From 9381dddbe10550a59e49f1330793b4b6b95b1d7c Mon Sep 17 00:00:00 2001 From: Jithin Emmanuel Date: Tue, 30 Jan 2018 10:23:25 -0800 Subject: [PATCH 1/2] fix(858): Enable auth for artifact reads --- plugins/builds.js | 9 +++++++++ test/plugins/builds.test.js | 23 ++++++++++++++++++++++- 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/plugins/builds.js b/plugins/builds.js index 0a3e91b..5c27794 100644 --- a/plugins/builds.js +++ b/plugins/builds.js @@ -31,6 +31,15 @@ exports.register = (server, options, next) => { description: 'Read build artifacts', notes: 'Get an artifact from a specific build', tags: ['api', 'builds'], + auth: { + strategies: ['token'], + scope: ['read:build'] + }, + plugins: { + 'hapi-swagger': { + security: [{ token: [] }] + } + }, handler: (request, reply) => { const buildId = request.params.id; const artifact = request.params.artifact; diff --git a/test/plugins/builds.test.js b/test/plugins/builds.test.js index b7ee3b6..e61196c 100644 --- a/test/plugins/builds.test.js +++ b/test/plugins/builds.test.js @@ -71,6 +71,13 @@ describe('builds plugin test', () => { describe('GET /builds/:id/:artifact', () => { it('returns 404 if not found', () => ( server.inject({ + headers: { + 'x-foo': 'bar' + }, + credentials: { + username: mockBuildID, + scope: ['read:build'] + }, url: `/builds/${mockBuildID}/foo` }).then((reply) => { assert.equal(reply.statusCode, 404); @@ -109,6 +116,13 @@ describe('builds plugin test', () => { it('returns 500 if caching fails', () => ( badServer.inject({ + headers: { + 'x-foo': 'bar' + }, + credentials: { + username: mockBuildID, + scope: ['read:build'] + }, url: `/builds/${mockBuildID}/foo` }).then((reply) => { assert.equal(reply.statusCode, 500); @@ -162,7 +176,14 @@ describe('builds plugin test', () => { assert.equal(reply.statusCode, 202); return server.inject({ - url: `/builds/${mockBuildID}/foo` + url: `/builds/${mockBuildID}/foo`, + headers: { + 'x-foo': 'bar' + }, + credentials: { + username: mockBuildID, + scope: ['read:build'] + } }).then((reply2) => { assert.equal(reply2.statusCode, 200); assert.equal(reply2.headers['x-foo'], 'bar'); From 1dfac627ff99a761c0d5c02757e24dd63b628915 Mon Sep 17 00:00:00 2001 From: Jithin Emmanuel Date: Tue, 30 Jan 2018 11:12:26 -0800 Subject: [PATCH 2/2] fix(858): User user scope for reading from store --- plugins/builds.js | 2 +- test/plugins/builds.test.js | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/plugins/builds.js b/plugins/builds.js index 5c27794..a53b761 100644 --- a/plugins/builds.js +++ b/plugins/builds.js @@ -33,7 +33,7 @@ exports.register = (server, options, next) => { tags: ['api', 'builds'], auth: { strategies: ['token'], - scope: ['read:build'] + scope: ['user'] }, plugins: { 'hapi-swagger': { diff --git a/test/plugins/builds.test.js b/test/plugins/builds.test.js index e61196c..2b6018c 100644 --- a/test/plugins/builds.test.js +++ b/test/plugins/builds.test.js @@ -76,7 +76,7 @@ describe('builds plugin test', () => { }, credentials: { username: mockBuildID, - scope: ['read:build'] + scope: ['user'] }, url: `/builds/${mockBuildID}/foo` }).then((reply) => { @@ -121,7 +121,7 @@ describe('builds plugin test', () => { }, credentials: { username: mockBuildID, - scope: ['read:build'] + scope: ['user'] }, url: `/builds/${mockBuildID}/foo` }).then((reply) => { @@ -182,7 +182,7 @@ describe('builds plugin test', () => { }, credentials: { username: mockBuildID, - scope: ['read:build'] + scope: ['user'] } }).then((reply2) => { assert.equal(reply2.statusCode, 200);