feat: optionally disable configuration management via UI/API (#439)

Author: agneum

engine/api/swagger-spec/dblab_server_swagger.yaml

@@ -679,11 +679,15 @@ definitions:
     properties:
       version:
         type: "string"
+      edition:
+        type: "string"
       startedAt:
         type: "string"
         format: "date-time"
       telemetry:
         type: boolean
+      allowModifyingConfig:
+        type: boolean
 
   PoolEntry:
     type: "object"

engine/configs/config.example.logical_generic.yml

@@ -23,6 +23,9 @@ server:
   # HTTP server port. Default: 2345.
   port: 2345
 
+  # Allow modifying configuration via UI/API. Default: true.
+  allowModifyingConfig: true
+
 # Embedded UI. Controls the application to provide a user interface to DLE API.
 embeddedUI:
   enabled: true

engine/configs/config.example.logical_rds_iam.yml

@@ -23,6 +23,9 @@ server:
   # HTTP server port. Default: 2345.
   port: 2345
 
+  # Allow modifying configuration via UI/API. Default: true.
+  allowModifyingConfig: true
+
 # Embedded UI. Controls the application to provide a user interface to DLE API.
 embeddedUI:
   enabled: true

engine/configs/config.example.physical_generic.yml

@@ -23,6 +23,9 @@ server:
   # HTTP server port. Default: 2345.
   port: 2345
 
+  # Allow modifying configuration via UI/API. Default: true.
+  allowModifyingConfig: true
+
 # Embedded UI. Controls the application to provide a user interface to DLE API.
 embeddedUI:
   enabled: true

engine/configs/config.example.physical_pgbackrest.yml

@@ -23,6 +23,9 @@ server:
   # HTTP server port. Default: 2345.
   port: 2345
 
+  # Allow modifying configuration via UI/API. Default: true.
+  allowModifyingConfig: true
+
 # Embedded UI. Controls the application to provide a user interface to DLE API.
 embeddedUI:
   enabled: true

engine/configs/config.example.physical_walg.yml

@@ -23,6 +23,9 @@ server:
   # HTTP server port. Default: 2345.
   port: 2345
 
+  # Allow modifying configuration via UI/API. Default: true.
+  allowModifyingConfig: true
+
 # Embedded UI. Controls the application to provide a user interface to DLE API.
 embeddedUI:
   enabled: true

engine/internal/srv/config.go

@@ -23,7 +23,10 @@ import (
 	yamlUtils "gitlab.com/postgres-ai/database-lab/v3/pkg/util/yaml"
 )
 
-const connectionCheckTimeout = 10 * time.Second
+const (
+	connectionCheckTimeout = 10 * time.Second
+	configManagementDenied = "configuration management via UI/API disabled by admin"
+)
 
 func (s *Server) getProjectedAdminConfig(w http.ResponseWriter, r *http.Request) {
 	cfg, err := s.projectedAdminConfig()
@@ -57,6 +60,11 @@ func (s *Server) getAdminConfigYaml(w http.ResponseWriter, r *http.Request) {
 }
 
 func (s *Server) setProjectedAdminConfig(w http.ResponseWriter, r *http.Request) {
+	if !s.Config.AllowModifyingConfig {
+		api.SendBadRequestError(w, r, configManagementDenied)
+		return
+	}
+
 	var cfg interface{}
 	if err := api.ReadJSON(r, &cfg); err != nil {
 		api.SendBadRequestError(w, r, err.Error())
@@ -91,6 +99,11 @@ func (s *Server) setProjectedAdminConfig(w http.ResponseWriter, r *http.Request)
 }
 
 func (s *Server) testDBSource(w http.ResponseWriter, r *http.Request) {
+	if !s.Config.AllowModifyingConfig {
+		api.SendBadRequestError(w, r, configManagementDenied)
+		return
+	}
+
 	if s.Retrieval.State.Mode != models.Logical {
 		api.SendBadRequestError(w, r, "the endpoint is only available in the Logical mode of the data retrieval")
 		return

engine/internal/srv/config/config.go

@@ -7,7 +7,8 @@ package config
 
 // Config provides configuration for an HTTP server of the Database Lab.
 type Config struct {
-	VerificationToken string `yaml:"verificationToken" json:"-"`
-	Host              string `yaml:"host"`
-	Port              uint   `yaml:"port"`
+	VerificationToken    string `yaml:"verificationToken" json:"-"`
+	Host                 string `yaml:"host"`
+	Port                 uint   `yaml:"port"`
+	AllowModifyingConfig bool   `yaml:"allowModifyingConfig" json:"-"`
 }

engine/internal/srv/server.go

@@ -111,9 +111,11 @@ func (s *Server) instanceStatus() *models.InstanceStatus {
 			Message: models.InstanceMessageOK,
 		},
 		Engine: models.Engine{
-			Version:   version.GetVersion(),
-			StartedAt: s.startedAt,
-			Telemetry: pointer.ToBool(s.tm.IsEnabled()),
+			Version:              version.GetVersion(),
+			Edition:              s.engProps.GetEdition(),
+			StartedAt:            s.startedAt,
+			Telemetry:            pointer.ToBool(s.tm.IsEnabled()),
+			AllowModifyingConfig: pointer.ToBool(s.Config.AllowModifyingConfig),
 		},
 		Pools:       s.provisioner.GetPoolEntryList(),
 		Cloning:     s.Cloning.GetCloningState(),

engine/pkg/models/instance_status.go

@@ -44,10 +44,11 @@ type Cloning struct {
 
 // Engine represents info about Database Lab Engine instance.
 type Engine struct {
-	Version   string     `json:"version"`
-	Edition   string     `json:"edition"`
-	StartedAt *LocalTime `json:"startedAt,omitempty"`
-	Telemetry *bool      `json:"telemetry,omitempty"`
+	Version              string     `json:"version"`
+	Edition              string     `json:"edition"`
+	StartedAt            *LocalTime `json:"startedAt,omitempty"`
+	Telemetry            *bool      `json:"telemetry,omitempty"`
+	AllowModifyingConfig *bool      `json:"allowModifyingConfig,omitempty"`
 }
 
 // CloneList represents a list of clones.