Supporting open-appsec

backend/routes/api/openappsec-log.js

@@ -0,0 +1,35 @@
+const express          = require('express');
+const jwtdecode        = require('../../lib/express/jwt-decode');
+const internalOpenappsecLog = require('../../internal/openappsec-log');
+
+let router = express.Router({
+	caseSensitive: true,
+	strict:        true,
+	mergeParams:   true
+});
+
+/**
+ * /api/openappsec-log
+ */
+router
+	.route('/')
+	.options((req, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+
+	/**
+	 * GET /api/openappsec-log
+	 *
+	 * Retrieve all logs
+	 */
+	.get((req, res, next) => {
+		return internalOpenappsecLog.getAll(res.locals.access)
+			.then((policy) => {
+				res.status(200)
+					.send(policy);
+			})
+			.catch(next);
+	});
+
+module.exports = router;

backend/routes/api/openappsec-settings.js

@@ -0,0 +1,49 @@
+const express         = require('express');
+const jwtdecode       = require('../../lib/express/jwt-decode');
+const internalOpenappsecSetting = require('../../internal/setting-openappsec');
+
+let router = express.Router({
+	caseSensitive: true,
+	strict:        true,
+	mergeParams:   true
+});
+
+/**
+ * /api/openappsec-settings
+ */
+router
+	.route('/')
+	.options((req, res) => {
+		res.sendStatus(204);
+	})
+	.all(jwtdecode())
+
+	/**
+	 * GET /api/openappsec-settings
+	 * 
+	 * Retrieve the open-appsec local policy.
+	 */
+	.get((req, res, next) => {
+		return internalOpenappsecSetting.getLocalPolicy(res.locals.access)
+			.then((policy) => {
+				res.status(200)
+					.send(policy);
+			})
+			.catch(next);
+	})
+
+	/**
+	 * PUT /api/openappsec-settings
+	 *
+	 * Update the open-appsec local policy.
+	 */
+	.put((req, res, next) => {
+		return internalOpenappsecSetting.updateLocalPolicy(res.locals.access, req.body)
+			.then((result) => {
+				res.status(200)
+					.send(result);
+			})
+			.catch(next);
+	});
+
+module.exports = router;