genofire/hs_monolith
genofire
/
hs_monolith
Archived
1
0
Fork 0

[BUGFIX] permission + move from cookie to header + add reset at dummy care

This commit is contained in:
Martin Geno 2017-06-09 09:42:39 +02:00
parent d28dba0330
commit 61b141ee96
No known key found for this signature in database
GPG Key ID: F0D39A37E925E941
6 changed files with 35 additions and 47 deletions

View File

@ -27,7 +27,7 @@ func TestAddGood(t *testing.T) {
} }
_, w := session.JSONRequest("POST", "/api/good/1", good) _, w := session.JSONRequest("POST", "/api/good/1", good)
assertion.Equal(http.StatusNonAuthoritativeInfo, w.StatusCode) assertion.Equal(http.StatusForbidden, w.StatusCode)
session.Login() session.Login()
@ -102,7 +102,7 @@ func TestDelGood(t *testing.T) {
database.Write.Create(&good) database.Write.Create(&good)
_, w := session.JSONRequest("DELETE", "/api/good/1", nil) _, w := session.JSONRequest("DELETE", "/api/good/1", nil)
assertion.Equal(http.StatusNonAuthoritativeInfo, w.StatusCode) assertion.Equal(http.StatusForbidden, w.StatusCode)
session.Login() session.Login()

View File

@ -9,12 +9,8 @@ type HasPermission func(string, int) (bool, error)
// Function to evaluate the permission and implement an error handling // Function to evaluate the permission and implement an error handling
func PermissionHandler(h func(w http.ResponseWriter, r *http.Request), perm HasPermission, permission int) func(w http.ResponseWriter, r *http.Request) { func PermissionHandler(h func(w http.ResponseWriter, r *http.Request), perm HasPermission, permission int) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
session, err := r.Cookie("session") session := r.Header.Get("session")
if err != nil { ok, err := perm(session, permission)
http.Error(w, err.Error(), http.StatusNonAuthoritativeInfo)
return
}
ok, err := perm(session.Value, permission)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusGatewayTimeout) http.Error(w, err.Error(), http.StatusGatewayTimeout)
return return

View File

@ -17,19 +17,8 @@ func TestPermission(t *testing.T) {
w := httptest.NewRecorder() w := httptest.NewRecorder()
r, _ := http.NewRequest("GET", "/", nil) r, _ := http.NewRequest("GET", "/", nil)
// Request without session cookie
reached := false
PermissionHandler(func(w http.ResponseWriter, r *http.Request) {
reached = true
}, func(s string, i int) (bool, error) {
return true, nil
}, 1)(w, r)
assert.False(reached)
r.AddCookie(&http.Cookie{Name: "session"})
// HasPermission responds true // HasPermission responds true
reached = false reached := false
PermissionHandler(func(w http.ResponseWriter, r *http.Request) { PermissionHandler(func(w http.ResponseWriter, r *http.Request) {
reached = true reached = true
}, func(s string, i int) (bool, error) { }, func(s string, i int) (bool, error) {

View File

@ -113,14 +113,12 @@ func (r *Request) JSONRequest(method string, url string, body interface{}) (json
// Function to log the current session // Function to log the current session
func (r *Request) Login() { func (r *Request) Login() {
r.cookies = nil r.Header["session"] = "testsessionkey"
r.cookies = append(r.cookies, &http.Cookie{Name: "session", Value: "testsessionkey"})
} }
// Function to logout/quit the current session // Function to logout/quit the current session
func (r *Request) Logout() { func (r *Request) Logout() {
r.cookies = nil r.Header["session"] = "trashkey"
r.cookies = append(r.cookies, &http.Cookie{Name: "session", Value: "trashkey"})
} }
// Function to clean the current session // Function to clean the current session

View File

@ -1,21 +1,27 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<link href="/node_modules/semantic-ui-css/semantic.min.css" rel="stylesheet" /> <link href="/node_modules/semantic-ui-css/semantic.min.css" rel="stylesheet" />
<link href="/static/css/main.css" rel="stylesheet" /> <link href="/static/css/main.css" rel="stylesheet" />
<title>microStock Dummy Cart</title> <title>microStock Dummy Cart</title>
</head> </head>
<body ng-app="microStockDummieCare"> <body ng-app="microStockDummieCare" ng-controller="MainCtrl">
<nav class="ui stackable inverted menu"> <nav class="ui stackable inverted menu">
<div class="ui container"> <div class="ui container">
<div class="header item">Dummy Cart</div> <div class="header item">Dummy Cart</div>
</div> <div class="right menu">
</nav> <a class="ui item" ng-click="reset()">
<i class="undo icon"></i>
Reset
</a>
</div>
</div>
</nav>
<div class="ui container" ng-controller="MainCtrl"> <div class="ui container">
<form class="ui form" ng-submit="add()"> <form class="ui form" ng-submit="add()">
<div class="three fields"> <div class="three fields">
<div class="field"> <div class="field">
@ -179,6 +185,12 @@
}); });
}; };
$scope.reset = function reset() {
console.log("reset");
localStorage.setItem("cart","[]");
load();
};
}]); }]);
</script> </script>
</body> </body>

View File

@ -1,22 +1,15 @@
'use strict'; 'use strict';
angular.module('microStock') angular.module('microStock')
.controller('GlobalCtrl',['$scope',function($scope){ .controller('GlobalCtrl',['$scope','$http', function($scope, $http){
$scope.loggedIn = false; $scope.loggedIn = false;
function setCookie(cname, cvalue, exdays) {
var d = new Date();
d.setTime(d.getTime() + (exdays * 24 * 60 * 60 * 1000));
var expires = "expires="+d.toUTCString();
document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/";
}
$scope.login = function(){ $scope.login = function(){
if($scope.loggedIn){ if($scope.loggedIn){
setCookie("session","logoff",1); $http.defaults.headers.common["session"] = "logoff";
$scope.loggedIn = false; $scope.loggedIn = false;
}else { }else {
setCookie("session","testsessionkey",1); $http.defaults.headers.common["session"] = "testsessionkey";
$scope.loggedIn = true; $scope.loggedIn = true;
} }
}; };