NDS 500/531/537/558: API server bugs (#127)

* NDS-558: Fixed bug in get account -- expected optional argument * NDS-531: Check key length on Post/Put spec * NDS-500: Don't allow delete of admin account * Remove token on get account * Remove redacted password * Check for error state when stopping dependencies
nds-org · Sep 16, 2016 · 066d9fa · 066d9fa
1 parent d8f7b44
commit 066d9fa
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 3 deletions.
diff --git a/apiserver/cmd/server/server.go b/apiserver/cmd/server/server.go
@@ -533,6 +533,7 @@ func (s *Server) GetAccount(w rest.ResponseWriter, r *rest.Request) {
 			}
 		}
 		account.Password = ""
+		account.Token = ""
 		w.WriteJson(account)
 	}
 }
@@ -879,6 +880,10 @@ func (s *Server) DeleteAccount(w rest.ResponseWriter, r *rest.Request) {
 		rest.Error(w, "", http.StatusUnauthorized)
 		return
 	}
+	if userId == "admin" {
+		rest.Error(w, "", http.StatusForbidden)
+		return
+	}
 
 	if !s.accountExists(userId) {
 		rest.NotFound(w, r)
@@ -2100,7 +2105,7 @@ func (s *Server) stopStack(userId string, sid string) (*api.Stack, error) {
 				for _, dep := range svc.Dependencies {
 					if dep.DependencyKey == stackService.Service {
 						numDeps++
-						if ss.Status == "stopped" || ss.Status == "" {
+						if ss.Status == "stopped" || ss.Status == "" || ss.Status == "error" {
 							stoppedDeps++
 						}
 					}

diff --git a/apiserver/pkg/apictl/cmd/get.go b/apiserver/pkg/apictl/cmd/get.go
@@ -100,12 +100,15 @@ var getAccountCmd = &cobra.Command{
 	PreRun: Connect,
 	Run: func(cmd *cobra.Command, args []string) {
 
-		account, err := client.GetAccount(args[0])
+		userId := apiUser.username
+		if len(args) == 1 {
+			userId = args[0]
+		}
+		account, err := client.GetAccount(userId)
 		if err != nil {
 			fmt.Printf("Get account failed: %s\n", err)
 			return
 		}
-		account.Password = "REDACTED"
 		data, err := json.MarshalIndent(account, "", "   ")
 		if err != nil {
 			fmt.Printf("Error marshalling account %s\n", err.Error)

diff --git a/apiserver/pkg/validate/validate.go b/apiserver/pkg/validate/validate.go
@@ -7,6 +7,8 @@ import (
 	"github.com/xeipuuv/gojsonschema"
 )
 
+var maxKeyLength = 17
+
 type Validator struct {
 	schemaLoader gojsonschema.JSONLoader
 }
@@ -28,6 +30,9 @@ func (v *Validator) ValidateSpec(spec *api.ServiceSpec) (bool, error) {
 	}
 
 	if result.Valid() {
+		if len(spec.Key) > maxKeyLength {
+			return false, fmt.Errorf("Key must be no longer than 17 characters\n")
+		}
 		return true, nil
 	} else {
 		msg := ""