Commit Graph

171 Commits

Author SHA1 Message Date
Ivan Fraixedes
359c09b57f satellite/admin/back-office: Specify router path prefix
For convenience of not having to modify the API generator to contemplate
the path prefix that we are adding to the back office server, we define
the path prefix in a constant than the admin server and the definition
of the API uses to adapt the router and the generated code.

Change-Id: Ic557b0e6e88e930e03647835759bb34e06e8bb48
2023-11-15 20:28:52 -06:00
Jeremy Wharton
a52934ef4d private/apigen: prevent self imports
This change prevents Go code produced by the API generator from
importing its own package. Previously, we tried to prevent self imports
by skipping import paths whose last segment matched the generated Go
code's package name. However, aliased imports circumvented this.
We now require API definitions to define the Go package path so that we
can compare this with the import path directly.

Change-Id: I7ae7ec5e1a342d2f76cd28ff72d4cd7285c2820a
2023-11-15 21:41:20 +00:00
Wilfred Asomani
24370964ab satellite/{console/payment}: wrap freeze code in transactions
This change wraps account freeze code in DB transactions to prevent
freeze inconsistencies resulting from errors that happen in the process
of freezing accounts.

Change-Id: Ib67fb30dc33248413d3057ceeac5c2f410f551d5
2023-11-15 20:40:54 +00:00
Ivan Fraixedes
e39f395cf1 satellite/admin/back-office: Use PathPrefix value
PathPrefix is the full path of the subrouter passed to the back office
server when it hooks into another server, in this case, the satellite
admin server.

PathPrefix allows to serve the static assets from the root of the
sub-router when the prefix is stripped before accessing them.

There was a bug where the PathPrefix weren't used and a hard-coded path
was used.

Test passed because the back-office server is hooked into the satellite
admin server with a subrouter with path `/back-office/` which matched
the hard-code value, however, it wouldn't work if that path changed or
it is hooked into another server with a different subrouter path,
despite it was set to PathPrefix.

This commit fixes that bug.

Change-Id: Id4a0d86329eb563b008b3fc6f8eb7b51cbfd2e6f
2023-11-14 16:05:04 +00:00
Ivan Fraixedes
100519321e
satellite/admin: Allow all operations through Oauth
Allow all the operations when accessing through Oauth, but requires the
authorization token for the ones that we consider that they are
sensitive.

Before these changes, a group of operations weren't available through
Oauth, and people who has access to the authorization token had to
forward the port of the server to their local in order to do them
without Oauth.

These changes shouldn't reduce the security because people who has
access to the authorization token is the same than they can forward the
port and part of those have Oauth access too.

Allowing to perform all the operations through Oauth will improve the
productivity of production owners because they will be able to do all
the administration requests without having to port forward the server.

Change-Id: I6d678abac9f48b9ba5a3c0679ca6b6650df323bb
2023-11-08 18:14:38 +01:00
Ivan Fraixedes
ae945b993a
satellite/admin: Create separate server for new back-office
Create a separate server for implementing the new satellite
administration web app.

This server is in a new package that will implement all the
functionality for the new satellite administration back-end and when it
be completed with all the functionality that the current one offer, it
will replace it.

For now, the new server only exposes the static assets as they were
exposed by the current server.

A main sub-package is added with an example endpoint to scaffold where
we'll define the API through the API generator and to locate the several
generated files.

Change-Id: I172c43b2c180553876ef7ce137cc778b94723451
2023-11-07 15:31:01 +01:00
Wilfred Asomani
513c3cc632 satellite/admin: list users pending deletion
This change adds an endpoint to the admin API and UI to get a list of
users pending deletion and have no unpaid invoice.

Issue: #6410

Change-Id: I906dbf9eee9e7469e45f0c622a891867bf0cc201
2023-10-30 19:11:16 +00:00
Jeremy Wharton
42e1b088c2 satellite/admin/back-office/ui: use composition API
This change migrates Vue components of the new satellite admin web app
from the options API to the composition API.

Change-Id: Ie8c9bcd468f1c0fe0abc9ef0a3724563db096ba9
2023-10-30 16:50:30 +00:00
Jeremy Wharton
8ebf285081 satellite/admin/back-office/ui: lint files
This change lints files for the new satellite admin web app. An
ESLint config has been added for it that is identical to the one used
for linting satellite web app files.

Change-Id: I66f72fb880d5cbc80b6c080294e4a830b3d28143
2023-10-27 11:23:58 +00:00
Jeremy Wharton
eff1719977 satellite/admin/back-office/ui: speed up build command
This change speeds up the build of the new satellite admin web app
using the same method that 8b0d25c used to speed up the build of the
new satellite web app.

New build time:   23.394s
Old build time: 1m40.930s

Change-Id: Ic6fcfdfc73b78bc26bddc421c608076b23532967
2023-10-26 23:47:18 -05:00
Wilfred Asomani
c9421d11e7 satellite/admin: add endpoints to violation freeze/unfreeze users
This change adds two new admin endpoints to freeze users for ToS
violation and to remove them from that state,

Issue: https://github.com/storj/storj-private/issues/386

Change-Id: I49c922377c9cdb315ce2777fcd35dcad432b0539
2023-10-13 10:43:44 +00:00
Wilfred Asomani
6308da2cc0 satellite/{payment,console,analytics} extend freeze functionality for violation freeze
This change extends the account freeze functionality account for
violation freezes as well.
Also, debug level logs in the freeze chore have been changed to info.
It adds an analytics event for when an invoice is found that belongs to
a user frozen for violation.
And finally adds whether a user is frozen for violation to the
/account/freezestatus response.

Issue: https://github.com/storj/storj-private/issues/386

Change-Id: Id8e40282dc8fd8f242da52791ab8ddbbef3da2bc
2023-10-10 18:39:29 +00:00
Sean Harvey
7b50ece931
satellite/admin: add missing test assert to project geofence tests
the existing test was missing a case where deleting the geofencing
should set the placement back to default.

this also changes EveryCountry to DefaultPlacement, as the former is
deprecated.

Change-Id: I29f4f1c3ae1d05e8f5ecaa03a70ac4f17574a475
2023-10-05 18:21:48 +13:00
paul cannon
02899dfae2 satellite/{admin,console,satellitedb}: fix geofence removal
deleteGeofenceForProject wasn't able to work correctly, because
Console().Projects().Update() declines to update default_placement when
the input value is 0.

This introduces a Console().Projects().UpdateDefaultPlacement() method,
congruent to the method of the same name on Console().Users().
deleteGeofenceForProject now uses this new method, so that specifying a
new placement of 0 will work correctly.

Change-Id: I4589b36707f7e4f1cfdc66543520b0d4205c1a84
2023-10-04 16:14:29 +00:00
Sean Harvey
bc7f621073
satellite/satellitedb: fix DefaultPlacement overwritten on user
this fixes cases where it's possible to update a user and the
DefaultPlacement field gets overwritten to the zero value.

it also adds UpdateDefaultPlacement which can be used to set
DefaultPlacement directly. This is needed for the geofencing
endpoints in satellite admin to set the DefaultPlacement back
to zero to delete geofencing for a user.

Change-Id: If2c798dabfa6773ed6023fb8257bf00ec7bc2e68
2023-10-04 15:17:35 +13:00
Wilfred Asomani
33fe731620 satellite/{payment,console} rename freeze events and add violation event
This change introduces a new freeze event, ViolationFreeze, for ToS
violations and also prepends other events with Billing to clarify what
they signify.

Issue: https://github.com/storj/storj-private/issues/386

Change-Id: Ieef2abbbb03d06377dc7a73ba5ef0742ada75e8e
2023-09-29 16:52:23 +00:00
Ivan Fraixedes
1f400a2750
satellite/admin/back-office/ui: Delete yarn.lock file
The yarn.lock file came from the former repository where the back office
UI was developed.

It seems that our build process complains about some dirty state related
to this file. Because we don't use Yarn, we delete the file, hoping to
resolve the build issues.

Change-Id: I5febd8292657289d0fc67e08151c6c8b5ac8b5dc
2023-09-29 12:48:17 +02:00
Jeremy Wharton
f40954c7b6 satellite/admin: return burst limit in API response
The satellite admin API endpoint responsible for returning project
limits now includes the burst limit in its responses.

Resolves #6276

Change-Id: Ibb3f1fdebf2f9ffd62de2d7e7a60d978c25bb22a
2023-09-27 22:11:00 +00:00
Ivan Fraixedes
2a8e5aecfd
satellite/admin/back-office/ui: Don't ignore package-lock.json
When the new back office UI sources where copied from former repository
I didn't realize that the .gitignore had the package-lock.json file.

This commit remove the package-lock.json file, so it can be tracked, in
order to have reproducible builds.

The lack of the file caused the build to fail due to `npm ci` requires
it.

Change-Id: Ibe493d0cd5762afe5caabe9b77a333fd6daa5373
2023-09-27 13:17:30 +02:00
Ivan Fraixedes
6555a68fa9 satellite/admin: Serve back-office static UI
Serve the front-end sources of the new back-office through the current
satellite admin server under the path `/back-office`.

The front-end is served in the same way than the current one, which is
through an indicated directory path with a configuration parameter or
embed in the binary when that configuration parameter is empty.

The commit also slightly changes the test that checks serving these
static assets for not targeting the empty file in the build folder.

build folders must remain because of the embed directive.

Change-Id: I3c5af6b75ec944722dbdc4c560d0e7d907a205b8
2023-09-26 13:18:29 +00:00
Ivan Fraixedes
8381483f79
satellite/admin: Add back-office UI sources
Add the front-end sources of the new back-office.

The front-end doesn't have any business logic, it only has the pages and
the components, so it's purely UI.

The front-end was developed in a separate repository until was
completed.

Change-Id: I382e50789d6b929a67b8a0b887563ef48cb1473d
2023-09-22 18:02:55 +02:00
Wilfred Asomani
dcf3f25f93 satellite/admin: update README
add descriptions for the endpoint that removes a user from the waning
state.

Issue: https://github.com/storj/storj/issues/6118

Change-Id: I211cd3c41c7fefa295d0db1b9f43f53e33b984e6
2023-09-13 17:50:28 +00:00
Jeremy Wharton
c8f4f5210d satellite/console: return edge URL overrides in project info responses
API responses containing project information now contain the edge
service URL overrides configured for that project. The overrides are
based on the project's default placement.

References #6188

Change-Id: Ifc3dc74e75c0f5daf0419ac3be184415c65b202e
2023-09-12 12:10:18 -05:00
Moby von Briesen
6195b8cd52 satellite/admin: support more options for passing project ID
This change does two things:
* allow using either public ID or private ID to do project-related
  requests in admin UI
* allow passing a UUID string not containing dashes (i.e. a pure hex
  string) in order to do project-related requests in admin UI

Change-Id: I4807a5d7252a48f4a09e3966c406645d55c856e2
2023-09-07 08:53:41 +00:00
Egon Elbre
dc41978743 all: fix golangci failures
Change-Id: I07421388d53c837e35a4727cead26fc21c324d04
2023-08-09 11:44:44 +03:00
Clement Sam
9e3d54fec4 satellite/admin: extend API to allow setting and deleting account level geofence
Issue: https://github.com/storj/storj-private/issues/357
Change-Id: I04589e18214e7090ccd686fd531066d942afa6ed
2023-08-09 03:34:37 +00:00
Clement Sam
cc12a48c24 satellite/admin: extend admin API to allow setting and deleting geofence for projects
Issue: https://github.com/storj/storj-private/issues/357
Change-Id: Ib59319581641f1f5da71c629143e12f11eb04925
2023-07-27 11:40:26 +00:00
Wilfred Asomani
8ed4c573db satellite/admin: add endpoint to unwarn user
This change enables the admin UI to remove the warning status of users.

resolves: storj-private/issues/342

Change-Id: Ib960ffb33fdabc045884ce7fa2c55c3553db0fb0
2023-07-21 17:10:09 +00:00
paul cannon
032546219c satellite/admin: fix spelling of list-apikeys endpoint
Currently, any attempt to list the api keys associated with a project
from the admin UI results in a 404 NOT FOUND error.

This appears to be because there is no /api/projects/{project}/apiKeys
endpoint registered; it should have a lowercase k.

Change-Id: Ifbe4cd0f9ba12a6e37a0d9f64df91c264ced5558
2023-07-03 21:03:53 +00:00
Sean Harvey
b1523f82c8
satellite/admin: add owner full name on /api/apikeys/{apikey} endpoint
Updates storj/gateway-mt#321

Change-Id: I6759ec5dbba49261bb183e42d8cb333c326cb9e8
2023-06-28 16:01:15 +12:00
Sean Harvey
ad9b0dfc40 satellite/admin: fix paid tier field on /api/apikeys/{apikey} endpoint
the field was not being set, so it would always show false in the
response whether the user was paid tier or not.

Updates storj/gateway-mt#321

Change-Id: I00ae751ac9118fc05b3c22bc6d2cb9600d0faaaf
2023-06-22 11:12:56 +00:00
Vitalii
eb636f5b57 satellite/admin: add UI functionality to update user's or project's user agent
Implemented UI functionality to allow prod owner to update user's or project's user agent.

Issue:
https://github.com/storj/storj-private/issues/297

Change-Id: Ibe47e735f3c7a9fdf05b70735ebcecbac5c94ce8
2023-06-16 20:14:01 +00:00
Vitalii
1eee2fad69 satellite/{db, admin}: added endpoints to update user's and project's user_agent
Added backend (for now) implementation for updating user's and projects's user_agent using admin API.
Updating both user and project also updates bucket_metainfo and value_attribution tables.

Issue:
https://github.com/storj/storj-private/issues/297

Change-Id: I40244bbaa08b46834c1b1d0720e7d84d0c2a0330
2023-06-16 19:41:05 +00:00
Márton Elek
2ea6ca9c18
satellite/console: fill default placement of project based on user info
https://github.com/storj/storj/issues/5879

Change-Id: I5aacbe57a7aab65e11915dd8bf0c68f89da32fb4
2023-06-08 12:47:49 +02:00
Márton Elek
52598d1545 satellite/admin: introduce new placement rule
Change-Id: I582d38febd6187e06a46f14fd0f37531a2139c99
2023-06-05 13:34:26 +00:00
Stefan Benten
11324111e3 satellite/admin: secure accidental user email change
It currently is possible to create a violation with regards to
the uniqueness of the user account emails that is used for the
login.
When an update via the admin API is made, it currently is possible
to set the accounts email to an already occupied email address.
This will result in very flacky login behaviour, as well as creating
a lot of other related issues.

This small change adds a check to ensure the email is not attached to
any account.

Change-Id: I167be673082d59ef32cafe41047fce9f5ae534d0
2023-06-05 12:17:31 +00:00
Sean Harvey
403f5eff81
satellite/admin: add /api/apikeys/{apikey} GET endpoint
This allows scripted automation to get more details of the
API key such as project ID, and paid tier status.

Updates https://github.com/storj/gateway-mt/issues/321

Change-Id: I8a835752d4fd67382aca804b8c93e63de6c9a846
2023-05-26 17:18:05 +12:00
Vitalii
4d998970d4 satellite/admin: rework update user limits functionality
Fixed nil pointer dereference panic.
Updated naming conventions so that PUT request and GET response bodies are the same (bandwidth, storage and segment).
Allowed usage of notations like 150GB, 2TB for storage and bandwidth limits.
Updated tests.

Issue:
https://github.com/storj/storj/issues/5674

Change-Id: I7ac27c00721a9b4bf507afa34cb05c4475a809ad
2023-04-25 13:38:59 +00:00
Egon Elbre
41931970fd satellite/*: changes to stop using storj.ListDirection
Currently this duplicates the constants, because we cannot yet bump
common nor uplink.

Change-Id: I81818df8a9092e0b358eb946c31f2a42ac9dbf0a
2023-04-19 15:30:42 +03:00
Jeremy Wharton
b3b619efc5 satellite/admin: use system-given port in OAuth test to fix flakiness
The test for the admin API's OAuth authorization behaviour has been
modified to use a random available port given by the system rather than
a hardcoded one. This prevents the test from accidentally using a port
that is already in use.

Change-Id: Iae017b2f397ae53f1a006bae1d0578d2ddfd0875
2023-04-14 13:14:19 -05:00
Wilfred Asomani
4ee22e0ed8 satellite/admin: add tests to admin auth
This change tests authorization of the admin api.

Issue: https://github.com/storj/storj/issues/5699

Change-Id: Iecfe4c27a70ab1b48aeb5ed3251b51a3406140e8
2023-04-14 11:13:14 +00:00
Egon Elbre
eecb055dfd satellite/buckets: move Bucket definition
Move Bucket struct definition.

Updates https://github.com/storj/storj/issues/5291

Change-Id: I6bfc5ce287793ea479f2cb8b17878ba3cf6b63e0
2023-04-13 17:55:40 -04:00
Michal Niewrzal
8a50a3baa3 satellite/payments: rename 'stripecoinpayments' package to 'stripe'
Automatic rename. May require some more cleanups later.

Change-Id: I18220a4278056d25c41fb137832bb81f2b876ac1
2023-04-06 16:51:43 +00:00
Ivan Fraixedes
d17b41d027
satellite/admin: Fix response code for Get bucket
Get bucket was returning a "bad request" HTTP status code when the
bucket doesn't exists.

We have to return HTTP "Not found" status code.

Change-Id: If717d99276b02a1e59a9b71ebc909bd6d8d9390b
2023-04-03 10:22:22 +02:00
Lizzy Thomson
63533c628b Satellite/console: Reduce free account limits
Update free account limits to segments(10k), storage(25gb), and
bandwidth(25gb)

Issue: https://github.com/storj/storj-private/issues/182

Change-Id: I59250fc9f1eebc812bc85ecfbc2924f8c4369064
2023-03-29 15:24:24 +00:00
Cameron
4e94e6188c satellite/admin: restrict api access based on user groups
This change reworks the allowedAuthorization function to check what
groups the user is a part of to determine if authorization should be
granted. By wrapping each handler with withAuth, we can specify the
allowed groups for each api method individually.

github issue: https://github.com/storj/storj/issues/5565

Change-Id: I1804dda04d5b16d19e93bd7199fb3fc89fca1294
2023-03-10 16:16:04 -05:00
Cameron
b24ce98944 satellite/admin: add Groups to config
add new config to the satellite admin: --admin.groups.limit-update.
This can be used as an alternate means of authentication if the request
is coming from the oauth proxy.

Change-Id: Ic2de13862e6414244b060c66a0f2bed72097cbad
2023-02-27 16:07:20 +00:00
Ivan Fraixedes
16d3fcde70 satellite/admin/ui/lib: Fix bug in API
The update user API function was defining a parameter that the API
calling function doesn't receive, so all the values were shifted by
1 after this extra parameter and the calling function was sending these
  values to the next one updating the fields that the user was not
  expecting.

  The API server doesn't allow to update this removed parameter, so it
  was likely a bug caused by copy-pasta.

Change-Id: I52a2b66abc1f6e5cb0070dc6fd230c30d1133dcf
2023-02-23 10:59:18 +00:00
Lizzy Thomson
1b22994631 satellite/admin: update user's limits and project limits from admin api
Create an endpoint in the Admin Api to be able to update a user’s limits
for all existing and new projects. Also added a GET endpoint to return
user's limits.

Fixes: https://github.com/storj/storj/issues/5395

Change-Id: I2c093dc08ebf79a4318391e63a37da4d2b403547
2023-02-15 11:38:57 +00:00
Cameron
de44c6ab58 satellite/admin: update README
add descriptions for freeze and unfreeze user endpoints and regenerate
table of contents. This additionally added the oauth endpoints and one project limits POST parameter to the ToC

Change-Id: I05025f1f3a11c3775a4f59b01569ccb419d72858
2023-02-02 14:40:24 +00:00