1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-12-22 15:25:48 +01:00

Don't include group and name in token API.

The group and name are in the path, this avoids redundancies.
This commit is contained in:
Juliusz Chroboczek 2024-05-09 00:46:52 +02:00
parent ea4086243b
commit c1915cf3fc
2 changed files with 42 additions and 26 deletions

View file

@ -550,21 +550,24 @@ func tokensHandler(w http.ResponseWriter, r *http.Request, g, pth string) {
}
t := pth[1:]
if r.Method == "HEAD" || r.Method == "GET" {
tok, etag, err := token.Get(t)
old, etag, err := token.Get(t)
if err != nil {
httpError(w, err)
return
}
if tok.Group != g {
if old.Group != g {
http.NotFound(w, r)
return
}
tok := old.Clone()
tok.Token = ""
tok.Group = ""
w.Header().Set("etag", etag)
done := checkPreconditions(w, r, etag)
if done {
return
}
sendJSON(w, r, t)
sendJSON(w, r, tok)
return
} else if r.Method == "PUT" {
old, etag, err := token.Get(t)
@ -591,14 +594,13 @@ func tokensHandler(w http.ResponseWriter, r *http.Request, g, pth string) {
if done {
return
}
if newtoken.Group != g {
http.Error(w, "wrong group", http.StatusBadRequest)
return
}
if newtoken.Token != t {
http.Error(w, "token mismatch", http.StatusBadRequest)
if newtoken.Group != "" || newtoken.Token != "" {
http.Error(w, "overspecified token",
http.StatusBadRequest)
return
}
newtoken.Group = g
newtoken.Token = t
_, err = token.Update(&newtoken, etag)
if err != nil {
httpError(w, err)

View file

@ -300,13 +300,16 @@ func TestApi(t *testing.T) {
}
tokenpath := "/galene-api/v0/.groups/test/.tokens/" + tokname
resp, err = do("GET", tokenpath,
"", "", "", "")
if err != nil || resp.StatusCode != http.StatusOK {
var tok token.Stateful
err = getJSON(tokenpath, &tok)
if err != nil {
t.Errorf("Get token: %v %v", err, resp.StatusCode)
}
tok := tokens[0].Clone()
if tok.Token != "" || tok.Group != "" {
t.Errorf("Get token: %v %v", tok.Token, tok.Group)
}
e := time.Now().Add(time.Hour)
tok.Expires = &e
resp, err = do("PUT", tokenpath,
@ -315,31 +318,42 @@ func TestApi(t *testing.T) {
t.Errorf("Update token: %v %v", err, resp.StatusCode)
}
tok.Token = "badtoken"
tok.Token = tokens[0].Token
resp, err = do("PUT", tokenpath,
"application/json", "", "", marshalToString(tok))
if err != nil || resp.StatusCode != http.StatusBadRequest {
t.Errorf("Update mismatched token: %v %v", err, resp.StatusCode)
t.Errorf("Update token with name: %v %v", err, resp.StatusCode)
}
tok.Group = "bad"
tok.Token = ""
tok.Group = "test"
resp, err = do("PUT", tokenpath,
"application/json", "", "", marshalToString(tok))
if err != nil || resp.StatusCode != http.StatusBadRequest {
t.Errorf("Update token (bad group): %v %v", err, resp.StatusCode)
t.Errorf("Update token with group: %v %v", err, resp.StatusCode)
}
tokens, etag, err = token.List("test")
if err != nil || len(tokens) != 1 {
t.Errorf("Token list: %v %v", tokens, err)
}
if !tokens[0].Expires.Equal(e) {
t.Errorf("Got %v, expected %v", tokens[0].Expires, e)
err = getJSON(tokenpath, &tok)
if err != nil || !tok.Expires.Equal(e) {
t.Errorf("Got %v, expected %v (%v)", tok.Expires, e, err)
}
resp, err = do("GET", tokenpath, "", "", "", "")
if err != nil || resp.StatusCode != http.StatusOK {
t.Errorf("Get token: %v %v", err, resp.StatusCode)
resp, err = do("PUT", "/galene-api/v0/.groups/test2",
"application/json", "", "*", "{}")
if err != nil || resp.StatusCode != http.StatusCreated {
t.Errorf("Create test2: %v %v", err, resp.StatusCode)
}
tokenpath2 := "/galene-api/v0/.groups/test2/.tokens/" + tokname
resp, err = do("GET", tokenpath2, "", "", "", "")
if err != nil || resp.StatusCode != http.StatusNotFound {
t.Errorf("Get token in bad group: %v %v", err, resp.StatusCode)
}
resp, err = do("PUT", tokenpath2,
"application/json", "", "", "{}")
if err != nil || resp.StatusCode != http.StatusConflict {
t.Errorf("Put token in bad group: %v %v", err, resp.StatusCode)
}
resp, err = do("DELETE", tokenpath, "", "", "", "")