mirror of
https://github.com/matrix-org/dendrite.git
synced 2025-12-07 06:53:09 -06:00
Merge pull request #77 from globekeeper/release/upstream-v0.13.1
Revert "Add CS API device tests (#3029)"
This commit is contained in:
Daniel Aloni
GitHub
commit
b63efd7c3b
4
.github/workflows/dendrite.yml
vendored
4
.github/workflows/dendrite.yml
vendored
|
|
@ -283,7 +283,7 @@ jobs:
|
||||||
- name: Build upgrade-tests
|
- name: Build upgrade-tests
|
||||||
run: go build ./cmd/dendrite-upgrade-tests
|
run: go build ./cmd/dendrite-upgrade-tests
|
||||||
- name: Test upgrade (PostgreSQL)
|
- name: Test upgrade (PostgreSQL)
|
||||||
run: ./dendrite-upgrade-tests --head .
|
run: ./dendrite-upgrade-tests .
|
||||||
|
|
||||||
# run database upgrade tests, skipping over one version
|
# run database upgrade tests, skipping over one version
|
||||||
upgrade_test_direct:
|
upgrade_test_direct:
|
||||||
|
|
@ -301,7 +301,7 @@ jobs:
|
||||||
- name: Build upgrade-tests
|
- name: Build upgrade-tests
|
||||||
run: go build ./cmd/dendrite-upgrade-tests
|
run: go build ./cmd/dendrite-upgrade-tests
|
||||||
- name: Test upgrade (PostgreSQL)
|
- name: Test upgrade (PostgreSQL)
|
||||||
run: ./dendrite-upgrade-tests -direct -from HEAD-2 --head .
|
run: ./dendrite-upgrade-tests -direct -from HEAD-2 .
|
||||||
|
|
||||||
# run Sytest in different variations
|
# run Sytest in different variations
|
||||||
sytest:
|
sytest:
|
||||||
|
|
|
||||||
|
|
@ -255,7 +255,6 @@ func TestDeleteDevice(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// Deleting devices requires the UIA dance, so do this in a different test
|
|
||||||
func TestDeleteDevices(t *testing.T) {
|
func TestDeleteDevices(t *testing.T) {
|
||||||
alice := test.NewUser(t)
|
alice := test.NewUser(t)
|
||||||
localpart, serverName, _ := gomatrixserverlib.SplitID('@', alice.ID)
|
localpart, serverName, _ := gomatrixserverlib.SplitID('@', alice.ID)
|
||||||
|
|
@ -300,34 +299,15 @@ func TestDeleteDevices(t *testing.T) {
|
||||||
devices = append(devices, devRes.Device.ID)
|
devices = append(devices, devRes.Device.ID)
|
||||||
}
|
}
|
||||||
|
|
||||||
// initiate UIA
|
|
||||||
rec := httptest.NewRecorder()
|
rec := httptest.NewRecorder()
|
||||||
req := httptest.NewRequest(http.MethodPost, "/_matrix/client/v3/delete_devices", strings.NewReader(""))
|
// prepare request body
|
||||||
req.Header.Set("Authorization", "Bearer "+accessTokens[alice].accessToken)
|
|
||||||
routers.Client.ServeHTTP(rec, req)
|
|
||||||
if rec.Code != http.StatusUnauthorized {
|
|
||||||
t.Fatalf("expected HTTP 401, got %d: %s", rec.Code, rec.Body.String())
|
|
||||||
}
|
|
||||||
// get the session ID
|
|
||||||
sessionID := gjson.GetBytes(rec.Body.Bytes(), "session").Str
|
|
||||||
|
|
||||||
// prepare UIA request body
|
|
||||||
reqBody := bytes.Buffer{}
|
reqBody := bytes.Buffer{}
|
||||||
if err := json.NewEncoder(&reqBody).Encode(map[string]interface{}{
|
if err := json.NewEncoder(&reqBody).Encode(map[string]interface{}{
|
||||||
"auth": map[string]string{
|
|
||||||
"session": sessionID,
|
|
||||||
"type": authtypes.LoginTypePassword,
|
|
||||||
"user": alice.ID,
|
|
||||||
"password": accessTokens[alice].password,
|
|
||||||
},
|
|
||||||
"devices": devices[5:],
|
"devices": devices[5:],
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
req := httptest.NewRequest(http.MethodPost, "/_matrix/client/v3/delete_devices", strings.NewReader(reqBody.String()))
|
||||||
// do the same request again, this time with our UIA,
|
|
||||||
rec = httptest.NewRecorder()
|
|
||||||
req = httptest.NewRequest(http.MethodPost, "/_matrix/client/v3/delete_devices", &reqBody)
|
|
||||||
req.Header.Set("Authorization", "Bearer "+accessTokens[alice].accessToken)
|
req.Header.Set("Authorization", "Bearer "+accessTokens[alice].accessToken)
|
||||||
routers.Client.ServeHTTP(rec, req)
|
routers.Client.ServeHTTP(rec, req)
|
||||||
if rec.Code != http.StatusOK {
|
if rec.Code != http.StatusOK {
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,6 @@
|
||||||
package routing
|
package routing
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
|
||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
@ -162,6 +161,12 @@ func UpdateDeviceByID(
|
||||||
JSON: spec.Forbidden("device not owned by current user"),
|
JSON: spec.Forbidden("device not owned by current user"),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if performRes.Forbidden {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: http.StatusForbidden,
|
||||||
|
JSON: spec.Forbidden("device not owned by current user"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return util.JSONResponse{
|
return util.JSONResponse{
|
||||||
Code: http.StatusOK,
|
Code: http.StatusOK,
|
||||||
|
|
@ -258,39 +263,13 @@ func DeleteDeviceById(
|
||||||
|
|
||||||
// DeleteDevices handles POST requests to /delete_devices
|
// DeleteDevices handles POST requests to /delete_devices
|
||||||
func DeleteDevices(
|
func DeleteDevices(
|
||||||
req *http.Request, userInteractiveAuth *auth.UserInteractive, userAPI api.ClientUserAPI, device *api.Device,
|
req *http.Request, userAPI api.ClientUserAPI, device *api.Device,
|
||||||
) util.JSONResponse {
|
) util.JSONResponse {
|
||||||
ctx := req.Context()
|
ctx := req.Context()
|
||||||
|
|
||||||
bodyBytes, err := io.ReadAll(req.Body)
|
|
||||||
if err != nil {
|
|
||||||
return util.JSONResponse{
|
|
||||||
Code: http.StatusBadRequest,
|
|
||||||
JSON: spec.BadJSON("The request body could not be read: " + err.Error()),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
defer req.Body.Close() // nolint:errcheck
|
|
||||||
|
|
||||||
// initiate UIA
|
|
||||||
login, errRes := userInteractiveAuth.Verify(ctx, bodyBytes, device)
|
|
||||||
if errRes != nil {
|
|
||||||
return *errRes
|
|
||||||
}
|
|
||||||
|
|
||||||
if login.Username() != device.UserID {
|
|
||||||
return util.JSONResponse{
|
|
||||||
Code: http.StatusForbidden,
|
|
||||||
JSON: spec.Forbidden("unable to delete devices for other user"),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
payload := devicesDeleteJSON{}
|
payload := devicesDeleteJSON{}
|
||||||
if err = json.Unmarshal(bodyBytes, &payload); err != nil {
|
|
||||||
util.GetLogger(ctx).WithError(err).Error("unable to unmarshal device deletion request")
|
if resErr := httputil.UnmarshalJSONRequest(req, &payload); resErr != nil {
|
||||||
return util.JSONResponse{
|
return *resErr
|
||||||
Code: http.StatusInternalServerError,
|
|
||||||
JSON: spec.InternalServerError{},
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
defer req.Body.Close() // nolint: errcheck
|
defer req.Body.Close() // nolint: errcheck
|
||||||
|
|
|
||||||
|
|
@ -1175,7 +1175,7 @@ func Setup(
|
||||||
|
|
||||||
v3mux.Handle("/delete_devices",
|
v3mux.Handle("/delete_devices",
|
||||||
httputil.MakeAuthAPI("delete_devices", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
|
httputil.MakeAuthAPI("delete_devices", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
|
||||||
return DeleteDevices(req, userInteractiveAuth, userAPI, device)
|
return DeleteDevices(req, userAPI, device)
|
||||||
}),
|
}),
|
||||||
).Methods(http.MethodPost, http.MethodOptions)
|
).Methods(http.MethodPost, http.MethodOptions)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue