Changed assets endpoint to multipart
This commit is contained in:
@@ -16,9 +16,10 @@ import (
|
||||
|
||||
type testInformation struct {
|
||||
Method string
|
||||
Header map[string]string
|
||||
Cookie map[string]string
|
||||
Body interface{}
|
||||
Query map[string]interface{}
|
||||
Cookie map[string]string
|
||||
|
||||
ResultBody interface{}
|
||||
ResultCookie []string
|
||||
@@ -57,8 +58,12 @@ func checkTestInformation(t *testing.T, url string, information []testInformatio
|
||||
for i, information := range information {
|
||||
var body io.Reader
|
||||
if information.Body != nil {
|
||||
buf, _ := json.Marshal(information.Body)
|
||||
body = bytes.NewReader(buf)
|
||||
if b, ok := information.Body.([]byte); ok {
|
||||
body = bytes.NewReader(b)
|
||||
} else {
|
||||
buf, _ := json.Marshal(information.Body)
|
||||
body = bytes.NewReader(buf)
|
||||
}
|
||||
}
|
||||
|
||||
query := url2.Values{}
|
||||
@@ -77,6 +82,11 @@ func checkTestInformation(t *testing.T, url string, information []testInformatio
|
||||
})
|
||||
}
|
||||
}
|
||||
if information.Header != nil {
|
||||
for name, value := range information.Header {
|
||||
req.Header.Set(name, value)
|
||||
}
|
||||
}
|
||||
|
||||
resp, _ := http.DefaultClient.Do(req)
|
||||
|
||||
|
||||
@@ -4,10 +4,9 @@ import (
|
||||
"TheAdversary/config"
|
||||
"TheAdversary/database"
|
||||
"TheAdversary/schema"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"go.uber.org/zap"
|
||||
"gorm.io/gorm/clause"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"path"
|
||||
@@ -37,6 +36,12 @@ func Assets(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
func assetsGet(w http.ResponseWriter, r *http.Request) {
|
||||
_, ok := authorizedSession(r)
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
query := r.URL.Query()
|
||||
request := database.GetDB().Table("assets")
|
||||
|
||||
@@ -65,22 +70,32 @@ func assetsGet(w http.ResponseWriter, r *http.Request) {
|
||||
json.NewEncoder(w).Encode(&assets)
|
||||
}
|
||||
|
||||
type assetsPostPayload struct {
|
||||
Name string `json:"name"`
|
||||
Content string `json:"data"`
|
||||
}
|
||||
|
||||
func assetsPost(w http.ResponseWriter, r *http.Request) {
|
||||
var payload assetsPostPayload
|
||||
if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
|
||||
InvalidJson.Send(w)
|
||||
_, ok := authorizedSession(r)
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
rawData, err := base64.StdEncoding.DecodeString(payload.Content)
|
||||
file, header, err := r.FormFile("file")
|
||||
if err != nil {
|
||||
zap.S().Warnf("Cannot decode base64")
|
||||
ApiError{Message: "invalid base64 content", Code: http.StatusUnprocessableEntity}.Send(w)
|
||||
if err == http.ErrMissingFile {
|
||||
ApiError{Message: "file is missing", Code: http.StatusUnprocessableEntity}.Send(w)
|
||||
} else {
|
||||
ApiError{Message: "could not parse file" + err.Error(), Code: http.StatusInternalServerError}.Send(w)
|
||||
}
|
||||
return
|
||||
}
|
||||
defer file.Close()
|
||||
|
||||
var name string
|
||||
if name = r.FormValue("name"); name == "" {
|
||||
name = header.Filename
|
||||
}
|
||||
|
||||
rawData, err := io.ReadAll(file)
|
||||
if err != nil {
|
||||
ApiError{Message: "failed to read file", Code: http.StatusInternalServerError}.Send(w)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -89,7 +104,7 @@ func assetsPost(w http.ResponseWriter, r *http.Request) {
|
||||
Name string
|
||||
Data []byte
|
||||
Link string
|
||||
}{Name: payload.Name, Data: rawData, Link: url.PathEscape(payload.Name)}
|
||||
}{Name: name, Data: rawData, Link: url.PathEscape(name)}
|
||||
|
||||
if database.GetDB().Table("assets").Clauses(clause.OnConflict{
|
||||
Columns: []clause.Column{{Name: "name"}},
|
||||
@@ -97,7 +112,7 @@ func assetsPost(w http.ResponseWriter, r *http.Request) {
|
||||
}).Create(&tmpDatabaseSchema).RowsAffected == 0 {
|
||||
w.WriteHeader(http.StatusConflict)
|
||||
} else {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
json.NewEncoder(w).Encode(schema.Asset{
|
||||
Id: tmpDatabaseSchema.Id,
|
||||
Name: tmpDatabaseSchema.Name,
|
||||
@@ -111,6 +126,12 @@ type assetsDeletePayload struct {
|
||||
}
|
||||
|
||||
func assetsDelete(w http.ResponseWriter, r *http.Request) {
|
||||
_, ok := authorizedSession(r)
|
||||
if !ok {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
var payload assetsDeletePayload
|
||||
if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
|
||||
InvalidJson.Send(w)
|
||||
|
||||
@@ -3,7 +3,9 @@ package api
|
||||
import (
|
||||
"TheAdversary/database"
|
||||
"TheAdversary/schema"
|
||||
"encoding/base64"
|
||||
"bytes"
|
||||
"fmt"
|
||||
"mime/multipart"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
@@ -31,6 +33,13 @@ func TestAssetsGet(t *testing.T) {
|
||||
checkTestInformation(t, server.URL, []testInformation{
|
||||
{
|
||||
Method: http.MethodGet,
|
||||
Code: http.StatusUnauthorized,
|
||||
},
|
||||
{
|
||||
Method: http.MethodGet,
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Query: map[string]interface{}{
|
||||
"q": "linux",
|
||||
},
|
||||
@@ -45,6 +54,9 @@ func TestAssetsGet(t *testing.T) {
|
||||
},
|
||||
{
|
||||
Method: http.MethodGet,
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Query: map[string]interface{}{
|
||||
"limit": 1,
|
||||
},
|
||||
@@ -59,6 +71,9 @@ func TestAssetsGet(t *testing.T) {
|
||||
},
|
||||
{
|
||||
Method: http.MethodGet,
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
ResultBody: []schema.Asset{
|
||||
{
|
||||
Id: 1,
|
||||
@@ -81,27 +96,47 @@ func TestAssetsPost(t *testing.T) {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
var buf bytes.Buffer
|
||||
mw := multipart.NewWriter(&buf)
|
||||
mw.SetBoundary("test")
|
||||
formFile, _ := mw.CreateFormFile("file", "srfwsr")
|
||||
formFile.Write([]byte("just a test file"))
|
||||
mw.WriteField("name", "test")
|
||||
mw.Close()
|
||||
|
||||
fmt.Println(buf.String())
|
||||
|
||||
server := httptest.NewServer(http.HandlerFunc(assetsPost))
|
||||
checkTestInformation(t, server.URL, []testInformation{
|
||||
{
|
||||
Method: http.MethodPost,
|
||||
Body: assetsPostPayload{
|
||||
Name: "test",
|
||||
Content: base64.StdEncoding.EncodeToString([]byte("test asset")),
|
||||
Code: http.StatusUnauthorized,
|
||||
},
|
||||
{
|
||||
Method: http.MethodPost,
|
||||
Header: map[string]string{
|
||||
"Content-Type": "multipart/form-data; boundary=test",
|
||||
},
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Body: buf.Bytes(),
|
||||
ResultBody: schema.Asset{
|
||||
Id: 1,
|
||||
Name: "test",
|
||||
Link: "/assets/test",
|
||||
},
|
||||
Code: http.StatusOK,
|
||||
Code: http.StatusCreated,
|
||||
},
|
||||
{
|
||||
Method: http.MethodPost,
|
||||
Body: assetsPostPayload{
|
||||
Name: "test",
|
||||
Content: base64.StdEncoding.EncodeToString([]byte("test asset")),
|
||||
Header: map[string]string{
|
||||
"Content-Type": "multipart/form-data; boundary=test",
|
||||
},
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Body: buf.Bytes(),
|
||||
Code: http.StatusConflict,
|
||||
},
|
||||
})
|
||||
@@ -122,6 +157,13 @@ func TestAssetsDelete(t *testing.T) {
|
||||
checkTestInformation(t, server.URL, []testInformation{
|
||||
{
|
||||
Method: http.MethodDelete,
|
||||
Code: http.StatusUnauthorized,
|
||||
},
|
||||
{
|
||||
Method: http.MethodDelete,
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Body: assetsDeletePayload{
|
||||
Id: 1,
|
||||
},
|
||||
@@ -129,6 +171,9 @@ func TestAssetsDelete(t *testing.T) {
|
||||
},
|
||||
{
|
||||
Method: http.MethodDelete,
|
||||
Cookie: map[string]string{
|
||||
"session_id": initSession(),
|
||||
},
|
||||
Body: assetsDeletePayload{
|
||||
Id: 69,
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user