diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2016-05-13 16:31:14 +0200 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2016-05-13 16:31:14 +0200 |
commit | b3b926474204ad736ec434aafc8afc6bc55079f6 (patch) | |
tree | ba235886357a8c032fea7ef17cd9ab9519ea6a2b | |
parent | 5dda52c924763a889e98b4cf97c588b34ef01812 (diff) | |
download | PeerTube-b3b926474204ad736ec434aafc8afc6bc55079f6.tar.gz PeerTube-b3b926474204ad736ec434aafc8afc6bc55079f6.tar.zst PeerTube-b3b926474204ad736ec434aafc8afc6bc55079f6.zip |
Authenticate before make/quit friends (server + tests)
-rw-r--r-- | server/controllers/api/v1/pods.js | 13 | ||||
-rw-r--r-- | server/controllers/api/v1/remoteVideos.js | 6 | ||||
-rw-r--r-- | server/controllers/api/v1/users.js | 2 | ||||
-rw-r--r-- | server/controllers/api/v1/videos.js | 6 | ||||
-rw-r--r-- | server/middlewares/index.js | 2 | ||||
-rw-r--r-- | server/tests/api/friendsAdvanced.js | 9 | ||||
-rw-r--r-- | server/tests/api/friendsBasic.js | 39 | ||||
-rw-r--r-- | server/tests/api/multiplePods.js | 6 | ||||
-rw-r--r-- | server/tests/api/users.js | 10 | ||||
-rw-r--r-- | server/tests/api/utils.js | 13 |
10 files changed, 68 insertions, 38 deletions
diff --git a/server/controllers/api/v1/pods.js b/server/controllers/api/v1/pods.js index fd13034a2..cec51f272 100644 --- a/server/controllers/api/v1/pods.js +++ b/server/controllers/api/v1/pods.js | |||
@@ -4,11 +4,12 @@ const express = require('express') | |||
4 | 4 | ||
5 | const logger = require('../../../helpers/logger') | 5 | const logger = require('../../../helpers/logger') |
6 | const friends = require('../../../lib/friends') | 6 | const friends = require('../../../lib/friends') |
7 | const middleware = require('../../../middlewares') | 7 | const middlewares = require('../../../middlewares') |
8 | const Pods = require('../../../models/pods') | 8 | const Pods = require('../../../models/pods') |
9 | const reqValidator = middleware.reqValidators.pods | 9 | const oAuth2 = middlewares.oauth2 |
10 | const secureMiddleware = middleware.secure | 10 | const reqValidator = middlewares.reqValidators.pods |
11 | const secureRequest = middleware.reqValidators.remote.secureRequest | 11 | const secureMiddleware = middlewares.secure |
12 | const secureRequest = middlewares.reqValidators.remote.secureRequest | ||
12 | const videos = require('../../../lib/videos') | 13 | const videos = require('../../../lib/videos') |
13 | const Videos = require('../../../models/videos') | 14 | const Videos = require('../../../models/videos') |
14 | 15 | ||
@@ -16,8 +17,8 @@ const router = express.Router() | |||
16 | 17 | ||
17 | router.get('/', listPods) | 18 | router.get('/', listPods) |
18 | router.post('/', reqValidator.podsAdd, addPods) | 19 | router.post('/', reqValidator.podsAdd, addPods) |
19 | router.get('/makefriends', reqValidator.makeFriends, makeFriends) | 20 | router.get('/makefriends', oAuth2.authenticate, reqValidator.makeFriends, makeFriends) |
20 | router.get('/quitfriends', quitFriends) | 21 | router.get('/quitfriends', oAuth2.authenticate, quitFriends) |
21 | // Post because this is a secured request | 22 | // Post because this is a secured request |
22 | router.post('/remove', secureRequest, secureMiddleware.decryptBody, removePods) | 23 | router.post('/remove', secureRequest, secureMiddleware.decryptBody, removePods) |
23 | 24 | ||
diff --git a/server/controllers/api/v1/remoteVideos.js b/server/controllers/api/v1/remoteVideos.js index cc4bc41e2..2f41c0411 100644 --- a/server/controllers/api/v1/remoteVideos.js +++ b/server/controllers/api/v1/remoteVideos.js | |||
@@ -3,9 +3,9 @@ | |||
3 | const express = require('express') | 3 | const express = require('express') |
4 | const map = require('lodash/map') | 4 | const map = require('lodash/map') |
5 | 5 | ||
6 | const middleware = require('../../../middlewares') | 6 | const middlewares = require('../../../middlewares') |
7 | const secureMiddleware = middleware.secure | 7 | const secureMiddleware = middlewares.secure |
8 | const reqValidator = middleware.reqValidators.remote | 8 | const reqValidator = middlewares.reqValidators.remote |
9 | const logger = require('../../../helpers/logger') | 9 | const logger = require('../../../helpers/logger') |
10 | const Videos = require('../../../models/videos') | 10 | const Videos = require('../../../models/videos') |
11 | const videos = require('../../../lib/videos') | 11 | const videos = require('../../../lib/videos') |
diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js index 54ff0d743..7ce0b9c6a 100644 --- a/server/controllers/api/v1/users.js +++ b/server/controllers/api/v1/users.js | |||
@@ -2,7 +2,7 @@ | |||
2 | 2 | ||
3 | const config = require('config') | 3 | const config = require('config') |
4 | const express = require('express') | 4 | const express = require('express') |
5 | const oAuth2 = require('../../../middlewares/oauth2') | 5 | const oAuth2 = require('../../../middlewares').oauth2 |
6 | 6 | ||
7 | const Users = require('../../../models/users') | 7 | const Users = require('../../../models/users') |
8 | 8 | ||
diff --git a/server/controllers/api/v1/videos.js b/server/controllers/api/v1/videos.js index 9891bf4c6..b6e3de08f 100644 --- a/server/controllers/api/v1/videos.js +++ b/server/controllers/api/v1/videos.js | |||
@@ -9,9 +9,9 @@ const multer = require('multer') | |||
9 | const constants = require('../../../initializers/constants') | 9 | const constants = require('../../../initializers/constants') |
10 | const logger = require('../../../helpers/logger') | 10 | const logger = require('../../../helpers/logger') |
11 | const friends = require('../../../lib/friends') | 11 | const friends = require('../../../lib/friends') |
12 | const middleware = require('../../../middlewares') | 12 | const middlewares = require('../../../middlewares') |
13 | const oAuth2 = require('../../../middlewares/oauth2') | 13 | const oAuth2 = middlewares.oauth2 |
14 | const reqValidator = middleware.reqValidators.videos | 14 | const reqValidator = middlewares.reqValidators.videos |
15 | const utils = require('../../../helpers/utils') | 15 | const utils = require('../../../helpers/utils') |
16 | const Videos = require('../../../models/videos') // model | 16 | const Videos = require('../../../models/videos') // model |
17 | const videos = require('../../../lib/videos') | 17 | const videos = require('../../../lib/videos') |
diff --git a/server/middlewares/index.js b/server/middlewares/index.js index a0b07705d..ffd19337c 100644 --- a/server/middlewares/index.js +++ b/server/middlewares/index.js | |||
@@ -1,9 +1,11 @@ | |||
1 | 'use strict' | 1 | 'use strict' |
2 | 2 | ||
3 | const oauth2 = require('./oauth2') | ||
3 | const reqValidatorsMiddleware = require('./reqValidators') | 4 | const reqValidatorsMiddleware = require('./reqValidators') |
4 | const secureMiddleware = require('./secure') | 5 | const secureMiddleware = require('./secure') |
5 | 6 | ||
6 | const middlewares = { | 7 | const middlewares = { |
8 | oauth2: oauth2, | ||
7 | reqValidators: reqValidatorsMiddleware, | 9 | reqValidators: reqValidatorsMiddleware, |
8 | secure: secureMiddleware | 10 | secure: secureMiddleware |
9 | } | 11 | } |
diff --git a/server/tests/api/friendsAdvanced.js b/server/tests/api/friendsAdvanced.js index 9bd202a05..f3d5cd4a0 100644 --- a/server/tests/api/friendsAdvanced.js +++ b/server/tests/api/friendsAdvanced.js | |||
@@ -10,15 +10,18 @@ describe('Test advanced friends', function () { | |||
10 | let servers = [] | 10 | let servers = [] |
11 | 11 | ||
12 | function makeFriends (podNumber, callback) { | 12 | function makeFriends (podNumber, callback) { |
13 | return utils.makeFriends(servers[podNumber - 1].url, callback) | 13 | const server = servers[podNumber - 1] |
14 | return utils.makeFriends(server.url, server.accessToken, callback) | ||
14 | } | 15 | } |
15 | 16 | ||
16 | function quitFriends (podNumber, callback) { | 17 | function quitFriends (podNumber, callback) { |
17 | return utils.quitFriends(servers[podNumber - 1].url, callback) | 18 | const server = servers[podNumber - 1] |
19 | return utils.quitFriends(server.url, server.accessToken, callback) | ||
18 | } | 20 | } |
19 | 21 | ||
20 | function getFriendsList (podNumber, end) { | 22 | function getFriendsList (podNumber, end) { |
21 | return utils.getFriendsList(servers[podNumber - 1].url, end) | 23 | const server = servers[podNumber - 1] |
24 | return utils.getFriendsList(server.url, end) | ||
22 | } | 25 | } |
23 | 26 | ||
24 | function uploadVideo (podNumber, callback) { | 27 | function uploadVideo (podNumber, callback) { |
diff --git a/server/tests/api/friendsBasic.js b/server/tests/api/friendsBasic.js index c9e3bc9ad..68817e852 100644 --- a/server/tests/api/friendsBasic.js +++ b/server/tests/api/friendsBasic.js | |||
@@ -3,13 +3,17 @@ | |||
3 | const async = require('async') | 3 | const async = require('async') |
4 | const chai = require('chai') | 4 | const chai = require('chai') |
5 | const expect = chai.expect | 5 | const expect = chai.expect |
6 | const request = require('supertest') | ||
7 | 6 | ||
8 | const utils = require('./utils') | 7 | const utils = require('./utils') |
9 | 8 | ||
10 | describe('Test basic friends', function () { | 9 | describe('Test basic friends', function () { |
11 | let servers = [] | 10 | let servers = [] |
12 | 11 | ||
12 | function makeFriends (podNumber, callback) { | ||
13 | const server = servers[podNumber - 1] | ||
14 | return utils.makeFriends(server.url, server.accessToken, callback) | ||
15 | } | ||
16 | |||
13 | function testMadeFriends (servers, serverToTest, callback) { | 17 | function testMadeFriends (servers, serverToTest, callback) { |
14 | const friends = [] | 18 | const friends = [] |
15 | for (let i = 0; i < servers.length; i++) { | 19 | for (let i = 0; i < servers.length; i++) { |
@@ -39,7 +43,15 @@ describe('Test basic friends', function () { | |||
39 | this.timeout(20000) | 43 | this.timeout(20000) |
40 | utils.flushAndRunMultipleServers(3, function (serversRun, urlsRun) { | 44 | utils.flushAndRunMultipleServers(3, function (serversRun, urlsRun) { |
41 | servers = serversRun | 45 | servers = serversRun |
42 | done() | 46 | |
47 | async.each(servers, function (server, callbackEach) { | ||
48 | utils.loginAndGetAccessToken(server, function (err, accessToken) { | ||
49 | if (err) return callbackEach(err) | ||
50 | |||
51 | server.accessToken = accessToken | ||
52 | callbackEach() | ||
53 | }) | ||
54 | }, done) | ||
43 | }) | 55 | }) |
44 | }) | 56 | }) |
45 | 57 | ||
@@ -59,16 +71,10 @@ describe('Test basic friends', function () { | |||
59 | it('Should make friends', function (done) { | 71 | it('Should make friends', function (done) { |
60 | this.timeout(10000) | 72 | this.timeout(10000) |
61 | 73 | ||
62 | const path = '/api/v1/pods/makefriends' | ||
63 | |||
64 | async.series([ | 74 | async.series([ |
65 | // The second pod make friend with the third | 75 | // The second pod make friend with the third |
66 | function (next) { | 76 | function (next) { |
67 | request(servers[1].url) | 77 | makeFriends(2, next) |
68 | .get(path) | ||
69 | .set('Accept', 'application/json') | ||
70 | .expect(204) | ||
71 | .end(next) | ||
72 | }, | 78 | }, |
73 | // Wait for the request between pods | 79 | // Wait for the request between pods |
74 | function (next) { | 80 | function (next) { |
@@ -102,11 +108,7 @@ describe('Test basic friends', function () { | |||
102 | }, | 108 | }, |
103 | // Finally the first pod make friend with the second pod | 109 | // Finally the first pod make friend with the second pod |
104 | function (next) { | 110 | function (next) { |
105 | request(servers[0].url) | 111 | makeFriends(1, next) |
106 | .get(path) | ||
107 | .set('Accept', 'application/json') | ||
108 | .expect(204) | ||
109 | .end(next) | ||
110 | }, | 112 | }, |
111 | // Wait for the request between pods | 113 | // Wait for the request between pods |
112 | function (next) { | 114 | function (next) { |
@@ -123,14 +125,16 @@ describe('Test basic friends', function () { | |||
123 | }) | 125 | }) |
124 | 126 | ||
125 | it('Should not be allowed to make friend again', function (done) { | 127 | it('Should not be allowed to make friend again', function (done) { |
126 | utils.makeFriends(servers[1].url, 409, done) | 128 | const server = servers[1] |
129 | utils.makeFriends(server.url, server.accessToken, 409, done) | ||
127 | }) | 130 | }) |
128 | 131 | ||
129 | it('Should quit friends of pod 2', function (done) { | 132 | it('Should quit friends of pod 2', function (done) { |
130 | async.series([ | 133 | async.series([ |
131 | // Pod 1 quit friends | 134 | // Pod 1 quit friends |
132 | function (next) { | 135 | function (next) { |
133 | utils.quitFriends(servers[1].url, next) | 136 | const server = servers[1] |
137 | utils.quitFriends(server.url, server.accessToken, next) | ||
134 | }, | 138 | }, |
135 | // Pod 1 should not have friends anymore | 139 | // Pod 1 should not have friends anymore |
136 | function (next) { | 140 | function (next) { |
@@ -162,7 +166,8 @@ describe('Test basic friends', function () { | |||
162 | }) | 166 | }) |
163 | 167 | ||
164 | it('Should allow pod 2 to make friend again', function (done) { | 168 | it('Should allow pod 2 to make friend again', function (done) { |
165 | utils.makeFriends(servers[1].url, function () { | 169 | const server = servers[1] |
170 | utils.makeFriends(server.url, server.accessToken, function () { | ||
166 | async.each(servers, function (server, callback) { | 171 | async.each(servers, function (server, callback) { |
167 | testMadeFriends(servers, server, callback) | 172 | testMadeFriends(servers, server, callback) |
168 | }, done) | 173 | }, done) |
diff --git a/server/tests/api/multiplePods.js b/server/tests/api/multiplePods.js index 1a61034fc..486457347 100644 --- a/server/tests/api/multiplePods.js +++ b/server/tests/api/multiplePods.js | |||
@@ -37,7 +37,8 @@ describe('Test multiple pods', function () { | |||
37 | }, | 37 | }, |
38 | // The second pod make friend with the third | 38 | // The second pod make friend with the third |
39 | function (next) { | 39 | function (next) { |
40 | utils.makeFriends(servers[1].url, next) | 40 | const server = servers[1] |
41 | utils.makeFriends(server.url, server.accessToken, next) | ||
41 | }, | 42 | }, |
42 | // Wait for the request between pods | 43 | // Wait for the request between pods |
43 | function (next) { | 44 | function (next) { |
@@ -45,7 +46,8 @@ describe('Test multiple pods', function () { | |||
45 | }, | 46 | }, |
46 | // Pod 1 make friends too | 47 | // Pod 1 make friends too |
47 | function (next) { | 48 | function (next) { |
48 | utils.makeFriends(servers[0].url, next) | 49 | const server = servers[0] |
50 | utils.makeFriends(server.url, server.accessToken, next) | ||
49 | }, | 51 | }, |
50 | function (next) { | 52 | function (next) { |
51 | webtorrent.create({ host: 'client', port: '1' }, next) | 53 | webtorrent.create({ host: 'client', port: '1' }, next) |
diff --git a/server/tests/api/users.js b/server/tests/api/users.js index 57417a69e..cb44d2611 100644 --- a/server/tests/api/users.js +++ b/server/tests/api/users.js | |||
@@ -82,6 +82,16 @@ describe('Test users', function () { | |||
82 | utils.uploadVideo(server.url, accessToken, 'my super name', 'my super description', 'video_short.webm', 401, done) | 82 | utils.uploadVideo(server.url, accessToken, 'my super name', 'my super description', 'video_short.webm', 401, done) |
83 | }) | 83 | }) |
84 | 84 | ||
85 | it('Should not be able to make friends', function (done) { | ||
86 | accessToken = 'mysupertoken' | ||
87 | utils.makeFriends(server.url, accessToken, 401, done) | ||
88 | }) | ||
89 | |||
90 | it('Should not be able to quit friends', function (done) { | ||
91 | accessToken = 'mysupertoken' | ||
92 | utils.quitFriends(server.url, accessToken, 401, done) | ||
93 | }) | ||
94 | |||
85 | it('Should be able to login', function (done) { | 95 | it('Should be able to login', function (done) { |
86 | utils.login(server.url, server.client, server.user, 200, function (err, res) { | 96 | utils.login(server.url, server.client, server.user, 200, function (err, res) { |
87 | if (err) throw err | 97 | if (err) throw err |
diff --git a/server/tests/api/utils.js b/server/tests/api/utils.js index 45f11ac8f..9c5e4ee61 100644 --- a/server/tests/api/utils.js +++ b/server/tests/api/utils.js | |||
@@ -97,7 +97,7 @@ function loginAndGetAccessToken (server, callback) { | |||
97 | }) | 97 | }) |
98 | } | 98 | } |
99 | 99 | ||
100 | function makeFriends (url, expectedStatus, callback) { | 100 | function makeFriends (url, accessToken, expectedStatus, callback) { |
101 | if (!callback) { | 101 | if (!callback) { |
102 | callback = expectedStatus | 102 | callback = expectedStatus |
103 | expectedStatus = 204 | 103 | expectedStatus = 204 |
@@ -109,6 +109,7 @@ function makeFriends (url, expectedStatus, callback) { | |||
109 | request(url) | 109 | request(url) |
110 | .get(path) | 110 | .get(path) |
111 | .set('Accept', 'application/json') | 111 | .set('Accept', 'application/json') |
112 | .set('Authorization', 'Bearer ' + accessToken) | ||
112 | .expect(expectedStatus) | 113 | .expect(expectedStatus) |
113 | .end(function (err, res) { | 114 | .end(function (err, res) { |
114 | if (err) throw err | 115 | if (err) throw err |
@@ -118,14 +119,20 @@ function makeFriends (url, expectedStatus, callback) { | |||
118 | }) | 119 | }) |
119 | } | 120 | } |
120 | 121 | ||
121 | function quitFriends (url, callback) { | 122 | function quitFriends (url, accessToken, expectedStatus, callback) { |
123 | if (!callback) { | ||
124 | callback = expectedStatus | ||
125 | expectedStatus = 204 | ||
126 | } | ||
127 | |||
122 | const path = '/api/v1/pods/quitfriends' | 128 | const path = '/api/v1/pods/quitfriends' |
123 | 129 | ||
124 | // The first pod make friend with the third | 130 | // The first pod make friend with the third |
125 | request(url) | 131 | request(url) |
126 | .get(path) | 132 | .get(path) |
127 | .set('Accept', 'application/json') | 133 | .set('Accept', 'application/json') |
128 | .expect(204) | 134 | .set('Authorization', 'Bearer ' + accessToken) |
135 | .expect(expectedStatus) | ||
129 | .end(function (err, res) { | 136 | .end(function (err, res) { |
130 | if (err) throw err | 137 | if (err) throw err |
131 | 138 | ||