package http import ( "net/http" "github.com/go-chi/chi/v5" ) // RegisterRoutes registers HTTP routes onto the router func RegisterRoutes(r *chi.Mux, app *App) { r.Use(Logging) r.Use(RequestID) r.Use(CSRFMiddleware(app)) r.Use(AuthMiddleware(app)) // Public routes r.Get("/login", app.LoginHandler) r.Post("/login", app.LoginHandler) r.Post("/logout", app.LogoutHandler) r.Get("/healthz", func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) }) r.Get("/metrics", app.MetricsHandler) // Prometheus metrics (public for scraping) // Protected routes r.Get("/", app.DashboardHandler) r.Get("/dashboard", app.DashboardHandler) r.Get("/monitoring", app.MonitoringHandler) r.Get("/hx/monitoring", app.HXMonitoringHandler) r.Get("/hx/monitoring/group", app.HXMonitoringGroupHandler) // API namespace r.Route("/api", func(r chi.Router) { r.Get("/pools", app.PoolsHandler) r.With(RequirePermission(app, "storage.pool.create")).Post("/pools", app.CreatePoolHandler) // create a pool -> creates a job r.Get("/pools/{pool}/datasets", app.PoolDatasetsHandler) r.With(RequirePermission(app, "storage.dataset.create")).Post("/datasets", app.CreateDatasetHandler) r.With(RequirePermission(app, "storage.dataset.snapshot")).Post("/datasets/{dataset}/snapshot", app.SnapshotHandler) r.With(RequirePermission(app, "storage.pool.scrub")).Post("/pools/{pool}/scrub", app.PoolScrubHandler) r.Get("/jobs", app.JobsHandler) r.Get("/shares/nfs/status", app.NFSStatusHandler) }) r.Get("/storage", app.StorageHandler) r.Get("/shares/nfs", app.SharesNFSHandler) r.Get("/hx/shares/nfs", app.HXNFSHandler) r.With(RequirePermission(app, "shares.nfs.create")).Post("/shares/nfs/create", app.CreateNFSHandler) r.With(RequirePermission(app, "shares.nfs.delete")).Post("/shares/nfs/delete", app.DeleteNFSHandler) r.Get("/shares/smb", app.SharesSMBHandler) r.Get("/hx/shares/smb", app.HXSmbHandler) r.With(RequirePermission(app, "shares.smb.create")).Post("/shares/smb/create", app.CreateSMBHandler) r.With(RequirePermission(app, "shares.smb.delete")).Post("/shares/smb/delete", app.DeleteSMBHandler) r.Get("/hx/pools", app.HXPoolsHandler) r.With(RequirePermission(app, "storage.pool.create")).Post("/storage/pool/create", app.StorageCreatePoolHandler) r.Get("/jobs/{id}", app.JobPartialHandler) // iSCSI routes r.Get("/iscsi", app.ISCSIHandler) r.Get("/api/iscsi/hx_targets", app.HXISCSIHandler) r.Get("/api/iscsi/hx_luns/{target}", app.HXISCLUNsHandler) r.Get("/api/iscsi/target/{target}", app.ISCSITargetInfoHandler) r.With(RequirePermission(app, "iscsi.target.create")).Post("/api/iscsi/create_target", app.CreateISCSITargetHandler) r.With(RequirePermission(app, "iscsi.lun.create")).Post("/api/iscsi/create_lun", app.CreateISCSILUNHandler) r.With(RequirePermission(app, "iscsi.lun.delete")).Post("/api/iscsi/delete_lun", app.DeleteISCSILUNHandler) r.With(RequirePermission(app, "iscsi.lun.unmap")).Post("/api/iscsi/unmap_lun", app.UnmapISCSILUNHandler) r.With(RequirePermission(app, "iscsi.portal.create")).Post("/api/iscsi/add_portal", app.AddISCSIPortalHandler) r.With(RequirePermission(app, "iscsi.initiator.create")).Post("/api/iscsi/add_initiator", app.AddISCSIInitiatorHandler) // Admin routes r.Route("/admin", func(r chi.Router) { r.Use(RequirePermission(app, "users.manage")) r.Get("/users", app.UsersHandler) r.Get("/hx/users", app.HXUsersHandler) r.Post("/users/create", app.CreateUserHandler) r.Post("/users/{id}/delete", app.DeleteUserHandler) r.Post("/users/{id}/roles", app.UpdateUserRolesHandler) r.Use(RequirePermission(app, "roles.manage")) r.Get("/roles", app.RolesHandler) r.Get("/hx/roles", app.HXRolesHandler) r.Post("/roles/create", app.CreateRoleHandler) r.Post("/roles/{id}/delete", app.DeleteRoleHandler) r.Post("/roles/{id}/permissions", app.UpdateRolePermissionsHandler) }) r.Get("/static/*", StaticHandler) }