Initial commit

routes/api/networks/+server.ts

@@ -0,0 +1,99 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { listNetworks, createNetwork, EnvironmentNotFoundError, type CreateNetworkOptions } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+import { auditNetwork } from '$lib/server/audit';
+import { hasEnvironments } from '$lib/server/db';
+
+export const GET: RequestHandler = async ({ url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'view', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	// Environment access check (enterprise only)
+	if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
+		return json({ error: 'Access denied to this environment' }, { status: 403 });
+	}
+
+	// Early return if no environment specified
+	if (!envIdNum) {
+		return json([]);
+	}
+
+	try {
+		const networks = await listNetworks(envIdNum);
+		return json(networks);
+	} catch (error) {
+		if (error instanceof EnvironmentNotFoundError) {
+			return json({ error: 'Environment not found' }, { status: 404 });
+		}
+		console.error('Failed to list networks:', error);
+		return json({ error: 'Failed to list networks' }, { status: 500 });
+	}
+};
+
+export const POST: RequestHandler = async (event) => {
+	const { url, request, cookies } = event;
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'create', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	// Environment access check (enterprise only)
+	if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
+		return json({ error: 'Access denied to this environment' }, { status: 403 });
+	}
+
+	try {
+		const body = await request.json();
+
+		// Validate required fields
+		if (!body.name) {
+			return json({ error: 'Network name is required' }, { status: 400 });
+		}
+
+		const options: CreateNetworkOptions = {
+			name: body.name,
+			driver: body.driver || 'bridge',
+			internal: body.internal || false,
+			attachable: body.attachable || false,
+			ingress: body.ingress || false,
+			enableIPv6: body.enableIPv6 || false,
+			options: body.options || {},
+			labels: body.labels || {}
+		};
+
+		// Add IPAM configuration if provided
+		if (body.ipam) {
+			options.ipam = {
+				driver: body.ipam.driver || 'default',
+				config: body.ipam.config || [],
+				options: body.ipam.options || {}
+			};
+		}
+
+		const network = await createNetwork(options, envIdNum);
+
+		// Audit log
+		await auditNetwork(event, 'create', network.Id, body.name, envIdNum, { driver: options.driver });
+
+		return json({ success: true, id: network.Id });
+	} catch (error: any) {
+		console.error('Failed to create network:', error);
+		return json({
+			error: 'Failed to create network',
+			details: error.message || String(error)
+		}, { status: 500 });
+	}
+};