Merge pull request #288 from linkernetworks/johnlin/storage-auth

[Task] add auth for storage
linkernetworks · Aug 28, 2018 · 95f2047 · 95f2047
2 parents 3a5b8a9 + 8878a9f
commit 95f2047
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 21 deletions.
diff --git a/src/entity/storage.go b/src/entity/storage.go
@@ -23,12 +23,14 @@ const (
 // Storage is the Storage info
 type Storage struct {
 	ID               bson.ObjectId `bson:"_id,omitempty" json:"id" validate:"-"`
+	OwnerID          bson.ObjectId `bson:"ownerID,omitempty" json:"ownerID" validate:"-"`
 	Type             StorageType   `bson:"type" json:"type" validate:"required"`
 	Name             string        `bson:"name" json:"name" validate:"required"`
 	StorageClassName string        `bson:"storageClassName" json:"storageClassName" validate:"-"`
 	IP               string        `bson:"ip" json:"ip" validate:"required,ipv4"`
 	PATH             string        `bson:"path" json:"path" validate:"required"`
 	Fake             *FakeStorage  `bson:"fake,omitempty" json:"fake,omitempty" validate:"-"` //FakeStorage, for restful testing.
+	CreatedBy        User          `json:"createdBy" validate:"-"`
 	CreatedAt        *time.Time    `bson:"createdAt,omitempty" json:"createdAt,omitempty" validate:"-"`
 }
 

diff --git a/src/server/handler_storage.go b/src/server/handler_storage.go
@@ -11,6 +11,7 @@ import (
 	"github.com/linkernetworks/vortex/src/entity"
 	response "github.com/linkernetworks/vortex/src/net/http"
 	"github.com/linkernetworks/vortex/src/net/http/query"
+	"github.com/linkernetworks/vortex/src/server/backend"
 	"github.com/linkernetworks/vortex/src/storageprovider"
 	"github.com/linkernetworks/vortex/src/web"
 	mgo "gopkg.in/mgo.v2"
@@ -20,6 +21,11 @@ import (
 
 func createStorage(ctx *web.Context) {
 	sp, req, resp := ctx.ServiceProvider, ctx.Request, ctx.Response
+	userID, ok := req.Attribute("UserID").(string)
+	if !ok {
+		response.Unauthorized(req.Request, resp.ResponseWriter, fmt.Errorf("Unauthorized: User ID is empty"))
+		return
+	}
 
 	storage := entity.Storage{}
 	if err := req.ReadEntity(&storage); err != nil {
@@ -63,6 +69,7 @@ func createStorage(ctx *web.Context) {
 		return
 	}
 
+	storage.OwnerID = bson.ObjectIdHex(userID)
 	if err := session.Insert(entity.StorageCollectionName, &storage); err != nil {
 		if mgo.IsDup(err) {
 			response.Conflict(req.Request, resp.ResponseWriter, fmt.Errorf("Storage Provider Name: %s already existed", storage.Name))
@@ -71,6 +78,7 @@ func createStorage(ctx *web.Context) {
 		}
 		return
 	}
+	storage.CreatedBy, _ = backend.FindUserByID(session, storage.OwnerID)
 	resp.WriteHeaderAndEntity(http.StatusCreated, storage)
 }
 
@@ -94,15 +102,15 @@ func listStorage(ctx *web.Context) {
 	session := sp.Mongo.NewSession()
 	defer session.Close()
 
-	storageProviders := []entity.Storage{}
+	storages := []entity.Storage{}
 
 	var c = session.C(entity.StorageCollectionName)
 	var q *mgo.Query
 
 	selector := bson.M{}
 	q = c.Find(selector).Sort("_id").Skip((page - 1) * pageSize).Limit(pageSize)
 
-	if err := q.All(&storageProviders); err != nil {
+	if err := q.All(&storages); err != nil {
 		switch err {
 		case mgo.ErrNotFound:
 			response.NotFound(req.Request, resp.ResponseWriter, err)
@@ -113,6 +121,11 @@ func listStorage(ctx *web.Context) {
 		}
 	}
 
+	// insert users entity
+	for _, storage := range storages {
+		// find owner in user entity
+		storage.CreatedBy, _ = backend.FindUserByID(session, storage.OwnerID)
+	}
 	count, err := session.Count(entity.StorageCollectionName, bson.M{})
 	if err != nil {
 		response.InternalServerError(req.Request, resp.ResponseWriter, err)
@@ -121,7 +134,7 @@ func listStorage(ctx *web.Context) {
 	totalPages := int(math.Ceil(float64(count) / float64(pageSize)))
 	resp.AddHeader("X-Total-Count", strconv.Itoa(count))
 	resp.AddHeader("X-Total-Pages", strconv.Itoa(totalPages))
-	resp.WriteEntity(storageProviders)
+	resp.WriteEntity(storages)
 }
 
 func deleteStorage(ctx *web.Context) {

diff --git a/src/server/handler_storage_test.go b/src/server/handler_storage_test.go
@@ -23,29 +23,33 @@ func init() {
 	rand.Seed(time.Now().UnixNano())
 }
 
-type StorageSuite struct {
-	suite.Suite
-	wc      *restful.Container
-	session *mongo.Session
-}
-
 type StorageTestSuite struct {
 	suite.Suite
-	wc      *restful.Container
-	session *mongo.Session
+	sp        *serviceprovider.Container
+	wc        *restful.Container
+	session   *mongo.Session
+	JWTBearer string
 }
 
 func (suite *StorageTestSuite) SetupSuite() {
 	cf := config.MustRead("../../config/testing.json")
 	sp := serviceprovider.NewForTesting(cf)
 
-	//init restful container
+	suite.sp = sp
+	// init session
+	suite.session = sp.Mongo.NewSession()
+	// init restful container
 	suite.wc = restful.NewContainer()
-	service := newStorageService(sp)
-	suite.wc.Add(service)
 
-	//init session
-	suite.session = sp.Mongo.NewSession()
+	storageService := newStorageService(sp)
+	userService := newUserService(suite.sp)
+
+	suite.wc.Add(storageService)
+	suite.wc.Add(userService)
+
+	token, _ := loginGetToken(suite.wc)
+	suite.NotEmpty(token)
+	suite.JWTBearer = "Bearer " + token
 }
 
 func (suite *StorageTestSuite) TearDownSuite() {}
@@ -55,7 +59,7 @@ func TestStorageSuite(t *testing.T) {
 }
 
 func (suite *StorageTestSuite) TestCreateStorage() {
-	//Testing parameter
+	// Testing parameter
 	tName := namesgenerator.GetRandomName(0)
 	storage := entity.Storage{
 		Type:             entity.FakeStorageType,
@@ -76,6 +80,7 @@ func (suite *StorageTestSuite) TestCreateStorage() {
 	suite.NoError(err)
 
 	httpRequest.Header.Add("Content-Type", "application/json")
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter := httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	defer suite.session.Remove(entity.StorageCollectionName, "name", tName)
@@ -90,6 +95,7 @@ func (suite *StorageTestSuite) TestCreateStorage() {
 	httpRequest, err = http.NewRequest("POST", "http://localhost:7890/v1/storage", bodyReader)
 	suite.NoError(err)
 	httpRequest.Header.Add("Content-Type", "application/json")
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter = httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusConflict, httpWriter)
@@ -169,6 +175,7 @@ func (suite *StorageTestSuite) TestCreateStorageFail() {
 			suite.NoError(err)
 
 			httpRequest.Header.Add("Content-Type", "application/json")
+			httpRequest.Header.Add("Authorization", suite.JWTBearer)
 			httpWriter := httptest.NewRecorder()
 			suite.wc.Dispatch(httpWriter, httpRequest)
 			assertResponseCode(suite.T(), tc.errorCode, httpWriter)
@@ -199,6 +206,7 @@ func (suite *StorageTestSuite) TestDeleteStorage() {
 	httpRequest, err := http.NewRequest("DELETE", "http://localhost:7890/v1/storage/"+storage.ID.Hex(), bodyReader)
 	suite.NoError(err)
 	httpRequest.Header.Add("Content-Type", "application/json")
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter := httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusOK, httpWriter)
@@ -209,6 +217,7 @@ func (suite *NetworkTestSuite) TestDeleteEmptyStorage() {
 	httpRequest, err := http.NewRequest("DELETE", "http://localhost:7890/v1/storage/"+bson.NewObjectId().Hex(), nil)
 	suite.NoError(err)
 
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter := httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusNotFound, httpWriter)
@@ -217,6 +226,7 @@ func (suite *NetworkTestSuite) TestDeleteEmptyStorage() {
 func (suite *StorageTestSuite) TestInValidDeleteStorage() {
 	httpRequest, err := http.NewRequest("DELETE", "http://localhost:7890/v1/storage/"+bson.NewObjectId().Hex(), nil)
 	suite.NoError(err)
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter := httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusNotFound, httpWriter)
@@ -256,6 +266,7 @@ func (suite *StorageTestSuite) TestDeleteStorageFail() {
 			httpRequest, err := http.NewRequest("DELETE", "http://localhost:7890/v1/storage/"+tc.storage.ID.Hex(), nil)
 			suite.NoError(err)
 
+			httpRequest.Header.Add("Authorization", suite.JWTBearer)
 			httpRequest.Header.Add("Content-Type", "application/json")
 			httpWriter := httptest.NewRecorder()
 			suite.wc.Dispatch(httpWriter, httpRequest)
@@ -307,6 +318,7 @@ func (suite *StorageTestSuite) TestListStorage() {
 
 			suite.NoError(err)
 
+			httpRequest.Header.Add("Authorization", suite.JWTBearer)
 			httpWriter := httptest.NewRecorder()
 			suite.wc.Dispatch(httpWriter, httpRequest)
 			assertResponseCode(suite.T(), http.StatusOK, httpWriter)
@@ -324,26 +336,29 @@ func (suite *StorageTestSuite) TestListStorage() {
 }
 
 func (suite *StorageTestSuite) TestListInvalidStorage() {
-	//Invliad page size
+	// Invliad page size
 	httpRequest, err := http.NewRequest("GET", "http://localhost:7890/v1/storage?page=0", nil)
 	suite.NoError(err)
 
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter := httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusInternalServerError, httpWriter)
 
-	//Invliad page type
+	// Invliad page type
 	httpRequest, err = http.NewRequest("GET", "http://localhost:7890/v1/storage?page=asd", nil)
 	suite.NoError(err)
 
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter = httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusBadRequest, httpWriter)
 
-	//Invliad page_size type
+	// Invliad page_size type
 	httpRequest, err = http.NewRequest("GET", "http://localhost:7890/v1/storage?page_size=asd", nil)
 	suite.NoError(err)
 
+	httpRequest.Header.Add("Authorization", suite.JWTBearer)
 	httpWriter = httptest.NewRecorder()
 	suite.wc.Dispatch(httpWriter, httpRequest)
 	assertResponseCode(suite.T(), http.StatusBadRequest, httpWriter)

diff --git a/src/server/route.go b/src/server/route.go
@@ -43,7 +43,6 @@ func newVersionService(sp *serviceprovider.Container) *restful.WebService {
 func newRegistryService(sp *serviceprovider.Container) *restful.WebService {
 	webService := new(restful.WebService)
 	webService.Path("/v1/registry").Consumes(restful.MIME_JSON, restful.MIME_JSON).Produces(restful.MIME_JSON, restful.MIME_JSON)
-	//	webService.Filter(validateTokenMiddleware)
 	webService.Route(webService.POST("/auth").To(handler.RESTfulServiceHandler(sp, registryBasicAuthHandler)))
 	return webService
 }
@@ -81,6 +80,7 @@ func newNetworkService(sp *serviceprovider.Container) *restful.WebService {
 func newStorageService(sp *serviceprovider.Container) *restful.WebService {
 	webService := new(restful.WebService)
 	webService.Path("/v1/storage").Consumes(restful.MIME_JSON, restful.MIME_JSON).Produces(restful.MIME_JSON, restful.MIME_JSON)
+	webService.Filter(validateTokenMiddleware)
 	webService.Route(webService.POST("/").To(handler.RESTfulServiceHandler(sp, createStorage)))
 	webService.Route(webService.GET("/").To(handler.RESTfulServiceHandler(sp, listStorage)))
 	webService.Route(webService.DELETE("/{id}").To(handler.RESTfulServiceHandler(sp, deleteStorage)))