admin
02650e3202
Controller: - internal/web/csrf.go (new): CsrfProtect middleware, csrfToken/csrfField helpers - auth.go: per-session CSRF token (csrfToken field, csrfTokenForSession method) - server.go: executeTemplate wrapper auto-injects CSRFField+CSRFToken - main.go: wire CsrfProtect on all routes; bump to v0.23.0 - handlers.go, storage_handlers.go, handler_restore.go: executeTemplate - All templates: CSRFField in forms, meta csrf-token, csrfHeaders() JS helper, fetch calls updated; sendBeacon→fetch+keepalive in storage_attach.html Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
171 lines
4.4 KiB
Go
171 lines
4.4 KiB
Go
package web
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"net/http"
|
|
"time"
|
|
|
|
"gitea.dooplex.hu/admin/felhom-controller/internal/backup"
|
|
)
|
|
|
|
// restorePageHandler renders the full-page DR restore UI.
|
|
func (s *Server) restorePageHandler(w http.ResponseWriter, r *http.Request) {
|
|
s.restoreMu.RLock()
|
|
plan := s.restorePlan
|
|
if plan == nil {
|
|
s.restoreMu.RUnlock()
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
return
|
|
}
|
|
// Snapshot all needed fields under lock before rendering
|
|
customerID := plan.CustomerID
|
|
timestamp := plan.Timestamp
|
|
apps := plan.GetApps()
|
|
drives := make([]backup.DriveInfo, len(plan.Drives))
|
|
copy(drives, plan.Drives)
|
|
status := plan.GetStatus()
|
|
s.restoreMu.RUnlock()
|
|
|
|
data := map[string]interface{}{
|
|
"Title": "Katasztrófa utáni visszaállítás",
|
|
"CustomerName": s.cfg.Customer.Name,
|
|
"Domain": s.cfg.Customer.Domain,
|
|
"Version": s.version,
|
|
"CustomerID": customerID,
|
|
"Timestamp": timestamp,
|
|
"Apps": apps,
|
|
"Drives": drives,
|
|
"PlanStatus": status,
|
|
}
|
|
|
|
s.executeTemplate(w, r, "restore", data)
|
|
}
|
|
|
|
// apiRestoreStatus returns the current restore plan status as JSON.
|
|
func (s *Server) apiRestoreStatus(w http.ResponseWriter, r *http.Request) {
|
|
s.restoreMu.RLock()
|
|
plan := s.restorePlan
|
|
if plan == nil {
|
|
s.restoreMu.RUnlock()
|
|
jsonError(w, "not in restore mode", http.StatusBadRequest)
|
|
return
|
|
}
|
|
snapshot := plan.Snapshot()
|
|
s.restoreMu.RUnlock()
|
|
|
|
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
|
json.NewEncoder(w).Encode(snapshot)
|
|
}
|
|
|
|
// apiRestoreAll starts restoring all pending apps sequentially.
|
|
func (s *Server) apiRestoreAll(w http.ResponseWriter, r *http.Request) {
|
|
s.restoreMu.RLock()
|
|
plan := s.restorePlan
|
|
s.restoreMu.RUnlock()
|
|
if plan == nil {
|
|
jsonError(w, "not in restore mode", http.StatusBadRequest)
|
|
return
|
|
}
|
|
if !plan.TryStartRestore() {
|
|
jsonError(w, "restore already in progress", http.StatusConflict)
|
|
return
|
|
}
|
|
go s.executeAllRestores()
|
|
|
|
jsonResponse(w, map[string]interface{}{
|
|
"ok": true,
|
|
"message": "Visszaállítás elindítva",
|
|
})
|
|
}
|
|
|
|
// apiRestoreSkip exits restore mode without restoring.
|
|
func (s *Server) apiRestoreSkip(w http.ResponseWriter, r *http.Request) {
|
|
s.restoreMu.RLock()
|
|
plan := s.restorePlan
|
|
s.restoreMu.RUnlock()
|
|
if plan == nil {
|
|
jsonError(w, "not in restore mode", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
s.logger.Println("[INFO] User skipped DR restore — entering normal mode")
|
|
s.clearRestoreMode()
|
|
|
|
jsonResponse(w, map[string]interface{}{
|
|
"ok": true,
|
|
"message": "Visszaállítás kihagyva",
|
|
})
|
|
}
|
|
|
|
// executeAllRestores runs the restore for each pending app sequentially.
|
|
func (s *Server) executeAllRestores() {
|
|
s.logger.Println("[INFO] Starting DR restore for all apps")
|
|
|
|
s.restoreMu.RLock()
|
|
plan := s.restorePlan
|
|
s.restoreMu.RUnlock()
|
|
if plan == nil {
|
|
s.logger.Println("[WARN] Restore plan cleared before execution could start")
|
|
return
|
|
}
|
|
|
|
// Count pending apps and push DR start event
|
|
pendingCount := 0
|
|
for _, app := range plan.Apps {
|
|
if app.Status == "pending" {
|
|
pendingCount++
|
|
}
|
|
}
|
|
if s.notifier != nil {
|
|
s.notifier.NotifyDRStarted(pendingCount)
|
|
}
|
|
|
|
successCount, failCount := 0, 0
|
|
for i := range plan.Apps {
|
|
app := &plan.Apps[i]
|
|
if app.Status != "pending" {
|
|
continue
|
|
}
|
|
|
|
plan.UpdateApp(app.Name, "restoring", "")
|
|
s.logger.Printf("[INFO] Restoring app %s (%s)", app.Name, app.DisplayName)
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
|
|
err := backup.RestoreAppFromBackup(ctx, app, s.cfg.Paths.StacksDir, s.logger)
|
|
cancel()
|
|
|
|
if err != nil {
|
|
plan.UpdateApp(app.Name, "failed", err.Error())
|
|
s.logger.Printf("[ERROR] Restore failed for %s: %v", app.Name, err)
|
|
failCount++
|
|
} else {
|
|
plan.UpdateApp(app.Name, "done", "")
|
|
s.logger.Printf("[INFO] Restore completed for %s", app.Name)
|
|
successCount++
|
|
}
|
|
}
|
|
|
|
plan.SetStatus("done")
|
|
s.logger.Println("[INFO] All app restores completed")
|
|
|
|
// Push DR completion event
|
|
if s.notifier != nil {
|
|
s.notifier.NotifyDRCompleted(successCount, failCount)
|
|
}
|
|
|
|
// Re-scan stacks so dashboard picks up restored apps
|
|
if s.stackMgr != nil {
|
|
if err := s.stackMgr.ScanStacks(); err != nil {
|
|
s.logger.Printf("[WARN] Post-restore stack scan failed: %v", err)
|
|
}
|
|
}
|
|
}
|
|
|
|
// clearRestoreMode exits restore mode and returns to normal operation.
|
|
func (s *Server) clearRestoreMode() {
|
|
s.restoreMu.Lock()
|
|
defer s.restoreMu.Unlock()
|
|
s.restorePlan = nil
|
|
}
|