#373: refactoring, added specs

This commit is contained in:
Vokhmin Alexey V 2014-04-08 01:30:01 +04:00
parent c41fc4d0bb
commit 7d0b2998dc
4 changed files with 60 additions and 19 deletions

View File

@ -1,12 +1,14 @@
class Api::V1::PlatformsController < Api::V1::BaseController
before_filter :authenticate_user!
skip_before_filter :authenticate_user!, only: :allowed
skip_before_filter :authenticate_user!, only: [:show, :platforms_for_build, :members] if APP_CONFIG['anonymous_access']
skip_before_filter :authenticate_user!, only: %i(show platforms_for_build members cached_chroot) if APP_CONFIG['anonymous_access']
before_filter :set_token, only: %i(allowed cached_chroot)
load_and_authorize_resource except: :allowed
load_and_authorize_resource except: %i(allowed cached_chroot)
load_resource only: :cached_chroot
def allowed
if Platform.allowed?(params[:path] || '', request)
if Platform.allowed?(params[:path] || '', @token)
render nothing: true
else
render nothing: true, status: 403
@ -21,6 +23,14 @@ class Api::V1::PlatformsController < Api::V1::BaseController
def show
end
def cached_chroot
if sha1 = @platform.cached_chroot(@token, params[:arch])
redirect_to "#{APP_CONFIG['file_store_url']}/api/v1/file_stores/#{sha1}"
else
render nothing: true, status: 403
end
end
def platforms_for_build
@platforms = Platform.main.opened.paginate(paginate_params)
render :index
@ -72,4 +82,12 @@ class Api::V1::PlatformsController < Api::V1::BaseController
destroy_subject @platform
end
protected
def set_token
if request.authorization.present?
@token, pass = *ActionController::HttpAuthentication::Basic::user_name_and_password(request)
end
end
end

View File

@ -7,6 +7,7 @@ class Platform < ActiveRecord::Base
include Owner
include EventLoggable
CACHED_CHROOT_PRODUCT_NAME = 'cached-chroot'
AUTOMATIC_METADATA_REGENERATIONS = %w(day week)
VISIBILITIES = %w(open hidden)
NAME_PATTERN = /[\w\-\.]+/
@ -211,32 +212,39 @@ class Platform < ActiveRecord::Base
end
# Checks access rights to platform and caching for 1 day.
def self.allowed?(path, request)
def self.allowed?(path, token)
platform_name = path.gsub(/^[\/]+/, '')
.match(/^(#{NAME_PATTERN}\/|#{NAME_PATTERN}$)/)
return true unless platform_name
platform_name = platform_name[0].gsub(/\//, '')
if request.authorization.present?
token, pass = *ActionController::HttpAuthentication::Basic::user_name_and_password(request)
end
Rails.cache.fetch([platform_name, token, :platform_allowed], expires_in: 2.minutes) do
platform = Platform.find_by name: platform_name
next false unless platform
next true unless platform.hidden?
next false unless token
next true if platform.tokens.by_active.where(authentication_token: token).exists?
platform.has_access?(token)
end
end
user = User.find_by authentication_token: token
def cached_chroot(token, arch)
return false if personal?
Rails.cache.fetch([:cached_chroot, token, name, arch], expires_in: 10.minutes) do
product = products.where(name: CACHED_CHROOT_PRODUCT_NAME).first
next false unless product
pbl = product.product_build_lists.for_status(ProductBuildList::BUILD_COMPLETED).recent.first
next false unless pbl
next false if hidden? && !has_access?(token)
pbl.results.results.find{ |r| r['file_name'] =~ /^cached-chroot-#{arch}/ } || false
end
end
def has_access?(token)
return true if tokens.by_active.where(authentication_token: token).exists?
user = User.find_by(authentication_token: token)
current_ability = Ability.new(user)
if user && current_ability.can?(:show, platform)
true
else
false
end
end
user && current_ability.can?(:show, self) ? true : false
end
def self.autostart_metadata_regeneration(value)

View File

@ -33,13 +33,14 @@ Rosa::Application.routes.draw do
put :publish_into_testing
}
end
resources :arches, only: [:index]
resources :platforms, only: [:index, :show, :update, :destroy, :create] do
resources :arches, only: :index
resources :platforms, only: %i(index show update destroy create), constraints: { id: Platform::NAME_PATTERN } do
collection {
get :platforms_for_build
get :allowed
}
member {
get :cached_chroot
get :members
put :add_member
delete :remove_member

View File

@ -12,6 +12,7 @@ shared_examples_for 'api platform user with reader rights' do
get :members, id: @platform.id, format: :json
response.should render_template(:members)
end
end
shared_examples_for 'api platform user with owner rights' do
@ -192,6 +193,12 @@ shared_examples_for 'api platform user without reader rights for hidden platform
response.body.should == {"message" => "Access violation to this page!"}.to_json
end
end
it "should not be able to perform cached_chroot action" do
get :cached_chroot, id: @platform.id, format: :json
response.status.should == 403
end
end
shared_examples_for "api platform user with show rights" do
@ -200,6 +207,13 @@ shared_examples_for "api platform user with show rights" do
response.should render_template(:show)
end
it 'should be able to perform cached_chroot action' do
Rails.stub_chain(:cache, :fetch).and_return('sha1')
http_login (@admin || @user).authentication_token, '' if @platform.hidden?
get :cached_chroot, id: @platform.id, format: :json
response.should redirect_to("#{APP_CONFIG['file_store_url']}/api/v1/file_stores/sha1")
end
it 'should be able to perform platforms_for_build action' do
get :platforms_for_build, format: :json
response.should render_template(:index)