process auto folder

26cc6cee · Sergey Yakubov · d71f96c6 · 26cc6cee · 26cc6cee · 26cc6cee
Commit 26cc6cee authored 3 years ago by Sergey Yakubov
--- a/authorizer/src/asapo_authorizer/server/folder_token.go
+++ b/authorizer/src/asapo_authorizer/server/folder_token.go
@@ -17,6 +17,11 @@ type folderTokenRequest struct {
 	Token      string
 }

+type tokenFolders struct {
+	RootFolder string
+	SecondFolder  string
+}
+
 type folderToken struct {
 	Token string
 }
@@ -25,11 +30,13 @@ type folderToken struct {
 	utils.ProcessJWTAuth(processFolderTokenRequest,settings.secret)(w,r)
 }*/

-func prepareJWTToken(request folderTokenRequest) (string, error) {
+func prepareJWTToken(folders tokenFolders) (string, error) {
 	var claims utils.CustomClaims
 	var extraClaim structs.FolderTokenTokenExtraClaim

-	extraClaim.RootFolder = request.Folder
+	extraClaim.RootFolder = folders.RootFolder
+	extraClaim.SecondFolder = folders.SecondFolder
+
 	claims.ExtraClaims = &extraClaim
 	claims.SetExpiration(time.Duration(settings.FolderTokenDurationMin) * time.Minute)
 	return Auth.JWTAuth().GenerateToken(&claims)
@@ -59,21 +66,28 @@ func extractFolderTokenrequest(r *http.Request) (folderTokenRequest, error) {

 }

-func checkBeamtimeFolder(request folderTokenRequest) error {
+func checkBeamtimeFolder(request folderTokenRequest) (folders tokenFolders, err error) {
 	beamtimeMeta, err := findMeta(SourceCredentials{request.BeamtimeId, "auto", "", "", ""})
 	if err != nil {
 		log.Error("cannot get beamtime meta" + err.Error())
-		return err
+		return folders,err
+	}
+
+	if request.Folder=="auto" {
+		folders.RootFolder = beamtimeMeta.OfflinePath
+		folders.SecondFolder = beamtimeMeta.OnlinePath
+		return folders,nil
 	}

 	folder := filepath.Clean(request.Folder)
 	if folder != filepath.Clean(beamtimeMeta.OnlinePath) && folder != filepath.Clean(beamtimeMeta.OfflinePath) {
 		err_string := folder + " does not match beamtime folders " + beamtimeMeta.OnlinePath + " or " + beamtimeMeta.OfflinePath
 		log.Error(err_string)
-		return errors.New(err_string)
+		return folders,errors.New(err_string)
 	}

-	return nil
+	folders.RootFolder = request.Folder
+	return folders,nil
 }

 func checkAuthorizerApiVersion(w http.ResponseWriter, r *http.Request) bool {
@@ -98,13 +112,13 @@ func routeFolderToken(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	err = checkBeamtimeFolder(request)
+	folders,err := checkBeamtimeFolder(request)
 	if err != nil {
 		utils.WriteServerError(w, err, http.StatusUnauthorized)
 		return
 	}

-	token, err := prepareJWTToken(request)
+	token, err := prepareJWTToken(folders)
 	if err != nil {
 		utils.WriteServerError(w, err, http.StatusInternalServerError)
 		return

--- a/authorizer/src/asapo_authorizer/server/folder_token_test.go
+++ b/authorizer/src/asapo_authorizer/server/folder_token_test.go
@@ -14,19 +14,25 @@ import (
 )

 var  fodlerTokenTests = [] struct {
-	beamtime_id string
-	root_folder string
-	token string
-	status int
-	message string
+	beamtime_id   string
+	auto          bool
+	root_folder   string
+	second_folder string
+	token         string
+	status        int
+	message       string
 }{
-	{"test", "tf/gpfs/bl1/2019/data/test", prepareUserToken("bt_test",[]string{"read"}),http.StatusOK,"beamtime found"},
-	{"test_online", "bl1/current", prepareUserToken("bt_test_online",[]string{"read"}),http.StatusOK,"online beamtime found"},
-	{"test", "bl1/current", prepareUserToken("bt_test",[]string{"read"}),http.StatusUnauthorized,"no online beamtime found"},
-	{"test_online", "bl2/current", prepareUserToken("bt_test_online",[]string{"read"}),http.StatusUnauthorized,"wrong online folder"},
-	{"test", "tf/gpfs/bl1/2019/data/test1", prepareUserToken("bt_test",[]string{"read"}),http.StatusUnauthorized,"wrong folder"},
-	{"test", "tf/gpfs/bl1/2019/data/test", prepareUserToken("bt_test1",[]string{"read"}),http.StatusUnauthorized,"wrong token"},
-	{"11111111", "tf/gpfs/bl1/2019/data/test", prepareUserToken("bt_11111111",[]string{"read"}),http.StatusBadRequest,"bad request"},
+	{"test", false,"tf/gpfs/bl1/2019/data/test", "",prepareUserToken("bt_test",[]string{"read"}),http.StatusOK,"beamtime found"},
+	{"test_online",false, "bl1/current", "",prepareUserToken("bt_test_online",[]string{"read"}),http.StatusOK,"online beamtime found"},
+	{"test", false,"bl1/current", "",prepareUserToken("bt_test",[]string{"read"}),http.StatusUnauthorized,"no online beamtime found"},
+	{"test_online",false, "bl2/current", "",prepareUserToken("bt_test_online",[]string{"read"}),http.StatusUnauthorized,"wrong online folder"},
+	{"test", false,"tf/gpfs/bl1/2019/data/test1", "",prepareUserToken("bt_test",[]string{"read"}),http.StatusUnauthorized,"wrong folder"},
+	{"test", false,"tf/gpfs/bl1/2019/data/test", "",prepareUserToken("bt_test1",[]string{"read"}),http.StatusUnauthorized,"wrong token"},
+	{"11111111", false,"tf/gpfs/bl1/2019/data/test", "",prepareUserToken("bt_11111111",[]string{"read"}),http.StatusBadRequest,"bad request"},
+
+	{"test", true,"tf/gpfs/bl1/2019/data/test", "",prepareUserToken("bt_test",[]string{"read"}),http.StatusOK,"auto without onilne"},
+	{"test_online",true, "tf/gpfs/bl1/2019/data/test_online", "bl1/current",prepareUserToken("bt_test_online",[]string{"read"}),http.StatusOK,"auto with online"},
+
 }

 func TestFolderToken(t *testing.T) {
@@ -46,7 +52,15 @@ func TestFolderToken(t *testing.T) {

 	for _, test := range fodlerTokenTests {
 		abs_path:=settings.RootBeamtimesFolder + string(filepath.Separator)+test.root_folder
-		request :=  makeRequest(folderTokenRequest{abs_path,test.beamtime_id,test.token})
+		abs_path_second :=""
+		if test.second_folder!="" {
+			abs_path_second =settings.RootBeamtimesFolder + string(filepath.Separator)+test.second_folder
+		}
+		path_in_token:=abs_path
+		if test.auto {
+			path_in_token = "auto"
+		}
+		request :=  makeRequest(folderTokenRequest{path_in_token,test.beamtime_id,test.token})
 		if test.status == http.StatusBadRequest {
 			request =makeRequest(authorizationRequest{})
 		}
@@ -57,6 +71,7 @@ func TestFolderToken(t *testing.T) {
 			var extra_claim structs.FolderTokenTokenExtraClaim
 			utils.MapToStruct(claims.(*utils.CustomClaims).ExtraClaims.(map[string]interface{}), &extra_claim)
 			assert.Equal(t, abs_path, extra_claim.RootFolder, test.message)
+			assert.Equal(t, abs_path_second, extra_claim.SecondFolder, test.message)
 		} else {
 			body, _ := ioutil.ReadAll(w.Body)
 			fmt.Println(string(body))

--- a/common/go/src/asapo_common/structs/structs.go
+++ b/common/go/src/asapo_common/structs/structs.go
@@ -2,6 +2,7 @@ package structs

 type FolderTokenTokenExtraClaim struct {
 	RootFolder string
+	SecondFolder string
 }

 type AccessTokenExtraClaim struct {

--- a/file_transfer/src/asapo_file_transfer/server/transfer.go
+++ b/file_transfer/src/asapo_file_transfer/server/transfer.go
@@ -10,6 +10,7 @@ import (
 	"net/http"
 	"os"
 	"path"
+	"path/filepath"
 	"strconv"
 )

@@ -58,7 +59,7 @@ func checkRequest(r *http.Request) (string,int,error) {
 	if status,err := checkClaim(r,&request); err != nil {
 		return "",status,err
 	}
-	fullName := request.Folder+string(os.PathSeparator)+request.FileName
+	fullName := filepath.Clean(request.Folder+string(os.PathSeparator)+request.FileName)
 	if status,err := checkFileExists(r,fullName); err != nil {
 		return "",status,err
 	}