chore(decom): Block post/put methods

avitova · avitova · commit 5594cae73a2b · 2025-10-22T17:20:50.000+02:00
diff --git a/README.md b/README.md
@@ -1,3 +1,5 @@
+**NOTE** As of August 31, the Launch (provisioning) service is no longer supported. You can use individual clouds in order to Launch an image.
+
 # provisioning-backend
 
 Provisioning backend service for cloud.redhat.com
diff --git a/internal/middleware/block_write_operations.go b/internal/middleware/block_write_operations.go
@@ -0,0 +1,23 @@
+package middleware
+
+import (
+	"net/http"
+
+	"github.com/RHEnVision/provisioning-backend/internal/config"
+)
+
+func BlockWriteOperationsMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		isProd := config.InProdClowder()
+		isStage := config.InStageClowder()
+
+		if (isProd || isStage) && (r.Method == "POST" || r.Method == "PUT") {
+			w.Header().Set("Content-Type", "application/json")
+			w.WriteHeader(http.StatusNotImplemented)
+			_, _ = w.Write([]byte(`{"msg": "Write operations are not available in this environment, service is decommissioned"}`))
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
diff --git a/internal/routes/all_routes.go b/internal/routes/all_routes.go
@@ -86,9 +86,9 @@ func MountAPI(r *chi.Mux) {
 		})
 
 		r.Route("/pubkeys", func(r chi.Router) {
-			r.With(middleware.EnforcePermissions("pubkey", "write")).Post("/", s.CreatePubkey)
+			r.With(middleware.BlockWriteOperationsMiddleware).With(middleware.EnforcePermissions("pubkey", "write")).Post("/", s.CreatePubkey)
 			r.With(middleware.EnforcePermissions("pubkey", "read")).With(middleware.Pagination).Get("/", s.ListPubkeys)
-			r.Post("/", s.CreatePubkey)
+			r.With(middleware.BlockWriteOperationsMiddleware).Post("/", s.CreatePubkey)
 			r.Route("/{ID}", func(r chi.Router) {
 				r.With(middleware.EnforcePermissions("pubkey", "read")).Get("/", s.GetPubkey)
 				r.With(middleware.EnforcePermissions("pubkey", "write")).Delete("/", s.DeletePubkey)
@@ -102,7 +102,7 @@ func MountAPI(r *chi.Mux) {
 			r.Route("/{TYPE}", func(r chi.Router) {
 				// additional permission checks are in the service functions
 				r.With(middleware.EnforcePermissions("reservation", "read")).Get("/{ID}", s.GetReservationDetail)
-				r.With(middleware.EnforcePermissions("reservation", "write")).Post("/", s.CreateReservation)
+				r.With(middleware.BlockWriteOperationsMiddleware).With(middleware.EnforcePermissions("reservation", "write")).Post("/", s.CreateReservation)
 			})
 			// Generic reservation detail request (no details provided)
 			r.With(middleware.EnforcePermissions("reservation", "read")).Get("/{ID}", s.GetReservationDetail)
@@ -111,7 +111,7 @@ func MountAPI(r *chi.Mux) {
 		// Endpoint used by sources background checker (no permissions needed)
 		r.Route("/availability_status", func(r chi.Router) {
 			r.Route("/sources", func(r chi.Router) {
-				r.Post("/", s.AvailabilityStatus)
+				r.With(middleware.BlockWriteOperationsMiddleware).Post("/", s.AvailabilityStatus)
 			})
 		})
 

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+NOTE As of August 31, the Launch (provisioning) service is no longer supported. You can use individual clouds in order to Launch an image.`
	`2`	`+`
`1`	`3`	`# provisioning-backend`
`2`	`4`
`3`	`5`	`Provisioning backend service for cloud.redhat.com`