Changed assets endpoint to multipart
This commit is contained in:
@@ -16,9 +16,10 @@ import (
|
|||||||
|
|
||||||
type testInformation struct {
|
type testInformation struct {
|
||||||
Method string
|
Method string
|
||||||
|
Header map[string]string
|
||||||
|
Cookie map[string]string
|
||||||
Body interface{}
|
Body interface{}
|
||||||
Query map[string]interface{}
|
Query map[string]interface{}
|
||||||
Cookie map[string]string
|
|
||||||
|
|
||||||
ResultBody interface{}
|
ResultBody interface{}
|
||||||
ResultCookie []string
|
ResultCookie []string
|
||||||
@@ -57,8 +58,12 @@ func checkTestInformation(t *testing.T, url string, information []testInformatio
|
|||||||
for i, information := range information {
|
for i, information := range information {
|
||||||
var body io.Reader
|
var body io.Reader
|
||||||
if information.Body != nil {
|
if information.Body != nil {
|
||||||
buf, _ := json.Marshal(information.Body)
|
if b, ok := information.Body.([]byte); ok {
|
||||||
body = bytes.NewReader(buf)
|
body = bytes.NewReader(b)
|
||||||
|
} else {
|
||||||
|
buf, _ := json.Marshal(information.Body)
|
||||||
|
body = bytes.NewReader(buf)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
query := url2.Values{}
|
query := url2.Values{}
|
||||||
@@ -77,6 +82,11 @@ func checkTestInformation(t *testing.T, url string, information []testInformatio
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if information.Header != nil {
|
||||||
|
for name, value := range information.Header {
|
||||||
|
req.Header.Set(name, value)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
resp, _ := http.DefaultClient.Do(req)
|
resp, _ := http.DefaultClient.Do(req)
|
||||||
|
|
||||||
|
|||||||
@@ -4,10 +4,9 @@ import (
|
|||||||
"TheAdversary/config"
|
"TheAdversary/config"
|
||||||
"TheAdversary/database"
|
"TheAdversary/database"
|
||||||
"TheAdversary/schema"
|
"TheAdversary/schema"
|
||||||
"encoding/base64"
|
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"go.uber.org/zap"
|
|
||||||
"gorm.io/gorm/clause"
|
"gorm.io/gorm/clause"
|
||||||
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"path"
|
"path"
|
||||||
@@ -37,6 +36,12 @@ func Assets(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func assetsGet(w http.ResponseWriter, r *http.Request) {
|
func assetsGet(w http.ResponseWriter, r *http.Request) {
|
||||||
|
_, ok := authorizedSession(r)
|
||||||
|
if !ok {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
query := r.URL.Query()
|
query := r.URL.Query()
|
||||||
request := database.GetDB().Table("assets")
|
request := database.GetDB().Table("assets")
|
||||||
|
|
||||||
@@ -65,22 +70,32 @@ func assetsGet(w http.ResponseWriter, r *http.Request) {
|
|||||||
json.NewEncoder(w).Encode(&assets)
|
json.NewEncoder(w).Encode(&assets)
|
||||||
}
|
}
|
||||||
|
|
||||||
type assetsPostPayload struct {
|
|
||||||
Name string `json:"name"`
|
|
||||||
Content string `json:"data"`
|
|
||||||
}
|
|
||||||
|
|
||||||
func assetsPost(w http.ResponseWriter, r *http.Request) {
|
func assetsPost(w http.ResponseWriter, r *http.Request) {
|
||||||
var payload assetsPostPayload
|
_, ok := authorizedSession(r)
|
||||||
if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
|
if !ok {
|
||||||
InvalidJson.Send(w)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
rawData, err := base64.StdEncoding.DecodeString(payload.Content)
|
file, header, err := r.FormFile("file")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
zap.S().Warnf("Cannot decode base64")
|
if err == http.ErrMissingFile {
|
||||||
ApiError{Message: "invalid base64 content", Code: http.StatusUnprocessableEntity}.Send(w)
|
ApiError{Message: "file is missing", Code: http.StatusUnprocessableEntity}.Send(w)
|
||||||
|
} else {
|
||||||
|
ApiError{Message: "could not parse file" + err.Error(), Code: http.StatusInternalServerError}.Send(w)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer file.Close()
|
||||||
|
|
||||||
|
var name string
|
||||||
|
if name = r.FormValue("name"); name == "" {
|
||||||
|
name = header.Filename
|
||||||
|
}
|
||||||
|
|
||||||
|
rawData, err := io.ReadAll(file)
|
||||||
|
if err != nil {
|
||||||
|
ApiError{Message: "failed to read file", Code: http.StatusInternalServerError}.Send(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -89,7 +104,7 @@ func assetsPost(w http.ResponseWriter, r *http.Request) {
|
|||||||
Name string
|
Name string
|
||||||
Data []byte
|
Data []byte
|
||||||
Link string
|
Link string
|
||||||
}{Name: payload.Name, Data: rawData, Link: url.PathEscape(payload.Name)}
|
}{Name: name, Data: rawData, Link: url.PathEscape(name)}
|
||||||
|
|
||||||
if database.GetDB().Table("assets").Clauses(clause.OnConflict{
|
if database.GetDB().Table("assets").Clauses(clause.OnConflict{
|
||||||
Columns: []clause.Column{{Name: "name"}},
|
Columns: []clause.Column{{Name: "name"}},
|
||||||
@@ -97,7 +112,7 @@ func assetsPost(w http.ResponseWriter, r *http.Request) {
|
|||||||
}).Create(&tmpDatabaseSchema).RowsAffected == 0 {
|
}).Create(&tmpDatabaseSchema).RowsAffected == 0 {
|
||||||
w.WriteHeader(http.StatusConflict)
|
w.WriteHeader(http.StatusConflict)
|
||||||
} else {
|
} else {
|
||||||
w.WriteHeader(http.StatusOK)
|
w.WriteHeader(http.StatusCreated)
|
||||||
json.NewEncoder(w).Encode(schema.Asset{
|
json.NewEncoder(w).Encode(schema.Asset{
|
||||||
Id: tmpDatabaseSchema.Id,
|
Id: tmpDatabaseSchema.Id,
|
||||||
Name: tmpDatabaseSchema.Name,
|
Name: tmpDatabaseSchema.Name,
|
||||||
@@ -111,6 +126,12 @@ type assetsDeletePayload struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func assetsDelete(w http.ResponseWriter, r *http.Request) {
|
func assetsDelete(w http.ResponseWriter, r *http.Request) {
|
||||||
|
_, ok := authorizedSession(r)
|
||||||
|
if !ok {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
var payload assetsDeletePayload
|
var payload assetsDeletePayload
|
||||||
if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
|
if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
|
||||||
InvalidJson.Send(w)
|
InvalidJson.Send(w)
|
||||||
|
|||||||
@@ -3,7 +3,9 @@ package api
|
|||||||
import (
|
import (
|
||||||
"TheAdversary/database"
|
"TheAdversary/database"
|
||||||
"TheAdversary/schema"
|
"TheAdversary/schema"
|
||||||
"encoding/base64"
|
"bytes"
|
||||||
|
"fmt"
|
||||||
|
"mime/multipart"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httptest"
|
"net/http/httptest"
|
||||||
"testing"
|
"testing"
|
||||||
@@ -31,6 +33,13 @@ func TestAssetsGet(t *testing.T) {
|
|||||||
checkTestInformation(t, server.URL, []testInformation{
|
checkTestInformation(t, server.URL, []testInformation{
|
||||||
{
|
{
|
||||||
Method: http.MethodGet,
|
Method: http.MethodGet,
|
||||||
|
Code: http.StatusUnauthorized,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Method: http.MethodGet,
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
Query: map[string]interface{}{
|
Query: map[string]interface{}{
|
||||||
"q": "linux",
|
"q": "linux",
|
||||||
},
|
},
|
||||||
@@ -45,6 +54,9 @@ func TestAssetsGet(t *testing.T) {
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
Method: http.MethodGet,
|
Method: http.MethodGet,
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
Query: map[string]interface{}{
|
Query: map[string]interface{}{
|
||||||
"limit": 1,
|
"limit": 1,
|
||||||
},
|
},
|
||||||
@@ -59,6 +71,9 @@ func TestAssetsGet(t *testing.T) {
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
Method: http.MethodGet,
|
Method: http.MethodGet,
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
ResultBody: []schema.Asset{
|
ResultBody: []schema.Asset{
|
||||||
{
|
{
|
||||||
Id: 1,
|
Id: 1,
|
||||||
@@ -81,27 +96,47 @@ func TestAssetsPost(t *testing.T) {
|
|||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var buf bytes.Buffer
|
||||||
|
mw := multipart.NewWriter(&buf)
|
||||||
|
mw.SetBoundary("test")
|
||||||
|
formFile, _ := mw.CreateFormFile("file", "srfwsr")
|
||||||
|
formFile.Write([]byte("just a test file"))
|
||||||
|
mw.WriteField("name", "test")
|
||||||
|
mw.Close()
|
||||||
|
|
||||||
|
fmt.Println(buf.String())
|
||||||
|
|
||||||
server := httptest.NewServer(http.HandlerFunc(assetsPost))
|
server := httptest.NewServer(http.HandlerFunc(assetsPost))
|
||||||
checkTestInformation(t, server.URL, []testInformation{
|
checkTestInformation(t, server.URL, []testInformation{
|
||||||
{
|
{
|
||||||
Method: http.MethodPost,
|
Method: http.MethodPost,
|
||||||
Body: assetsPostPayload{
|
Code: http.StatusUnauthorized,
|
||||||
Name: "test",
|
},
|
||||||
Content: base64.StdEncoding.EncodeToString([]byte("test asset")),
|
{
|
||||||
|
Method: http.MethodPost,
|
||||||
|
Header: map[string]string{
|
||||||
|
"Content-Type": "multipart/form-data; boundary=test",
|
||||||
},
|
},
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
|
Body: buf.Bytes(),
|
||||||
ResultBody: schema.Asset{
|
ResultBody: schema.Asset{
|
||||||
Id: 1,
|
Id: 1,
|
||||||
Name: "test",
|
Name: "test",
|
||||||
Link: "/assets/test",
|
Link: "/assets/test",
|
||||||
},
|
},
|
||||||
Code: http.StatusOK,
|
Code: http.StatusCreated,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Method: http.MethodPost,
|
Method: http.MethodPost,
|
||||||
Body: assetsPostPayload{
|
Header: map[string]string{
|
||||||
Name: "test",
|
"Content-Type": "multipart/form-data; boundary=test",
|
||||||
Content: base64.StdEncoding.EncodeToString([]byte("test asset")),
|
|
||||||
},
|
},
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
|
Body: buf.Bytes(),
|
||||||
Code: http.StatusConflict,
|
Code: http.StatusConflict,
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
@@ -122,6 +157,13 @@ func TestAssetsDelete(t *testing.T) {
|
|||||||
checkTestInformation(t, server.URL, []testInformation{
|
checkTestInformation(t, server.URL, []testInformation{
|
||||||
{
|
{
|
||||||
Method: http.MethodDelete,
|
Method: http.MethodDelete,
|
||||||
|
Code: http.StatusUnauthorized,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Method: http.MethodDelete,
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
Body: assetsDeletePayload{
|
Body: assetsDeletePayload{
|
||||||
Id: 1,
|
Id: 1,
|
||||||
},
|
},
|
||||||
@@ -129,6 +171,9 @@ func TestAssetsDelete(t *testing.T) {
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
Method: http.MethodDelete,
|
Method: http.MethodDelete,
|
||||||
|
Cookie: map[string]string{
|
||||||
|
"session_id": initSession(),
|
||||||
|
},
|
||||||
Body: assetsDeletePayload{
|
Body: assetsDeletePayload{
|
||||||
Id: 69,
|
Id: 69,
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user