local
/
dndex
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create public namespaces by adding public=true when registering

master
breel 2020-07-25 22:16:02 -06:00
parent c0fc3530fd
commit 0e16340fd2
4 changed files with 41 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
view/auth.go
View File

@ -36,12 +36,30 @@ func Auth(g storage.Graph, w http.ResponseWriter, r *http.Request) error {
} }
func auth(g storage.Graph, w http.ResponseWriter, r *http.Request) error { func auth(g storage.Graph, w http.ResponseWriter, r *http.Request) error {
if isPublic(g, r) {
return nil
}
if !hasAuth(r) { if !hasAuth(r) {
return requestAuth(g, w, r) return requestAuth(g, w, r)
} }
return checkAuth(g, w, r) return checkAuth(g, w, r)
} }
func isPublic(g storage.Graph, r *http.Request) bool {
namespace, err := getAuthNamespace(r)
if err != nil {
return false
}
ones, err := g.List(r.Context(), namespace, UserKey)
if err != nil {
return false
}
if len(ones) == 0 {
return false
}
return ones[0].Title == ""
}
func hasAuth(r *http.Request) bool { func hasAuth(r *http.Request) bool {
_, err := r.Cookie(AuthKey) _, err := r.Cookie(AuthKey)
return err == nil return err == nil

2
view/register.go
View File

@ -28,7 +28,7 @@ func registerPost(g storage.Graph, w http.ResponseWriter, r *http.Request) error
return nil return nil
} }
password := r.FormValue("password") password := r.FormValue("password")
if len(password) == 0 { if len(password) == 0 && r.URL.Query().Get("public") == "" {
http.Error(w, `{"error": "password required"}`, http.StatusBadRequest) http.Error(w, `{"error": "password required"}`, http.StatusBadRequest)
return nil return nil
} }

19
view/register_test.go
View File

@ -59,6 +59,25 @@ func TestRegister(t *testing.T) {
} }
}) })
t.Run("register: public", func(t *testing.T) {
ns := uuid.New().String()
r := httptest.NewRequest(http.MethodPost, "/register?public=true&namespace="+ns, strings.NewReader(""))
r.Header.Set("Content-Type", "application/x-www-form-urlencoded")
w := httptest.NewRecorder()
handler.ServeHTTP(w, r)
if w.Code != http.StatusOK {
t.Fatalf("%d: %s", w.Code, w.Body.Bytes())
}
r = httptest.NewRequest(http.MethodTrace, "/who?namespace="+ns, nil)
w = httptest.NewRecorder()
handler.ServeHTTP(w, r)
if w.Code != http.StatusOK {
t.Fatalf("%d: %s", w.Code, w.Body.Bytes())
}
})
t.Run("register", func(t *testing.T) { t.Run("register", func(t *testing.T) {
ns := uuid.New().String() ns := uuid.New().String()

8
view/who_test.go
View File

@ -562,7 +562,8 @@ func TestWho(t *testing.T) {
t.Fatalf("GET put != expected: want:\n%+v, got \n%+v", want, o) t.Fatalf("GET put != expected: want:\n%+v, got \n%+v", want, o)
} }
r = httptest.NewRequest(http.MethodDelete, fmt.Sprintf("/who?namespace=col&id=%s&connection=%s", want.Name, want.Peers()[0]), nil) forget := want.Peers()[0]
r = httptest.NewRequest(http.MethodDelete, fmt.Sprintf("/who?namespace=col&id=%s&connection=%s", want.Name, forget), nil)
w = httptest.NewRecorder() w = httptest.NewRecorder()
handler.ServeHTTP(w, r) handler.ServeHTTP(w, r)
if w.Code != http.StatusOK { if w.Code != http.StatusOK {
@ -579,11 +580,8 @@ func TestWho(t *testing.T) {
if err := json.Unmarshal(w.Body.Bytes(), &o); err != nil { if err := json.Unmarshal(w.Body.Bytes(), &o); err != nil {
t.Fatal(err) t.Fatal(err)
} }
if _, ok := o.Connections[want.Peers()[0]]; ok {
t.Fatal(want.Peers()[0], o.Connections)
}
if len(o.Connections) != len(put.Connections)-1 { if len(o.Connections) != len(put.Connections)-1 {
t.Fatal(o.Connections) t.Fatalf("should've deleted %q but got %+v", forget, o.Connections)
} }
}) })
} }