Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
systemes-dinformation
project-template
SDK-GO
Commits
6a5da2a2
Commit
6a5da2a2
authored
Apr 23, 2021
by
Alexis POYEN
Browse files
Fix: some code optimization
parent
fdb3642b
Pipeline
#13591
passed with stage
in 6 minutes and 44 seconds
Changes
5
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
internal/auth/inmemory.go
View file @
6a5da2a2
...
...
@@ -96,17 +96,20 @@ func (d *DataHandler) AddUser(w http.ResponseWriter, req *http.Request) {
http
.
Error
(
w
,
err
.
Error
(),
400
)
return
}
// Check login don't already exist
for
_
,
val
:=
range
users
{
if
newUser
.
Login
==
val
.
Login
{
http
.
Error
(
w
,
"login already exists"
,
400
)
return
}
}
// Encrypt the password with bcrypt
if
newUser
.
Password
==
""
{
http
.
Error
(
w
,
"passwords cannot be blank"
,
400
)
return
}
if
newUser
.
Role
==
"ADMIN"
{
newUser
.
IsAdmin
=
true
}
else
{
newUser
.
IsAdmin
=
false
}
if
newUser
.
Password
!=
""
{
hash
,
err
:=
bcrypt
.
GenerateFromPassword
([]
byte
(
newUser
.
Password
),
bcrypt
.
DefaultCost
)
if
err
!=
nil
{
http
.
Error
(
w
,
err
.
Error
(),
400
)
...
...
@@ -115,13 +118,12 @@ func (d *DataHandler) AddUser(w http.ResponseWriter, req *http.Request) {
newUser
.
PasswordHash
=
string
(
hash
)
newUser
.
Password
=
""
}
// Check login don't already exist
for
_
,
val
:=
range
users
{
if
newUser
.
Login
==
val
.
Login
{
http
.
Error
(
w
,
"login already exists"
,
400
)
return
}
if
newUser
.
Role
==
"ADMIN"
{
newUser
.
IsAdmin
=
true
}
else
{
newUser
.
IsAdmin
=
false
}
d
.
createUser
(
newUser
)
d
.
db
.
Last
(
&
newUser
)
json
.
NewEncoder
(
w
)
.
Encode
(
newUser
)
...
...
internal/auth/oauth2.go
View file @
6a5da2a2
...
...
@@ -59,7 +59,7 @@ func (m Manager) HandleOAuth2Login(w http.ResponseWriter, r *http.Request) {
// Generate state and store it in cookie
oauthStateString
,
err
:=
common
.
GenerateRandomString
(
16
)
if
err
!=
nil
{
log
.
Logger
.
Fatalf
(
"Error generating OAuth2 st
r
ate string :%v
\n
"
,
err
)
log
.
Logger
.
Fatalf
(
"Error generating OAuth2 state string :%v
\n
"
,
err
)
}
tokens
.
Manager
.
StoreData
(
oauthStateString
,
m
.
Hostname
,
oAuth2StateKey
,
30
*
time
.
Second
,
w
)
url
:=
m
.
Config
.
AuthCodeURL
(
oauthStateString
)
...
...
internal/rootmux/rootmux.go
View file @
6a5da2a2
...
...
@@ -6,9 +6,8 @@ import (
"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/internal/auth"
"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/internal/models"
"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/middlewares"
"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/common"
"forge.grandlyon.com/systemes-dinformation/project-template/sdk-go/pkg/middlewares"
)
// RootMux represents the main controller of the application
...
...
internal/rootmux/rootmux_test.go
View file @
6a5da2a2
...
...
@@ -89,28 +89,26 @@ func appTests(t *testing.T) {
json
.
Unmarshal
([]
byte
(
response
),
&
token
)
xsrfHeader
:=
map
[
string
]
string
{
"XSRF-TOKEN"
:
token
.
XSRFToken
}
const
apiOperation1
=
"/api/Operations/1"
const
apiBankAccount1
=
"/api/BankAccounts/1"
// Add invalid operation between client and Bakery must be refused with 417 (Expectation failed)
do
(
"POST"
,
"/api/Operations"
,
xsrfHeader
,
`{"Debtor":1,"Amount":-1789,"Creditor":2}`
,
417
,
"Not enough money"
)
// Add an operation between Dupond and Bakery and verify that bank accounts are updated and opposite operation is created
do
(
"POST"
,
"/api/Operations"
,
xsrfHeader
,
`{"Debtor":1,"Amount":-100,"Creditor":2}`
,
200
,
""
)
do
(
"GET"
,
apiOperation
1
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Debtor":1,"Amount":-100`
)
do
(
"GET"
,
"/
api
/
Operation
s/1"
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Debtor":1,"Amount":-100`
)
do
(
"GET"
,
"/api/Operations/2"
,
xsrfHeader
,
""
,
200
,
`{"ID":2,"Debtor":2,"Amount":100`
)
do
(
"GET"
,
apiBankAccount
1
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":358,"BankOverdraft":-100,"Operations":[{"ID":1,"Debtor":1,"Amount":-100,"Date":"`
)
do
(
"GET"
,
"/
api
/
BankAccount
s/1"
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":358,"BankOverdraft":-100,"Operations":[{"ID":1,"Debtor":1,"Amount":-100,"Date":"`
)
do
(
"GET"
,
"/api/BankAccounts/2"
,
xsrfHeader
,
""
,
200
,
`{"ID":2,"Number":"02-01","UserClientID":2,"Type":"checking-account","Amount":4845,"BankOverdraft":-500,"Operations":[{"ID":2,"Debtor":2,"Amount":100,"Date":`
)
// Try to delete the first operation, the opposite operation should also have been deleted and bank accounts updated
do
(
"DELETE"
,
apiOperation
1
,
xsrfHeader
,
``
,
200
,
""
)
do
(
"GET"
,
apiOperation
1
,
xsrfHeader
,
""
,
404
,
`id does not exist`
)
do
(
"DELETE"
,
"/
api
/
Operation
s/1"
,
xsrfHeader
,
``
,
200
,
""
)
do
(
"GET"
,
"/
api
/
Operation
s/1"
,
xsrfHeader
,
""
,
404
,
`id does not exist`
)
do
(
"GET"
,
"/api/Operations/2"
,
xsrfHeader
,
""
,
404
,
`id does not exist`
)
do
(
"GET"
,
apiBankAccount
1
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":458,"BankOverdraft":-100,"Operations":[]}`
)
do
(
"GET"
,
"/
api
/
BankAccount
s/1"
,
xsrfHeader
,
""
,
200
,
`{"ID":1,"Number":"01-01","UserClientID":1,"Type":"checking-account","Amount":458,"BankOverdraft":-100,"Operations":[]}`
)
do
(
"GET"
,
"/api/BankAccounts/2"
,
xsrfHeader
,
""
,
200
,
`{"ID":2,"Number":"02-01","UserClientID":2,"Type":"checking-account","Amount":4745,"BankOverdraft":-500,"Operations":[]}`
)
// Delete a client should also delete his banks accounts
do
(
"DELETE"
,
"/api/UserClients/1"
,
xsrfHeader
,
``
,
200
,
""
)
do
(
"GET"
,
apiBankAccount
1
,
xsrfHeader
,
""
,
404
,
`id does not exist`
)
do
(
"GET"
,
"/
api
/
BankAccount
s/1"
,
xsrfHeader
,
""
,
404
,
`id does not exist`
)
}
// Do an OAuth2 login with an known admin
...
...
internal/rootmux/unlogged_test.go
View file @
6a5da2a2
...
...
@@ -52,11 +52,11 @@ func UnLoggedUserTests(t *testing.T) {
do
(
"POST"
,
"/api/Operations"
,
noH
,
`{"Debtor":1,"Amount":-100,"Creditor":3}`
,
401
,
errorExtractingToken
)
// Unlogged user should not be able to delete an Operation
do
(
"DELETE"
,
"/api/Operations/1"
,
noH
,
``
,
401
,
"
error
e
xtracting
t
oken
"
)
do
(
"DELETE"
,
"/api/Operations/1"
,
noH
,
``
,
401
,
error
E
xtracting
T
oken
)
// Unlogged user should not be able to delete a BankAccount
do
(
"DELETE"
,
"/api/BankAccounts/2"
,
noH
,
``
,
401
,
"
error
e
xtracting
t
oken
"
)
do
(
"DELETE"
,
"/api/BankAccounts/2"
,
noH
,
``
,
401
,
error
E
xtracting
T
oken
)
// Unlogged user should not be able to delete a Client
do
(
"DELETE"
,
"/api/UserClients/2"
,
noH
,
``
,
401
,
"
error
e
xtracting
t
oken
"
)
do
(
"DELETE"
,
"/api/UserClients/2"
,
noH
,
``
,
401
,
error
E
xtracting
T
oken
)
// Unlogged user should not be able to delete a Banker
do
(
"DELETE"
,
"/api/UserBankers/2"
,
noH
,
``
,
401
,
"
error
e
xtracting
t
oken
"
)
do
(
"DELETE"
,
"/api/UserBankers/2"
,
noH
,
``
,
401
,
error
E
xtracting
T
oken
)
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment