mirror of
https://github.com/project-zot/zot.git
synced 2024-12-16 21:56:37 -05:00
77149aa85c
BREAKING CHANGE: The functionality provided by the mgmt endpoint has beed redesigned - see details below BREAKING CHANGE: The API keys endpoint has been moved - see details below BREAKING CHANGE: The mgmt extension config has been removed - endpoint is now enabled by having both the search and the ui extensions enabled BREAKING CHANGE: The API keys configuration has been moved from extensions to http>auth>apikey mgmt and imagetrust extensions: - separate the _zot/ext/mgmt into 3 separate endpoints: _zot/ext/auth, _zot/ext/notation, _zot/ext/cosign - signature verification logic is in a separate `imagetrust` extension - better hanling or errors in case of signature uploads: logging and error codes (more 400 and less 500 errors) - add authz on signature uploads (and add a new middleware in common for this purpose) - remove the mgmt extension configuration - it is now enabled if the UI and the search extensions are enabled userprefs estension: - userprefs are enabled if both search and ui extensions are enabled (as opposed to just search) apikey extension is removed and logic moved into the api folder - Move apikeys code out of pkg/extensions and into pkg/api - Remove apikey configuration options from the extensions configuration and move it inside the http auth section - remove the build label apikeys other changes: - move most of the logic adding handlers to the extensions endpoints out of routes.go and into the extensions files. - add warnings in case the users are still using configurations with the obsolete settings for mgmt and api keys - add a new function in the extension package which could be a single point of starting backgroud tasks for all extensions - more clear methods for verifying specific extensions are enabled - fix http methods paired with the UI handlers - rebuild swagger docs Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
176 lines
5.4 KiB
Go
176 lines
5.4 KiB
Go
//go:build userprefs
|
|
// +build userprefs
|
|
|
|
package extensions_test
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/gorilla/mux"
|
|
. "github.com/smartystreets/goconvey/convey"
|
|
"gopkg.in/resty.v1"
|
|
|
|
zerr "zotregistry.io/zot/errors"
|
|
"zotregistry.io/zot/pkg/api"
|
|
"zotregistry.io/zot/pkg/api/config"
|
|
"zotregistry.io/zot/pkg/api/constants"
|
|
"zotregistry.io/zot/pkg/extensions"
|
|
extconf "zotregistry.io/zot/pkg/extensions/config"
|
|
"zotregistry.io/zot/pkg/log"
|
|
mTypes "zotregistry.io/zot/pkg/meta/types"
|
|
"zotregistry.io/zot/pkg/test"
|
|
"zotregistry.io/zot/pkg/test/mocks"
|
|
)
|
|
|
|
var ErrTestError = errors.New("TestError")
|
|
|
|
func TestAllowedMethodsHeaderUserPrefs(t *testing.T) {
|
|
defaultVal := true
|
|
|
|
Convey("Test http options response", t, func() {
|
|
conf := config.New()
|
|
port := test.GetFreePort()
|
|
conf.HTTP.Port = port
|
|
conf.Extensions = &extconf.ExtensionConfig{}
|
|
conf.Extensions.Search = &extconf.SearchConfig{}
|
|
conf.Extensions.Search.Enable = &defaultVal
|
|
conf.Extensions.Search.CVE = nil
|
|
conf.Extensions.UI = &extconf.UIConfig{}
|
|
conf.Extensions.UI.Enable = &defaultVal
|
|
|
|
baseURL := test.GetBaseURL(port)
|
|
|
|
ctlr := api.NewController(conf)
|
|
ctlr.Config.Storage.RootDirectory = t.TempDir()
|
|
|
|
ctrlManager := test.NewControllerManager(ctlr)
|
|
|
|
ctrlManager.StartAndWait(port)
|
|
defer ctrlManager.StopServer()
|
|
|
|
resp, _ := resty.R().Options(baseURL + constants.FullUserPrefs)
|
|
So(resp, ShouldNotBeNil)
|
|
So(resp.Header().Get("Access-Control-Allow-Methods"), ShouldResemble, "PUT,OPTIONS")
|
|
So(resp.StatusCode(), ShouldEqual, http.StatusNoContent)
|
|
})
|
|
}
|
|
|
|
func TestHandlers(t *testing.T) {
|
|
const UserprefsBaseURL = "http://127.0.0.1:8080/v2/_zot/ext/userprefs"
|
|
|
|
log := log.NewLogger("debug", "")
|
|
mockmetaDB := mocks.MetaDBMock{}
|
|
|
|
Convey("No repo in request", t, func() {
|
|
request := httptest.NewRequest(http.MethodGet, UserprefsBaseURL+"", strings.NewReader("My string"))
|
|
response := httptest.NewRecorder()
|
|
|
|
extensions.PutStar(response, request, mockmetaDB, log)
|
|
res := response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusBadRequest)
|
|
defer res.Body.Close()
|
|
|
|
extensions.PutBookmark(response, request, mockmetaDB, log)
|
|
res = response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusBadRequest)
|
|
defer res.Body.Close()
|
|
})
|
|
|
|
Convey("Empty repo in request", t, func() {
|
|
request := httptest.NewRequest(http.MethodGet, UserprefsBaseURL+"?repo=", strings.NewReader("My string"))
|
|
response := httptest.NewRecorder()
|
|
|
|
extensions.PutStar(response, request, mockmetaDB, log)
|
|
res := response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusNotFound)
|
|
defer res.Body.Close()
|
|
|
|
extensions.PutBookmark(response, request, mockmetaDB, log)
|
|
res = response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusNotFound)
|
|
defer res.Body.Close()
|
|
})
|
|
|
|
Convey("ToggleStarRepo different errors", t, func() {
|
|
request := httptest.NewRequest(http.MethodGet, UserprefsBaseURL+"?repo=test",
|
|
strings.NewReader("My string"))
|
|
|
|
Convey("ErrRepoMetaNotFound", func() {
|
|
mockmetaDB.ToggleStarRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, zerr.ErrRepoMetaNotFound
|
|
}
|
|
|
|
mockmetaDB.ToggleBookmarkRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, zerr.ErrRepoMetaNotFound
|
|
}
|
|
|
|
response := httptest.NewRecorder()
|
|
extensions.PutBookmark(response, request, mockmetaDB, log)
|
|
res := response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusNotFound)
|
|
defer res.Body.Close()
|
|
|
|
response = httptest.NewRecorder()
|
|
extensions.PutStar(response, request, mockmetaDB, log)
|
|
res = response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusNotFound)
|
|
defer res.Body.Close()
|
|
})
|
|
|
|
Convey("ErrUserDataNotAllowed", func() {
|
|
request = mux.SetURLVars(request, map[string]string{
|
|
"name": "repo",
|
|
})
|
|
|
|
mockmetaDB.ToggleBookmarkRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, zerr.ErrUserDataNotAllowed
|
|
}
|
|
|
|
mockmetaDB.ToggleStarRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, zerr.ErrUserDataNotAllowed
|
|
}
|
|
|
|
response := httptest.NewRecorder()
|
|
extensions.PutBookmark(response, request, mockmetaDB, log)
|
|
res := response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusForbidden)
|
|
defer res.Body.Close()
|
|
|
|
response = httptest.NewRecorder()
|
|
extensions.PutStar(response, request, mockmetaDB, log)
|
|
res = response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusForbidden)
|
|
defer res.Body.Close()
|
|
})
|
|
|
|
Convey("ErrUnexpectedError", func() {
|
|
request = mux.SetURLVars(request, map[string]string{
|
|
"name": "repo",
|
|
})
|
|
|
|
mockmetaDB.ToggleBookmarkRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, ErrTestError
|
|
}
|
|
|
|
mockmetaDB.ToggleStarRepoFn = func(ctx context.Context, repo string) (mTypes.ToggleState, error) {
|
|
return mTypes.NotChanged, ErrTestError
|
|
}
|
|
response := httptest.NewRecorder()
|
|
extensions.PutBookmark(response, request, mockmetaDB, log)
|
|
res := response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusInternalServerError)
|
|
defer res.Body.Close()
|
|
|
|
response = httptest.NewRecorder()
|
|
extensions.PutStar(response, request, mockmetaDB, log)
|
|
res = response.Result()
|
|
So(res.StatusCode, ShouldEqual, http.StatusInternalServerError)
|
|
defer res.Body.Close()
|
|
})
|
|
})
|
|
}
|