summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2018-12-31 18:05:24 -0800
committerBryan Newbold <bnewbold@robocracy.org>2018-12-31 18:05:26 -0800
commit42ffee8c583729287aed7eaa6df4b7b121c1f7f6 (patch)
tree40afc986b07d6af1f04913b43c20e81dfe38d22a
parent48379975135f470f7e2faac6423c6188e3798b2d (diff)
downloadfatcat-42ffee8c583729287aed7eaa6df4b7b121c1f7f6.tar.gz
fatcat-42ffee8c583729287aed7eaa6df4b7b121c1f7f6.zip
make editor_id optional when createding editgroup
The editor_id can be infered from auth metadata.
-rw-r--r--fatcat-openapi2.yml2
-rw-r--r--rust/fatcat-api-spec/README.md2
-rw-r--r--rust/fatcat-api-spec/api.yaml2
-rw-r--r--rust/fatcat-api-spec/api/swagger.yaml2
-rw-r--r--rust/fatcat-api-spec/src/models.rs7
-rw-r--r--rust/src/api_server.rs6
-rw-r--r--rust/src/api_wrappers.rs13
-rw-r--r--rust/src/bin/fatcatd.rs7
-rw-r--r--rust/src/database_models.rs2
-rw-r--r--rust/src/lib.rs3
-rw-r--r--rust/tests/test_api_server_http.rs33
-rw-r--r--rust/tests/test_old_python_tests.rs7
12 files changed, 67 insertions, 19 deletions
diff --git a/fatcat-openapi2.yml b/fatcat-openapi2.yml
index 98b9e4b0..80db5074 100644
--- a/fatcat-openapi2.yml
+++ b/fatcat-openapi2.yml
@@ -445,8 +445,6 @@ definitions:
example: "zerocool93"
editgroup:
type: object
- required:
- - editor_id
properties:
editgroup_id:
<<: *FATCATIDENT
diff --git a/rust/fatcat-api-spec/README.md b/rust/fatcat-api-spec/README.md
index bed47c45..7e946b16 100644
--- a/rust/fatcat-api-spec/README.md
+++ b/rust/fatcat-api-spec/README.md
@@ -13,7 +13,7 @@ To see how to make this your own, look here:
[README](https://github.com/swagger-api/swagger-codegen/blob/master/README.md)
- API version: 0.1.0
-- Build date: 2018-12-31T22:21:53.785Z
+- Build date: 2019-01-01T01:45:02.795Z
This autogenerated project defines an API crate `fatcat` which contains:
* An `Api` trait defining the API in Rust.
diff --git a/rust/fatcat-api-spec/api.yaml b/rust/fatcat-api-spec/api.yaml
index 98b9e4b0..80db5074 100644
--- a/rust/fatcat-api-spec/api.yaml
+++ b/rust/fatcat-api-spec/api.yaml
@@ -445,8 +445,6 @@ definitions:
example: "zerocool93"
editgroup:
type: object
- required:
- - editor_id
properties:
editgroup_id:
<<: *FATCATIDENT
diff --git a/rust/fatcat-api-spec/api/swagger.yaml b/rust/fatcat-api-spec/api/swagger.yaml
index 670d3551..12bfe192 100644
--- a/rust/fatcat-api-spec/api/swagger.yaml
+++ b/rust/fatcat-api-spec/api/swagger.yaml
@@ -7598,8 +7598,6 @@ definitions:
upperCaseName: "EDITOR"
editgroup:
type: "object"
- required:
- - "editor_id"
properties:
editgroup_id:
type: "string"
diff --git a/rust/fatcat-api-spec/src/models.rs b/rust/fatcat-api-spec/src/models.rs
index 01b4c28e..4d7575b6 100644
--- a/rust/fatcat-api-spec/src/models.rs
+++ b/rust/fatcat-api-spec/src/models.rs
@@ -190,7 +190,8 @@ pub struct Editgroup {
/// base32-encoded unique identifier
#[serde(rename = "editor_id")]
- pub editor_id: String,
+ #[serde(skip_serializing_if = "Option::is_none")]
+ pub editor_id: Option<String>,
#[serde(rename = "description")]
#[serde(skip_serializing_if = "Option::is_none")]
@@ -206,10 +207,10 @@ pub struct Editgroup {
}
impl Editgroup {
- pub fn new(editor_id: String) -> Editgroup {
+ pub fn new() -> Editgroup {
Editgroup {
editgroup_id: None,
- editor_id: editor_id,
+ editor_id: None,
description: None,
extra: None,
edits: None,
diff --git a/rust/src/api_server.rs b/rust/src/api_server.rs
index 853f7bc2..be9f1883 100644
--- a/rust/src/api_server.rs
+++ b/rust/src/api_server.rs
@@ -384,7 +384,7 @@ impl Server {
) -> Result<Editgroup> {
let row: EditgroupRow = insert_into(editgroup::table)
.values((
- editgroup::editor_id.eq(FatCatId::from_str(&entity.editor_id)?.to_uuid()),
+ editgroup::editor_id.eq(FatCatId::from_str(&entity.editor_id.unwrap())?.to_uuid()),
editgroup::description.eq(entity.description),
editgroup::extra_json.eq(entity.extra),
))
@@ -392,7 +392,7 @@ impl Server {
Ok(Editgroup {
editgroup_id: Some(uuid2fcid(&row.id)),
- editor_id: uuid2fcid(&row.editor_id),
+ editor_id: Some(uuid2fcid(&row.editor_id)),
description: row.description,
edits: None,
extra: row.extra_json,
@@ -467,7 +467,7 @@ impl Server {
let eg = Editgroup {
editgroup_id: Some(uuid2fcid(&row.id)),
- editor_id: uuid2fcid(&row.editor_id),
+ editor_id: Some(uuid2fcid(&row.editor_id)),
description: row.description,
edits: Some(edits),
extra: row.extra_json,
diff --git a/rust/src/api_wrappers.rs b/rust/src/api_wrappers.rs
index ae070e02..3dec1c26 100644
--- a/rust/src/api_wrappers.rs
+++ b/rust/src/api_wrappers.rs
@@ -988,6 +988,19 @@ impl Api for Server {
.auth_confectionary
.require_auth(&conn, &context.auth_data)?;
auth_context.require_role(FatcatRole::Editor)?;
+ let mut entity = entity.clone();
+ match entity.editor_id.clone() {
+ Some(editor_id) => {
+ if !auth_context.has_role(FatcatRole::Admin) {
+ if editor_id != auth_context.editor_id.to_string() {
+ bail!("not authorized to create editgroups in others' names");
+ }
+ }
+ },
+ None => {
+ entity.editor_id = Some(auth_context.editor_id.to_string());
+ }
+ };
self.create_editgroup_handler(entity, &conn)
}) {
Ok(eg) => CreateEditgroupResponse::SuccessfullyCreated(eg),
diff --git a/rust/src/bin/fatcatd.rs b/rust/src/bin/fatcatd.rs
index 04f88948..682f5038 100644
--- a/rust/src/bin/fatcatd.rs
+++ b/rust/src/bin/fatcatd.rs
@@ -45,7 +45,12 @@ fn main() {
);
info!(
logger,
- "all auth keys: {:?}", server.auth_confectionary.root_keys.keys().collect::<Vec<&String>>(),
+ "all auth keys: {:?}",
+ server
+ .auth_confectionary
+ .root_keys
+ .keys()
+ .collect::<Vec<&String>>(),
);
let mut router = fatcat_api_spec::router(server);
diff --git a/rust/src/database_models.rs b/rust/src/database_models.rs
index f6cca3e1..7a65f901 100644
--- a/rust/src/database_models.rs
+++ b/rust/src/database_models.rs
@@ -564,7 +564,7 @@ impl EditgroupRow {
pub fn into_model_partial(self) -> Editgroup {
Editgroup {
editgroup_id: Some(uuid2fcid(&self.id)),
- editor_id: uuid2fcid(&self.editor_id),
+ editor_id: Some(uuid2fcid(&self.editor_id)),
description: self.description,
extra: self.extra_json,
edits: None,
diff --git a/rust/src/lib.rs b/rust/src/lib.rs
index 7d00641a..b3e6c813 100644
--- a/rust/src/lib.rs
+++ b/rust/src/lib.rs
@@ -134,9 +134,8 @@ pub fn env_confectionary() -> Result<AuthConfectionary> {
}
info!("Loading alt auth key: {}", pair[0]);
confectionary.add_keypair(pair[0].to_string(), pair[1].to_string())?;
-
}
- },
+ }
Err(_) => (),
}
Ok(confectionary)
diff --git a/rust/tests/test_api_server_http.rs b/rust/tests/test_api_server_http.rs
index 2160a0a0..d975fe6e 100644
--- a/rust/tests/test_api_server_http.rs
+++ b/rust/tests/test_api_server_http.rs
@@ -1545,3 +1545,36 @@ fn test_release_types() {
Some("release_type"),
);
}
+
+#[test]
+fn test_create_editgroup() {
+ let (headers, router, _conn) = setup_http();
+
+ // We're authenticated, so don't need to supply editor_id
+ check_http_response(
+ request::post(
+ &format!(
+ "http://localhost:9411/v0/editgroup",
+ ),
+ headers.clone(),
+ "{}",
+ &router,
+ ),
+ status::Created,
+ None,
+ );
+
+ // But can if we want to
+ check_http_response(
+ request::post(
+ &format!(
+ "http://localhost:9411/v0/editgroup",
+ ),
+ headers.clone(),
+ r#"{"editor_id": "aaaaaaaaaaaabkvkaaaaaaaaae"}"#,
+ &router,
+ ),
+ status::Created,
+ None,
+ );
+}
diff --git a/rust/tests/test_old_python_tests.rs b/rust/tests/test_old_python_tests.rs
index 1f91c7db..afeff55e 100644
--- a/rust/tests/test_old_python_tests.rs
+++ b/rust/tests/test_old_python_tests.rs
@@ -22,7 +22,8 @@ fn test_api_rich_create() {
let admin_id = "aaaaaaaaaaaabkvkaaaaaaaaae".to_string();
- let mut new_eg = Editgroup::new(admin_id);
+ let mut new_eg = Editgroup::new();
+ new_eg.editor_id = Some(admin_id);
new_eg.description = Some("a unit test edit".to_string());
let resp = client.create_editgroup(new_eg).wait().unwrap();
let editgroup_id = match resp {
@@ -196,8 +197,10 @@ fn test_merge_works() {
let admin_id = "aaaaaaaaaaaabkvkaaaaaaaaae".to_string();
+ let mut eg = Editgroup::new();
+ eg.editor_id = Some(admin_id);
let resp = client
- .create_editgroup(Editgroup::new(admin_id))
+ .create_editgroup(eg)
.wait()
.unwrap();
let editgroup_id = match resp {