mirror of
https://github.com/verdaccio/verdaccio.git
synced 2025-01-27 22:59:51 -05:00
Alex Kocharin
parent
e8593c47cc
commit
137fd5978f
4 changed files with 103 additions and 2 deletions
|
|
@ -154,11 +154,11 @@ Auth.prototype.allow_publish = function(package_name, user, callback) {
|
||||||
;(function next() {
|
;(function next() {
|
||||||
var p = plugins.shift()
|
var p = plugins.shift()
|
||||||
|
|
||||||
if (typeof(p.allow_access) !== 'function') {
|
if (typeof(p.allow_publish) !== 'function') {
|
||||||
return next()
|
return next()
|
||||||
}
|
}
|
||||||
|
|
||||||
p.allow_access(user, package, function(err, ok) {
|
p.allow_publish(user, package, function(err, ok) {
|
||||||
if (err) return callback(err)
|
if (err) return callback(err)
|
||||||
if (ok) return callback(null, ok)
|
if (ok) return callback(null, ok)
|
||||||
next() // cb(null, false) causes next plugin to roll
|
next() // cb(null, false) causes next plugin to roll
|
||||||
|
|
|
||||||
80
test/functional/access.js
Normal file
80
test/functional/access.js
Normal file
|
|
@ -0,0 +1,80 @@
|
||||||
|
|
||||||
|
module.exports = function () {
|
||||||
|
describe('access control', function () {
|
||||||
|
var server = process.server
|
||||||
|
var oldauth
|
||||||
|
|
||||||
|
before(function () {
|
||||||
|
oldauth = server.authstr
|
||||||
|
})
|
||||||
|
|
||||||
|
after(function () {
|
||||||
|
server.authstr = oldauth
|
||||||
|
})
|
||||||
|
|
||||||
|
function check_access(auth, pkg, ok) {
|
||||||
|
it((ok ? 'allows' : 'forbids') +' access ' + auth + ' to ' + pkg, function () {
|
||||||
|
server.authstr = auth
|
||||||
|
? 'Basic '+(new Buffer(auth).toString('base64'))
|
||||||
|
: undefined
|
||||||
|
|
||||||
|
var req = server.get_package(pkg)
|
||||||
|
|
||||||
|
if (ok) {
|
||||||
|
return req.status(404)
|
||||||
|
.body_error(/no such package available/)
|
||||||
|
} else {
|
||||||
|
return req.status(403)
|
||||||
|
.body_error(/not allowed to access package/)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
function check_publish(auth, pkg, ok) {
|
||||||
|
it((ok ? 'allows' : 'forbids') + ' publish ' + auth + ' to ' + pkg, function () {
|
||||||
|
server.authstr = auth
|
||||||
|
? 'Basic '+(new Buffer(auth).toString('base64'))
|
||||||
|
: undefined
|
||||||
|
|
||||||
|
var req = server.put_package(pkg, require('./lib/package')(pkg))
|
||||||
|
|
||||||
|
if (ok) {
|
||||||
|
return req.status(404)
|
||||||
|
.body_error(/this package cannot be added/)
|
||||||
|
} else {
|
||||||
|
return req.status(403)
|
||||||
|
.body_error(/not allowed to publish package/)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
check_access('test:test', 'test-access-only', true)
|
||||||
|
check_access(undefined, 'test-access-only', true)
|
||||||
|
check_access('test:badpass', 'test-access-only', true)
|
||||||
|
check_publish('test:test', 'test-access-only', false)
|
||||||
|
check_publish(undefined, 'test-access-only', false)
|
||||||
|
check_publish('test:badpass', 'test-access-only', false)
|
||||||
|
|
||||||
|
check_access('test:test', 'test-publish-only', false)
|
||||||
|
check_access(undefined, 'test-publish-only', false)
|
||||||
|
check_access('test:badpass', 'test-publish-only', false)
|
||||||
|
check_publish('test:test', 'test-publish-only', true)
|
||||||
|
check_publish(undefined, 'test-publish-only', true)
|
||||||
|
check_publish('test:badpass', 'test-publish-only', true)
|
||||||
|
|
||||||
|
check_access('test:test', 'test-only-test', true)
|
||||||
|
check_access(undefined, 'test-only-test', false)
|
||||||
|
check_access('test:badpass', 'test-only-test', false)
|
||||||
|
check_publish('test:test', 'test-only-test', true)
|
||||||
|
check_publish(undefined, 'test-only-test', false)
|
||||||
|
check_publish('test:badpass', 'test-only-test', false)
|
||||||
|
|
||||||
|
check_access('test:test', 'test-only-auth', true)
|
||||||
|
check_access(undefined, 'test-only-auth', false)
|
||||||
|
check_access('test:badpass', 'test-only-auth', false)
|
||||||
|
check_publish('test:test', 'test-only-auth', true)
|
||||||
|
check_publish(undefined, 'test-only-auth', false)
|
||||||
|
check_publish('test:badpass', 'test-only-auth', false)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -56,6 +56,26 @@ packages:
|
||||||
allow_publish: all
|
allow_publish: all
|
||||||
proxy_access: baduplink
|
proxy_access: baduplink
|
||||||
|
|
||||||
|
'test-access-only':
|
||||||
|
allow_access: $all
|
||||||
|
allow_publish: nobody
|
||||||
|
storage: false
|
||||||
|
|
||||||
|
'test-publish-only':
|
||||||
|
allow_access: nobody
|
||||||
|
allow_publish: $all
|
||||||
|
storage: false
|
||||||
|
|
||||||
|
'test-only-test':
|
||||||
|
allow_access: test
|
||||||
|
allow_publish: test
|
||||||
|
storage: false
|
||||||
|
|
||||||
|
'test-only-auth':
|
||||||
|
allow_access: $authenticated
|
||||||
|
allow_publish: $authenticated
|
||||||
|
storage: false
|
||||||
|
|
||||||
'*':
|
'*':
|
||||||
allow_access: test undefined
|
allow_access: test undefined
|
||||||
allow_publish: test undefined
|
allow_publish: test undefined
|
||||||
|
|
|
||||||
|
|
@ -45,6 +45,7 @@ describe('Func', function() {
|
||||||
|
|
||||||
it('authenticate', function(){/* test for before() */})
|
it('authenticate', function(){/* test for before() */})
|
||||||
|
|
||||||
|
require('./access')()
|
||||||
require('./basic')()
|
require('./basic')()
|
||||||
require('./gh29')()
|
require('./gh29')()
|
||||||
require('./tags')()
|
require('./tags')()
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue