func getServiceOrError(name string, u *auth.User) (service.Service, error) {
s := service.Service{Name: name}
err := s.Get()
if err != nil {
return s, &errors.Http{Code: http.StatusNotFound, Message: "Service not found"}
}
if !auth.CheckUserAccess(s.OwnerTeams, u) {
msg := "This user does not have access to this service"
return s, &errors.Http{Code: http.StatusForbidden, Message: msg}
}
return s, err
}
func (s *S) TestRevokeAccessFromTeamRemovesTeamFromService(c *C) {
t := &auth.Team{Name: "alle-da"}
se := service.Service{Name: "my_service", Teams: []string{s.team.Name, t.Name}}
err := se.Create()
c.Assert(err, IsNil)
defer db.Session.Services().Remove(bson.M{"_id": se.Name})
url := fmt.Sprintf("/services/%s/%s?:service=%s&:team=%s", se.Name, s.team.Name, se.Name, s.team.Name)
request, err := http.NewRequest("DELETE", url, nil)
c.Assert(err, IsNil)
recorder := httptest.NewRecorder()
err = RevokeAccessFromTeamHandler(recorder, request, s.user)
c.Assert(err, IsNil)
err = se.Get()
c.Assert(err, IsNil)
c.Assert(*s.team, Not(HasAccessTo), se)
}
func (s *S) TestGrantAccessToTeam(c *C) {
t := &auth.Team{Name: "blaaaa"}
db.Session.Teams().Insert(t)
defer db.Session.Teams().Remove(bson.M{"name": t.Name})
se := service.Service{Name: "my_service", Teams: []string{s.team.Name}}
err := se.Create()
c.Assert(err, IsNil)
defer db.Session.Services().Remove(bson.M{"_id": se.Name})
url := fmt.Sprintf("/services/%s/%s?:service=%s&:team=%s", se.Name, t.Name, se.Name, t.Name)
request, err := http.NewRequest("PUT", url, nil)
c.Assert(err, IsNil)
recorder := httptest.NewRecorder()
err = GrantAccessToTeamHandler(recorder, request, s.user)
c.Assert(err, IsNil)
err = se.Get()
c.Assert(err, IsNil)
c.Assert(*s.team, HasAccessTo, se)
}
