Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Task/iotcore 122 frn composition #26

Merged
merged 3 commits into from
Sep 22, 2014
Merged

Task/iotcore 122 frn composition #26

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a018c66
ADD FRN Composition from request data
dmoranj Sep 16, 2014
9d2272d
MERGE With develop
dmoranj Sep 17, 2014
741ab18
FIX Remove empty test
dmoranj Sep 17, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 27 additions & 0 deletions lib/fiware-orion-pep.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,6 +148,32 @@ function xmlRawBody(req, res, next) {
}
}

function generateFRN(req, res, next) {
var frn = 'frn:' + config.componentName + ':';

if (req.organization) {
frn += req.organization + ':';
} else {
frn += ':';
}

if (req.headers[constants.PATH_HEADER]) {
frn += req.headers[constants.PATH_HEADER] + ':';
} else {
frn += ':';
}

if (req.entityType) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While for organization (I understand that derived form Fiware-Service header) there is not problem, take into account that:

If the current approach is not able to cope with multi-path and multi-entity and that is not fixable in this PR (or it is not clear how to adress the issue) I'd add at least a couple of FIXME comment stating the limitations of the current approach.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

...and problably add a "tech debt" issue for not forgetting this ;)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Created a tech-debt issue: #27 to solve it in the near future.

NTC

frn += req.entityType;
} else {
frn += ':';
}

req.frn = frn;

next();
}

/**
* Start a new proxy for the configured target. All the configuration is picked up from the config file.
*
Expand Down Expand Up @@ -194,6 +220,7 @@ function startProxy(callback) {
proxyObj.proxy.use(extractOrganization);
proxyObj.proxy.use(extractUserId);
proxyObj.proxy.use(executeDynamicMiddlewares);
proxyObj.proxy.use(generateFRN);
proxyObj.proxy.use(validation.extractRoles);
proxyObj.proxy.use(validation.validate);
proxyObj.proxy.use(sendRequest);
Expand Down
2 changes: 1 addition & 1 deletion lib/services/accessValidation.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,7 @@ function sendAccessRequest(accessPayload, callback) {
*/
function validationProcess(req, res, next) {
async.waterfall([
apply(createAccessRequest, req.roles, req.organization, req.action),
apply(createAccessRequest, req.roles, req.frn, req.action),
sendAccessRequest
], next);
}
Expand Down
2 changes: 1 addition & 1 deletion test/authorizationResponses/rolesOfUser.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
],
"organizations": [
{
"id": 551,
"id": 833,
"actorId": 4230,
"displayName": "VlciBasuras",
"roles": [
Expand Down
35 changes: 13 additions & 22 deletions test/unit/validate_user_action_test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,11 @@ describe('Validate action with Access Control', function() {
res.json(200, utils.readExampleFile('./test/authorizationResponses/rolesOfUser.json'));
};

mockAccessApp.handler = function(req, res) {
res.set('Content-Type', 'application/xml');
res.send(utils.readExampleFile('./test/accessControlResponses/permitResponse.xml', true));
};

done();
});
});
Expand All @@ -85,8 +90,8 @@ describe('Validate action with Access Control', function() {
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Fiware-Service': 'frn:contextbroker:551:::',
'fiware-servicepath': '551',
'Fiware-Service': '551',
'fiware-servicepath': '833',
'X-Auth-Token': 'UAidNA9uQJiIVYSCg0IQ8Q'
},
json: utils.readExampleFile('./test/orionRequests/entityCreation.json')
Expand Down Expand Up @@ -117,22 +122,6 @@ describe('Validate action with Access Control', function() {
});
});

it('should send a validation request to Access Control', function(done) {
var mockExecuted = false;

mockAccessApp.handler = function(req, res) {
req.rawBody.should.match(/8907(.|\n)*4937(.|\n)*frn:contextbroker:551:::(.|\n)*create/);
res.set('Content-Type', 'application/xml');
res.send(utils.readExampleFile('./test/accessControlResponses/permitResponse.xml', true));
mockExecuted = true;
};

request(options, function(error, response, body) {
mockExecuted.should.equal(true);
done();
});
});

it('should proxy the request to the destination', function(done) {
var mockExecuted = false;

Expand Down Expand Up @@ -160,8 +149,8 @@ describe('Validate action with Access Control', function() {
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Fiware-Service': 'frn:contextbroker:551:::',
'fiware-servicepath': '551',
'Fiware-Service': '551',
'fiware-servicepath': '833',
'X-Auth-Token': 'UAidNA9uQJiIVYSCg0IQ8Q'
},
json: utils.readExampleFile('./test/orionRequests/entityCreation.json')
Expand Down Expand Up @@ -203,7 +192,8 @@ describe('Validate action with Access Control', function() {
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Fiware-Service': 'frn:contextbroker:551:::',
'Fiware-Service': '551',
'Fiware-Path': '833',
'X-Auth-Token': 'UAidNA9uQJiIVYSCg0IQ8Q'
},
json: utils.readExampleFile('./test/orionRequests/entityCreation.json')
Expand Down Expand Up @@ -248,7 +238,8 @@ describe('Validate action with Access Control', function() {
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Fiware-Service': 'frn:contextbroker:551:::',
'Fiware-Service': '551',
'Fiware-Path': '833',
'X-Auth-Token': 'UAidNA9uQJiIVYSCg0IQ8Q'
},
json: utils.readExampleFile('./test/orionRequests/entityCreation.json')
Expand Down