added crons web apis and ui listing

apis/base.go

@@ -41,6 +41,7 @@ func NewRouter(app core.App) (*router.Router[*core.RequestEvent], error) {
 	bindRecordAuthApi(app, apiGroup)
 	bindLogsApi(app, apiGroup)
 	bindBackupApi(app, apiGroup)
+	bindCronApi(app, apiGroup)
 	bindFileApi(app, apiGroup)
 	bindBatchApi(app, apiGroup)
 	bindRealtimeApi(app, apiGroup)

apis/cron.go

@@ -0,0 +1,59 @@
+package apis
+
+import (
+	"net/http"
+	"slices"
+	"strings"
+
+	"github.com/pocketbase/pocketbase/core"
+	"github.com/pocketbase/pocketbase/tools/cron"
+	"github.com/pocketbase/pocketbase/tools/router"
+	"github.com/pocketbase/pocketbase/tools/routine"
+)
+
+// bindCronApi registers the crons api endpoint.
+func bindCronApi(app core.App, rg *router.RouterGroup[*core.RequestEvent]) {
+	subGroup := rg.Group("/crons").Bind(RequireSuperuserAuth())
+	subGroup.GET("", cronsList)
+	subGroup.POST("/{id}", cronRun)
+}
+
+func cronsList(e *core.RequestEvent) error {
+	jobs := e.App.Cron().Jobs()
+
+	slices.SortStableFunc(jobs, func(a, b *cron.Job) int {
+		if strings.HasPrefix(a.Id(), "__pb") {
+			return 1
+		}
+		if strings.HasPrefix(b.Id(), "__pb") {
+			return -1
+		}
+		return strings.Compare(a.Id(), b.Id())
+	})
+
+	return e.JSON(http.StatusOK, jobs)
+}
+
+func cronRun(e *core.RequestEvent) error {
+	cronId := e.Request.PathValue("id")
+
+	var foundJob *cron.Job
+
+	jobs := e.App.Cron().Jobs()
+	for _, j := range jobs {
+		if j.Id() == cronId {
+			foundJob = j
+			break
+		}
+	}
+
+	if foundJob == nil {
+		return e.NotFoundError("Missing or invalid cron job", nil)
+	}
+
+	routine.FireAndForget(func() {
+		foundJob.Run()
+	})
+
+	return e.NoContent(http.StatusNoContent)
+}

apis/cron_test.go

@@ -0,0 +1,149 @@
+package apis_test
+
+import (
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/pocketbase/pocketbase/core"
+	"github.com/pocketbase/pocketbase/tests"
+	"github.com/spf13/cast"
+)
+
+func TestCronsList(t *testing.T) {
+	t.Parallel()
+
+	scenarios := []tests.ApiScenario{
+		{
+			Name:            "unauthorized",
+			Method:          http.MethodGet,
+			URL:             "/api/crons",
+			ExpectedStatus:  401,
+			ExpectedContent: []string{`"data":{}`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as regular user",
+			Method: http.MethodGet,
+			URL:    "/api/crons",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo",
+			},
+			ExpectedStatus:  403,
+			ExpectedContent: []string{`"data":{}`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as superuser (empty list)",
+			Method: http.MethodGet,
+			URL:    "/api/crons",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoicGJjXzMxNDI2MzU4MjMiLCJleHAiOjI1MjQ2MDQ0NjEsInJlZnJlc2hhYmxlIjp0cnVlfQ.UXgO3j-0BumcugrFjbd7j0M4MQvbrLggLlcu_YNGjoY",
+			},
+			BeforeTestFunc: func(t testing.TB, app *tests.TestApp, e *core.ServeEvent) {
+				app.Cron().RemoveAll()
+			},
+			ExpectedStatus:  200,
+			ExpectedContent: []string{`[]`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as superuser",
+			Method: http.MethodGet,
+			URL:    "/api/crons",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoicGJjXzMxNDI2MzU4MjMiLCJleHAiOjI1MjQ2MDQ0NjEsInJlZnJlc2hhYmxlIjp0cnVlfQ.UXgO3j-0BumcugrFjbd7j0M4MQvbrLggLlcu_YNGjoY",
+			},
+			ExpectedStatus: 200,
+			ExpectedContent: []string{
+				`{"id":"__pbLogsCleanup__","expression":"0 */6 * * *"}`,
+				`{"id":"__pbDBOptimize__","expression":"0 0 * * *"}`,
+				`{"id":"__pbMFACleanup__","expression":"0 * * * *"}`,
+				`{"id":"__pbOTPCleanup__","expression":"0 * * * *"}`,
+			},
+			ExpectedEvents: map[string]int{"*": 0},
+		},
+	}
+
+	for _, scenario := range scenarios {
+		scenario.Test(t)
+	}
+}
+
+func TestCronsRun(t *testing.T) {
+	t.Parallel()
+
+	beforeTestFunc := func(t testing.TB, app *tests.TestApp, e *core.ServeEvent) {
+		app.Cron().Add("test", "* * * * *", func() {
+			app.Store().Set("testJobCalls", cast.ToInt(app.Store().Get("testJobCalls"))+1)
+		})
+	}
+
+	expectedCalls := func(expected int) func(t testing.TB, app *tests.TestApp, res *http.Response) {
+		return func(t testing.TB, app *tests.TestApp, res *http.Response) {
+			total := cast.ToInt(app.Store().Get("testJobCalls"))
+			if total != expected {
+				t.Fatalf("Expected total testJobCalls %d, got %d", expected, total)
+			}
+		}
+	}
+
+	scenarios := []tests.ApiScenario{
+		{
+			Name:            "unauthorized",
+			Method:          http.MethodPost,
+			URL:             "/api/crons/test",
+			Delay:           50 * time.Millisecond,
+			BeforeTestFunc:  beforeTestFunc,
+			AfterTestFunc:   expectedCalls(0),
+			ExpectedStatus:  401,
+			ExpectedContent: []string{`"data":{}`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as regular user",
+			Method: http.MethodPost,
+			URL:    "/api/crons/test",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo",
+			},
+			Delay:           50 * time.Millisecond,
+			BeforeTestFunc:  beforeTestFunc,
+			AfterTestFunc:   expectedCalls(0),
+			ExpectedStatus:  403,
+			ExpectedContent: []string{`"data":{}`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as superuser (missing job)",
+			Method: http.MethodPost,
+			URL:    "/api/crons/missing",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoicGJjXzMxNDI2MzU4MjMiLCJleHAiOjI1MjQ2MDQ0NjEsInJlZnJlc2hhYmxlIjp0cnVlfQ.UXgO3j-0BumcugrFjbd7j0M4MQvbrLggLlcu_YNGjoY",
+			},
+			Delay:           50 * time.Millisecond,
+			BeforeTestFunc:  beforeTestFunc,
+			AfterTestFunc:   expectedCalls(0),
+			ExpectedStatus:  404,
+			ExpectedContent: []string{`"data":{}`},
+			ExpectedEvents:  map[string]int{"*": 0},
+		},
+		{
+			Name:   "authorized as superuser (existing job)",
+			Method: http.MethodPost,
+			URL:    "/api/crons/test",
+			Headers: map[string]string{
+				"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoicGJjXzMxNDI2MzU4MjMiLCJleHAiOjI1MjQ2MDQ0NjEsInJlZnJlc2hhYmxlIjp0cnVlfQ.UXgO3j-0BumcugrFjbd7j0M4MQvbrLggLlcu_YNGjoY",
+			},
+			Delay:          50 * time.Millisecond,
+			BeforeTestFunc: beforeTestFunc,
+			AfterTestFunc:  expectedCalls(1),
+			ExpectedStatus: 204,
+			ExpectedEvents: map[string]int{"*": 0},
+		},
+	}
+
+	for _, scenario := range scenarios {
+		scenario.Test(t)
+	}
+}