Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/prod' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
benoitdevos committed Jan 11, 2022
2 parents 98b7a3e + 47f588f commit bfa2403
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 16 deletions.
28 changes: 14 additions & 14 deletions src/logion/controllers/locrequest.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -355,7 +355,7 @@ export class LocRequestController extends ApiController {
async rejectLocRequest(rejectLocRequestView: RejectLocRequestView, requestId: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();
request.reject(rejectLocRequestView.rejectReason!, moment());
await this.locRequestRepository.save(request)
}
Expand All @@ -373,7 +373,7 @@ export class LocRequestController extends ApiController {
async acceptLocRequest(_ignoredBody: any, requestId: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();
request.accept(moment());
await this.locRequestRepository.save(request)
}
Expand All @@ -391,7 +391,7 @@ export class LocRequestController extends ApiController {
async addFile(addFileView: AddFileView, requestId: string): Promise<AddFileResultView> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

const files: fileUpload.FileArray = this.request.files;
if(files === undefined || files === null) {
Expand Down Expand Up @@ -438,7 +438,7 @@ export class LocRequestController extends ApiController {
async downloadFile(_body: any, requestId: string, hash: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

const file = request.getFile(hash);
const tempFilePath = "/tmp/download-" + requestId + "-" + hash;
Expand All @@ -465,7 +465,7 @@ export class LocRequestController extends ApiController {
async deleteFile(_body: any, requestId: string, hash: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

const file = request.removeFile(hash);
await this.locRequestRepository.save(request);
Expand All @@ -488,7 +488,7 @@ export class LocRequestController extends ApiController {
async confirmFile(_body: any, requestId: string, hash: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

request.confirmFile(hash);
await this.locRequestRepository.save(request);
Expand All @@ -510,7 +510,7 @@ export class LocRequestController extends ApiController {
async closeLoc(_body: any, requestId: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

request.preClose();
await this.locRequestRepository.save(request);
Expand All @@ -536,7 +536,7 @@ export class LocRequestController extends ApiController {
async voidLoc(body: VoidLocView, requestId: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

request.preVoid(body.reason!);
await this.locRequestRepository.save(request);
Expand All @@ -558,7 +558,7 @@ export class LocRequestController extends ApiController {
async addLink(addLinkView: AddLinkView, requestId: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();
const targetRequest = requireDefined(await this.locRequestRepository.findById(addLinkView.target!));
request.addLink({
target: targetRequest.id!,
Expand All @@ -582,7 +582,7 @@ export class LocRequestController extends ApiController {
async deleteLink(_body: any, requestId: string, target: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

request.removeLink(target);
await this.locRequestRepository.save(request);
Expand All @@ -603,7 +603,7 @@ export class LocRequestController extends ApiController {
async confirmLink(_body: any, requestId: string, target: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

request.confirmLink(target);
await this.locRequestRepository.save(request);
Expand All @@ -625,7 +625,7 @@ export class LocRequestController extends ApiController {
async addMetadata(addMetadataView: AddMetadataView, requestId: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();
const name = requireLength(addMetadataView, "name", 3, 40)
const value = requireLength(addMetadataView, "value", 1, 4096)
request.addMetadataItem({ name, value })
Expand All @@ -647,7 +647,7 @@ export class LocRequestController extends ApiController {
async deleteMetadata(_body: any, requestId: string, name: string): Promise<void> {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

const decodedName = decodeURIComponent(name);
request.removeMetadataItem(decodedName);
Expand All @@ -669,7 +669,7 @@ export class LocRequestController extends ApiController {
async confirmMetadata(_body: any, requestId: string, name: string) {
const request = requireDefined(await this.locRequestRepository.findById(requestId));
this.authenticationService.authenticatedUser(this.request)
.is(request.ownerAddress);
.requireNodeOwner();

const decodedName = decodeURIComponent(name);
request.confirmMetadataItem(decodedName);
Expand Down
8 changes: 6 additions & 2 deletions test/helpers/testapp.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ export function setupApp<T>(
controller: Function & { prototype: T; },
mockBinder: (container: Container) => void,
authSucceed: boolean = true,
isNodeOwner: boolean = false,
isNodeOwner: boolean = true,
): Express {

const app = express();
Expand Down Expand Up @@ -58,7 +58,11 @@ function mockAuthenticationSuccess(isNodeOwner: boolean): AuthenticationService
authenticatedUser.setup(instance => instance.require).returns(() => {});
authenticatedUser.setup(instance => instance.requireIs).returns(() => {});
authenticatedUser.setup(instance => instance.requireLegalOfficer).returns(() => {});
authenticatedUser.setup(instance => instance.requireNodeOwner).returns(() => {});
authenticatedUser.setup(instance => instance.requireNodeOwner).returns(() => {
if (!isNodeOwner) {
throw new UnauthorizedException("")
}
});
authenticatedUser.setup(instance => instance.isNodeOwner).returns(() => isNodeOwner);

const authenticationService = new Mock<AuthenticationService>();
Expand Down
24 changes: 24 additions & 0 deletions test/unit/controllers/locrequest.controller.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ describe('LocRequestController', () => {
LocRequestController,
mockModelForCreation,
true,
false
)
await request(app)
.post('/api/loc-request')
Expand Down Expand Up @@ -191,6 +192,7 @@ describe('LocRequestController', () => {
LocRequestController,
container => mockModelForCreation(container, true),
true,
false
)
await request(app)
.post('/api/loc-request')
Expand Down Expand Up @@ -319,6 +321,19 @@ describe('LocRequestController', () => {
});
})

it('fails to add file to loc when not owner', async () => {
const app = setupApp(LocRequestController, mockModelForAddFile, true, false);
const buffer = Buffer.from(SOME_DATA);
await request(app)
.post(`/api/loc-request/${ REQUEST_ID }/files`)
.field({ nature: "some nature" })
.attach('file', buffer, {
filename: FILE_NAME,
contentType: 'text/plain',
})
.expect(401);
})

it('downloads existing file given its hash', async () => {
const app = setupApp(LocRequestController, mockModelForDownloadFile);
const filePath = "/tmp/download-" + REQUEST_ID + "-" + SOME_DATA_HASH;
Expand Down Expand Up @@ -390,6 +405,15 @@ describe('LocRequestController', () => {
It.Is<MetadataItemDescription>(item => item.name == SOME_DATA_NAME && item.value == SOME_DATA_VALUE)))
})

it('fails to adds a metadata item when not owner', async () => {
const locRequest = mockRequestForMetadata();
const app = setupApp(LocRequestController, (container) => mockModelForAllItems(container, locRequest), true, false)
await request(app)
.post(`/api/loc-request/${ REQUEST_ID }/metadata`)
.send({ name: SOME_DATA_NAME, value: SOME_DATA_VALUE })
.expect(401)
})

it('deletes a metadata item', async () => {
const locRequest = mockRequestForMetadata();
const app = setupApp(LocRequestController, (container) => mockModelForAllItems(container, locRequest))
Expand Down

0 comments on commit bfa2403

Please sign in to comment.