Raise error if we try to controll a non controller server

Fix #451
This commit is contained in:
Julien Duponchelle 2016-04-19 10:47:53 +02:00
parent 79427b35fa
commit ce5461aee8
No known key found for this signature in database
GPG Key ID: CE8B29639E07F5E8
3 changed files with 17 additions and 4 deletions

View File

@ -154,7 +154,6 @@ class Route(object):
@asyncio.coroutine @asyncio.coroutine
def control_schema(request): def control_schema(request):
# This block is executed at each method call # This block is executed at each method call
server_config = Config.instance().get_section_config("Server") server_config = Config.instance().get_section_config("Server")
# Authenticate # Authenticate
@ -171,6 +170,9 @@ class Route(object):
# API call # API call
try: try:
if "controller" in func.__module__ and server_config.getboolean("controller", False) is False:
raise aiohttp.web.HTTPForbidden(text="The server is not a controller")
request = yield from parse_request(request, input_schema) request = yield from parse_request(request, input_schema)
record_file = server_config.get("record") record_file = server_config.get("record")
if record_file: if record_file:

View File

@ -179,8 +179,15 @@ def controller():
return Controller.instance() return Controller.instance()
@pytest.fixture
def config():
config = Config.instance()
config.clear()
return config
@pytest.yield_fixture(autouse=True) @pytest.yield_fixture(autouse=True)
def run_around_tests(monkeypatch, port_manager, controller): def run_around_tests(monkeypatch, port_manager, controller, config):
""" """
This setup a temporay project file environnement around tests This setup a temporay project file environnement around tests
""" """
@ -188,8 +195,6 @@ def run_around_tests(monkeypatch, port_manager, controller):
tmppath = tempfile.mkdtemp() tmppath = tempfile.mkdtemp()
port_manager._instance = port_manager port_manager._instance = port_manager
config = Config.instance()
config.clear()
os.makedirs(os.path.join(tmppath, 'projects')) os.makedirs(os.path.join(tmppath, 'projects'))
config.set("Server", "project_directory", os.path.join(tmppath, 'projects')) config.set("Server", "project_directory", os.path.join(tmppath, 'projects'))
config.set("Server", "images_path", os.path.join(tmppath, 'images')) config.set("Server", "images_path", os.path.join(tmppath, 'images'))

View File

@ -49,6 +49,12 @@ def test_version_invalid_input(http_controller):
'status': 409} 'status': 409}
def test_version_not_controller(http_controller, config):
config.set("Server", "controller", False)
response = http_controller.get('/version')
assert response.status == 403
def test_version_invalid_input_schema(http_controller): def test_version_invalid_input_schema(http_controller):
query = {'version': "0.4.2", "bla": "blu"} query = {'version': "0.4.2", "bla": "blu"}
response = http_controller.post('/version', query) response = http_controller.post('/version', query)