Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-30 18:07:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 122
fleet/website/api/controllers/android-proxy/delete-one-android-enterprise.js
Eric 1799c824b1
Website: Update Android proxy endpoints exits (#34135) 
Changes:
- Updated the website's Android proxy endpoints to use action2 exit
signals.
2025-10-10 17:11:42 -05:00

103 lines
3.6 KiB
JavaScript
Vendored
Raw Blame History

module.exports = {
friendlyName: 'Delete one android enterprise',
description: 'Deletes an android enterprise and the associated database record.',
inputs: {
androidEnterpriseId: {
type: 'string',
required: true,
},
},
exits: {
success: { description: 'An Android enterprise was successfully deleted.' },
missingAuthHeader: { description: 'This request was missing an authorization header.', responseType: 'unauthorized'},
unauthorized: { description: 'Invalid authentication token.', responseType: 'unauthorized'},
notFound: { description: 'No Android enterprise found for this Fleet server.', responseType: 'notFound'},
},
fn: async function ({androidEnterpriseId}) {
// Extract fleetServerSecret from the Authorization header
let authHeader = this.req.get('authorization');
let fleetServerSecret;
if (authHeader && authHeader.startsWith('Bearer')) {
fleetServerSecret = authHeader.replace('Bearer', '').trim();
} else {
throw 'missingAuthHeader';
}
// Look up the database record for this Android enterprise
let thisAndroidEnterprise = await AndroidEnterprise.findOne({
androidEnterpriseId: androidEnterpriseId,
});
// Return a 404 response if no records are found.
if(!thisAndroidEnterprise) {
throw 'notFound';
}
// Return an unauthorized response if the provided secret does not match.
if(thisAndroidEnterprise.fleetServerSecret !== fleetServerSecret) {
throw 'unauthorized';
}
// Delete the Android enterprise from Google (if it still exists)
// Note: If the enterprise is already deleted in Google, we still want to clean up proxy database
try {
await sails.helpers.flow.build(async ()=>{
let { google } = require('googleapis');
let androidmanagement = google.androidmanagement('v1');
let googleAuth = new google.auth.GoogleAuth({
scopes: [
'https://www.googleapis.com/auth/androidmanagement',
'https://www.googleapis.com/auth/pubsub'
],
credentials: {
client_email: sails.config.custom.androidEnterpriseServiceAccountEmailAddress,// eslint-disable-line camelcase
private_key: sails.config.custom.androidEnterpriseServiceAccountPrivateKey,// eslint-disable-line camelcase
},
});
// Acquire the google auth client, and bind it to all future calls
let authClient = await googleAuth.getClient();
google.options({auth: authClient});
// Delete the android enterprise.
await androidmanagement.enterprises.delete({
name: `enterprises/${androidEnterpriseId}`,
});
let pubsub = google.pubsub('v1');
// Delete the enterprise's pubsub topic
await pubsub.projects.topics.delete({
topic: thisAndroidEnterprise.pubsubTopicName,
});
// Delete the topic's subscription, which should have the same name as the topic.
await pubsub.projects.subscriptions.delete({
subscription: thisAndroidEnterprise.pubsubSubscriptionName,
});
return;
}).intercept((err)=>{
throw new Error(`When attempting to delete android enterprise from Google (${androidEnterpriseId}), an error occurred. Error: ${err}`);
});
} catch (unusedErr) {
// If Google API deletion fails (e.g., enterprise already deleted), continue with proxy cleanup
}
// Delete the database record for this Android enterprise
await AndroidEnterprise.destroyOne({ id: thisAndroidEnterprise.id });
// All done. Send back an empty JSON object as expected by Android Management API.
return {};
}
};
Reference in a new issue View git blame Copy permalink