diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-03-21 09:06:08 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-03-21 09:06:08 -0400 |
commit | fd6e2f3f73c1fbdda49e4f32d0e40e8d7230518b (patch) | |
tree | 708faaa67a39648dcd9deab953d836771f531d8f | |
parent | 4968ef0759087f34c1674a385707f6befef810b7 (diff) | |
download | chat-fd6e2f3f73c1fbdda49e4f32d0e40e8d7230518b.tar.gz chat-fd6e2f3f73c1fbdda49e4f32d0e40e8d7230518b.tar.bz2 chat-fd6e2f3f73c1fbdda49e4f32d0e40e8d7230518b.zip |
Implement GET /audits endpoint for APIv4 (#5779)
* Implement GET /audits endpoint for APIv4
* Fix log unit test
-rw-r--r-- | api4/params.go | 4 | ||||
-rw-r--r-- | api4/system.go | 17 | ||||
-rw-r--r-- | api4/system_test.go | 38 | ||||
-rw-r--r-- | api4/user.go | 4 | ||||
-rw-r--r-- | api4/user_test.go | 10 | ||||
-rw-r--r-- | model/client4.go | 17 |
6 files changed, 78 insertions, 12 deletions
diff --git a/api4/params.go b/api4/params.go index 15f632195..8bb072742 100644 --- a/api4/params.go +++ b/api4/params.go @@ -101,13 +101,13 @@ func ApiParamsFromRequest(r *http.Request) *ApiParams { params.PreferenceName = val } - if val, err := strconv.Atoi(r.URL.Query().Get("page")); err != nil { + if val, err := strconv.Atoi(r.URL.Query().Get("page")); err != nil || val < 0 { params.Page = PAGE_DEFAULT } else { params.Page = val } - if val, err := strconv.Atoi(r.URL.Query().Get("per_page")); err != nil { + if val, err := strconv.Atoi(r.URL.Query().Get("per_page")); err != nil || val < 0 { params.PerPage = PER_PAGE_DEFAULT } else if val > PER_PAGE_MAXIMUM { params.PerPage = PER_PAGE_MAXIMUM diff --git a/api4/system.go b/api4/system.go index 5058b0e2f..972d526da 100644 --- a/api4/system.go +++ b/api4/system.go @@ -19,6 +19,7 @@ func InitSystem() { BaseRoutes.ApiRoot.Handle("/config", ApiSessionRequired(getConfig)).Methods("GET") BaseRoutes.ApiRoot.Handle("/config/reload", ApiSessionRequired(configReload)).Methods("POST") BaseRoutes.ApiRoot.Handle("/config", ApiSessionRequired(updateConfig)).Methods("PUT") + BaseRoutes.ApiRoot.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET") BaseRoutes.ApiRoot.Handle("/email/test", ApiSessionRequired(testEmail)).Methods("POST") BaseRoutes.ApiRoot.Handle("/database/recycle", ApiSessionRequired(databaseRecycle)).Methods("POST") BaseRoutes.ApiRoot.Handle("/caches/invalidate", ApiSessionRequired(invalidateCaches)).Methods("POST") @@ -96,6 +97,22 @@ func updateConfig(c *Context, w http.ResponseWriter, r *http.Request) { w.Write([]byte(cfg.ToJson())) } +func getAudits(c *Context, w http.ResponseWriter, r *http.Request) { + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + audits, err := app.GetAuditsPage("", c.Params.Page, c.Params.PerPage) + + if err != nil { + c.Err = err + return + } + + w.Write([]byte(audits.ToJson())) +} + func databaseRecycle(c *Context, w http.ResponseWriter, r *http.Request) { if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { diff --git a/api4/system_test.go b/api4/system_test.go index 658bb5881..289a41907 100644 --- a/api4/system_test.go +++ b/api4/system_test.go @@ -127,7 +127,43 @@ func TestUpdateConfig(t *testing.T) { t.Fatal() } } +} + +func TestGetAudits(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + audits, resp := th.SystemAdminClient.GetAudits(0, 100, "") + CheckNoError(t, resp) + + if len(audits) == 0 { + t.Fatal("should not be empty") + } + + audits, resp = th.SystemAdminClient.GetAudits(0, 1, "") + CheckNoError(t, resp) + if len(audits) != 1 { + t.Fatal("should only be 1") + } + + audits, resp = th.SystemAdminClient.GetAudits(1, 1, "") + CheckNoError(t, resp) + + if len(audits) != 1 { + t.Fatal("should only be 1") + } + + _, resp = th.SystemAdminClient.GetAudits(-1, -1, "") + CheckNoError(t, resp) + + _, resp = Client.GetAudits(0, 100, "") + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetAudits(0, 100, "") + CheckUnauthorizedStatus(t, resp) } func TestEmailTest(t *testing.T) { @@ -217,7 +253,7 @@ func TestGetLogs(t *testing.T) { logs, resp = th.SystemAdminClient.GetLogs(-1, -1) CheckNoError(t, resp) - if len(logs) != 0 { + if len(logs) == 0 { t.Fatal("should not be empty") } diff --git a/api4/user.go b/api4/user.go index 1668f9c2c..383bb2f59 100644 --- a/api4/user.go +++ b/api4/user.go @@ -44,7 +44,7 @@ func InitUser() { BaseRoutes.User.Handle("/sessions", ApiSessionRequired(getSessions)).Methods("GET") BaseRoutes.User.Handle("/sessions/revoke", ApiSessionRequired(revokeSession)).Methods("POST") - BaseRoutes.User.Handle("/audits", ApiSessionRequired(getAudits)).Methods("GET") + BaseRoutes.User.Handle("/audits", ApiSessionRequired(getUserAudits)).Methods("GET") } func createUser(c *Context, w http.ResponseWriter, r *http.Request) { @@ -720,7 +720,7 @@ func revokeSession(c *Context, w http.ResponseWriter, r *http.Request) { ReturnStatusOK(w) } -func getAudits(c *Context, w http.ResponseWriter, r *http.Request) { +func getUserAudits(c *Context, w http.ResponseWriter, r *http.Request) { c.RequireUserId() if c.Err != nil { return diff --git a/api4/user_test.go b/api4/user_test.go index 4805a1a51..2e1a0adc2 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -1114,13 +1114,13 @@ func TestRevokeSessions(t *testing.T) { } -func TestGetAudits(t *testing.T) { +func TestGetUserAudits(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer TearDown() Client := th.Client user := th.BasicUser - audits, resp := Client.GetAudits(user.Id, 0, 100, "") + audits, resp := Client.GetUserAudits(user.Id, 0, 100, "") for _, audit := range audits { if audit.UserId != user.Id { t.Fatal("user id does not match audit user id") @@ -1128,14 +1128,14 @@ func TestGetAudits(t *testing.T) { } CheckNoError(t, resp) - _, resp = Client.GetAudits(th.BasicUser2.Id, 0, 100, "") + _, resp = Client.GetUserAudits(th.BasicUser2.Id, 0, 100, "") CheckForbiddenStatus(t, resp) Client.Logout() - _, resp = Client.GetAudits(user.Id, 0, 100, "") + _, resp = Client.GetUserAudits(user.Id, 0, 100, "") CheckUnauthorizedStatus(t, resp) - _, resp = th.SystemAdminClient.GetAudits(user.Id, 0, 100, "") + _, resp = th.SystemAdminClient.GetUserAudits(user.Id, 0, 100, "") CheckNoError(t, resp) } diff --git a/model/client4.go b/model/client4.go index 7af2a0b39..b94412706 100644 --- a/model/client4.go +++ b/model/client4.go @@ -606,8 +606,8 @@ func (c *Client4) GetTeamsUnreadForUser(userId, teamIdToExclude string) ([]*Team } } -// GetAudits returns a list of audit based on the provided user id string. -func (c *Client4) GetAudits(userId string, page int, perPage int, etag string) (Audits, *Response) { +// GetUserAudits returns a list of audit based on the provided user id string. +func (c *Client4) GetUserAudits(userId string, page int, perPage int, etag string) (Audits, *Response) { query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage) if r, err := c.DoApiGet(c.GetUserRoute(userId)+"/audits"+query, etag); err != nil { return nil, &Response{StatusCode: r.StatusCode, Error: err} @@ -1605,6 +1605,19 @@ func (c *Client4) TestLdap() (bool, *Response) { } } +// Audits Section + +// GetAudits returns a list of audits for the whole system. +func (c *Client4) GetAudits(page int, perPage int, etag string) (Audits, *Response) { + query := fmt.Sprintf("?page=%v&per_page=%v", page, perPage) + if r, err := c.DoApiGet("/audits"+query, etag); err != nil { + return nil, &Response{StatusCode: r.StatusCode, Error: err} + } else { + defer closeBody(r) + return AuditsFromJson(r.Body), BuildResponse(r) + } +} + // Brand Section // GetBrandImage retrieves the previously uploaded brand image. |