Fix user filtering for directory listings
This commit is contained in:
parent
39039148df
commit
2882bca483
@ -5,6 +5,8 @@ require "cgi"
|
|||||||
module RemoteStorage
|
module RemoteStorage
|
||||||
module Riak
|
module Riak
|
||||||
|
|
||||||
|
::Riak.url_decoding = true
|
||||||
|
|
||||||
def client
|
def client
|
||||||
@client ||= ::Riak::Client.new(LiquorCabinet.config['riak'].symbolize_keys)
|
@client ||= ::Riak::Client.new(LiquorCabinet.config['riak'].symbolize_keys)
|
||||||
end
|
end
|
||||||
@ -134,6 +136,13 @@ module RemoteStorage
|
|||||||
|
|
||||||
def directory_entries(user, directory)
|
def directory_entries(user, directory)
|
||||||
directory = "/" if directory == ""
|
directory = "/" if directory == ""
|
||||||
|
|
||||||
|
user_keys = data_bucket.get_index("user_id_bin", user)
|
||||||
|
directory_keys = data_bucket.get_index("directory_bin", directory)
|
||||||
|
|
||||||
|
all_keys = user_keys & directory_keys
|
||||||
|
return [] if all_keys.empty?
|
||||||
|
|
||||||
map_query = <<-EOH
|
map_query = <<-EOH
|
||||||
function(v){
|
function(v){
|
||||||
keys = v.key.split(':');
|
keys = v.key.split(':');
|
||||||
@ -145,15 +154,26 @@ module RemoteStorage
|
|||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
EOH
|
EOH
|
||||||
objects = ::Riak::MapReduce.new(client).
|
|
||||||
index("user_data", "user_id_bin", user).
|
map_reduce = ::Riak::MapReduce.new(client)
|
||||||
index("user_data", "directory_bin", directory).
|
all_keys.each do |key|
|
||||||
|
map_reduce.add("user_data", key)
|
||||||
|
end
|
||||||
|
|
||||||
|
map_reduce.
|
||||||
map(map_query, :keep => true).
|
map(map_query, :keep => true).
|
||||||
run
|
run
|
||||||
end
|
end
|
||||||
|
|
||||||
def sub_directories(user, directory)
|
def sub_directories(user, directory)
|
||||||
directory = "/" if directory == ""
|
directory = "/" if directory == ""
|
||||||
|
|
||||||
|
user_keys = directory_bucket.get_index("user_id_bin", user)
|
||||||
|
directory_keys = directory_bucket.get_index("directory_bin", directory)
|
||||||
|
|
||||||
|
all_keys = user_keys & directory_keys
|
||||||
|
return [] if all_keys.empty?
|
||||||
|
|
||||||
map_query = <<-EOH
|
map_query = <<-EOH
|
||||||
function(v){
|
function(v){
|
||||||
keys = v.key.split(':');
|
keys = v.key.split(':');
|
||||||
@ -165,9 +185,13 @@ module RemoteStorage
|
|||||||
}];
|
}];
|
||||||
}
|
}
|
||||||
EOH
|
EOH
|
||||||
objects = ::Riak::MapReduce.new(client).
|
|
||||||
index("rs_directories", "user_id_bin", user).
|
map_reduce = ::Riak::MapReduce.new(client)
|
||||||
index("rs_directories", "directory_bin", directory).
|
all_keys.each do |key|
|
||||||
|
map_reduce.add("rs_directories", key)
|
||||||
|
end
|
||||||
|
|
||||||
|
map_reduce.
|
||||||
map(map_query, :keep => true).
|
map(map_query, :keep => true).
|
||||||
run
|
run
|
||||||
end
|
end
|
||||||
|
|||||||
@ -37,12 +37,14 @@ describe "Directories" do
|
|||||||
it "has a Last-Modifier header set" do
|
it "has a Last-Modifier header set" do
|
||||||
get "/jimmy/tasks/"
|
get "/jimmy/tasks/"
|
||||||
|
|
||||||
|
last_response.status.must_equal 200
|
||||||
last_response.headers["Last-Modified"].wont_be_nil
|
last_response.headers["Last-Modified"].wont_be_nil
|
||||||
end
|
end
|
||||||
|
|
||||||
it "has CORS headers set" do
|
it "has CORS headers set" do
|
||||||
get "/jimmy/tasks/"
|
get "/jimmy/tasks/"
|
||||||
|
|
||||||
|
last_response.status.must_equal 200
|
||||||
last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
|
last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
|
||||||
last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
|
last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
|
||||||
last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
|
last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
|
||||||
@ -66,6 +68,30 @@ describe "Directories" do
|
|||||||
content["home/"].to_s.length.must_be :>=, 10
|
content["home/"].to_s.length.must_be :>=, 10
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "for a different user" do
|
||||||
|
before do
|
||||||
|
auth = auth_bucket.new("alice:321")
|
||||||
|
auth.data = [":r", "documents:r", "tasks:rw"]
|
||||||
|
auth.store
|
||||||
|
|
||||||
|
header "Authorization", "Bearer 321"
|
||||||
|
|
||||||
|
put "/alice/tasks/homework", "write an essay"
|
||||||
|
end
|
||||||
|
|
||||||
|
it "does not list the directories of jimmy" do
|
||||||
|
get "/alice/tasks/"
|
||||||
|
|
||||||
|
last_response.status.must_equal 200
|
||||||
|
|
||||||
|
content = JSON.parse(last_response.body)
|
||||||
|
content.wont_include "/"
|
||||||
|
content.wont_include "tasks/"
|
||||||
|
content.wont_include "home/"
|
||||||
|
content.must_include "homework"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context "sub-directories without objects" do
|
context "sub-directories without objects" do
|
||||||
it "lists the direct sub-directories" do
|
it "lists the direct sub-directories" do
|
||||||
put "/jimmy/tasks/private/projects/world-domination/start", "write a manifesto"
|
put "/jimmy/tasks/private/projects/world-domination/start", "write a manifesto"
|
||||||
@ -240,7 +266,6 @@ describe "Directories" do
|
|||||||
describe "DELETE file" do
|
describe "DELETE file" do
|
||||||
context "last file in directory" do
|
context "last file in directory" do
|
||||||
before do
|
before do
|
||||||
directory_bucket.delete("jimmy:tasks")
|
|
||||||
put "/jimmy/tasks/home/trash", "take out the trash"
|
put "/jimmy/tasks/home/trash", "take out the trash"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@ -16,6 +16,7 @@ riak_config = YAML.load(config)[ENV['RACK_ENV']]['riak'].symbolize_keys
|
|||||||
set :riak_config, riak_config
|
set :riak_config, riak_config
|
||||||
|
|
||||||
::Riak.disable_list_keys_warnings = true
|
::Riak.disable_list_keys_warnings = true
|
||||||
|
::Riak.url_decoding = true
|
||||||
|
|
||||||
def app
|
def app
|
||||||
LiquorCabinet
|
LiquorCabinet
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user