Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closes #81 Allow inferred users to have displayName #83

Merged
merged 5 commits into from
Apr 6, 2018
Merged

Closes #81 Allow inferred users to have displayName #83

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
20819e5
WIP adding displayName to user data
kecso Apr 4, 2018
52c7be0
WIP adding description and icon to project info
kecso Apr 5, 2018
1940ab0
WIP fix tests
kecso Apr 5, 2018
0bb4d34
WIP extract displayName from token content
kecso Apr 5, 2018
6a79f59
#81 Fixing review comments.
kecso Apr 6, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 11 additions & 1 deletion src/common/storage/constants.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,17 @@
MONGO_ID: '_id',
COMMIT_TYPE: 'commit',
OVERLAY_SHARD_TYPE: 'shard',
PROJECT_INFO_KEYS: ['createdAt', 'creator', 'viewedAt', 'viewer', 'modifiedAt', 'modifier', 'kind'],
PROJECT_INFO_KEYS: [
'createdAt',
'creator',
'viewedAt',
'viewer',
'modifiedAt',
'modifier',
'kind',
'description',
'icon'
],
EMPTY_PROJECT_DATA: 'empty',
PROJECT_ID_SEP: '+',
PROJECT_DISPLAYED_NAME_SEP: '/',
Expand Down
123 changes: 65 additions & 58 deletions src/server/api/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,8 @@ function createAPI(app, mountPath, middlewareOpts) {
registerEndPoint = typeof gmeConfig.authentication.allowUserRegistration === 'string' ?
require(gmeConfig.authentication.allowUserRegistration)(middlewareOpts) :
require('./defaultRegisterEndPoint')(middlewareOpts),
seedToBlobHash = {};
seedToBlobHash = {},
paths;

app.get(apiDocumentationMountPoint, function (req, res) {
res.sendFile(path.join(__dirname, '..', '..', '..', 'docs', 'REST', 'index.html'));
Expand Down Expand Up @@ -227,7 +228,10 @@ function createAPI(app, mountPath, middlewareOpts) {
if (err.message.indexOf('no such user') === 0) {
logger.info('Authenticated user did not exist in db, adding:', userId);
gmeAuth.addUser(userId, 'em@il', GUID(),
gmeConfig.authentication.inferredUsersCanCreate, {overwrite: false})
gmeConfig.authentication.inferredUsersCanCreate, {
overwrite: false,
displayName: req.userData.displayName
})
.then(function (/*userData*/) {
return gmeAuth.getUser(userId);
})
Expand Down Expand Up @@ -512,35 +516,43 @@ function createAPI(app, mountPath, middlewareOpts) {
query,
projection;

gmeAuth.getUser(userId)
.then(function (userData_) {
var doGetProjects = userId !== gmeConfig.authentication.guestAccount && !userData_.siteAdmin;
userData = userData_;
if (req.query.displayName) {
gmeAuth.listUsers({displayName: {$type: 'string'}}, {displayName: 1})
.then(function (result) {
res.json(result);
})
.catch(next);
} else {
gmeAuth.getUser(userId)
.then(function (userData_) {
var doGetProjects = userId !== gmeConfig.authentication.guestAccount && !userData_.siteAdmin;
userData = userData_;

if (req.query.includeDisabled && userData.siteAdmin) {
query = {disabled: undefined};
}
if (req.query.includeDisabled && userData.siteAdmin) {
query = {disabled: undefined};
}

if (userId === gmeConfig.authentication.guestAccount) {
query = {_id: userId};
} else if (!userData.siteAdmin) {
projection = {
data: 0,
settings: 0,
email: 0,
password: 0
};
}
if (userId === gmeConfig.authentication.guestAccount) {
query = {_id: userId};
} else if (!userData.siteAdmin) {
projection = {
data: 0,
settings: 0,
email: 0,
password: 0
};
}

return Q.all([
doGetProjects ? safeStorage.getProjects({username: userId}) : Q.resolve([]),
gmeAuth.listUsers(query, projection)
]);
})
.then(function (results) {
res.json(filterUsersOrOrgs(userData, results[0], results[1]));
})
.catch(next);
return Q.all([
doGetProjects ? safeStorage.getProjects({username: userId}) : Q.resolve([]),
gmeAuth.listUsers(query, projection)
]);
})
.then(function (results) {
res.json(filterUsersOrOrgs(userData, results[0], results[1]));
})
.catch(next);
}
});

router.put('/users', function (req, res, next) {
Expand Down Expand Up @@ -1455,20 +1467,19 @@ function createAPI(app, mountPath, middlewareOpts) {
});
});

router.get(['/projects/:ownerId/:projectName/commits/:commitHash/export',
'/projects/:ownerId/:projectName/commits/:commitHash/export/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/commits/:commitHash/export',
'/projects/:ownerId/:projectName/commits/:commitHash/export/*'];
router.get(paths, ensureAuthenticated, function (req, res, next) {
if (req.params[0] === undefined || req.params[0] === '') {
exportProject(req, res, next);
} else {
exportModel(req, res, next);
}
}
);
});

router.get(['/projects/:ownerId/:projectName/commits/:commitHash/tree',
'/projects/:ownerId/:projectName/commits/:commitHash/tree/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/commits/:commitHash/tree',
'/projects/:ownerId/:projectName/commits/:commitHash/tree/*'];
router.get(paths, ensureAuthenticated, function (req, res, next) {
var userId = getUserId(req),
projectId = StorageUtil.getProjectIdFromOwnerIdAndProjectName(req.params.ownerId,
req.params.projectName),
Expand All @@ -1485,8 +1496,7 @@ function createAPI(app, mountPath, middlewareOpts) {
}
next(err);
});
}
);
});

router.get('/projects/:ownerId/:projectName/compare/:branchOrCommitA...:branchOrCommitB',
ensureAuthenticated,
Expand Down Expand Up @@ -1551,16 +1561,15 @@ function createAPI(app, mountPath, middlewareOpts) {
});
});

router.get(['/projects/:ownerId/:projectName/branches/:branchId/export',
'/projects/:ownerId/:projectName/branches/:branchId/export/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/branches/:branchId/export',
'/projects/:ownerId/:projectName/branches/:branchId/export/*'];
router.get(paths, ensureAuthenticated, function (req, res, next) {
if (req.params[0] === undefined || req.params[0] === '') {
exportProject(req, res, next);
} else {
exportModel(req, res, next);
}
}
);
});

router.patch('/projects/:ownerId/:projectName/branches/:branchId', function (req, res, next) {
var userId = getUserId(req),
Expand Down Expand Up @@ -1643,9 +1652,9 @@ function createAPI(app, mountPath, middlewareOpts) {
}
);

router.get(['/projects/:ownerId/:projectName/branches/:branchId/tree',
'/projects/:ownerId/:projectName/branches/:branchId/tree/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/branches/:branchId/tree',
'/projects/:ownerId/:projectName/branches/:branchId/tree/*'];
router.get(paths, ensureAuthenticated, function (req, res, next) {
var userId = getUserId(req),
projectId = StorageUtil.getProjectIdFromOwnerIdAndProjectName(req.params.ownerId,
req.params.projectName),
Expand All @@ -1672,8 +1681,7 @@ function createAPI(app, mountPath, middlewareOpts) {
}
next(err);
});
}
);
});

router.get('/projects/:ownerId/:projectName/tags', ensureAuthenticated, function (req, res, next) {
var userId = getUserId(req),
Expand Down Expand Up @@ -1712,20 +1720,20 @@ function createAPI(app, mountPath, middlewareOpts) {
});
});

router.get(['/projects/:ownerId/:projectName/tags/:tagId/export',
'/projects/:ownerId/:projectName/tags/:tagId/export/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/tags/:tagId/export',
'/projects/:ownerId/:projectName/tags/:tagId/export/*'];

router.get(paths, ensureAuthenticated, function (req, res, next) {
if (req.params[0] === undefined || req.params[0] === '') {
exportProject(req, res, next);
} else {
exportModel(req, res, next);
}
}
);
});

router.get(['/projects/:ownerId/:projectName/tags/:tagId/tree',
'/projects/:ownerId/:projectName/tags/:tagId/tree/*'], ensureAuthenticated,
function (req, res, next) {
paths = ['/projects/:ownerId/:projectName/tags/:tagId/tree',
'/projects/:ownerId/:projectName/tags/:tagId/tree/*'];
router.get(paths, ensureAuthenticated, function (req, res, next) {
var userId = getUserId(req),
projectId = StorageUtil.getProjectIdFromOwnerIdAndProjectName(req.params.ownerId,
req.params.projectName),
Expand All @@ -1751,8 +1759,7 @@ function createAPI(app, mountPath, middlewareOpts) {
}
next(err);
});
}
);
});

router.put('/projects/:ownerId/:projectName/tags/:tagId', function (req, res, next) {
var userId = getUserId(req),
Expand Down
6 changes: 6 additions & 0 deletions src/server/api/webgme-api.raml
100755 → 100644
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,12 @@ resourceTypes:
description: If true and <b>user.siteAdmin</b> disabled users will be included in response.
example: true
required: false
displayName:
displayName: displayName
type: boolean
description: If true users with display name will be listed (only id and displayName will be in the response).
example: true
required: false
responses:
200:
body:
Expand Down
6 changes: 5 additions & 1 deletion src/server/middleware/auth/gmeauth.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -496,10 +496,13 @@ function GMEAuth(session, gmeConfig) {
if (userData.hasOwnProperty('canCreate')) {
oldUserData.canCreate = userData.canCreate === 'true' || userData.canCreate === true;
}

if (userData.hasOwnProperty('siteAdmin')) {
oldUserData.siteAdmin = userData.siteAdmin === 'true' || userData.siteAdmin === true;
}

oldUserData.displayName = userData.displayName || oldUserData.displayName;

if (userData.password) {
return Q.ninvoke(bcrypt, 'hash', userData.password, gmeConfig.authentication.salts)
.then(function (hash) {
Expand Down Expand Up @@ -655,7 +658,8 @@ function GMEAuth(session, gmeConfig) {
projects: {},
type: CONSTANTS.USER,
orgs: [],
siteAdmin: options.siteAdmin
siteAdmin: options.siteAdmin,
displayName: options.displayName,
};

if (options.hasOwnProperty('data')) {
Expand Down
12 changes: 8 additions & 4 deletions src/server/standalone.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -390,7 +390,8 @@ function StandAloneServer(gmeConfig) {
req.userData = {
token: newToken,
newToken: true,
userId: result.content.userId
userId: result.content.userId,
displayName: result.content.displayName
};

// TODO: Is this the correct way of doing it?
Expand All @@ -401,7 +402,8 @@ function StandAloneServer(gmeConfig) {
} else {
req.userData = {
token: token,
userId: result.content.userId
userId: result.content.userId,
displayName: result.content.displayName
};
next();
}
Expand Down Expand Up @@ -431,7 +433,8 @@ function StandAloneServer(gmeConfig) {
req.userData = {
token: newToken,
newToken: true,
userId: result.content.userId
userId: result.content.userId,
displayName: result.content.displayName
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right now the inferred users with displayName are confined to tokens in the query..

};
logger.debug('generated new token for user', result.content.userId);
res.cookie(gmeConfig.authentication.jwt.cookieId, newToken);
Expand All @@ -442,7 +445,8 @@ function StandAloneServer(gmeConfig) {
} else {
req.userData = {
token: token,
userId: result.content.userId
userId: result.content.userId,
displayName: result.content.displayName
};

res.cookie(gmeConfig.authentication.jwt.cookieId, token);
Expand Down
13 changes: 13 additions & 0 deletions test/server/api/project/index.project.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -456,6 +456,19 @@ describe('PROJECT REST API', function () {
});
});

it('should patch description info for project /projects/:ownerId/:projectId', function (done) {
agent.patch(server.getUrl() + '/api/projects/' + projectName2APIPath(projectName))
.send({description: 'this is a nice project'})
.end(function (err, res) {
expect(res.status).equal(200, err);
expect(res.body).to.have.property('info');
expect(res.body.info).to.include.keys('creator', 'viewer', 'modifier',
'createdAt', 'viewedAt', 'modifiedAt', 'description', 'icon');
expect(res.body.info.description).to.equal('this is a nice project');
done();
});
});

it('should not patch info for project if no write access /projects/:ownerId/:projectId', function (done) {
agent.patch(server.getUrl() + '/api/projects/' + projectName2APIPath(unauthorizedProjectName))
.send({creator: 'PerAlbinHansson'})
Expand Down
Loading