package api import ( "encoding/json" "errors" "io" "log" "net/http" "github.com/go-chi/chi/v5" "github.com/google/uuid" "github.com/vasyakrg/dns-autoresolver/internal/model" "github.com/vasyakrg/dns-autoresolver/internal/service" "github.com/vasyakrg/dns-autoresolver/internal/store/dto" "github.com/vasyakrg/dns-autoresolver/internal/tmpl" ) func writeJSON(w http.ResponseWriter, status int, v any) { w.Header().Set("Content-Type", "application/json") w.WriteHeader(status) _ = json.NewEncoder(w).Encode(v) } func writeErr(w http.ResponseWriter, status int, msg string) { writeJSON(w, status, map[string]string{"error": msg}) } func (a *API) handleCheck(w http.ResponseWriter, r *http.Request) { // pid is guaranteed present and owned by the caller — RequireProjectAccess // validated it before this handler ever runs. pid, _ := projectIDFrom(r.Context()) did, err := uuid.Parse(chi.URLParam(r, "did")) if err != nil { writeErr(w, http.StatusBadRequest, "invalid domain id") return } cs, err := a.Svc.Check(r.Context(), pid, did) if err != nil { // Persist the failure so the domain badge reflects it instead of stale // "unknown"; the write error (if any) is logged, never masks the 500. if serr := a.Store.SetDomainStatus(r.Context(), did, pid, service.StatusError); serr != nil { log.Printf("api: set domain status (error) failed: %v", serr) } log.Printf("api: check failed: %v", err) // A provider failure (e.g. Selectel returning a 409 conflict) is safe // and useful to show the user as-is; any other failure (decrypt/db/loader) // stays a generic "internal error" to avoid leaking internals. if errors.Is(err, service.ErrProviderUnavailable) { writeErr(w, http.StatusBadGateway, service.ProviderMessage(err)) } else { writeErr(w, http.StatusInternalServerError, "internal error") } return } // Manual check persists status/history only — no notification. Notify // remains the scheduler's responsibility (see internal/scheduler). if serr := a.Store.SetDomainStatus(r.Context(), did, pid, service.DeriveStatus(cs)); serr != nil { log.Printf("api: set domain status failed: %v", serr) } writeJSON(w, http.StatusOK, toChangesetResponse(cs)) } func (a *API) handleApply(w http.ResponseWriter, r *http.Request) { // pid is guaranteed present and owned by the caller — RequireProjectAccess // validated it before this handler ever runs. pid, _ := projectIDFrom(r.Context()) did, err := uuid.Parse(chi.URLParam(r, "did")) if err != nil { writeErr(w, http.StatusBadRequest, "invalid domain id") return } var req applyRequest if r.Body != nil { r.Body = http.MaxBytesReader(w, r.Body, 1<<20) // 1 MiB // пустое тело допустимо → значения по умолчанию (пустые списки, ничего // не применяется); любая другая ошибка decode (битый JSON, неверные // типы) → 400 if err := json.NewDecoder(r.Body).Decode(&req); err != nil && !errors.Is(err, io.EOF) { writeErr(w, http.StatusBadRequest, "invalid request body") return } } cs, err := a.Svc.Apply(r.Context(), pid, did, service.ApplyRequest{ Updates: req.Updates, Prunes: req.Prunes, }) if err != nil { log.Printf("api: apply failed: %v", err) // Same distinction as handleCheck: surface the real provider message, // keep everything else generic. if errors.Is(err, service.ErrProviderUnavailable) { writeErr(w, http.StatusBadGateway, service.ProviderMessage(err)) } else { writeErr(w, http.StatusInternalServerError, "internal error") } return } writeJSON(w, http.StatusOK, toChangesetResponse(cs)) } // handleZoneRecords reads a zone's current records straight from the // provider — no template required, no diff computed. Backs read-only zone // viewing for domains that don't have a template attached (yet). func (a *API) handleZoneRecords(w http.ResponseWriter, r *http.Request) { pid, _ := projectIDFrom(r.Context()) did, err := uuid.Parse(chi.URLParam(r, "did")) if err != nil { writeErr(w, http.StatusBadRequest, "invalid domain id") return } recs, err := a.Svc.ZoneRecords(r.Context(), pid, did) if err != nil { log.Printf("api: zone records failed: %v", err) if errors.Is(err, service.ErrProviderUnavailable) { writeErr(w, http.StatusBadGateway, "не удалось получить записи зоны у провайдера") } else { writeErr(w, http.StatusNotFound, "домен не найден") } return } doc := dto.FromModel(recs) writeJSON(w, http.StatusOK, doc.Records) // []dto.RecordDTO } // handleTemplateFromZone snapshots a zone's current managed records (NS/SOA // excluded — they're read-only, never part of a template) into a brand new // template, then auto-attaches it to the domain so check/apply become // available immediately. func (a *API) handleTemplateFromZone(w http.ResponseWriter, r *http.Request) { pid, _ := projectIDFrom(r.Context()) did, err := uuid.Parse(chi.URLParam(r, "did")) if err != nil { writeErr(w, http.StatusBadRequest, "invalid domain id") return } dom, err := a.Store.GetDomain(r.Context(), did, pid) if err != nil { log.Printf("api: template-from-zone: get domain failed: %v", err) writeErr(w, http.StatusNotFound, "домен не найден") return } // This endpoint only makes sense for a domain with no template attached // yet — it snapshots the zone's live state into a brand-new template. // If a template is already bound, re-attaching a fresh snapshot would // silently orphan the existing one; re-pointing a domain to a different // template is a separate, explicit action and must not happen as a side // effect of a retried/duplicate POST here. if dom.TemplateID != nil { writeErr(w, http.StatusConflict, "шаблон уже привязан") return } recs, err := a.Svc.ZoneRecords(r.Context(), pid, did) if err != nil { log.Printf("api: template-from-zone: zone records failed: %v", err) if errors.Is(err, service.ErrProviderUnavailable) { writeErr(w, http.StatusBadGateway, "не удалось получить записи зоны у провайдера") } else { writeErr(w, http.StatusNotFound, "домен не найден") } return } // Snapshot only managed records — NS/SOA are read-only and never templated. managed := make([]model.Record, 0, len(recs)) for _, rc := range recs { if rc.Type.Managed() { managed = append(managed, rc) } } doc := tmpl.Parameterize(managed, dom.ZoneName) tpl, err := a.Store.CreateTemplate(r.Context(), pid, dom.ZoneName+" snapshot", doc) if err != nil { log.Printf("api: template-from-zone: create template failed: %v", err) writeErr(w, http.StatusInternalServerError, "internal error") return } if _, err := a.Store.SetDomainTemplate(r.Context(), did, pid, &tpl.ID); err != nil { log.Printf("api: template-from-zone: attach template failed: %v", err) writeErr(w, http.StatusInternalServerError, "internal error") return } writeJSON(w, http.StatusCreated, toTemplateResponse(tpl)) }