Mikescher/SimpleCloudNotifier
1
0
Fork 0
Code Pull Requests Actions Releases Activity

Better CreateKey API (make all_channels and channels optional)

Browse Source
This commit is contained in:
Mike Schwörer 2023-06-18 02:54:41 +02:00
parent 8cde286cac
commit 860e540de1
Signed by: Mikescher
GPG Key ID: D3C7172E0A70F8CF
2 changed files with 84 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
scnserver/api/handler/apiKeyToken.go
View File

@ -221,9 +221,9 @@ func (h APIHandler) CreateUserKey(g *gin.Context) ginresp.HTTPResponse {
} }
type body struct { type body struct {
Name string `json:"name" binding:"required"` Name string `json:"name" binding:"required"`
AllChannels *bool `json:"all_channels" binding:"required"` Permissions string `json:"permissions" binding:"required"`
Channels *[]models.ChannelID `json:"channels" binding:"required"` AllChannels *bool `json:"all_channels"`
Permissions *string `json:"permissions" binding:"required"` Channels *[]models.ChannelID `json:"channels"`
} }
var u uri var u uri
@ -234,7 +234,18 @@ func (h APIHandler) CreateUserKey(g *gin.Context) ginresp.HTTPResponse {
} }
defer ctx.Cancel() defer ctx.Cancel()
for _, c := range *b.Channels { channels := langext.Coalesce(b.Channels, make([]models.ChannelID, 0))
var allChan bool
if b.AllChannels == nil && b.Channels != nil {
allChan = false
} else if b.AllChannels == nil && b.Channels == nil {
allChan = true
} else {
allChan = *b.AllChannels
}
for _, c := range channels {
if err := c.Valid(); err != nil { if err := c.Valid(); err != nil {
return ginresp.APIError(g, 400, apierr.INVALID_BODY_PARAM, "Invalid ChannelID", err) return ginresp.APIError(g, 400, apierr.INVALID_BODY_PARAM, "Invalid ChannelID", err)
} }
@ -246,9 +257,9 @@ func (h APIHandler) CreateUserKey(g *gin.Context) ginresp.HTTPResponse {
token := h.app.GenerateRandomAuthKey() token := h.app.GenerateRandomAuthKey()
perms := models.ParseTokenPermissionList(*b.Permissions) perms := models.ParseTokenPermissionList(b.Permissions)
keytok, err := h.database.CreateKeyToken(ctx, b.Name, *ctx.GetPermissionUserID(), *b.AllChannels, *b.Channels, perms, token) keytok, err := h.database.CreateKeyToken(ctx, b.Name, *ctx.GetPermissionUserID(), allChan, channels, perms, token)
if err != nil { if err != nil {
return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to create keytoken in db", err) return ginresp.APIError(g, 500, apierr.DATABASE_ERROR, "Failed to create keytoken in db", err)
} }

68
scnserver/test/keytoken_test.go
View File

@ -383,6 +383,11 @@ func TestTokenKeysDowngradeSelf(t *testing.T) {
data := tt.InitSingleData(t, ws) data := tt.InitSingleData(t, ws)
chan0 := tt.RequestAuthPost[gin.H](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/channels", data.UID), gin.H{
"name": "testchan1",
})
chanid := fmt.Sprintf("%v", chan0["channel_id"])
type keyobj struct { type keyobj struct {
AllChannels bool `json:"all_channels"` AllChannels bool `json:"all_channels"`
Channels []string `json:"channels"` Channels []string `json:"channels"`
@ -415,7 +420,7 @@ func TestTokenKeysDowngradeSelf(t *testing.T) {
}, 400, apierr.CANNOT_SELFUPDATE_KEY) }, 400, apierr.CANNOT_SELFUPDATE_KEY)
tt.RequestAuthPatchShouldFail(t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys/%s", data.UID, ak), gin.H{ tt.RequestAuthPatchShouldFail(t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys/%s", data.UID, ak), gin.H{
"channels": []string{"main"}, "channels": []string{chanid},
}, 400, apierr.CANNOT_SELFUPDATE_KEY) }, 400, apierr.CANNOT_SELFUPDATE_KEY)
tt.RequestAuthPatch[tt.Void](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys/%s", data.UID, ak), gin.H{ tt.RequestAuthPatch[tt.Void](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys/%s", data.UID, ak), gin.H{
@ -606,3 +611,64 @@ func TestTokenKeysMessageCounter(t *testing.T) {
assertCounter(4, 4, 0) assertCounter(4, 4, 0)
} }
func TestTokenKeysCreateDefaultParam(t *testing.T) {
ws, baseUrl, stop := tt.StartSimpleWebserver(t)
defer stop()
data := tt.InitSingleData(t, ws)
type keyobj struct {
AllChannels bool `json:"all_channels"`
Channels []string `json:"channels"`
KeytokenId string `json:"keytoken_id"`
MessagesSent int `json:"messages_sent"`
Name string `json:"name"`
OwnerUserId string `json:"owner_user_id"`
Permissions string `json:"permissions"`
Token string `json:"token"` // only in create
}
chan0 := tt.RequestAuthPost[gin.H](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/channels", data.UID), gin.H{
"name": "testchan1",
})
chanid := fmt.Sprintf("%v", chan0["channel_id"])
{
key2 := tt.RequestAuthPost[keyobj](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys", data.UID), gin.H{
"name": "K2",
"permissions": "CS",
})
tt.AssertEqual(t, "Name", "K2", key2.Name)
tt.AssertEqual(t, "Permissions", "CS", key2.Permissions)
tt.AssertEqual(t, "AllChannels", true, key2.AllChannels)
tt.AssertEqual(t, "Channels.Len", 0, len(key2.Channels))
}
{
key2 := tt.RequestAuthPost[keyobj](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys", data.UID), gin.H{
"name": "K3",
"permissions": "CS",
"channels": []string{chanid},
})
tt.AssertEqual(t, "Name", "K3", key2.Name)
tt.AssertEqual(t, "Permissions", "CS", key2.Permissions)
tt.AssertEqual(t, "AllChannels", false, key2.AllChannels)
tt.AssertEqual(t, "Channels.Len", 1, len(key2.Channels))
}
{
key2 := tt.RequestAuthPost[keyobj](t, data.AdminKey, baseUrl, fmt.Sprintf("/api/v2/users/%s/keys", data.UID), gin.H{
"name": "K4",
"permissions": "CS",
"all_channels": false,
})
tt.AssertEqual(t, "Name", "K4", key2.Name)
tt.AssertEqual(t, "Permissions", "CS", key2.Permissions)
tt.AssertEqual(t, "AllChannels", false, key2.AllChannels)
tt.AssertEqual(t, "Channels.Len", 0, len(key2.Channels))
}
}