Move cert upload route to /settings
This commit is contained in:
Johannes Zellner
@@ -11,7 +11,6 @@ exports = module.exports = {
|
||||
getConfig: getConfig,
|
||||
update: update,
|
||||
migrate: migrate,
|
||||
setCertificate: setCertificate,
|
||||
feedback: feedback
|
||||
};
|
||||
|
||||
@@ -25,7 +24,6 @@ var assert = require('assert'),
|
||||
HttpError = require('connect-lastmile').HttpError,
|
||||
HttpSuccess = require('connect-lastmile').HttpSuccess,
|
||||
superagent = require('superagent'),
|
||||
safe = require('safetydance'),
|
||||
updateChecker = require('../updatechecker.js');
|
||||
|
||||
/**
|
||||
@@ -140,23 +138,6 @@ function migrate(req, res, next) {
|
||||
});
|
||||
}
|
||||
|
||||
function setCertificate(req, res, next) {
|
||||
assert.strictEqual(typeof req.files, 'object');
|
||||
|
||||
if (!req.files.certificate) return next(new HttpError(400, 'certificate must be provided'));
|
||||
var certificate = safe.fs.readFileSync(req.files.certificate.path, 'utf8');
|
||||
|
||||
if (!req.files.key) return next(new HttpError(400, 'key must be provided'));
|
||||
var key = safe.fs.readFileSync(req.files.key.path, 'utf8');
|
||||
|
||||
cloudron.setCertificate(certificate, key, function (error) {
|
||||
if (error && error.reason === CloudronError.BAD_FIELD) return next(new HttpError(400, error.message));
|
||||
if (error) return next(new HttpError(500, error));
|
||||
|
||||
next(new HttpSuccess(202, {}));
|
||||
});
|
||||
}
|
||||
|
||||
function feedback(req, res, next) {
|
||||
assert.strictEqual(typeof req.user, 'object');
|
||||
|
||||
|
||||
@@ -13,7 +13,9 @@ exports = module.exports = {
|
||||
setCloudronAvatar: setCloudronAvatar,
|
||||
|
||||
getDnsConfig: getDnsConfig,
|
||||
setDnsConfig: setDnsConfig
|
||||
setDnsConfig: setDnsConfig,
|
||||
|
||||
setCertificate: setCertificate
|
||||
};
|
||||
|
||||
var assert = require('assert'),
|
||||
@@ -109,3 +111,19 @@ function setDnsConfig(req, res, next) {
|
||||
next(new HttpSuccess(200));
|
||||
});
|
||||
}
|
||||
|
||||
function setCertificate(req, res, next) {
|
||||
assert.strictEqual(typeof req.files, 'object');
|
||||
|
||||
if (!req.files.certificate) return next(new HttpError(400, 'certificate must be provided'));
|
||||
var certificate = safe.fs.readFileSync(req.files.certificate.path, 'utf8');
|
||||
|
||||
if (!req.files.key) return next(new HttpError(400, 'key must be provided'));
|
||||
var key = safe.fs.readFileSync(req.files.key.path, 'utf8');
|
||||
|
||||
settings.setCertificate(certificate, key, function (error) {
|
||||
if (error) return next(new HttpError(500, error));
|
||||
|
||||
next(new HttpSuccess(202, {}));
|
||||
});
|
||||
}
|
||||
|
||||
@@ -167,101 +167,6 @@ describe('Cloudron', function () {
|
||||
});
|
||||
});
|
||||
|
||||
describe('Certificates API', function () {
|
||||
var certFile, keyFile;
|
||||
|
||||
before(function (done) {
|
||||
certFile = path.join(os.tmpdir(), 'host.cert');
|
||||
fs.writeFileSync(certFile, 'test certificate');
|
||||
|
||||
keyFile = path.join(os.tmpdir(), 'host.key');
|
||||
fs.writeFileSync(keyFile, 'test key');
|
||||
|
||||
async.series([
|
||||
setup,
|
||||
|
||||
function (callback) {
|
||||
var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
|
||||
var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {});
|
||||
|
||||
request.post(SERVER_URL + '/api/v1/cloudron/activate')
|
||||
.query({ setupToken: 'somesetuptoken' })
|
||||
.send({ username: USERNAME, password: PASSWORD, email: EMAIL })
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result).to.be.ok();
|
||||
expect(scope1.isDone()).to.be.ok();
|
||||
expect(scope2.isDone()).to.be.ok();
|
||||
|
||||
// stash token for further use
|
||||
token = result.body.token;
|
||||
|
||||
callback();
|
||||
});
|
||||
},
|
||||
], done);
|
||||
});
|
||||
|
||||
after(function (done) {
|
||||
fs.unlinkSync(certFile);
|
||||
fs.unlinkSync(keyFile);
|
||||
|
||||
cleanup(done);
|
||||
});
|
||||
|
||||
it('cannot set certificate without token', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/cloudron/certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(401);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('cannot set certificate without certificate', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/cloudron/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('key', keyFile, 'key')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(400);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('cannot set certificate without key', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/cloudron/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('certificate', certFile, 'certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(400);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can set certificate', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/cloudron/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('key', keyFile, 'key')
|
||||
.attach('certificate', certFile, 'certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(202);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('did set the certificate', function (done) {
|
||||
var cert = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.cert'));
|
||||
expect(cert).to.eql(fs.readFileSync(certFile));
|
||||
|
||||
var key = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.key'));
|
||||
expect(key).to.eql(fs.readFileSync(keyFile));
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
describe('get config', function () {
|
||||
before(function (done) {
|
||||
async.series([
|
||||
|
||||
@@ -11,6 +11,7 @@ var appdb = require('../../appdb.js'),
|
||||
config = require('../../config.js'),
|
||||
database = require('../../database.js'),
|
||||
expect = require('expect.js'),
|
||||
path = require('path'),
|
||||
paths = require('../../paths.js'),
|
||||
request = require('superagent'),
|
||||
server = require('../../server.js'),
|
||||
@@ -270,5 +271,75 @@ describe('Settings API', function () {
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Certificates API', function () {
|
||||
var certFile, keyFile;
|
||||
|
||||
before(function () {
|
||||
certFile = '/tmp/host.cert';
|
||||
fs.writeFileSync(certFile, 'test certificate');
|
||||
|
||||
keyFile = '/tmp/host.key';
|
||||
fs.writeFileSync(keyFile, 'test key');
|
||||
});
|
||||
|
||||
after(function () {
|
||||
fs.unlinkSync(certFile);
|
||||
fs.unlinkSync(keyFile);
|
||||
});
|
||||
|
||||
it('cannot set certificate without token', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/settings/certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(401);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('cannot set certificate without certificate', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/settings/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('key', keyFile, 'key')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(400);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('cannot set certificate without key', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/settings/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('certificate', certFile, 'certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(400);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('can set certificate', function (done) {
|
||||
request.post(SERVER_URL + '/api/v1/settings/certificate')
|
||||
.query({ access_token: token })
|
||||
.attach('key', keyFile, 'key')
|
||||
.attach('certificate', certFile, 'certificate')
|
||||
.end(function (error, result) {
|
||||
expect(error).to.not.be.ok();
|
||||
expect(result.statusCode).to.equal(202);
|
||||
done();
|
||||
});
|
||||
});
|
||||
|
||||
it('did set the certificate', function (done) {
|
||||
var cert = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.cert'));
|
||||
expect(cert).to.eql(fs.readFileSync(certFile));
|
||||
|
||||
var key = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.key'));
|
||||
expect(key).to.eql(fs.readFileSync(keyFile));
|
||||
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user