Merge pull request #2236 from influxdata/fix_auth_status_update_error

fix(bolt): fix auth status update error
2019-01-07 13:37:02 -05:00 · 2019-01-07 13:37:02 -05:00 · 5de0e2e8d2
parent 099d311037 f392f1bab0
commit 5de0e2e8d2
5 changed files with 290 additions and 21 deletions
--- a/bolt/authorization.go
+++ b/bolt/authorization.go
@ -3,7 +3,6 @@ package bolt
 import (
 	"context"
 	"encoding/json"
-	"fmt"

 	bolt "github.com/coreos/bbolt"
 	"github.com/influxdata/platform"
@ -136,7 +135,10 @@ func (c *Client) FindAuthorizations(ctx context.Context, filter platform.Authori
 	if filter.ID != nil {
 		a, err := c.FindAuthorizationByID(ctx, *filter.ID)
 		if err != nil {
-			return nil, 0, err
+			return nil, 0, &platform.Error{
+				Err: err,
+				Op:  getOp(platform.OpFindAuthorizations),
+			}
 		}

 		return []*platform.Authorization{a}, 1, nil
@ -145,7 +147,10 @@ func (c *Client) FindAuthorizations(ctx context.Context, filter platform.Authori
 	if filter.Token != nil {
 		a, err := c.FindAuthorizationByToken(ctx, *filter.Token)
 		if err != nil {
-			return nil, 0, err
+			return nil, 0, &platform.Error{
+				Err: err,
+				Op:  getOp(platform.OpFindAuthorizations),
+			}
 		}

 		return []*platform.Authorization{a}, 1, nil
@ -162,7 +167,10 @@ func (c *Client) FindAuthorizations(ctx context.Context, filter platform.Authori
 	})

 	if err != nil {
-		return nil, 0, err
+		return nil, 0, &platform.Error{
+			Err: err,
+			Op:  getOp(platform.OpFindAuthorizations),
+		}
 	}

 	return as, len(as), nil
@ -248,7 +256,10 @@ func encodeAuthorization(a *platform.Authorization) ([]byte, error) {
 	case "":
 		a.Status = platform.Active
 	default:
-		return nil, fmt.Errorf("unknown authorization status")
+		return nil, &platform.Error{
+			Code: platform.EInvalid,
+			Msg:  "unknown authorization status",
+		}
 	}

 	return json.Marshal(a)
@ -365,7 +376,13 @@ func (c *Client) deleteAuthorization(ctx context.Context, tx *bolt.Tx, id platfo
 // for setting an authorization to inactive or active.
 func (c *Client) SetAuthorizationStatus(ctx context.Context, id platform.ID, status platform.Status) error {
 	return c.db.Update(func(tx *bolt.Tx) error {
-		return c.updateAuthorization(ctx, tx, id, status)
+		if pe := c.updateAuthorization(ctx, tx, id, status); pe != nil {
+			return &platform.Error{
+				Err: pe,
+				Op:  platform.OpSetAuthorizationStatus,
+			}
+		}
+		return nil
 	})
 }

@ -379,8 +396,7 @@ func (c *Client) updateAuthorization(ctx context.Context, tx *bolt.Tx, id platfo
 	b, err := encodeAuthorization(a)
 	if err != nil {
 		return &platform.Error{
-			Code: platform.EInvalid,
-			Err:  err,
+			Err: err,
 		}
 	}

--- a/http/auth_service.go
+++ b/http/auth_service.go
@ -13,7 +13,6 @@ import (

 	"github.com/influxdata/platform"
 	platcontext "github.com/influxdata/platform/context"
-	kerrors "github.com/influxdata/platform/kit/errors"
 	"github.com/julienschmidt/httprouter"
 )

@ -389,7 +388,10 @@ func decodeGetAuthorizationRequest(ctx context.Context, r *http.Request) (*getAu
 	params := httprouter.ParamsFromContext(ctx)
 	id := params.ByName("id")
 	if id == "" {
-		return nil, kerrors.InvalidDataf("url missing id")
+		return nil, &platform.Error{
+			Code: platform.EInvalid,
+			Msg:  "url missing id",
+		}
 	}

 	var i platform.ID
@ -460,7 +462,10 @@ func decodeSetAuthorizationStatusRequest(ctx context.Context, r *http.Request) (
 	params := httprouter.ParamsFromContext(ctx)
 	id := params.ByName("id")
 	if id == "" {
-		return nil, kerrors.InvalidDataf("url missing id")
+		return nil, &platform.Error{
+			Code: platform.EInvalid,
+			Msg:  "url missing id",
+		}
 	}

 	var i platform.ID
@ -473,12 +478,6 @@ func decodeSetAuthorizationStatusRequest(ctx context.Context, r *http.Request) (
 		return nil, err
 	}

-	switch a.Status {
-	case platform.Active, platform.Inactive:
-	default:
-		return nil, kerrors.InvalidDataf("unknown status option")
-	}
-
 	return &updateAuthorizationRequest{
 		ID:     i,
 		Status: a.Status,
@ -513,7 +512,10 @@ func decodeDeleteAuthorizationRequest(ctx context.Context, r *http.Request) (*de
 	params := httprouter.ParamsFromContext(ctx)
 	id := params.ByName("id")
 	if id == "" {
-		return nil, kerrors.InvalidDataf("url missing id")
+		return nil, &platform.Error{
+			Code: platform.EInvalid,
+			Msg:  "url missing id",
+		}
 	}

 	var i platform.ID
--- a/http/auth_test.go
+++ b/http/auth_test.go
@ -686,6 +686,10 @@ func TestAuthorizationService_DeleteAuthorization(t *testing.T) {
 	platformtesting.DeleteAuthorization(initAuthorizationService, t)
 }

+func TestAuthorizationService_UpdateAuthorizationStatus(t *testing.T) {
+	platformtesting.UpdateAuthorizationStatus(initAuthorizationService, t)
+}
+
 func MustMarshal(o interface{}) []byte {
 	b, _ := json.Marshal(o)
 	return b
--- a/inmem/auth_service.go
+++ b/inmem/auth_service.go
@ -195,15 +195,19 @@ func (s *Service) SetAuthorizationStatus(ctx context.Context, id platform.ID, st
 	op := OpPrefix + platform.OpSetAuthorizationStatus
 	a, err := s.FindAuthorizationByID(ctx, id)
 	if err != nil {
-		return err
+		return &platform.Error{
+			Err: err,
+			Op:  op,
+		}
 	}

 	switch status {
 	case platform.Active, platform.Inactive:
 	default:
 		return &platform.Error{
-			Msg: "unknown authorization status",
-			Op:  op,
+			Code: platform.EInvalid,
+			Msg:  "unknown authorization status",
+			Op:   op,
 		}
 	}

--- a/testing/auth.go
+++ b/testing/auth.go
@ -61,6 +61,10 @@ func AuthorizationService(
 			name: "FindAuthorizationByToken",
 			fn:   FindAuthorizationByToken,
 		},
+		{
+			name: "UpdateAuthorizationStatus",
+			fn:   UpdateAuthorizationStatus,
+		},
 		{
 			name: "FindAuthorizations",
 			fn:   FindAuthorizations,
@ -443,6 +447,245 @@ func FindAuthorizationByID(
 	}
 }

+// UpdateAuthorizationStatus testing
+func UpdateAuthorizationStatus(
+	init func(AuthorizationFields, *testing.T) (platform.AuthorizationService, string, func()),
+	t *testing.T,
+) {
+	type args struct {
+		id     platform.ID
+		status platform.Status
+	}
+	type wants struct {
+		err           error
+		authorization *platform.Authorization
+	}
+	tests := []struct {
+		name   string
+		fields AuthorizationFields
+		args   args
+		wants  wants
+	}{
+		{
+			name: "regular update",
+			fields: AuthorizationFields{
+				Users: []*platform.User{
+					{
+						Name: "cooluser",
+						ID:   MustIDBase16(userOneID),
+					},
+					{
+						Name: "regularuser",
+						ID:   MustIDBase16(userTwoID),
+					},
+				},
+				Orgs: []*platform.Organization{
+					{
+						Name: "o1",
+						ID:   MustIDBase16(orgOneID),
+					},
+					{
+						Name: "o2",
+						ID:   MustIDBase16(orgTwoID),
+					},
+				},
+				Authorizations: []*platform.Authorization{
+					{
+						ID:          MustIDBase16(authOneID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand1",
+						Status:      platform.Inactive,
+						OrgID:       MustIDBase16(orgTwoID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authZeroID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand0",
+						OrgID:       MustIDBase16(orgOneID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authTwoID),
+						UserID:      MustIDBase16(userTwoID),
+						OrgID:       MustIDBase16(orgOneID),
+						Token:       "rand2",
+						Permissions: createUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authThreeID),
+						UserID:      MustIDBase16(userOneID),
+						OrgID:       MustIDBase16(orgOneID),
+						Token:       "rand3",
+						Permissions: allUsersPermission(),
+					},
+				},
+			},
+			args: args{
+				id:     MustIDBase16(authTwoID),
+				status: platform.Inactive,
+			},
+			wants: wants{
+				authorization: &platform.Authorization{
+					ID:          MustIDBase16(authTwoID),
+					UserID:      MustIDBase16(userTwoID),
+					OrgID:       MustIDBase16(orgOneID),
+					Token:       "rand2",
+					Permissions: createUsersPermission(),
+					Status:      platform.Inactive,
+				},
+			},
+		},
+		{
+			name: "update with id not found",
+			fields: AuthorizationFields{
+				Users: []*platform.User{
+					{
+						Name: "cooluser",
+						ID:   MustIDBase16(userOneID),
+					},
+					{
+						Name: "regularuser",
+						ID:   MustIDBase16(userTwoID),
+					},
+				},
+				Orgs: []*platform.Organization{
+					{
+						Name: "o1",
+						ID:   MustIDBase16(orgOneID),
+					},
+					{
+						Name: "o2",
+						ID:   MustIDBase16(orgTwoID),
+					},
+				},
+				Authorizations: []*platform.Authorization{
+					{
+						ID:          MustIDBase16(authOneID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand1",
+						Status:      platform.Inactive,
+						OrgID:       MustIDBase16(orgTwoID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authZeroID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand0",
+						OrgID:       MustIDBase16(orgOneID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authTwoID),
+						UserID:      MustIDBase16(userTwoID),
+						OrgID:       MustIDBase16(orgOneID),
+						Token:       "rand2",
+						Permissions: createUsersPermission(),
+					},
+				},
+			},
+			args: args{
+				id:     MustIDBase16(authThreeID),
+				status: platform.Inactive,
+			},
+			wants: wants{
+				err: &platform.Error{
+					Code: platform.ENotFound,
+					Op:   platform.OpSetAuthorizationStatus,
+					Msg:  "authorization not found",
+				},
+			},
+		},
+		{
+			name: "update with unknown status",
+			fields: AuthorizationFields{
+				Users: []*platform.User{
+					{
+						Name: "cooluser",
+						ID:   MustIDBase16(userOneID),
+					},
+					{
+						Name: "regularuser",
+						ID:   MustIDBase16(userTwoID),
+					},
+				},
+				Orgs: []*platform.Organization{
+					{
+						Name: "o1",
+						ID:   MustIDBase16(orgOneID),
+					},
+					{
+						Name: "o2",
+						ID:   MustIDBase16(orgTwoID),
+					},
+				},
+				Authorizations: []*platform.Authorization{
+					{
+						ID:          MustIDBase16(authOneID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand1",
+						Status:      platform.Inactive,
+						OrgID:       MustIDBase16(orgTwoID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authZeroID),
+						UserID:      MustIDBase16(userOneID),
+						Token:       "rand0",
+						OrgID:       MustIDBase16(orgOneID),
+						Permissions: allUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authTwoID),
+						UserID:      MustIDBase16(userTwoID),
+						OrgID:       MustIDBase16(orgOneID),
+						Token:       "rand2",
+						Permissions: createUsersPermission(),
+					},
+					{
+						ID:          MustIDBase16(authThreeID),
+						UserID:      MustIDBase16(userOneID),
+						OrgID:       MustIDBase16(orgOneID),
+						Token:       "rand3",
+						Permissions: allUsersPermission(),
+					},
+				},
+			},
+			args: args{
+				id:     MustIDBase16(authTwoID),
+				status: platform.Status("unknown"),
+			},
+			wants: wants{
+				err: &platform.Error{
+					Code: platform.EInvalid,
+					Op:   platform.OpSetAuthorizationStatus,
+					Msg:  "unknown authorization status",
+				},
+			},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			s, opPrefix, done := init(tt.fields, t)
+			defer done()
+			ctx := context.Background()
+
+			err := s.SetAuthorizationStatus(ctx, tt.args.id, tt.args.status)
+			diffPlatformErrors(tt.name, err, tt.wants.err, opPrefix, t)
+
+			if tt.wants.err == nil {
+				authorization, err := s.FindAuthorizationByID(ctx, tt.args.id)
+				if err != nil {
+					t.Errorf("%s failed, got error %s", tt.name, err.Error())
+				}
+				if diff := cmp.Diff(authorization, tt.wants.authorization, authorizationCmpOptions...); diff != "" {
+					t.Errorf("authorization is different -got/+want\ndiff %s", diff)
+				}
+			}
+		})
+	}
+}
+
 // FindAuthorizationByToken testing
 func FindAuthorizationByToken(
 	init func(AuthorizationFields, *testing.T) (platform.AuthorizationService, string, func()),