Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix(task): only update authorization when requested 

The previous code was mistakenly updating the task's authorization even
when it wasn't part of the update request.
pull/12371/head^2
Mark Rushakoff 2019-03-05 20:48:07 -08:00 committed by Mark Rushakoff
parent 579f1a375f
commit ceaed4c31e
2 changed files with 23 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
task/platform_adapter.go
View File

@ -207,10 +207,13 @@ func (p pAdapter) UpdateTask(ctx context.Context, id platform.ID, upd platform.T
}
req.Options = upd.Options
req.AuthorizationID, err = p.authorizationIDFromToken(ctx, upd.Token)
if err != nil {
return nil, err
if upd.Token != "" {
req.AuthorizationID, err = p.authorizationIDFromToken(ctx, upd.Token)
if err != nil {
return nil, err
}
}
res, err := p.s.UpdateTask(ctx, req)
if err != nil {
return nil, err
@ -343,7 +346,7 @@ func (p pAdapter) authorizationIDFromToken(ctx context.Context, token string) (p
if token == "" {
// No explicit token. Use the authorization ID from the context's authorizer.
k := authorizer.Kind()
if k != platform.AuthorizationKind && k != platform.SessionAuthorizionKind {
if k != platform.AuthorizationKind {
return 0, fmt.Errorf("unable to create task using authorization of kind %s", k)
}

19
task/servicetest/servicetest.go
View File

@ -302,12 +302,25 @@ func testTaskCRUD(t *testing.T, sys *System) {
t.Fatalf("expected task status to be active, got %q", f.Status)
}
// Update task: just update the token.
// First we need to make a new authorization in order to get a new token.
newAuthz := &platform.Authorization{OrgID: cr.OrgID, UserID: cr.UserID}
// Update task: use a new token on the context and modify some other option.
// Ensure the authorization doesn't change -- it did change at one time, which was bug https://github.com/influxdata/influxdb/issues/12218.
newAuthz := &platform.Authorization{OrgID: cr.OrgID, UserID: cr.UserID, Permissions: platform.OperPermissions()}
if err := sys.I.CreateAuthorization(sys.Ctx, newAuthz); err != nil {
t.Fatal(err)
}
newAuthorizedCtx := icontext.SetAuthorizer(sys.Ctx, newAuthz)
f, err = sys.ts.UpdateTask(newAuthorizedCtx, origID, platform.TaskUpdate{Options: options.Options{Name: "foo"}})
if err != nil {
t.Fatal(err)
}
if f.Name != "foo" {
t.Fatalf("expected name to update to foo, got %s", f.Name)
}
if f.AuthorizationID != authzID {
t.Fatalf("expected authorization ID to remain %v, got %v", authzID, f.AuthorizationID)
}
// Now actually update to use the new token, from the original authorization context.
f, err = sys.ts.UpdateTask(authorizedCtx, origID, platform.TaskUpdate{Token: newAuthz.Token})
if err != nil {
t.Fatal(err)