 -m comment --comment "Serve RabbitMQ on HTTPS port"
+
+API configuration
+-----------------
+
+The REST API exposes functions to create, delete and query actions remotely. It
+is the primary interface to the Scheduler.
+
+GnuPG pubring
+~~~~~~~~~~~~~
+
+The API uses a gnupg pubring to validate incoming actions. The pubring can be
+created as a single file, without other gnupg files, and provided to the API in
+the configuration file.
+
+To create a pubring, use the following command:
+
+.. code:: bash
+
+	$ mkdir /tmp/api-gpg
+
+	# export the public keys into a file
+	$ gpg --export -a bob@example.net john@example.com > /tmp/api-gpg/pubkeys.pem
+
+	# import the public keys into a new pubring
+	$ gpg --homedir /tmp/api-gpg/ --import /tmp/api-gpg/pubkeys.pem
+	gpg: key AF67CB21: public key "Bob Kelso <bob@example.net>" imported
+	gpg: key DEF98214: public key "John Smith <john@example.com>" imported
+	gpg: Total number processed: 2
+	gpg:               imported: 2  (RSA: 2)
+
+The file in /tmp/api-gpg/pubring.gpg can be passed to the API
+
+ ::
+
+	[openpgp]
+	    pubring = "/tmp/api-gpg/pubring.gpg"
+
--- a/src/mig/api/api.go
+++ b/src/mig/api/api.go
@ -251,6 +251,7 @@ func describeCreateAction(respWriter http.ResponseWriter, request *http.Request)
 // createAction receives a signed action in a POST request, validates it,
 // and write it into the scheduler spool
 func createAction(respWriter http.ResponseWriter, request *http.Request) {
+	var err error
 	opid := mig.GenID()
 	var action mig.Action
 	resource := cljs.New(request.URL.Path)
@ -264,16 +265,13 @@ func createAction(respWriter http.ResponseWriter, request *http.Request) {
 	}()

 	// parse the POST body into a mig action
-	data, err := ioutil.ReadAll(request.Body)
+	request.ParseForm()
+	postAction := request.FormValue("action")
+	err = json.Unmarshal([]byte(postAction), &action)
 	if err != nil {
 		panic(err)
 	}
-
-	err = json.Unmarshal([]byte(data), &action)
-	if err != nil {
-		panic(err)
-	}
-	ctx.Channels.Log <- mig.Log{OpID: opid, Desc: "Received action for creation"}.Debug()
+	ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug()

 	// load keyring and validate action
 	keyring, err := os.Open(ctx.OpenPGP.PubRing)
@ -301,6 +299,13 @@ func createAction(respWriter http.ResponseWriter, request *http.Request) {
 	}
 	ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action committed to spool"}

+	err = resource.AddItem(cljs.Item{
+		Href: "/api/action?actionid=" + fmt.Sprintf("%d", action.ID),
+		Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%d", action.ID), Value: action}},
+	})
+	if err != nil {
+		panic(err)
+	}
 	respond(201, resource, respWriter, request, opid)
 }