Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[#3664] Feat: Add support for rack access
### What is the feature/fix? https://app.asana.com/0/1203637156732418/1204402996040452/f ### Add screenshot or video (optional) ** Any screenshot or video capture using the feature ** ### Does it has a breaking change? ** Describe the changes and if it has any breaking changes in any feature ** ### How to use/test it? ** Describe how to test or use the feature ** ### Checklist - [ ] New coverage tests - [ ] Unit tests passing - [ ] E2E tests passing - [ ] E2E downgrade/update test passing - [ ] Documentation updated - [ ] No warnings or errors on Deepsource/Codecov
- Loading branch information
1 parent
c311060
commit 1361189
Showing
58 changed files
with
3,728 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
package api | ||
|
||
import ( | ||
"net/http" | ||
"strings" | ||
|
||
"github.com/convox/rack/pkg/structs" | ||
"github.com/convox/stdapi" | ||
) | ||
|
||
func (s *Server) Authorize(next stdapi.HandlerFunc) stdapi.HandlerFunc { | ||
return func(c *stdapi.Context) error { | ||
switch c.Request().Method { | ||
case http.MethodGet: | ||
if !CanRead(c) { | ||
return stdapi.Errorf(401, "you are unauthorized to access this") | ||
} | ||
default: | ||
if !CanWrite(c) { | ||
return stdapi.Errorf(401, "you are unauthorized to access this") | ||
} | ||
} | ||
return next(c) | ||
} | ||
} | ||
|
||
func CanRead(c *stdapi.Context) bool { | ||
if d := c.Get(structs.ConvoxRoleParam); d != nil { | ||
v, _ := d.(string) | ||
return strings.Contains(v, "r") | ||
} | ||
return false | ||
} | ||
|
||
func CanWrite(c *stdapi.Context) bool { | ||
if d := c.Get(structs.ConvoxRoleParam); d != nil { | ||
v, _ := d.(string) | ||
return strings.Contains(v, "w") | ||
} | ||
return false | ||
} | ||
|
||
func SetReadRole(c *stdapi.Context) { | ||
c.Set(structs.ConvoxRoleParam, structs.ConvoxRoleRead) | ||
} | ||
|
||
func SetReadWriteRole(c *stdapi.Context) { | ||
c.Set(structs.ConvoxRoleParam, structs.ConvoxRoleReadWrite) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
package api_test | ||
|
||
import ( | ||
"net/http" | ||
"net/http/httptest" | ||
"testing" | ||
|
||
"github.com/convox/rack/pkg/api" | ||
"github.com/convox/stdapi" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestAuthorize(t *testing.T) { | ||
s := &api.Server{} | ||
|
||
testData := []struct { | ||
c *stdapi.Context | ||
access bool | ||
}{ | ||
{ | ||
c: func() *stdapi.Context { | ||
c := stdapi.NewContext(nil, httptest.NewRequest(http.MethodGet, "http://text.com", nil)) | ||
api.SetReadRole(c) | ||
return c | ||
}(), | ||
access: true, | ||
}, | ||
{ | ||
c: func() *stdapi.Context { | ||
c := stdapi.NewContext(nil, httptest.NewRequest(http.MethodGet, "http://text.com", nil)) | ||
return c | ||
}(), | ||
access: false, | ||
}, | ||
{ | ||
c: func() *stdapi.Context { | ||
c := stdapi.NewContext(nil, httptest.NewRequest(http.MethodPost, "http://text.com", nil)) | ||
api.SetReadRole(c) | ||
return c | ||
}(), | ||
access: false, | ||
}, | ||
{ | ||
c: func() *stdapi.Context { | ||
c := stdapi.NewContext(nil, httptest.NewRequest(http.MethodPost, "http://text.com", nil)) | ||
api.SetReadWriteRole(c) | ||
return c | ||
}(), | ||
access: true, | ||
}, | ||
} | ||
|
||
for _, td := range testData { | ||
err := s.Authorize(func(c *stdapi.Context) error { | ||
return nil | ||
})(td.c) | ||
if td.access { | ||
assert.Nil(t, err) | ||
} else { | ||
assert.NotNil(t, err) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.