[META/FIX] Modify CHANGELOG

Schema/AdminToken.json

@@ -0,0 +1,25 @@
+{
+  "header": "Schema\/AdminToken.h",
+  "types": {
+    "TokenRequest": {
+      "fields": {
+        "name": { "type": "string" },
+        "max_uses": { "type": "integer" },
+        "lifetime": { "type": "integer" }
+      },
+      "type": "struct"
+    },
+    "TokenInfo": {
+      "fields": {
+        "name": { "type": "string" },
+        "created_by": { "type": "string" },
+        "created_on": { "type": "integer" },
+        "expires_on": { "type": "integer" },
+        "used": { "type": "integer" },
+        "uses": { "type": "integer" }
+      },
+      "type": "struct"
+    }
+  },
+  "guard": "TELODENDRIA_ADMINTOKEN_H"
+}

docs/CHANGELOG.md

@@ -34,6 +34,8 @@ deactivate users.
 - Moved all administrator API endpoints to `/_telodendria/admin/v1`, because later revisions
 of the administrator API may break clients, so we want a way to give those breaking revisions
 new endpoints.
+- Implemented [a few](https://git.telodendria.io/Telodendria/Telodendria/issues/26) endpoints 
+for admins to manage tokens remotely
 
 ## v0.3.0
 

src/RegToken.c

@@ -33,6 +33,8 @@
 #include <User.h>
 #include <Cytoplasm/Int64.h>
 
+#include <Schema/AdminToken.h>
+
 int
 RegTokenValid(RegTokenInfo * token)
 {
@@ -198,6 +200,42 @@ RegTokenVerify(char *token)
     return 1;
 }
 
+HashMap *
+RegTokenJSON(RegTokenInfo * info)
+{
+    TokenInfo tokinfo;
+
+    if (!info)
+    {
+        return NULL;
+    }
+
+    tokinfo.name = info->name;
+    tokinfo.created_on = info->created;
+    tokinfo.expires_on = info->expires;
+
+    tokinfo.uses = info->uses;
+    tokinfo.used = info->used;
+
+    tokinfo.uses = Int64Sub(info->uses, info->used);
+    if (Int64Eq(info->uses, Int64Neg(Int64Create(0, 1))))
+    {
+        /* If uses == -1(infinite uses), just set it too 
+         * to -1 */
+        tokinfo.uses = info->uses;
+    }
+    if (!(tokinfo.created_by = info->owner))
+    {
+        /* The owner can be null if Telodendria created it. 
+         * Since users can't contain a space, it is in this case set to 
+         * "Telodendria Server". */
+        tokinfo.created_by = "Telodendria Server";
+    }
+
+
+    return TokenInfoToJson(&tokinfo);
+}
+
 RegTokenInfo *
 RegTokenCreate(Db * db, char *name, char *owner, UInt64 expires, Int64 uses, int privileges)
 {

src/Routes.c

@@ -87,6 +87,8 @@ RouterBuild(void)
     R("/_telodendria/admin/v1/privileges", RoutePrivileges);
     R("/_telodendria/admin/v1/privileges/(.*)", RoutePrivileges);
     R("/_telodendria/admin/v1/deactivate/(.*)", RouteAdminDeactivate);
+    R("/_telodendria/admin/v1/tokens/(.*)", RouteAdminTokens);
+    R("/_telodendria/admin/v1/tokens", RouteAdminTokens);
 
 #undef R
 

src/Routes/RouteAdminTokens.c

@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2022-2023 Jordan Bancino <@jordan:bancino.net>
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation files
+ * (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge,
+ * publish, distribute, sublicense, and/or sell copies of the Software,
+ * and to permit persons to whom the Software is furnished to do so,
+ * subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT.  IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+#include <Routes.h>
+
+#include <Cytoplasm/Json.h>
+#include <Cytoplasm/HashMap.h>
+#include <Cytoplasm/Str.h>
+#include <Cytoplasm/Memory.h>
+
+#include <Schema/AdminToken.h>
+#include <RegToken.h>
+#include <User.h>
+
+ROUTE_IMPL(RouteAdminTokens, path, argp)
+{
+    RouteArgs *args = argp;
+    HashMap *request = NULL;
+    HashMap *response = NULL;
+
+    char *token;
+    char *username;
+    char *name;
+    char *msg;
+
+    Db *db = args->matrixArgs->db;
+
+    User *user = NULL;
+
+    HttpRequestMethod method = HttpRequestMethodGet(args->context);
+
+    Array *tokensarray;
+    Array *tokens;
+
+    RegTokenInfo *info;
+
+    TokenRequest *req;
+
+    size_t i;
+
+    Int64 maxuses;
+    Int64 lifetime;
+
+    if (method != HTTP_GET && method != HTTP_POST && method != HTTP_DELETE)
+    {
+        msg = "Route only supports GET, POST, and DELETE";
+        HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+        return MatrixErrorCreate(M_UNRECOGNIZED, msg);
+    }
+    
+
+    response = MatrixGetAccessToken(args->context, &token);
+    if (response)
+    {
+        goto finish;
+    }
+
+    user = UserAuthenticate(db, token);
+    if (!user)
+    {
+        HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+        response = MatrixErrorCreate(M_UNKNOWN_TOKEN, NULL);
+        goto finish;
+    }
+
+    if (!(UserGetPrivileges(user) & USER_ISSUE_TOKENS))
+    {
+        msg = "User doesn't have the ISSUE_TOKENS privilege.";
+        HttpResponseStatus(args->context, HTTP_FORBIDDEN);
+        response = MatrixErrorCreate(M_FORBIDDEN, msg);
+        goto finish;
+    }
+
+    switch (method)
+    {
+        case HTTP_GET:
+            if (ArraySize(path) == 0)
+            {
+                tokensarray = ArrayCreate();
+                
+                /* Get all registration tokens */
+                tokens = DbList(db, 2, "tokens", "registration");
+
+                response = HashMapCreate();
+
+                for (i = 0; i < ArraySize(tokens); i++)
+                {
+                    char *tokenname = ArrayGet(tokens, i);
+                    HashMap *jsoninfo;
+
+                    info = RegTokenGetInfo(db, tokenname);
+                    jsoninfo = RegTokenJSON(info);
+                    
+
+                    RegTokenClose(info);
+                    RegTokenFree(info);
+                    ArrayAdd(tokensarray, JsonValueObject(jsoninfo));
+                }
+
+                JsonSet(response, JsonValueArray(tokensarray), 1, "tokens");
+
+                DbListFree(tokens);
+                break;
+            }
+            info = RegTokenGetInfo(db, ArrayGet(path, 0));
+            if (!info)
+            {
+                msg = "Token doesn't exist.";
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_INVALID_PARAM, msg);
+                goto finish;
+            }
+
+            response = RegTokenJSON(info);
+
+            RegTokenClose(info);
+            RegTokenFree(info);
+            break;
+        case HTTP_POST:
+            request = JsonDecode(HttpServerStream(args->context));
+            if (!request)
+            {
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_NOT_JSON, NULL);
+                goto finish;
+            }
+            req = Malloc(sizeof(TokenRequest));
+            req->max_uses = Int64Neg(Int64Create(0, 1));
+            req->lifetime = Int64Create(0, 0);
+            req->name = NULL;
+
+            if (!TokenRequestFromJson(request, req, &msg))
+            {
+                TokenRequestFree(req);
+                Free(req);
+
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_BAD_JSON, msg);
+                goto finish;
+                
+            }
+
+            if (!req->name)
+            {
+                req->name = StrRandom(16);
+            }
+            
+            username = UserGetName(user);
+            name = req->name;
+            maxuses = req->max_uses;
+            lifetime = req->lifetime;
+
+            info = RegTokenCreate(db, name, username, maxuses, lifetime, 0);
+            if (!info)
+            {
+                RegTokenClose(info);
+                RegTokenFree(info);
+                TokenRequestFree(req);
+                Free(req);
+                
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                msg = "Cannot create token";
+                response = MatrixErrorCreate(M_INVALID_PARAM, msg);
+                goto finish;
+            }
+            response = RegTokenJSON(info);
+
+            RegTokenClose(info);
+            RegTokenFree(info);
+            TokenRequestFree(req);
+            Free(req);
+            break;
+        case HTTP_DELETE:
+            if (ArraySize(path) == 0)
+            {
+                msg = "No registration token given to DELETE /tokens/[token].";
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_INVALID_PARAM, msg);
+                goto finish;
+            }
+            info = RegTokenGetInfo(db, ArrayGet(path, 0));
+            RegTokenDelete(info);
+            /* As this is a No Content, let's not set any data in the 
+             * response */
+            HttpResponseStatus(args->context, HTTP_NO_CONTENT);
+        default:
+            /* Fallthrough, as those are naturally kept out beforehand */
+            break;
+    }
+finish: 
+    UserUnlock(user);
+    JsonFree(request);
+    return response;
+}

src/include/RegToken.h

@@ -106,6 +106,12 @@ extern void RegTokenUse(RegTokenInfo *);
  */
 extern int RegTokenExists(Db *, char *);
 
+/**
+ * Returns a JSON object corresponding to a valid TokenInfo (see 
+ * #26)
+ */
+extern HashMap * RegTokenJSON(RegTokenInfo *);
+
 /**
  * Delete the specified registration token from the database.
  */

src/include/Routes.h

@@ -105,6 +105,8 @@ ROUTE(RouteRoomAliases);
 
 ROUTE(RouteAdminDeactivate);
 
+ROUTE(RouteAdminTokens);
+
 #undef ROUTE
 
 #endif