func (s *AdminSuite) TestIsAdmin(c *gc.C) { s.createAdmins(c) defer s.deleteAdmins(c) for i, t := range []struct { should string admin t.TestAdmin expectError string }{{ should: "validate an existing admin", admin: s.admins["bob"], }, { should: "not validate a nonexistent admin", admin: t.TestAdmin{Key: "123456"}, expectError: `admin for key 123456: user not found`, }} { c.Logf("test %d: should %s", i, t.should) if t.expectError == "" { c.Check(admin.IsAdmin(s.d, t.admin.Key), jc.ErrorIsNil) } else { c.Check(admin.IsAdmin(s.d, t.admin.Key), gc.ErrorMatches, t.expectError) } } }
func handleUserCreate(d db.DB) htr.Handle { return func(w http.ResponseWriter, r *http.Request, ps htr.Params) { if err := r.ParseForm(); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } key := util.Key(r.Form.Get("key")) if err := admin.IsAdmin(d, key); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } email := r.Form.Get("email") pwhash := r.Form.Get("pwhash") if err := user.Create(d, email, pwhash); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("error creating user %s: %s", email, err.Error()) return } log.Printf("user %s created", email) WriteResponse(w, &user.User{ Email: email, Hash: util.Hash(pwhash), }) } }
func handleAdminDelete(d db.DB) htr.Handle { return func(w http.ResponseWriter, r *http.Request, ps htr.Params) { if err := r.ParseForm(); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } key := util.Key(r.Form.Get("key")) if err := admin.IsAdmin(d, key); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %s", err.Error()) return } if err := admin.Delete(d, key); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("error deleting admin for %s: %s", key, err.Error()) return } log.Printf("admin %s deleted", key) WriteResponse(w, &admin.Admin{ Key: key, }) } }
func (s *AdminSuite) deleteTests(adm t.TestAdmin, c *gc.C) error { if err := admin.Delete(s.d, adm.Key); err != nil { c.Logf("failed to delete admin %q", adm.Email) return err } err := admin.IsAdmin(s.d, adm.Key) c.Assert(err, gc.ErrorMatches, fmt.Sprintf("admin for key %s: user not found", adm.Key)) return nil }
func handleUserDelete(d db.DB) htr.Handle { return func(w http.ResponseWriter, r *http.Request, ps htr.Params) { if err := r.ParseForm(); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } key := util.Key(r.Form.Get("key")) email := r.Form.Get("email") pwhash := r.Form.Get("pwhash") switch { case key != "": // An admin can delete any user. if err := admin.IsAdmin(d, key); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } case email != "", pwhash != "": if err := user.CheckUser(d, email, pwhash); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("invalid user %s: %s", email, err.Error()) return } default: // No key, no email, no pwhash -- no delete. WriteResponse(w, newApiError("must pass pwhash and email, or API key", nil)) log.Printf("invalid user delete request: no values") return } if err := user.Delete(d, email); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("error deleting user %q: %s", email, err.Error()) return } log.Printf("user %q deleted", email) WriteResponse(w, &user.User{ Email: email, }) } }
func handleAdminValid(d db.DB) htr.Handle { return func(w http.ResponseWriter, r *http.Request, ps htr.Params) { if err := r.ParseForm(); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %#v", r) return } key := r.Form.Get("key") if err := admin.IsAdmin(d, util.Key(key)); err != nil { WriteResponse(w, newApiError(err.Error(), err)) log.Printf("bad admin request: %s", err.Error()) return } WriteResponse(w, "ok") log.Printf("admin %s verified", key) } }
func (s *AdminSuite) createTests(adm t.TestAdmin, c *gc.C) error { key, err := admin.Create(s.d, adm.Email, adm.Pwhash) if err != nil { return err } err = admin.IsAdmin(s.d, util.Key(key)) c.Assert(err, jc.ErrorIsNil) adminBytes, err := db.GetByKey(s.d, admin.Admins, []byte(key)) if err != nil { return err } c.Assert(len(adminBytes), gc.Not(gc.Equals), 0) var tmpAdmin admin.Admin if err = json.Unmarshal(adminBytes, &tmpAdmin); err != nil { return err } c.Check(tmpAdmin.Email, gc.Equals, adm.Email) return nil }