Skip to content

Commit

Permalink
Merge pull request #1244 from agrare/drop_legacy_hosts_edit_verify
Browse files Browse the repository at this point in the history 
Drop legacy Host credentials payload, replaced by DDF params
  • Loading branch information
@kbrock
kbrock authored Jan 2, 2024
2 parents 83a495d + 6edb2a3 commit 3e15b0c
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 86 deletions.
34 changes: 8 additions & 26 deletions app/controllers/api/hosts_controller.rb
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
module Api
class HostsController < BaseProviderController
CREDENTIALS_ATTR = "credentials".freeze
AUTH_ATTR = "authentications".freeze
AUTH_TYPE_ATTR = "auth_type".freeze
DEFAULT_AUTH_TYPE = "default".freeze
Expand All @@ -12,45 +11,28 @@ class HostsController < BaseProviderController
include Subcollections::Tags

def edit_resource(type, id, data = {})
# TODO: drop 'credentials' parameter field when ui-classic hosts is in react
credentials = data.delete(CREDENTIALS_ATTR)
authentications = data.delete(AUTH_ATTR)

raise BadRequestError, "Cannot update non-credentials attributes of host resource" if data.any?

resource_search(id, type).tap do |host|
# begin legacy ui-classic
all_credentials = Array.wrap(credentials).each_with_object({}) do |creds, hash|
auth_type = creds.delete(AUTH_TYPE_ATTR) || DEFAULT_AUTH_TYPE
creds.symbolize_keys!
creds.reverse_merge!(:userid => host.authentication_userid(auth_type))
hash[auth_type.to_sym] = creds
if authentications.present?
authentications.deep_symbolize_keys!
host.update_authentication(authentications)
end
# end legacy ui-classic. if they provided the newer authentications, it will overwrite
all_credentials, _ = symbolize_password_keys!(authentications) if authentications
host.update_authentication(all_credentials) if all_credentials.present?
end
end

def verify_credentials_resource(type, id = nil, data = {})
api_resource(type, id, "Verifying Credentials for") do |host|
remember_host = data["remember_host"] == "true"
authentications, auth_type = symbolize_password_keys!(data[AUTH_ATTR])
{:task_id => host.verify_credentials_task(User.current_userid, auth_type, :credentials => authentications, :remember_host => remember_host)}
auth_type = data["authentications"].keys.first

{:task_id => host.verify_credentials_task(User.current_userid, auth_type, data)}
end
end

def check_compliance_resource(type, id, _data = nil)
enqueue_ems_action(type, id, "Check Compliance for", :method_name => "check_compliance", :supports => true)
end

private

# takes credentials from params and converts into something for update_authentications
def symbolize_password_keys!(authentications)
auth_type = authentications.keys.first
# symbolize userid, password
authentications[auth_type].symbolize_keys!

return authentications, auth_type
end
end
end
69 changes: 9 additions & 60 deletions spec/requests/hosts_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,6 @@
RSpec.describe "hosts API" do
describe "editing a host's password" do
context "with an appropriate role" do
# credentials parameter is the legacy rail controller format for editing a host
it "can edit the password on a host" do
host = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
options = {:credentials => {:authtype => "default", :password => "abc123"}}

expect do
post api_host_url(nil, host), :params => gen_request(:edit, options)
end.to change { host.reload.authentication_password(:default) }.to("abc123")
expect(response).to have_http_status(:ok)
end

it "can edit the password on a host using new/react format" do
host = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
Expand All @@ -24,28 +12,6 @@
expect(response).to have_http_status(:ok)
end

it "will update the default authentication if no type is given" do
host = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
options = {:credentials => {:password => "abc123"}}

expect do
post api_host_url(nil, host), :params => gen_request(:edit, options)
end.to change { host.reload.authentication_password(:default) }.to("abc123")
expect(response).to have_http_status(:ok)
end

it "can edit the password on a host without creating duplicate keys" do
host = FactoryBot.create(:host)
api_basic_authorize action_identifier(:hosts, :edit)
options = { :credentials => { 'userid' => "I'm", 'password' => 'abc123' } }

expect do
post api_host_url(nil, host), :params => gen_request(:edit, options)
end.to change { host.reload.authentication_password(:default) }.to('abc123')
expect(response).to have_http_status(:ok)
end

it "sending non-credentials attributes will result in a bad request error" do
host = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
Expand All @@ -62,23 +28,8 @@
host2 = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
options = [
{:href => api_host_url(nil, host1), :credentials => {:password => "abc123"}},
{:href => api_host_url(nil, host2), :credentials => {:password => "def456"}}
]

post api_hosts_url, :params => gen_request(:edit, options)
expect(response).to have_http_status(:ok)
expect(host1.reload.authentication_password(:default)).to eq("abc123")
expect(host2.reload.authentication_password(:default)).to eq("def456")
end

it "can update passwords on multiple hosts by id (via credentials)" do
host1 = FactoryBot.create(:host_with_authentication)
host2 = FactoryBot.create(:host_with_authentication)
api_basic_authorize action_identifier(:hosts, :edit)
options = [
{:id => host1.id, :credentials => {:password => "abc123"}},
{:id => host2.id, :credentials => {:password => "def456"}}
{"href" => api_host_url(nil, host1), "authentications" => {"default" => {"password" => "abc123"}}},
{"href" => api_host_url(nil, host2), "authentications" => {"default" => {"password" => "def456"}}}
]

post api_hosts_url, :params => gen_request(:edit, options)
Expand All @@ -94,8 +45,8 @@
params = {
"action" => "edit",
"resources" => [
{:id => host1.id, :authentications => {"default" => {:username => "abc", :password => "abc123"}}},
{:id => host2.id, :authentications => {"default" => {:username => "def", :password => "def456"}}}
{"id" => host1.id, "authentications" => {"default" => {"username" => "abc", "password" => "abc123"}}},
{"id" => host2.id, "authentications" => {"default" => {"username" => "def", "password" => "def456"}}}
]
}

Expand All @@ -110,7 +61,7 @@
it "cannot edit the password on a host" do
host = FactoryBot.create(:host_with_authentication)
api_basic_authorize
options = {:credentials => {:authtype => "default", :password => "abc123"}}
options = {"authentications" => {"default" => {"username" => "abc", "password" => "abc123"}}}

expect do
post api_host_url(nil, host), :params => gen_request(:edit, options)
Expand Down Expand Up @@ -174,15 +125,13 @@
api_basic_authorize action_identifier(:hosts, :edit)

verify_options = {
:credentials => {
"default" => {:userid => "root", :password => "abc123"}
},
:remember_host => true
"authentications" => {
"default" => {"userid" => "root", "password" => "abc123"}
}
}

api_options = {
"authentications" => {"default" => {"userid" => "root", "password" => "abc123"}},
"remember_host" => "true"
"authentications" => {"default" => {"userid" => "root", "password" => "abc123"}}
}

post api_host_url(nil, host), :params => gen_request(:verify_credentials, api_options)
Expand Down

0 comments on commit 3e15b0c

Please sign in to comment.