RiskRancher/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

First release of open core

Browse Source
This commit is contained in:
t
2026-04-02 10:57:36 -04:00
parent 1c94f12d1c
commit 084c1321fc
101 changed files with 8812 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
pkg/server/app.go Normal file
View File

@@ -0,0 +1,34 @@
package server
import (
"net/http"
"epigas.gitea.cloud/RiskRancher/core/pkg/domain"
"epigas.gitea.cloud/RiskRancher/core/pkg/sla"
)
type App struct {
Store domain.Store
Router *http.ServeMux
Auth domain.Authenticator
SLA domain.SLACalculator
}
type FreeAuth struct{}
func (f *FreeAuth) Middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// In the OSS version, we just pass the request to the next handler for now.
next.ServeHTTP(w, r)
})
}
// NewApp creates a Risk Rancher Core application with OSS defaults.
func NewApp(store domain.Store) *App {
return &App{
Store: store,
Router: http.NewServeMux(),
Auth: &FreeAuth{},
SLA: sla.NewSLACalculator(),
}
}

116
pkg/server/routes.go Normal file
View File

@@ -0,0 +1,116 @@
package server
import (
"net/http"
"epigas.gitea.cloud/RiskRancher/core/pkg/adapters"
"epigas.gitea.cloud/RiskRancher/core/pkg/admin"
"epigas.gitea.cloud/RiskRancher/core/pkg/analytics"
"epigas.gitea.cloud/RiskRancher/core/pkg/auth"
"epigas.gitea.cloud/RiskRancher/core/pkg/ingest"
"epigas.gitea.cloud/RiskRancher/core/pkg/report"
"epigas.gitea.cloud/RiskRancher/core/pkg/tickets"
"epigas.gitea.cloud/RiskRancher/core/ui"
)
func RegisterRoutes(app *App) {
authH := auth.NewHandler(app.Store)
adminH := admin.NewHandler(app.Store)
ticketH := tickets.NewHandler(app.Store)
ingestH := ingest.NewHandler(app.Store)
adapterH := adapters.NewHandler(app.Store)
reportH := report.NewHandler(app.Store)
analyticsH := analytics.NewHandler(app.Store)
protected := func(h http.HandlerFunc) http.Handler {
return authH.RequireAuth(http.HandlerFunc(h))
}
protectedUI := func(h http.HandlerFunc) http.Handler {
return authH.RequireUIAuth(http.HandlerFunc(h))
}
sheriffOnly := func(h http.HandlerFunc) http.Handler {
return authH.RequireAuth(authH.RequireRole("Sheriff")(http.HandlerFunc(h)))
}
adminOnly := func(h http.HandlerFunc) http.Handler {
return authH.RequireAuth(authH.RequireAnyRole("Sheriff", "Wrangler")(http.HandlerFunc(h)))
}
// =========================================================
// PUBLIC ROUTES
// =========================================================
app.Router.Handle("GET /login", ui.HandleLoginUI())
app.Router.Handle("GET /register", ui.HandleRegisterUI())
app.Router.HandleFunc("POST /api/auth/register", authH.HandleRegister)
app.Router.HandleFunc("POST /api/auth/login", authH.HandleLogin)
app.Router.HandleFunc("POST /api/auth/logout", authH.HandleLogout)
// =========================================================
// PROTECTED ROUTES
// =========================================================
app.Router.Handle("GET /api/wranglers", protected(adminH.HandleGetWranglers))
app.Router.Handle("GET /", http.RedirectHandler("/dashboard", http.StatusSeeOther))
app.Router.Handle("GET /dashboard", protectedUI(ui.HandleDashboard(app.Store)))
// Core Tickets
app.Router.Handle("GET /api/tickets", protected(ticketH.HandleGetTickets))
app.Router.Handle("POST /api/tickets", protected(ticketH.HandleCreateTicket))
app.Router.Handle("PATCH /api/tickets/{id}", protected(ticketH.HandleUpdateTicket))
// Ingestion
app.Router.Handle("POST /api/ingest", protected(ingestH.HandleIngest))
app.Router.Handle("POST /api/ingest/csv", protected(ingestH.HandleCSVIngest))
app.Router.Handle("POST /api/ingest/{name}", protected(adapterH.HandleAdapterIngest))
// Adapters & Configuration
app.Router.Handle("GET /api/adapters", protected(adapterH.HandleGetAdapters))
app.Router.Handle("GET /api/config", protected(adminH.HandleGetConfig))
// Analytics
app.Router.Handle("GET /api/analytics/summary", protected(analyticsH.HandleGetAnalyticsSummary))
// Pentest Reports & Drafts (PDF PARSER - Free Lead Magnet!)
app.Router.Handle("POST /api/reports/upload", protected(reportH.HandleUploadReport))
app.Router.Handle("GET /api/reports/view/{id}", protected(reportH.HandleViewReport))
app.Router.Handle("POST /api/drafts/report/{id}", protected(reportH.HandleSaveDraft))
app.Router.Handle("GET /api/drafts/report/{id}", protected(reportH.HandleGetDrafts))
app.Router.Handle("DELETE /api/drafts/{draft_id}", protected(reportH.HandleDeleteDraft))
// =========================================================
// SHERIFF & ADMIN ONLY
// =========================================================
app.Router.Handle("GET /admin", sheriffOnly(ui.HandleAdminDashboard(app.Store)))
app.Router.Handle("POST /api/adapters", adminOnly(adapterH.HandleCreateAdapter))
app.Router.Handle("DELETE /api/adapters/{id}", adminOnly(adapterH.HandleDeleteAdapter))
app.Router.Handle("GET /api/admin/export", sheriffOnly(adminH.HandleExportState))
app.Router.Handle("GET /api/admin/check-updates", sheriffOnly(adminH.HandleCheckUpdates))
app.Router.Handle("POST /api/admin/shutdown", sheriffOnly(adminH.HandleShutdown))
app.Router.Handle("GET /api/admin/users", adminOnly(adminH.HandleGetUsers))
app.Router.Handle("POST /api/admin/users", sheriffOnly(adminH.HandleCreateUser))
app.Router.Handle("PATCH /api/admin/users/{id}/reset-password", sheriffOnly(adminH.HandleAdminResetPassword))
app.Router.Handle("PATCH /api/admin/users/{id}/role", sheriffOnly(adminH.HandleUpdateUserRole))
app.Router.Handle("DELETE /api/admin/users/{id}", sheriffOnly(adminH.HandleDeactivateUser))
app.Router.Handle("GET /api/admin/logs", sheriffOnly(adminH.HandleGetLogs))
app.Router.Handle("GET /static/", ui.StaticHandler())
// =========================================================
// UI EXTENSIONS
// =========================================================
app.Router.Handle("GET /ingest", protectedUI(ui.HandleIngestUI(app.Store)))
app.Router.Handle("GET /admin/adapters/new", protectedUI(ui.HandleAdapterBuilderUI(app.Store)))
// Word Docx Parser
app.Router.Handle("GET /reports/parser/{id}", protectedUI(ui.HandleParserUI(app.Store)))
app.Router.Handle("POST /api/reports/promote/{id}", protected(reportH.HandlePromoteDrafts))
app.Router.Handle("GET /reports/upload", protectedUI(ui.HandlePentestUploadUI(app.Store)))
app.Router.Handle("PUT /api/drafts/{id}", protected(reportH.HandleUpdateDraft))
app.Router.Handle("POST /api/images/upload", protected(reportH.HandleImageUpload))
app.Router.Handle("GET /uploads/", http.StripPrefix("/testdata/", http.FileServer(http.Dir("./data/testdata"))))
}