simon987/task_tracker
1
0
Fork 0
mirror of https://github.com/simon987/task_tracker.git synced 2025-04-20 02:26:46 +00:00
Code Issues Projects Releases Wiki Activity

Fix worker permissions bug

Browse Source
This commit is contained in:
simon987 2019-02-23 22:05:22 -05:00
parent d17113726e
commit 9ceb5d8d4c
6 changed files with 72 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
schema.sql
View File

@ -22,7 +22,7 @@ CREATE TABLE project
paused boolean NOT NULL, paused boolean NOT NULL,
name TEXT UNIQUE NOT NULL, name TEXT UNIQUE NOT NULL,
clone_url TEXT NOT NULL, clone_url TEXT NOT NULL,
git_repo TEXT UNIQUE NOT NULL, git_repo TEXT NOT NULL,
version TEXT NOT NULL, version TEXT NOT NULL,
motd TEXT NOT NULL, motd TEXT NOT NULL,
secret TEXT NOT NULL DEFAULT '{}' secret TEXT NOT NULL DEFAULT '{}'

6
storage/task.go
View File

@ -44,7 +44,7 @@ func (database *Database) SaveTask(task *Task, project int64, hash64 int64, wid
res, err := db.Exec(fmt.Sprintf(` res, err := db.Exec(fmt.Sprintf(`
INSERT INTO task (project, max_retries, recipe, priority, max_assign_time, hash64,verification_count) INSERT INTO task (project, max_retries, recipe, priority, max_assign_time, hash64,verification_count)
SELECT $1,$2,$3,$4,$5,NULLIF(%d, 0),$6 FROM worker_access SELECT $1,$2,$3,$4,$5,NULLIF(%d, 0),$6 FROM worker_access
WHERE role_submit AND worker=$7 AND project=$1`, hash64), WHERE role_submit AND NOT request AND worker=$7 AND project=$1`, hash64),
project, task.MaxRetries, task.Recipe, task.Priority, task.MaxAssignTime, task.VerificationCount, project, task.MaxRetries, task.Recipe, task.Priority, task.MaxAssignTime, task.VerificationCount,
wid) wid)
if err != nil { if err != nil {
@ -84,7 +84,7 @@ func (database *Database) GetTask(worker *Worker) *Task {
LEFT JOIN worker_verifies_task wvt on task.id = wvt.task AND wvt.worker=$1 LEFT JOIN worker_verifies_task wvt on task.id = wvt.task AND wvt.worker=$1
WHERE NOT project.paused AND assignee IS NULL AND task.status=1 WHERE NOT project.paused AND assignee IS NULL AND task.status=1
AND (project.public OR ( AND (project.public OR (
SELECT a.role_assign FROM worker_access a WHERE a.worker=$1 AND a.project=project.id SELECT a.role_assign AND not a.request FROM worker_access a WHERE a.worker=$1 AND a.project=project.id
)) ))
AND wvt.task IS NULL AND wvt.task IS NULL
ORDER BY project.priority DESC, task.priority DESC ORDER BY project.priority DESC, task.priority DESC
@ -188,7 +188,7 @@ func (database *Database) GetTaskFromProject(worker *Worker, projectId int64) *T
LEFT JOIN worker_verifies_task wvt on task.id = wvt.task AND wvt.worker=$1 LEFT JOIN worker_verifies_task wvt on task.id = wvt.task AND wvt.worker=$1
WHERE NOT project.paused AND assignee IS NULL AND project.id=$2 AND status=1 WHERE NOT project.paused AND assignee IS NULL AND project.id=$2 AND status=1
AND (project.public OR ( AND (project.public OR (
SELECT a.role_assign FROM worker_access a WHERE a.worker=$1 AND a.project=$2 SELECT a.role_assign and not a.request FROM worker_access a WHERE a.worker=$1 AND a.project=$2
)) ))
AND wvt.task IS NULL AND wvt.task IS NULL
ORDER BY task.priority DESC ORDER BY task.priority DESC

19
test/api_project_test.go
View File

@ -90,25 +90,6 @@ func TestCreateDuplicateProjectName(t *testing.T) {
} }
} }
func TestCreateDuplicateProjectRepo(t *testing.T) {
createProjectAsAdmin(api.CreateProjectRequest{
Name: "different name",
GitRepo: "user/same",
})
resp := createProjectAsAdmin(api.CreateProjectRequest{
Name: "but same repo",
GitRepo: "user/same",
})
if resp.Ok != false {
t.Error()
}
if len(resp.Message) <= 0 {
t.Error()
}
}
func TestGetProjectNotFound(t *testing.T) { func TestGetProjectNotFound(t *testing.T) {
getResp := getProjectAsAdmin(12345) getResp := getProjectAsAdmin(12345)

68
test/api_task_test.go
View File

@ -328,7 +328,7 @@ func TestTaskNoAccess(t *testing.T) {
Assign: true, Assign: true,
Submit: true, Submit: true,
}, worker) }, worker)
acceptAccessRequest(worker.Id, pid, testAdminCtx) acceptAccessRequest(pid, worker.Id, testAdminCtx)
createResp := createTask(api.SubmitTaskRequest{ createResp := createTask(api.SubmitTaskRequest{
Project: pid, Project: pid,
@ -376,7 +376,7 @@ func TestTaskHasAccess(t *testing.T) {
Assign: true, Assign: true,
Project: pid, Project: pid,
}, worker) }, worker)
acceptAccessRequest(worker.Id, pid, testAdminCtx) acceptAccessRequest(pid, worker.Id, testAdminCtx)
createResp := createTask(api.SubmitTaskRequest{ createResp := createTask(api.SubmitTaskRequest{
Project: pid, Project: pid,
@ -817,6 +817,70 @@ func TestTaskReleaseBigInt(t *testing.T) {
} }
} }
func TestTaskSubmitUnauthorized(t *testing.T) {
pid := createProjectAsAdmin(api.CreateProjectRequest{
Name: "testtasksubmitunauthorized",
GitRepo: "testtasksubmitunauthorized",
CloneUrl: "testtasksubmitunauthorized",
}).Content.Id
w := genWid()
requestAccess(api.CreateWorkerAccessRequest{
Project: pid,
Submit: true,
Assign: true,
}, w)
resp := createTask(api.SubmitTaskRequest{
Project: pid,
Recipe: "ssss",
}, w)
if resp.Ok != false {
t.Error()
}
}
func TestTaskGetUnauthorized(t *testing.T) {
pid := createProjectAsAdmin(api.CreateProjectRequest{
Name: "testtaskgetunauthorized",
GitRepo: "testtaskgetunauthorized",
CloneUrl: "testtaskgettunauthorized",
Hidden: true,
}).Content.Id
w := genWid()
wWithAccess := genWid()
requestAccess(api.CreateWorkerAccessRequest{
Project: pid,
Submit: true,
Assign: true,
}, wWithAccess)
acceptAccessRequest(pid, wWithAccess.Id, testAdminCtx)
createTask(api.SubmitTaskRequest{
Project: pid,
Recipe: "ssss",
}, wWithAccess)
requestAccess(api.CreateWorkerAccessRequest{
Project: pid,
Submit: true,
Assign: true,
}, w)
resp := getTaskFromProject(pid, w)
fmt.Println(resp.Message)
if resp.Ok != false {
t.Error()
}
}
func createTask(request api.SubmitTaskRequest, worker *storage.Worker) (ar api.JsonResponse) { func createTask(request api.SubmitTaskRequest, worker *storage.Worker) (ar api.JsonResponse) {
r := Post("/task/submit", request, worker, nil) r := Post("/task/submit", request, worker, nil)
UnmarshalResponse(r, &ar) UnmarshalResponse(r, &ar)

2
test/schema.sql
View File

@ -22,7 +22,7 @@ CREATE TABLE project
paused boolean NOT NULL, paused boolean NOT NULL,
name TEXT UNIQUE NOT NULL, name TEXT UNIQUE NOT NULL,
clone_url TEXT NOT NULL, clone_url TEXT NOT NULL,
git_repo TEXT UNIQUE NOT NULL, git_repo TEXT NOT NULL,
version TEXT NOT NULL, version TEXT NOT NULL,
motd TEXT NOT NULL, motd TEXT NOT NULL,
secret TEXT NOT NULL DEFAULT '{}' secret TEXT NOT NULL DEFAULT '{}'

2
web/angular/src/app/api.service.ts
View File

@ -6,7 +6,7 @@ import {Credentials} from "./models/credentials";
@Injectable() @Injectable()
export class ApiService { export class ApiService {
public url: string = "https://tt.simon987.net/api"; public url: string = "http://localhost/api";
private options: { private options: {
withCredentials: true, withCredentials: true,
responseType: "json" responseType: "json"