Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

web client: add support for integrating external viewers/editors

Browse Source
This commit is contained in:
Nicola Murino
2021-12-03 18:33:08 +01:00
parent 6092b6628e
commit bedc8e288b
14 changed files with 417 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
httpd/internal_test.go
View File

@@ -664,7 +664,13 @@ func TestCSRFToken(t *testing.T) {
assert.Contains(t, err.Error(), "form token is not valid")
}
r := GetHTTPRouter()
r := GetHTTPRouter(Binding{
Address: "",
Port: 8080,
EnableWebAdmin: true,
EnableWebClient: true,
RenderOpenAPI: true,
})
fn := verifyCSRFHeader(r)
rr := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodDelete, path.Join(userPath, "username"), nil)
@@ -883,7 +889,13 @@ func TestCreateTokenError(t *testing.T) {
}
func TestAPIKeyAuthForbidden(t *testing.T) {
r := GetHTTPRouter()
r := GetHTTPRouter(Binding{
Address: "",
Port: 8080,
EnableWebAdmin: true,
EnableWebClient: true,
RenderOpenAPI: true,
})
fn := forbidAPIKeyAuthentication(r)
rr := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodGet, versionPath, nil)
@@ -900,7 +912,13 @@ func TestJWTTokenValidation(t *testing.T) {
token, _, err := tokenAuth.Encode(claims)
assert.NoError(t, err)
r := GetHTTPRouter()
r := GetHTTPRouter(Binding{
Address: "",
Port: 8080,
EnableWebAdmin: true,
EnableWebClient: true,
RenderOpenAPI: true,
})
fn := jwtAuthenticatorAPI(r)
rr := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodGet, userPath, nil)
@@ -1912,14 +1930,14 @@ func TestWebUserInvalidClaims(t *testing.T) {
req, _ := http.NewRequest(http.MethodGet, webClientFilesPath, nil)
req.Header.Set("Cookie", fmt.Sprintf("jwt=%v", token["access_token"]))
handleClientGetFiles(rr, req)
server.handleClientGetFiles(rr, req)
assert.Equal(t, http.StatusForbidden, rr.Code)
assert.Contains(t, rr.Body.String(), "Invalid token claims")
rr = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodGet, webClientDirsPath, nil)
req.Header.Set("Cookie", fmt.Sprintf("jwt=%v", token["access_token"]))
handleClientGetDirContents(rr, req)
server.handleClientGetDirContents(rr, req)
assert.Equal(t, http.StatusForbidden, rr.Code)
assert.Contains(t, rr.Body.String(), "invalid token claims")