Главная Обзор Помощь
Вход
mirrors
/
ntfy
зеркало из https://github.com/binwiederhier/ntfy
1
0
Ответвить 0
Файлы Задачи 0 Вики
Просмотр исходного кода

Support multiple topics in auth

Philipp Heckel 4 лет назад
Родитель
e61a0c2f78
Сommit
631ade5430
2 измененных файлов с 30 добавлено и 5 удалено
Единый вид Показать статистику Diff
  1. 6 4
      server/server.go
  2. 24 1
      server/server_test.go

+ 6 - 4
server/server.go
Просмотреть файл 

@@ -1140,7 +1140,7 @@ func (s *Server) withAuth(next handleFunc, perm auth.Permission) handleFunc {
 
 		if s.auth == nil {
 
 		if s.auth == nil {
 
 			return next(w, r, v)
 
 			return next(w, r, v)
 
 		}
 
 		}
 
-		t, err := s.topicFromPath(r.URL.Path)
 
+		topics, _, err := s.topicsFromPath(r.URL.Path)
 
 		if err != nil {
 
 		if err != nil {
 
 			return err
 
 			return err
 
 		}
 
 		}
 
@@ -1152,9 +1152,11 @@ func (s *Server) withAuth(next handleFunc, perm auth.Permission) handleFunc {
 
 				return errHTTPUnauthorized
 
 				return errHTTPUnauthorized
 
 			}
 
 			}
 
 		}
 
 		}
 
-		if err := s.auth.Authorize(user, t.ID, perm); err != nil {
 
-			log.Printf("unauthorized: %s", err.Error())
 
-			return errHTTPForbidden
 
+		for _, t := range topics {
 
+			if err := s.auth.Authorize(user, t.ID, perm); err != nil {
 
+				log.Printf("unauthorized: %s", err.Error())
 
+				return errHTTPForbidden
 
+			}
 
 		}
 
 		}
 
 		return next(w, r, v)
 
 		return next(w, r, v)
 
 	}
 
 	}

+ 24 - 1
server/server_test.go
Просмотреть файл 

@@ -549,7 +549,7 @@ func TestServer_Auth_Success_User(t *testing.T) {
 
 
 
 	manager := s.auth.(auth.Manager)
 
 	manager := s.auth.(auth.Manager)
 
 	require.Nil(t, manager.AddUser("ben", "ben", auth.RoleUser))
 
 	require.Nil(t, manager.AddUser("ben", "ben", auth.RoleUser))
 
-	require.Nil(t, manager.AllowAccess("ben", "mytopic", true, true)) // Not mytopic!
 
+	require.Nil(t, manager.AllowAccess("ben", "mytopic", true, true))
 
 
 
 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
 
 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
 
 		"Authorization": basicAuth("ben:ben"),
 
 		"Authorization": basicAuth("ben:ben"),
 
@@ -557,6 +557,29 @@ func TestServer_Auth_Success_User(t *testing.T) {
 
 	require.Equal(t, 200, response.Code)
 
 	require.Equal(t, 200, response.Code)
 
 }
 
 }
 
 
 
+func TestServer_Auth_Success_User_MultipleTopics(t *testing.T) {
 
+	c := newTestConfig(t)
 
+	c.AuthFile = filepath.Join(t.TempDir(), "user.db")
 
+	c.AuthDefaultRead = false
 
+	c.AuthDefaultWrite = false
 
+	s := newTestServer(t, c)
 
+
 
+	manager := s.auth.(auth.Manager)
 
+	require.Nil(t, manager.AddUser("ben", "ben", auth.RoleUser))
 
+	require.Nil(t, manager.AllowAccess("ben", "mytopic", true, true))
 
+	require.Nil(t, manager.AllowAccess("ben", "anothertopic", true, true))
 
+
 
+	response := request(t, s, "GET", "/mytopic,anothertopic/auth", "", map[string]string{
 
+		"Authorization": basicAuth("ben:ben"),
 
+	})
 
+	require.Equal(t, 200, response.Code)
 
+
 
+	response = request(t, s, "GET", "/mytopic,anothertopic,NOT-THIS-ONE/auth", "", map[string]string{
 
+		"Authorization": basicAuth("ben:ben"),
 
+	})
 
+	require.Equal(t, 403, response.Code)
 
+}
 
+
 
 func TestServer_Auth_Fail_InvalidPass(t *testing.T) {
 
 func TestServer_Auth_Fail_InvalidPass(t *testing.T) {
 
 	c := newTestConfig(t)
 
 	c := newTestConfig(t)
 
 	c.AuthFile = filepath.Join(t.TempDir(), "user.db")
 
 	c.AuthFile = filepath.Join(t.TempDir(), "user.db")