Initial commit

routes/api/networks/[id]/+server.ts

@@ -0,0 +1,71 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { removeNetwork, inspectNetwork } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+import { auditNetwork } from '$lib/server/audit';
+
+export const GET: RequestHandler = async ({ params, url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'inspect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	// Environment access check (enterprise only)
+	if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
+		return json({ error: 'Access denied to this environment' }, { status: 403 });
+	}
+
+	try {
+
+		const network = await inspectNetwork(params.id, envIdNum);
+		return json(network);
+	} catch (error) {
+		console.error('Failed to inspect network:', error);
+		return json({ error: 'Failed to inspect network' }, { status: 500 });
+	}
+};
+
+export const DELETE: RequestHandler = async (event) => {
+	const { params, url, cookies } = event;
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'remove', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	// Environment access check (enterprise only)
+	if (envIdNum && auth.isEnterprise && !await auth.canAccessEnvironment(envIdNum)) {
+		return json({ error: 'Access denied to this environment' }, { status: 403 });
+	}
+
+	try {
+
+		// Get network name before deletion for audit
+		let networkName = params.id;
+		try {
+			const networkInfo = await inspectNetwork(params.id, envIdNum);
+			networkName = networkInfo.Name || params.id;
+		} catch {
+			// Use ID if can't get name
+		}
+
+		await removeNetwork(params.id, envIdNum);
+
+		// Audit log
+		await auditNetwork(event, 'delete', params.id, networkName, envIdNum);
+
+		return json({ success: true });
+	} catch (error: any) {
+		console.error('Failed to remove network:', error);
+		return json({ error: 'Failed to remove network', details: error.message }, { status: 500 });
+	}
+};

routes/api/networks/[id]/connect/+server.ts

@@ -0,0 +1,53 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { connectContainerToNetwork, inspectNetwork } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+import { auditNetwork } from '$lib/server/audit';
+
+export const POST: RequestHandler = async (event) => {
+	const { params, url, request, cookies } = event;
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'connect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+
+		const body = await request.json();
+		const { containerId, containerName } = body;
+
+		if (!containerId) {
+			return json({ error: 'Container ID is required' }, { status: 400 });
+		}
+
+		// Get network name for audit
+		let networkName = params.id;
+		try {
+			const networkInfo = await inspectNetwork(params.id, envIdNum);
+			networkName = networkInfo.Name || params.id;
+		} catch {
+			// Use ID if can't get name
+		}
+
+		await connectContainerToNetwork(params.id, containerId, envIdNum);
+
+		// Audit log
+		await auditNetwork(event, 'connect', params.id, networkName, envIdNum, {
+			containerId,
+			containerName: containerName || containerId
+		});
+
+		return json({ success: true });
+	} catch (error: any) {
+		console.error('Failed to connect container to network:', error);
+		return json({
+			error: 'Failed to connect container to network',
+			details: error.message
+		}, { status: 500 });
+	}
+};

routes/api/networks/[id]/disconnect/+server.ts

@@ -0,0 +1,53 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { disconnectContainerFromNetwork, inspectNetwork } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+import { auditNetwork } from '$lib/server/audit';
+
+export const POST: RequestHandler = async (event) => {
+	const { params, url, request, cookies } = event;
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'disconnect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+
+		const body = await request.json();
+		const { containerId, containerName, force } = body;
+
+		if (!containerId) {
+			return json({ error: 'Container ID is required' }, { status: 400 });
+		}
+
+		// Get network name for audit
+		let networkName = params.id;
+		try {
+			const networkInfo = await inspectNetwork(params.id, envIdNum);
+			networkName = networkInfo.Name || params.id;
+		} catch {
+			// Use ID if can't get name
+		}
+
+		await disconnectContainerFromNetwork(params.id, containerId, force ?? false, envIdNum);
+
+		// Audit log
+		await auditNetwork(event, 'disconnect', params.id, networkName, envIdNum, {
+			containerId,
+			containerName: containerName || containerId
+		});
+
+		return json({ success: true });
+	} catch (error: any) {
+		console.error('Failed to disconnect container from network:', error);
+		return json({
+			error: 'Failed to disconnect container from network',
+			details: error.message
+		}, { status: 500 });
+	}
+};

routes/api/networks/[id]/inspect/+server.ts

@@ -0,0 +1,24 @@
+import { json } from '@sveltejs/kit';
+import type { RequestHandler } from './$types';
+import { inspectNetwork } from '$lib/server/docker';
+import { authorize } from '$lib/server/authorize';
+
+export const GET: RequestHandler = async ({ params, url, cookies }) => {
+	const auth = await authorize(cookies);
+
+	const envId = url.searchParams.get('env');
+	const envIdNum = envId ? parseInt(envId) : undefined;
+
+	// Permission check with environment context
+	if (auth.authEnabled && !await auth.can('networks', 'inspect', envIdNum)) {
+		return json({ error: 'Permission denied' }, { status: 403 });
+	}
+
+	try {
+		const networkData = await inspectNetwork(params.id, envIdNum);
+		return json(networkData);
+	} catch (error) {
+		console.error('Failed to inspect network:', error);
+		return json({ error: 'Failed to inspect network' }, { status: 500 });
+	}
+};