Skip to content

Commit

Permalink
Return user roles in graphql me (#186)
Browse files Browse the repository at this point in the history
  • Loading branch information
irees authored Oct 30, 2023
1 parent 4ce820e commit 32594ad
Show file tree
Hide file tree
Showing 15 changed files with 483 additions and 410 deletions.
3 changes: 0 additions & 3 deletions auth/ancheck/gatekeeper.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,9 +97,6 @@ func (gk *Gatekeeper) updateUsers(ctx context.Context) {
keys := gk.cache.GetRecheckKeys(ctx)
for _, userKey := range keys {
gk.updateUser(ctx, userKey)
// ; err != nil {
// // Failed :( Error logging handled in updateUser
// }
}
}

Expand Down
11 changes: 6 additions & 5 deletions auth/ancheck/gatekeeper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"time"

"github.com/go-redis/redismock/v8"
"github.com/interline-io/transitland-server/auth/authn"
"github.com/interline-io/transitland-server/internal/ecache"
"github.com/stretchr/testify/assert"
)
Expand Down Expand Up @@ -70,7 +71,7 @@ func TestGatekeeper(t *testing.T) {
name string
mwf MiddlewareFunc
code int
user userWithRoles
user authn.User
after func(*testing.T)
}{
{
Expand Down Expand Up @@ -251,16 +252,16 @@ func cacheRedisKey(topic string, key string) string {

// Trivial implementation of Gatekeeper for testing purposes
type GatekeeperTestServer struct {
users map[string]userWithRoles
users map[string]authn.User
counts map[string]int
lock sync.Mutex
}

func (gk *GatekeeperTestServer) AddUser(key string, user userWithRoles) {
func (gk *GatekeeperTestServer) AddUser(key string, user authn.User) {
gk.lock.Lock()
defer gk.lock.Unlock()
if gk.users == nil {
gk.users = map[string]userWithRoles{}
gk.users = map[string]authn.User{}
}
gk.users[key] = newCtxUser(user.ID()).WithRoles(user.Roles()...)
}
Expand All @@ -269,7 +270,7 @@ func (gk *GatekeeperTestServer) ServeHTTP(w http.ResponseWriter, r *http.Request
gk.lock.Lock()
defer gk.lock.Unlock()
u := r.URL.Query()
var user userWithRoles
var user authn.User
if a := u["user"]; len(a) > 0 {
user = gk.users[a[0]]
}
Expand Down
8 changes: 4 additions & 4 deletions auth/ancheck/mw.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,16 +48,16 @@ func GetUserMiddleware(authType string, cfg AuthConfig, client *redis.Client) (M

// AdminDefaultMiddleware uses a default "admin" context.
func AdminDefaultMiddleware(defaultName string) func(http.Handler) http.Handler {
return newUserDefaultMiddleware(func() authn.User { return authn.NewCtxUser(defaultName, "", "").WithRoles("admin") })
return NewUserDefaultMiddleware(func() authn.User { return authn.NewCtxUser(defaultName, "", "").WithRoles("admin") })
}

// UserDefaultMiddleware uses a default "user" context.
func UserDefaultMiddleware(defaultName string) func(http.Handler) http.Handler {
return newUserDefaultMiddleware(func() authn.User { return authn.NewCtxUser(defaultName, "", "") })
return NewUserDefaultMiddleware(func() authn.User { return authn.NewCtxUser(defaultName, "", "") })
}

// newUserDefaultMiddleware uses a default "user" context.
func newUserDefaultMiddleware(cb func() authn.User) func(http.Handler) http.Handler {
// NewUserDefaultMiddleware uses a default "user" context.
func NewUserDefaultMiddleware(cb func() authn.User) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
user := cb()
Expand Down
11 changes: 3 additions & 8 deletions auth/ancheck/mw_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,6 @@ func newCtxUser(id string) authn.CtxUser {
return authn.NewCtxUser(id, "", "")
}

type userWithRoles interface {
authn.User
Roles() []string
}

func TestUserMiddleware(t *testing.T) {
a := UserDefaultMiddleware("test")
req := httptest.NewRequest(http.MethodGet, "/", nil)
Expand All @@ -39,7 +34,7 @@ func TestNoMiddleware(t *testing.T) {
testAuthMiddleware(t, req, a, 200, nil)
}

func testAuthMiddleware(t *testing.T, req *http.Request, mwf MiddlewareFunc, expectCode int, expectUser userWithRoles) {
func testAuthMiddleware(t *testing.T, req *http.Request, mwf MiddlewareFunc, expectCode int, expectUser authn.User) {
var user authn.User
testHandler := func(w http.ResponseWriter, r *http.Request) {
user = authn.ForContext(r.Context())
Expand Down Expand Up @@ -69,7 +64,7 @@ func TestUserRequired(t *testing.T) {
name string
mwf MiddlewareFunc
code int
user userWithRoles
user authn.User
}{
{"with user", func(next http.Handler) http.Handler { return AdminDefaultMiddleware("test")(UserRequired(next)) }, 200, newCtxUser("test").WithRoles("admin")},
{"with user", func(next http.Handler) http.Handler { return UserDefaultMiddleware("test")(UserRequired(next)) }, 200, newCtxUser("test")},
Expand All @@ -88,7 +83,7 @@ func TestAdminRequired(t *testing.T) {
name string
mwf MiddlewareFunc
code int
user userWithRoles
user authn.User
}{
{"with admin", func(next http.Handler) http.Handler { return AdminDefaultMiddleware("test")(AdminRequired(next)) }, 200, newCtxUser("test").WithRoles("admin")},
{"with user", func(next http.Handler) http.Handler { return UserDefaultMiddleware("test")(AdminRequired(next)) }, 401, nil}, // mw kills request before handler
Expand Down
4 changes: 3 additions & 1 deletion auth/ancheck/user_header_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,16 @@ import (
"net/http"
"net/http/httptest"
"testing"

"github.com/interline-io/transitland-server/auth/authn"
)

func TestKongMiddleware(t *testing.T) {
tcs := []struct {
name string
consumerId string
code int
user userWithRoles
user authn.User
}{
{"test", "test@transitland", 200, newCtxUser("test@transitland")},
{"no user", "", 200, nil},
Expand Down
1 change: 1 addition & 0 deletions auth/authn/authn.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ type User interface {
ID() string
Name() string
Email() string
Roles() []string
HasRole(string) bool
GetExternalData(string) (string, bool)
}
Expand Down
Loading

0 comments on commit 32594ad

Please sign in to comment.