Esempio n. 1
0
func (h PutHandler) ValidateCriticalScopes(scopes interface{}, kinds []models.Kind, client models.Client) ([]models.Kind, error) {
	hasCriticalWrite := false
	for _, scope := range scopes.([]interface{}) {
		if scope.(string) == "critical_notifications.write" {
			hasCriticalWrite = true
		}
	}

	validatedKinds := []models.Kind{}
	for _, kind := range kinds {
		if kind.Critical && !hasCriticalWrite {
			return []models.Kind{}, postal.UAAScopesError("UAA Scopes Error: Client does not have authority to register critical notifications.")
		}
		kind.ClientID = client.ID
		validatedKinds = append(validatedKinds, kind)
	}

	return validatedKinds, nil
}
					"exp":       int64(3404281214),
					"scope":     []string{"notifications.write"},
				}
				rawToken := helpers.BuildToken(tokenHeader, tokenClaims)
				request.Header.Set("Authorization", "Bearer "+rawToken)

				token, err := jwt.Parse(rawToken, func(*jwt.Token) (interface{}, error) {
					return []byte(application.UAAPublicKey), nil
				})
				Expect(err).NotTo(HaveOccurred())

				context.Set("token", token)

				handler.ServeHTTP(writer, request, context)

				Expect(errorWriter.WriteCall.Receives.Error).To(BeAssignableToTypeOf(postal.UAAScopesError("waaaaat")))

				Expect(transaction.BeginCall.WasCalled).To(BeFalse())
				Expect(transaction.CommitCall.WasCalled).To(BeFalse())
				Expect(transaction.RollbackCall.WasCalled).To(BeFalse())
			})

			It("delegates parsing errors to the ErrorWriter", func() {
				request, err := http.NewRequest("PUT", "/registration", strings.NewReader("this is not valid JSON"))
				Expect(err).NotTo(HaveOccurred())

				handler.ServeHTTP(writer, request, context)

				Expect(errorWriter.WriteCall.Receives.Error).To(BeAssignableToTypeOf(webutil.ParseError{}))

				Expect(transaction.BeginCall.WasCalled).To(BeFalse())
Esempio n. 3
0
	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"
)

var _ = Describe("ErrorWriter", func() {
	var writer webutil.ErrorWriter
	var recorder *httptest.ResponseRecorder

	BeforeEach(func() {
		writer = webutil.NewErrorWriter()
		recorder = httptest.NewRecorder()
	})

	It("returns a 422 when a client tries to register a critical notification without critical_notifications.write scope", func() {
		writer.Write(recorder, postal.UAAScopesError("UAA Scopes Error: Client does not have authority to register critical notifications."))

		unprocessableEntity := 422
		Expect(recorder.Code).To(Equal(unprocessableEntity))

		body := make(map[string]interface{})
		err := json.Unmarshal(recorder.Body.Bytes(), &body)
		if err != nil {
			panic(err)
		}

		Expect(body["errors"]).To(ContainElement("UAA Scopes Error: Client does not have authority to register critical notifications."))
	})

	It("returns a 502 when CloudController fails to respond", func() {
		writer.Write(recorder, services.CCDownError("Bad things happened!"))