simon987/task_tracker
1
0
Fork 0
mirror of https://github.com/simon987/task_tracker.git synced 2025-12-12 06:28:50 +00:00
Code Issues Projects Releases Wiki Activity

rework worker permissions

Browse Source
This commit is contained in:
simon987
2019-02-16 16:18:28 -05:00
parent e079fc8497
commit 8784b536d3
20 changed files with 454 additions and 328 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
test/api_auth_test.go
View File

@@ -143,6 +143,40 @@ func TestInvalidCredentialsLogin(t *testing.T) {
}
}
func TestRequireManageAccessRole(t *testing.T) {
user := getSessionCtx("testreqmanrole", "testreqmanrole", false)
pid := createProject(api.CreateProjectRequest{
GitRepo: "testRequireManageAccessRole",
CloneUrl: "testRequireManageAccessRole",
Name: "testRequireManageAccessRole",
Version: "testRequireManageAccessRole",
}, user).Id
w := genWid()
requestAccess(api.WorkerAccessRequest{
Submit: true,
Assign: true,
Project: pid,
}, w)
rGuest := acceptAccessRequest(pid, w.Id, nil)
rOtherUser := acceptAccessRequest(pid, w.Id, testUserCtx)
rUser := acceptAccessRequest(pid, w.Id, user)
if rGuest.Ok != false {
t.Error()
}
if rOtherUser.Ok != false {
t.Error()
}
if rUser.Ok != true {
t.Error()
}
}
func register(request *api.RegisterRequest) *api.RegisterResponse {
r := Post("/register", request, nil, nil)

23
test/api_task_bench_test.go
View File

@@ -2,8 +2,6 @@ package test
import (
"github.com/simon987/task_tracker/api"
"github.com/simon987/task_tracker/config"
"github.com/simon987/task_tracker/storage"
"strconv"
"testing"
)
@@ -29,24 +27,3 @@ func BenchmarkCreateTaskRemote(b *testing.B) {
}, worker)
}
}
func BenchmarkCreateTask(b *testing.B) {
config.SetupConfig()
db := storage.Database{}
project, _ := db.SaveProject(&storage.Project{
Priority: 1,
Id: 1,
Version: "bmcreatetask",
Public: true,
Motd: "bmcreatetask",
Name: "BenchmarkCreateTask" + strconv.Itoa(b.N),
GitRepo: "benchmark_test" + strconv.Itoa(b.N),
})
b.ResetTimer()
for i := 0; i < b.N; i++ {
_ = db.SaveTask(&storage.Task{}, project, 0)
}
}

115
test/api_task_test.go
View File

@@ -11,23 +11,29 @@ import (
func TestCreateTaskValid(t *testing.T) {
//Make sure there is always a project for id:1
createProjectAsAdmin(api.CreateProjectRequest{
pid := createProjectAsAdmin(api.CreateProjectRequest{
Name: "Some Test name",
Version: "Test Version",
CloneUrl: "http://github.com/test/test",
})
GitRepo: "Some git repo",
}).Id
worker := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Submit: true,
Assign: false,
}, worker)
acceptAccessRequest(pid, worker.Id, testAdminCtx)
resp := createTask(api.CreateTaskRequest{
Project: 1,
Project: pid,
Recipe: "{}",
MaxRetries: 3,
}, worker)
if resp.Ok != true {
t.Fail()
t.Error()
}
}
@@ -143,6 +149,12 @@ func TestCreateGetTask(t *testing.T) {
})
worker := genWid()
requestAccess(api.WorkerAccessRequest{
Submit: true,
Assign: true,
Project: resp.Id,
}, worker)
acceptAccessRequest(resp.Id, worker.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
Project: resp.Id,
@@ -211,6 +223,19 @@ func createTasks(prefix string) (int64, int64) {
Public: true,
})
worker := genWid()
requestAccess(api.WorkerAccessRequest{
Submit: true,
Assign: false,
Project: highP.Id,
}, worker)
acceptAccessRequest(highP.Id, worker.Id, testAdminCtx)
requestAccess(api.WorkerAccessRequest{
Submit: true,
Assign: false,
Project: lowP.Id,
}, worker)
acceptAccessRequest(lowP.Id, worker.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
Project: lowP.Id,
Recipe: "low1",
@@ -303,6 +328,13 @@ func TestTaskNoAccess(t *testing.T) {
Public: false,
}).Id
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, worker)
acceptAccessRequest(worker.Id, pid, testAdminCtx)
createResp := createTask(api.CreateTaskRequest{
Project: pid,
Priority: 1,
@@ -315,8 +347,7 @@ func TestTaskNoAccess(t *testing.T) {
t.Error()
}
grantAccess(worker.Id, pid)
removeAccess(worker.Id, pid)
rejectAccessRequest(pid, worker.Id, testAdminCtx)
tResp := getTaskFromProject(pid, worker)
@@ -345,6 +376,13 @@ func TestTaskHasAccess(t *testing.T) {
Public: false,
}).Id
requestAccess(api.WorkerAccessRequest{
Submit: true,
Assign: true,
Project: pid,
}, worker)
acceptAccessRequest(worker.Id, pid, testAdminCtx)
createResp := createTask(api.CreateTaskRequest{
Project: pid,
Priority: 1,
@@ -357,8 +395,6 @@ func TestTaskHasAccess(t *testing.T) {
t.Error()
}
grantAccess(worker.Id, pid)
tResp := getTaskFromProject(pid, worker)
if tResp.Ok != true {
@@ -392,6 +428,13 @@ func TestReleaseTaskSuccess(t *testing.T) {
Public: true,
}).Id
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, worker)
acceptAccessRequest(pid, worker.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
Priority: 0,
Project: pid,
@@ -431,6 +474,12 @@ func TestCreateIntCollision(t *testing.T) {
}).Id
w := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w)
acceptAccessRequest(pid, w.Id, testAdminCtx)
if createTask(api.CreateTaskRequest{
Project: pid,
@@ -471,6 +520,12 @@ func TestCreateStringCollision(t *testing.T) {
}).Id
w := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w)
acceptAccessRequest(pid, w.Id, testAdminCtx)
if createTask(api.CreateTaskRequest{
Project: pid,
@@ -520,6 +575,12 @@ func TestCannotVerifySameTaskTwice(t *testing.T) {
}).Id
w := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w)
acceptAccessRequest(pid, w.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
VerificationCount: 2,
@@ -560,6 +621,24 @@ func TestVerification2(t *testing.T) {
w := genWid()
w2 := genWid()
w3 := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w)
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w2)
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w3)
acceptAccessRequest(pid, w.Id, testAdminCtx)
acceptAccessRequest(pid, w2.Id, testAdminCtx)
acceptAccessRequest(pid, w3.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
VerificationCount: 2,
@@ -614,6 +693,12 @@ func TestReleaseTaskFail(t *testing.T) {
}).Id
w := genWid()
requestAccess(api.WorkerAccessRequest{
Project: pid,
Assign: true,
Submit: true,
}, w)
acceptAccessRequest(pid, w.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
MaxRetries: 0,
@@ -657,6 +742,18 @@ func TestTaskChain(t *testing.T) {
CloneUrl: "testtaskchain2",
Chain: p1,
}).Id
requestAccess(api.WorkerAccessRequest{
Project: p1,
Assign: true,
Submit: true,
}, w)
requestAccess(api.WorkerAccessRequest{
Project: p2,
Assign: true,
Submit: true,
}, w)
acceptAccessRequest(p1, w.Id, testAdminCtx)
acceptAccessRequest(p2, w.Id, testAdminCtx)
createTask(api.CreateTaskRequest{
Project: p2,

128
test/api_worker_test.go
View File

@@ -64,79 +64,6 @@ func TestGetWorkerInvalid(t *testing.T) {
t.Error()
}
}
func TestGrantAccessFailedProjectConstraint(t *testing.T) {
wid := genWid()
resp := grantAccess(wid.Id, 38274593)
if resp.Ok != false {
t.Error()
}
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestRemoveAccessFailedProjectConstraint(t *testing.T) {
worker := genWid()
resp := removeAccess(worker.Id, 38274593)
if resp.Ok != false {
t.Error()
}
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestRemoveAccessFailedWorkerConstraint(t *testing.T) {
pid := createProjectAsAdmin(api.CreateProjectRequest{
Priority: 1,
GitRepo: "dfffffffffff",
CloneUrl: "fffffffffff23r",
Version: "f83w9rw",
Motd: "ddddddddd",
Name: "removeaccessfailedworkerconstraint",
Public: true,
}).Id
resp := removeAccess(0, pid)
if resp.Ok != false {
t.Error()
}
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestGrantAccessFailedWorkerConstraint(t *testing.T) {
pid := createProjectAsAdmin(api.CreateProjectRequest{
Priority: 1,
GitRepo: "dfffffffffff1",
CloneUrl: "fffffffffff23r1",
Version: "f83w9rw1",
Motd: "ddddddddd1",
Name: "grantaccessfailedworkerconstraint",
Public: true,
}).Id
resp := removeAccess(0, pid)
if resp.Ok != false {
t.Error()
}
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestUpdateAliasValid(t *testing.T) {
wid := genWid()
@@ -169,7 +96,30 @@ func TestCreateWorkerAliasInvalid(t *testing.T) {
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestInvalidAccessRequest(t *testing.T) {
w := genWid()
pid := createProjectAsAdmin(api.CreateProjectRequest{
Name: "testinvalidaccessreq",
CloneUrl: "testinvalidaccessreq",
GitRepo: "testinvalidaccessreq",
}).Id
r := requestAccess(api.WorkerAccessRequest{
Submit: false,
Assign: false,
Project: pid,
}, w)
if r.Ok != false {
t.Error()
}
if len(r.Message) <= 0 {
t.Error()
}
}
func createWorker(req api.CreateWorkerRequest) (*api.CreateWorkerResponse, *http.Response) {
@@ -201,14 +151,11 @@ func genWid() *storage.Worker {
return resp.Worker
}
func grantAccess(wid int64, project int64) *api.WorkerAccessResponse {
func requestAccess(req api.WorkerAccessRequest, w *storage.Worker) *api.WorkerAccessRequestResponse {
r := Post("/access/grant", api.WorkerAccessRequest{
WorkerId: wid,
ProjectId: project,
}, nil, nil)
r := Post(fmt.Sprintf("/project/request_access"), req, w, nil)
var resp *api.WorkerAccessResponse
var resp *api.WorkerAccessRequestResponse
data, _ := ioutil.ReadAll(r.Body)
err := json.Unmarshal(data, &resp)
handleErr(err)
@@ -216,14 +163,25 @@ func grantAccess(wid int64, project int64) *api.WorkerAccessResponse {
return resp
}
func removeAccess(wid int64, project int64) *api.WorkerAccessResponse {
func acceptAccessRequest(pid int64, wid int64, s *http.Client) *api.WorkerAccessRequestResponse {
r := Post("/access/remove", api.WorkerAccessRequest{
WorkerId: wid,
ProjectId: project,
}, nil, nil)
r := Post(fmt.Sprintf("/project/accept_request/%d/%d", pid, wid), nil,
nil, s)
var resp *api.WorkerAccessResponse
var resp *api.WorkerAccessRequestResponse
data, _ := ioutil.ReadAll(r.Body)
err := json.Unmarshal(data, &resp)
handleErr(err)
return resp
}
func rejectAccessRequest(pid int64, wid int64, s *http.Client) *api.WorkerAccessRequestResponse {
r := Post(fmt.Sprintf("/project/reject_request/%d/%d", pid, wid), nil,
nil, s)
var resp *api.WorkerAccessRequestResponse
data, _ := ioutil.ReadAll(r.Body)
err := json.Unmarshal(data, &resp)
handleErr(err)

21
test/schema.sql
View File

@@ -1,6 +1,6 @@
DROP TABLE IF EXISTS worker, project, task, log_entry,
worker_has_access_to_project, manager, manager_has_role_on_project, project_monitoring_snapshot,
worker_verifies_task, worker_requests_access_to_project;
worker_access, manager, manager_has_role_on_project, project_monitoring_snapshot,
worker_verifies_task;
DROP TYPE IF EXISTS status;
DROP TYPE IF EXISTS log_level;
@@ -28,10 +28,13 @@ CREATE TABLE project
motd TEXT NOT NULL
);
CREATE TABLE worker_has_access_to_project
CREATE TABLE worker_access
(
worker INTEGER REFERENCES worker (id),
project INTEGER REFERENCES project (id),
worker INTEGER REFERENCES worker (id),
project INTEGER REFERENCES project (id),
role_assign boolean,
role_submit boolean,
request boolean,
primary key (worker, project)
);
@@ -81,7 +84,7 @@ CREATE TABLE manager_has_role_on_project
manager INTEGER REFERENCES manager (id) NOT NULL,
role SMALLINT NOT NULL,
project INTEGER REFERENCES project (id) NOT NULL,
primary key (manager, project)
PRIMARY KEY (manager, project)
);
CREATE TABLE project_monitoring_snapshot
@@ -95,12 +98,6 @@ CREATE TABLE project_monitoring_snapshot
timestamp INT NOT NULL
);
CREATE TABLE worker_requests_access_to_project
(
worker INT REFERENCES worker (id) NOT NULL,
project INT REFERENCES project (id) NOT NULL
);
CREATE OR REPLACE FUNCTION on_task_delete_proc() RETURNS TRIGGER AS
$$
DECLARE