Skip to content
This repository has been archived by the owner on Aug 16, 2023. It is now read-only.

Commit

Permalink
removed DeleteHandler for room, actualized authz docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@khodzha
khodzha committed Apr 12, 2021
1 parent 6b4afcd commit 6b50b3b
Show file tree
Hide file tree
Showing 6 changed files with 9 additions and 217 deletions.
1 change: 0 additions & 1 deletion docs/src/SUMMARY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
- [Create](api/room/create.md)
- [Read](api/room/read.md)
- [Update](api/room/update.md)
- [Delete](api/room/delete.md)
- [Enter](api/room/enter.md)
- [Leave](api/room/leave.md)
- [Message](api/message.md)
Expand Down
35 changes: 0 additions & 35 deletions docs/src/api/room/delete.md
View file

This file was deleted.

19 changes: 9 additions & 10 deletions docs/src/authz.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,12 @@ Subject's namespace and account label are retrieved from `audience` and `account

Possible values for `OBJECT` and `ACTION`:

object / action | create | read | update | delete | list | subscribe
----------------------------------------- | ------ | ---- | ------ | ------ | ---- | ---------
["rooms"] | + | | | | + |
["rooms", ROOM_ID] | | + | + | + | |
["rooms", ROOM_ID, "agents"] | | | + | | + |
["rooms", ROOM_ID, "agents", AGENT_ID] | | + | + | | |
["rooms", ROOM_ID, "rtcs"] | + | | | | + |
["rooms", ROOM_ID, "rtcs", RTC_ID] | | + | + | + | |
["rooms", ROOM_ID, "events"] | | | | | | +
["audiences", AUDIENCE, "events"] | | | | | | +
object / action | create | read | update | list | subscribe
----------------------------------------- | ------ | ---- | ------ | ---- | ---------
["rooms"] | + | | | + |
["rooms", ROOM_ID] | | + | + | |
["rooms", ROOM_ID, "agents"] | | | + | + |
["rooms", ROOM_ID, "agents", AGENT_ID] | | + | | |
["rooms", ROOM_ID, "rtcs"] | + | | | + |
["rooms", ROOM_ID, "rtcs", RTC_ID] | | + | + | |
["rooms", ROOM_ID, "events"] | | | | | +
1 change: 0 additions & 1 deletion src/app/endpoint/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,6 @@ request_routes!(
"message.broadcast" => message::BroadcastHandler,
"message.unicast" => message::UnicastHandler,
"room.create" => room::CreateHandler,
"room.delete" => room::DeleteHandler,
"room.enter" => room::EnterHandler,
"room.leave" => room::LeaveHandler,
"room.read" => room::ReadHandler,
Expand Down
152 changes: 0 additions & 152 deletions src/app/endpoint/room.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -294,63 +294,6 @@ impl RequestHandler for UpdateHandler {

///////////////////////////////////////////////////////////////////////////////

pub(crate) type DeleteRequest = ReadRequest;
pub(crate) struct DeleteHandler;

#[async_trait]
impl RequestHandler for DeleteHandler {
type Payload = DeleteRequest;
const ERROR_TITLE: &'static str = "Failed to delete room";

async fn handle<C: Context>(
context: &mut C,
payload: Self::Payload,
reqp: &IncomingRequestProperties,
) -> Result {
let room = helpers::find_room_by_id(
context,
payload.id,
helpers::RoomTimeRequirement::NotClosedOrUnboundedOpen,
)?;

// Authorize room deletion on the tenant.
let room_id = room.id().to_string();
let object = vec!["rooms", &room_id];

let authz_time = context
.authz()
.authorize(room.audience(), reqp, object, "delete")
.await?;

// Delete room.
{
let conn = context.get_conn()?;
db::room::DeleteQuery::new(room.id()).execute(&conn)?;
}

// Respond and broadcast to the audience topic.
let response = helpers::build_response(
ResponseStatus::OK,
room.clone(),
reqp,
context.start_timestamp(),
Some(authz_time),
);

let notification = helpers::build_notification(
"room.delete",
&format!("audiences/{}/events", room.audience()),
room,
reqp,
context.start_timestamp(),
);

Ok(Box::new(stream::from_iter(vec![response, notification])))
}
}

///////////////////////////////////////////////////////////////////////////////

pub(crate) type EnterRequest = ReadRequest;
pub(crate) struct EnterHandler;

Expand Down Expand Up @@ -969,101 +912,6 @@ mod test {
}
}

mod delete {
use diesel::prelude::*;

use crate::db::room::Object as Room;
use crate::test_helpers::prelude::*;

use super::super::*;

#[test]
fn delete_room() {
async_std::task::block_on(async {
let db = TestDb::new();

let room = {
let conn = db
.connection_pool()
.get()
.expect("Failed to get DB connection");

// Create room.
shared_helpers::insert_room(&conn)
};

// Allow agent to read the room.
let agent = TestAgent::new("web", "user123", USR_AUDIENCE);
let mut authz = TestAuthz::new();
let room_id = room.id().to_string();
authz.allow(agent.account_id(), vec!["rooms", &room_id], "delete");

// Make room.delete request.
let mut context = TestContext::new(db, authz);
let payload = DeleteRequest { id: room.id() };

let messages = handle_request::<DeleteHandler>(&mut context, &agent, payload)
.await
.expect("Room deletion failed");

// Assert response.
let (resp_room, respp, _) = find_response::<Room>(messages.as_slice());
assert_eq!(respp.status(), ResponseStatus::OK);
assert_eq!(resp_room.audience(), room.audience());
assert_eq!(resp_room.time(), room.time());
assert_eq!(resp_room.rtc_sharing_policy(), room.rtc_sharing_policy());

// Assert room absence in the DB.
let conn = context.get_conn().unwrap();
let query = crate::schema::room::table.find(room.id());
assert_eq!(query.execute(&conn).unwrap(), 0);
});
}

#[test]
fn delete_room_not_authorized() {
async_std::task::block_on(async {
let agent = TestAgent::new("web", "user123", USR_AUDIENCE);
let db = TestDb::new();

let room = {
let conn = db
.connection_pool()
.get()
.expect("Failed to get DB connection");

shared_helpers::insert_room(&conn)
};

let mut context = TestContext::new(db, TestAuthz::new());
let payload = DeleteRequest { id: room.id() };

let err = handle_request::<DeleteHandler>(&mut context, &agent, payload)
.await
.expect_err("Unexpected success on room deletion");

assert_eq!(err.status(), ResponseStatus::FORBIDDEN);
assert_eq!(err.kind(), "access_denied");
});
}

#[test]
fn delete_room_missing() {
async_std::task::block_on(async {
let agent = TestAgent::new("web", "user123", USR_AUDIENCE);
let mut context = TestContext::new(TestDb::new(), TestAuthz::new());
let payload = DeleteRequest { id: Uuid::new_v4() };

let err = handle_request::<DeleteHandler>(&mut context, &agent, payload)
.await
.expect_err("Unexpected success on room deletion");

assert_eq!(err.status(), ResponseStatus::NOT_FOUND);
assert_eq!(err.kind(), "room_not_found");
});
}
}

mod enter {
use chrono::{Duration, Utc};

Expand Down
18 changes: 0 additions & 18 deletions src/db/room.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -283,24 +283,6 @@ impl<'a> InsertQuery<'a> {

////////////////////////////////////////////////////////////////////////////////

pub(crate) struct DeleteQuery {
id: Uuid,
}

impl DeleteQuery {
pub(crate) fn new(id: Uuid) -> Self {
Self { id }
}

pub(crate) fn execute(&self, conn: &PgConnection) -> Result<usize, Error> {
use diesel::prelude::*;

diesel::delete(room::table.filter(room::id.eq(self.id))).execute(conn)
}
}

////////////////////////////////////////////////////////////////////////////////

#[derive(Debug, Default, Identifiable, AsChangeset)]
#[table_name = "room"]
pub(crate) struct UpdateQuery<'a> {
Expand Down

0 comments on commit 6b50b3b

Please sign in to comment.