mirror of
https://github.com/portainer/portainer.git
synced 2025-07-21 06:19:41 +02:00
69c17986d9
* feat(access-token): Multi-auth middleware support EE-1891 (#5936) * AnyAuth middleware initial implementation with tests * using mux.MiddlewareFunc instead of custom definition * removed redundant comments * - ExtractBearerToken bouncer func made private - changed helm token handling functionality to use jwt service to convert token to jwt string - updated tests - fixed helm list broken test due to missing token in request context * rename mwCheckAuthentication -> mwCheckJWTAuthentication * - introduce initial api-key auth support using X-API-KEY header - added tests to validate x-api-key request header presence * updated core mwAuthenticatedUser middleware to support multiple auth paradigms * - simplified anyAuth middleware - enforcing authmiddleware to implement verificationFunc interface - created tests for middleware * simplify bouncer Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com> * feat(api-key): user-access-token generation endpoint EE-1889 EE-1888 EE-1895 (#6012) * user-access-token generation endpoint * fix comment * - introduction of apikey service - seperation of repository from service logic - called in handler * fixed tests * - fixed api key prefix - added tests * added another test for digest matching * updated swagger spec for access token creation * api key response returns raw key and struct - easing testability * test for api key prefix length * added another TODO to middleware * - api-key prefix rune -> string (rune does not auto-encode when response sent back to client) - digest -> pointer as we want to allow nil values and omit digest in responses (when nil) * - updated apikey struct - updated apikey service to support all common operations - updated apikey repo - integration of apikey service into bouncer - added test for all apikey service functions - boilerplate code for apikey service integration * - user access token generation tests - apiKeyLookup updated to support query params - added api-key tests for query params - added api-key tests for apiKeyLookup * get and remove access token handlers * get and remove access token handler tests * - delete user deletes all associated api keys - tests for this functionality * removed redundant []byte cast * automatic api-key eviction set within cache for 1 hour * fixed bug with loop var using final value * fixed service comment * ignore bolt error responses * case-insensitive query param check * simplified query var assignment * - added GetAPIKey func to get by unique id - updated DeleteAPIKey func to not require user ID - updated tests * GenerateRandomKey helper func from github.com/gorilla/securecookie moved to codebase * json response casing for api-keys fixed * updating api-key will update the cache * updated golang LRU cache * using hashicorps golang-LRU cache for api keys * simplified jwt check in create user access token * fixed api-key update logic on cache miss * Prefix generated api-keys with `ptr_` (#6067) * prefix api-keys with 'ptr_' * updated apikey description * refactor Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com> * helm list test refactor * fixed user delete test * reduce test nil pointer errors * using correct http 201 created status code for token creation; updated tests * fixed swagger doc user id path param for user access token based endpoints * added api-key security openapi spec to existing jwt secured endpoints (#6091) * fixed flaky test * apikey datecreated and lastused attrs converted to unix timestamp * feat(user): added access token datatable. (#6124) * feat(user): added access token datatable. * feat(tokens): only display lastUsed time when it is not the default date * Update app/portainer/views/account/accountController.js Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * Update app/portainer/views/account/accountController.js Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * Update app/portainer/views/account/accountController.js Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * Update app/portainer/components/datatables/access-tokens-datatable/accessTokensDatatableController.js Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * Update app/portainer/services/api/userService.js Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * feat(improvements): proposed datatable improvements to speed up dev time (#6138) * modal code update * updated datatable filenames, updated controller to be default class export * fix(access-token): code improvement. Co-authored-by: zees-dev <63374656+zees-dev@users.noreply.github.com> * feat(apikeys): create access token view initial implementation EE-1886 (#6129) * CopyButton implementation * Code component implementation * ToolTip component migration to another folder * TextTip component implementation - continued * form Heading component * Button component updated to be more dynamic * copybutton - small size * form control pass tip error * texttip small text * CreateAccessToken react feature initial implementation * create user access token angularjs view implementation * registration of CreateAccessToken component in AngularJS * user token generation API request moved to angular service, method passed down instead * consistent naming of access token operations; clustered similar code together * any user can add access token * create access token page routing * moved code component to the correct location * removed isadmin check as all functionality applicable to all users * create access token angular view moved up a level * fixed PR issues, updated PR * addressed PR issues/improvements * explicit hr for horizontal line * fixed merge conflict storybook build breaking * - apikey test - cache test * addressed testing issues: - description validations - remove token description link on table * fix(api-keys): user role change evicts user keys in cache EE-2113 (#6168) * user role change evicts user api keys in cache * EvictUserKeyCache -> InvalidateUserKeyCache * godoc for InvalidateUserKeyCache func * additional test line * disable add access token button after adding token to prevent spam Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com> Co-authored-by: fhanportainer <79428273+fhanportainer@users.noreply.github.com>
248 lines
9.5 KiB
Go
248 lines
9.5 KiB
Go
package testhelpers
|
|
|
|
import (
|
|
"io"
|
|
|
|
portainer "github.com/portainer/portainer/api"
|
|
"github.com/portainer/portainer/api/bolt/errors"
|
|
)
|
|
|
|
type datastore struct {
|
|
customTemplate portainer.CustomTemplateService
|
|
edgeGroup portainer.EdgeGroupService
|
|
edgeJob portainer.EdgeJobService
|
|
edgeStack portainer.EdgeStackService
|
|
endpoint portainer.EndpointService
|
|
endpointGroup portainer.EndpointGroupService
|
|
endpointRelation portainer.EndpointRelationService
|
|
helmUserRepository portainer.HelmUserRepositoryService
|
|
registry portainer.RegistryService
|
|
resourceControl portainer.ResourceControlService
|
|
apiKeyRepositoryService portainer.APIKeyRepository
|
|
role portainer.RoleService
|
|
sslSettings portainer.SSLSettingsService
|
|
settings portainer.SettingsService
|
|
stack portainer.StackService
|
|
tag portainer.TagService
|
|
teamMembership portainer.TeamMembershipService
|
|
team portainer.TeamService
|
|
tunnelServer portainer.TunnelServerService
|
|
user portainer.UserService
|
|
version portainer.VersionService
|
|
webhook portainer.WebhookService
|
|
}
|
|
|
|
func (d *datastore) BackupTo(io.Writer) error { return nil }
|
|
func (d *datastore) Open() error { return nil }
|
|
func (d *datastore) Init() error { return nil }
|
|
func (d *datastore) Close() error { return nil }
|
|
func (d *datastore) CheckCurrentEdition() error { return nil }
|
|
func (d *datastore) IsNew() bool { return false }
|
|
func (d *datastore) MigrateData(force bool) error { return nil }
|
|
func (d *datastore) Rollback(force bool) error { return nil }
|
|
func (d *datastore) CustomTemplate() portainer.CustomTemplateService { return d.customTemplate }
|
|
func (d *datastore) EdgeGroup() portainer.EdgeGroupService { return d.edgeGroup }
|
|
func (d *datastore) EdgeJob() portainer.EdgeJobService { return d.edgeJob }
|
|
func (d *datastore) EdgeStack() portainer.EdgeStackService { return d.edgeStack }
|
|
func (d *datastore) Endpoint() portainer.EndpointService { return d.endpoint }
|
|
func (d *datastore) EndpointGroup() portainer.EndpointGroupService { return d.endpointGroup }
|
|
func (d *datastore) EndpointRelation() portainer.EndpointRelationService { return d.endpointRelation }
|
|
func (d *datastore) HelmUserRepository() portainer.HelmUserRepositoryService {
|
|
return d.helmUserRepository
|
|
}
|
|
func (d *datastore) Registry() portainer.RegistryService { return d.registry }
|
|
func (d *datastore) ResourceControl() portainer.ResourceControlService { return d.resourceControl }
|
|
func (d *datastore) Role() portainer.RoleService { return d.role }
|
|
func (d *datastore) APIKeyRepository() portainer.APIKeyRepository {
|
|
return d.apiKeyRepositoryService
|
|
}
|
|
func (d *datastore) Settings() portainer.SettingsService { return d.settings }
|
|
func (d *datastore) SSLSettings() portainer.SSLSettingsService { return d.sslSettings }
|
|
func (d *datastore) Stack() portainer.StackService { return d.stack }
|
|
func (d *datastore) Tag() portainer.TagService { return d.tag }
|
|
func (d *datastore) TeamMembership() portainer.TeamMembershipService { return d.teamMembership }
|
|
func (d *datastore) Team() portainer.TeamService { return d.team }
|
|
func (d *datastore) TunnelServer() portainer.TunnelServerService { return d.tunnelServer }
|
|
func (d *datastore) User() portainer.UserService { return d.user }
|
|
func (d *datastore) Version() portainer.VersionService { return d.version }
|
|
func (d *datastore) Webhook() portainer.WebhookService { return d.webhook }
|
|
|
|
type datastoreOption = func(d *datastore)
|
|
|
|
// NewDatastore creates new instance of datastore.
|
|
// Will apply options before returning, opts will be applied from left to right.
|
|
func NewDatastore(options ...datastoreOption) *datastore {
|
|
d := datastore{}
|
|
for _, o := range options {
|
|
o(&d)
|
|
}
|
|
return &d
|
|
}
|
|
|
|
type stubSettingsService struct {
|
|
settings *portainer.Settings
|
|
}
|
|
|
|
func (s *stubSettingsService) Settings() (*portainer.Settings, error) {
|
|
return s.settings, nil
|
|
}
|
|
func (s *stubSettingsService) UpdateSettings(settings *portainer.Settings) error {
|
|
s.settings = settings
|
|
return nil
|
|
}
|
|
func (s *stubSettingsService) IsFeatureFlagEnabled(feature portainer.Feature) bool {
|
|
return false
|
|
}
|
|
func WithSettingsService(settings *portainer.Settings) datastoreOption {
|
|
return func(d *datastore) {
|
|
d.settings = &stubSettingsService{
|
|
settings: settings,
|
|
}
|
|
}
|
|
}
|
|
|
|
type stubUserService struct {
|
|
users []portainer.User
|
|
}
|
|
|
|
func (s *stubUserService) User(ID portainer.UserID) (*portainer.User, error) { return nil, nil }
|
|
func (s *stubUserService) UserByUsername(username string) (*portainer.User, error) { return nil, nil }
|
|
func (s *stubUserService) Users() ([]portainer.User, error) { return s.users, nil }
|
|
func (s *stubUserService) UsersByRole(role portainer.UserRole) ([]portainer.User, error) {
|
|
return s.users, nil
|
|
}
|
|
func (s *stubUserService) CreateUser(user *portainer.User) error { return nil }
|
|
func (s *stubUserService) UpdateUser(ID portainer.UserID, user *portainer.User) error { return nil }
|
|
func (s *stubUserService) DeleteUser(ID portainer.UserID) error { return nil }
|
|
|
|
// WithUsers datastore option that will instruct datastore to return provided users
|
|
func WithUsers(us []portainer.User) datastoreOption {
|
|
return func(d *datastore) {
|
|
d.user = &stubUserService{users: us}
|
|
}
|
|
}
|
|
|
|
type stubEdgeJobService struct {
|
|
jobs []portainer.EdgeJob
|
|
}
|
|
|
|
func (s *stubEdgeJobService) EdgeJobs() ([]portainer.EdgeJob, error) { return s.jobs, nil }
|
|
func (s *stubEdgeJobService) EdgeJob(ID portainer.EdgeJobID) (*portainer.EdgeJob, error) {
|
|
return nil, nil
|
|
}
|
|
func (s *stubEdgeJobService) CreateEdgeJob(edgeJob *portainer.EdgeJob) error { return nil }
|
|
func (s *stubEdgeJobService) UpdateEdgeJob(ID portainer.EdgeJobID, edgeJob *portainer.EdgeJob) error {
|
|
return nil
|
|
}
|
|
func (s *stubEdgeJobService) DeleteEdgeJob(ID portainer.EdgeJobID) error { return nil }
|
|
func (s *stubEdgeJobService) GetNextIdentifier() int { return 0 }
|
|
|
|
// WithEdgeJobs option will instruct datastore to return provided jobs
|
|
func WithEdgeJobs(js []portainer.EdgeJob) datastoreOption {
|
|
return func(d *datastore) {
|
|
d.edgeJob = &stubEdgeJobService{jobs: js}
|
|
}
|
|
}
|
|
|
|
type stubEndpointRelationService struct {
|
|
relations []portainer.EndpointRelation
|
|
}
|
|
|
|
func (s *stubEndpointRelationService) EndpointRelations() ([]portainer.EndpointRelation, error) {
|
|
return s.relations, nil
|
|
}
|
|
func (s *stubEndpointRelationService) EndpointRelation(ID portainer.EndpointID) (*portainer.EndpointRelation, error) {
|
|
for _, relation := range s.relations {
|
|
if relation.EndpointID == ID {
|
|
return &relation, nil
|
|
}
|
|
}
|
|
|
|
return nil, errors.ErrObjectNotFound
|
|
}
|
|
func (s *stubEndpointRelationService) CreateEndpointRelation(EndpointRelation *portainer.EndpointRelation) error {
|
|
return nil
|
|
}
|
|
func (s *stubEndpointRelationService) UpdateEndpointRelation(ID portainer.EndpointID, relation *portainer.EndpointRelation) error {
|
|
for i, r := range s.relations {
|
|
if r.EndpointID == ID {
|
|
s.relations[i] = *relation
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
func (s *stubEndpointRelationService) DeleteEndpointRelation(ID portainer.EndpointID) error {
|
|
return nil
|
|
}
|
|
func (s *stubEndpointRelationService) GetNextIdentifier() int { return 0 }
|
|
|
|
// WithEndpointRelations option will instruct datastore to return provided jobs
|
|
func WithEndpointRelations(relations []portainer.EndpointRelation) datastoreOption {
|
|
return func(d *datastore) {
|
|
d.endpointRelation = &stubEndpointRelationService{relations: relations}
|
|
}
|
|
}
|
|
|
|
type stubEndpointService struct {
|
|
endpoints []portainer.Endpoint
|
|
}
|
|
|
|
func (s *stubEndpointService) Endpoint(ID portainer.EndpointID) (*portainer.Endpoint, error) {
|
|
for _, endpoint := range s.endpoints {
|
|
if endpoint.ID == ID {
|
|
return &endpoint, nil
|
|
}
|
|
}
|
|
|
|
return nil, errors.ErrObjectNotFound
|
|
}
|
|
|
|
func (s *stubEndpointService) Endpoints() ([]portainer.Endpoint, error) {
|
|
return s.endpoints, nil
|
|
}
|
|
|
|
func (s *stubEndpointService) CreateEndpoint(endpoint *portainer.Endpoint) error {
|
|
s.endpoints = append(s.endpoints, *endpoint)
|
|
|
|
return nil
|
|
}
|
|
|
|
func (s *stubEndpointService) UpdateEndpoint(ID portainer.EndpointID, endpoint *portainer.Endpoint) error {
|
|
for i, e := range s.endpoints {
|
|
if e.ID == ID {
|
|
s.endpoints[i] = *endpoint
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (s *stubEndpointService) DeleteEndpoint(ID portainer.EndpointID) error {
|
|
endpoints := []portainer.Endpoint{}
|
|
|
|
for _, endpoint := range s.endpoints {
|
|
if endpoint.ID != ID {
|
|
endpoints = append(endpoints, endpoint)
|
|
}
|
|
}
|
|
|
|
s.endpoints = endpoints
|
|
|
|
return nil
|
|
}
|
|
|
|
func (s *stubEndpointService) Synchronize(toCreate []*portainer.Endpoint, toUpdate []*portainer.Endpoint, toDelete []*portainer.Endpoint) error {
|
|
panic("not implemented")
|
|
}
|
|
|
|
func (s *stubEndpointService) GetNextIdentifier() int {
|
|
return len(s.endpoints)
|
|
}
|
|
|
|
// WithEndpoints option will instruct datastore to return provided environments(endpoints)
|
|
func WithEndpoints(endpoints []portainer.Endpoint) datastoreOption {
|
|
return func(d *datastore) {
|
|
d.endpoint = &stubEndpointService{endpoints: endpoints}
|
|
}
|
|
}
|