Skip to content

Commit

Permalink
#255 finished assigning roles and permissions.
Browse files Browse the repository at this point in the history
  • Loading branch information
@itayw
itayw committed May 10, 2014
1 parent d193136 commit f5509af
Show file tree
Hide file tree
Showing 12 changed files with 162 additions and 38 deletions.
125 changes: 124 additions & 1 deletion apiary.apib
View file
Expand Up @@ -1012,7 +1012,6 @@ Optional body will compose a joint metadata of collection and document.

{ "message": "collection [{key}] does not exist.", "documentation_url": "http://github.com/joola/joola.io/wiki" }


# Group Roles
joola.io uses `Roles` to assign `Permissions` to `Users`.

Expand Down Expand Up @@ -1661,6 +1660,130 @@ Permissions are hard-coded string values assigned to each API endpoint. Permissi

{ "message": "permission [{key}] does not exist.", "documentation_url": "http://github.com/joola/joola.io/wiki" }

# Group Beacon
Notes related resources of the **Beacon API**

## Beacon [/beacon/{workspace}/{collection}{?APIToken}]

+ Parameters
+ workspace (required, string, `demo`) ... The `key` of the Workspace performing the action.
+ collection (required, string, `demo-example`) ... The `key` of the Collection performing the action.
+ APIToken (optional, string, `apitoken-demo`) ... The `APIToken` of the user performing the action.

### Insert Documents [POST]
+ Request (application/json)

+ Body

[{
"timestamp": null,
"article": "Sample Analytics",
"browser": "Chrome",
"device": "Desktop",
"engine": "Webkit",
"os": "Linux",
"userid": "demo@joo.la",
"ip": "127.0.0.1",
"referrer": "http://joo.la",
"visits": 1,
"loadtime": 123
}]

+ Response 200 (application/json)

[
{
"timestamp": "2014-05-10T15:49:49.575Z",
"article": "Sample Analytics",
"browser": "Chrome",
"device": "Desktop",
"engine": "Webkit",
"os": "Linux",
"userid": "demo@joo.la",
"ip": "127.0.0.1",
"referrer": "http://joo.la",
"visits": 1,
"loadtime": 123,
"timestamp_timebucket": {
"dow": 6,
"hod": 18,
"second": "2014-05-10T15:49:49.000Z",
"minute": "2014-05-10T15:49:00.000Z",
"hour": "2014-05-10T15:00:00.000Z",
"ddate": "2014-05-10T00:00:00.000Z",
"month": "2014-05-01T00:00:00.000Z",
"year": "2014-01-01T01:00:00.000Z"
},
"ourTimestamp": "2014-05-10T15:49:49.575Z",
"saved": true
}
]


+ Response 401 (application/json)

{ "message": "missing permission.", "documentation_url": "http://github.com/joola/joola.io/wiki" }

+ Response 500 (application/json)

{ "message": "permission [{key}] does not exist.", "documentation_url": "http://github.com/joola/joola.io/wiki" }

# Group Query
Notes related resources of the **Query API**

## Query [/query{?APIToken}]

+ Parameters
+ APIToken (optional, string, `apitoken-demo`) ... The `APIToken` of the user performing the action.

### Fetch [POST]
+ Request (application/json)

+ Body

{
"timeframe": "last_hour",
"interval": "minute",
"dimensions": ["timestamp"],
"metrics": ["visits"]
}

+ Response 200 (application/json)

{
"dimensions": [],
"metrics": [],
"documents": [],
"uid": "kUTTRqspS",
"resultCount": 0,
"query": {
"dontcache": true,
"filter": null,
"realtime": false,
"interval": "timebucket.minute",
"timeframe": {
"start": "2014-05-10T14:35:28.000Z",
"end": "2014-05-10T15:35:28.999Z"
},
"metrics": [],
"dimensions": [],
"uid": "kUTTRqspS",
"ts": {
"start": "2014-05-10T15:35:28.114Z",
"end": "2014-05-10T15:35:28.117Z",
"duration": 3
}
}
}


+ Response 401 (application/json)

{ "message": "missing permission.", "documentation_url": "http://github.com/joola/joola.io/wiki" }

+ Response 500 (application/json)

{ "message": "permission [{key}] does not exist.", "documentation_url": "http://github.com/joola/joola.io/wiki" }

# Group Configuration
joola.io uses a central-configuration store to support a node-based deployment schema.
Expand Down
9 changes: 4 additions & 5 deletions config/default.yml
View file
Expand Up @@ -83,11 +83,8 @@ workspaces:
root:
key: "root"
permissions:
- "access_system"
- "manage_system"
- "manage_users"
- "beacon_insert"
- "query_fetch"
- "beacon:insert"
- "query:fetch"
- "workspaces:list"
- "workspaces:get"
- "workspaces:add"
Expand Down Expand Up @@ -309,6 +306,8 @@ workspaces:
- "users:validateToken"
- "users:expireToken"
- "users:permissions"
- "beacon:insert"
- "query:fetch"
- "system:nodeuid"
- "system:nodedetails"
- "system:terminate"
Expand Down
4 changes: 3 additions & 1 deletion lib/auth/index.js
View file
Expand Up @@ -379,7 +379,7 @@ auth.validateAction = function (action, req, res, callback) {
}
});

if (!hasPermission) {
if (!hasPermission && action._permission != 'guest') {
return process.nextTick(function () {
return callback(new auth.AuthErrorTemplate('Missing permission to run this action. [action:' + action.name + '][permission:' + action._permission + '][roles:' + JSON.stringify(req.user.roles) + ', permissions: ' + userPermissions.join(',') + ']'), false);
});
Expand Down Expand Up @@ -578,6 +578,8 @@ auth.middleware = function (req, res, next) {
var modulename = req.endpointRoute.module;
var action = req.endpointRoute.action;

console.log('validate', modulename, action);

if (modulename && action) {
exports.validateRoute(req, modulename, action, function (err, action) {
if (err)
Expand Down
14 changes: 8 additions & 6 deletions lib/dispatch/beacon.js
View file
Expand Up @@ -246,16 +246,18 @@ exports.insert = {
optional: ['options']
},
_outputExample: {},
_permission: ['beacon_insert', 'manage_system'],
_permission: ['beacon:insert'],
_dispatch: {
message: 'beacon:insert'
},
_route: function (req, res) {
var _params = {};
Object.keys(req.params).forEach(function (p) {
if (p != 'resource' && p != 'action')
_params[p] = req.params[p];
});
var _params = req.parsed;
_params.document = _params.document || _params.payload;
/*
Object.keys(req.params).forEach(function (p) {
if (p != 'resource' && p != 'action')
_params[p] = req.params[p];
});*/

if (typeof _params.document === 'string') {
try {
Expand Down
2 changes: 1 addition & 1 deletion lib/dispatch/prototypes/role.js
View file
Expand Up @@ -44,7 +44,7 @@ var Role = module.exports = function (options) {
var validationErrors = this.validate(options);

if (validationErrors.length > 0)
throw new Error('Failed to verify new role, fields: [' + validationErrors.join(',') + ']');
throw new Error('Failed to verify new role [' + options.key + '], fields: [' + validationErrors.join(',') + ']');

return options;
};
Expand Down
11 changes: 7 additions & 4 deletions lib/dispatch/query.js
View file
Expand Up @@ -1244,19 +1244,22 @@ exports.fetch = {
description: "",
inputs: ['options'],
_outputExample: {},
_permission: ['access_system'],
_permission: ['query:fetch'],
_dispatch: {
message: 'query:fetch'
},
_route: function (req, res) {
var _token = req.token;
var lastQueryEndDate;
var timestampDimension;
var _params = {};
var _params={
options:req.parsed.payload
};
/*
Object.keys(req.params).forEach(function (p) {
if (p != 'resource' && p != 'action')
_params[p] = req.params[p];
});
});*/
var aborted, timerID;

var queryKey = exports.queryKey(_params.options);
Expand Down Expand Up @@ -1407,7 +1410,7 @@ exports.fetch = {
}
request(true);
},
run: function (context, options, callback) {
run: function (context, options, callback) {
callback = callback || function () {
};

Expand Down
13 changes: 2 additions & 11 deletions lib/dispatch/roles.js
View file
Expand Up @@ -69,11 +69,7 @@ exports.list = {
var result = joola.common.obj2array(_workspace.roles);

result.forEach(function (r, i) {
try {
result[i] = new Proto(r);
} catch (ex) {
console.log(r);
}
result[i] = new Proto(r);
});


Expand Down Expand Up @@ -131,12 +127,7 @@ exports.get = {
if (typeof value === 'undefined' || value === null)
return callback(new Error('Role [' + rolename + '] does not exist.'));

try {
value = new Proto(value);
}
catch (ex) {
console.log(value);
}
value = new Proto(value);
return callback(null, value);
});
}
Expand Down
2 changes: 1 addition & 1 deletion lib/dispatch/test.js
View file
Expand Up @@ -17,7 +17,7 @@ exports.withpermission = {
description: "I make sure that tests run fine",
inputs: [],
_outputExample: {},
_permission: ['manage_system', 'access_system'],
_permission: ['guest'],
_dispatch: function () {
},
_route: function (req, res) {
Expand Down
4 changes: 2 additions & 2 deletions lib/dispatch/users.js
View file
Expand Up @@ -405,7 +405,7 @@ exports.authenticate = {
description: "I authenticate users",
inputs: ['workspace', 'username', 'password'],
_outputExample: {},
_permission: ['access_system'],
_permission: ['guest'],
_dispatch: {
message: 'users:authenticate'
},
Expand Down Expand Up @@ -457,7 +457,7 @@ exports.verifyAPIToken = {
inputs: ['token'],
_proto: Proto.proto,
_outputExample: {},
_permission: ['access_system'],
_permission: ['guest'],
_dispatch: {
message: 'users:verifyAPIToken'
},
Expand Down
3 changes: 3 additions & 0 deletions lib/webserver/routes/index.js
View file
Expand Up @@ -275,6 +275,9 @@ exports.setup = function (app) {
app.delete('/tokens/:token', middleware('/users/expireToken'), exports.router);

app.get('/apitokens/:token', middleware('/users/verifyAPIToken'), exports.router);

app.post('/beacon/:workspace/:collection', middleware('/beacon/insert'), exports.router);
app.post('/query', middleware('/query/fetch'), exports.router);
};

exports.router = function (req, res, next) {
Expand Down
9 changes: 5 additions & 4 deletions test/unit/4_dispatch/roles.spec.js
View file
Expand Up @@ -21,8 +21,9 @@ describe("roles", function () {
it("should add a role", function (done) {
var role = {
key: 'test-role-' + this.uid,
permissions: []
permissions: ['guest']
};

joola.dispatch.roles.add(this.context, this.workspace, role, function (err, _role) {
if (err)
return done(err);
Expand All @@ -41,7 +42,7 @@ describe("roles", function () {
it("should fail adding an existing role", function (done) {
var role = {
key: 'test-role-' + this.uid,
permissions: []
permissions: ['guest']
};
joola.dispatch.roles.add(this.context, this.workspace, role, function (err, _role) {
if (err)
Expand All @@ -66,7 +67,7 @@ describe("roles", function () {
it("should update a role", function (done) {
var role = {
key: 'test-role-' + this.uid,
permissions: ['access_system']
permissions: ['guest']
};
joola.dispatch.roles.patch(this.context, this.workspace, role.key, role, function (err, _role) {
if (err)
Expand All @@ -79,7 +80,7 @@ describe("roles", function () {
it("should fail updating unknown role", function (done) {
var role = {
key: 'test-role1-' + this.uid,
permissions: ['access_system']
permissions: ['guest']
};
joola.dispatch.roles.patch(this.context, this.workspace, role.key, role, function (err, _role) {
if (err)
Expand Down
4 changes: 2 additions & 2 deletions test/unit/6_beacon/beacon-route.spec.js
View file
Expand Up @@ -20,7 +20,7 @@ describe("beacon-route", function () {
var options =
{
APIToken: 'apitoken-test',
_path: '/beacon/insert',
_path: 'beacon/insert',
workspace: this.context.user.workspace,
collection: 'test-beacon-route-' + this.uid,
document: {
Expand Down Expand Up @@ -65,7 +65,7 @@ describe("beacon-route", function () {
var options =
{
APIToken: 'apitoken-test',
_path: '/beacon/insert',
_path: 'beacon/insert',
workspace: this.context.user.workspace,
collection: 'test-beacon-route-' + this.uid,
document: JSON.stringify({document: {
Expand Down

0 comments on commit f5509af

Please sign in to comment.