diff --git a/src/routes/settings.js b/src/routes/settings.js index eda729d19..041532287 100644 --- a/src/routes/settings.js +++ b/src/routes/settings.js @@ -113,15 +113,12 @@ function setDnsConfig(req, res, next) { } function setCertificate(req, res, next) { - assert.strictEqual(typeof req.files, 'object'); + assert.strictEqual(typeof req.body, 'object'); - if (!req.files.certificate) return next(new HttpError(400, 'certificate must be provided')); - var certificate = safe.fs.readFileSync(req.files.certificate.path, 'utf8'); + if (!req.body.cert || typeof req.body.cert !== 'string') return next(new HttpError(400, 'cert must be a string')); + if (!req.body.key || typeof req.body.key !== 'string') return next(new HttpError(400, 'key must be a string')); - if (!req.files.key) return next(new HttpError(400, 'key must be provided')); - var key = safe.fs.readFileSync(req.files.key.path, 'utf8'); - - settings.setCertificate(certificate, key, function (error) { + settings.setCertificate(req.body.cert, req.body.key, function (error) { if (error) return next(new HttpError(500, error)); next(new HttpSuccess(202, {})); diff --git a/src/routes/test/settings-test.js b/src/routes/test/settings-test.js index d27a5eb18..a8d0e1495 100644 --- a/src/routes/test/settings-test.js +++ b/src/routes/test/settings-test.js @@ -8,6 +8,7 @@ var appdb = require('../../appdb.js'), async = require('async'), + child_process = require('child_process'), config = require('../../config.js'), database = require('../../database.js'), expect = require('expect.js'), @@ -273,19 +274,20 @@ describe('Settings API', function () { }); describe('Certificates API', function () { - var certFile, keyFile; + var TEST_CRT_FILEPATH = null; + var TEST_KEY_FILEPATH = null; - before(function () { - certFile = '/tmp/host.cert'; - fs.writeFileSync(certFile, 'test certificate'); + before(function (done) { + // keep in sync with script + TEST_CRT_FILEPATH = '/tmp/test.crt'; + TEST_KEY_FILEPATH = '/tmp/test.key'; - keyFile = '/tmp/host.key'; - fs.writeFileSync(keyFile, 'test key'); + child_process.exec(__dirname + '/create_test_certificate.sh', done); }); after(function () { - fs.unlinkSync(certFile); - fs.unlinkSync(keyFile); + fs.unlinkSync(TEST_CRT_FILEPATH); + fs.unlinkSync(TEST_KEY_FILEPATH); }); it('cannot set certificate without token', function (done) { @@ -300,7 +302,7 @@ describe('Settings API', function () { it('cannot set certificate without certificate', function (done) { request.post(SERVER_URL + '/api/v1/settings/certificate') .query({ access_token: token }) - .attach('key', keyFile, 'key') + .send({ key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') }) .end(function (error, result) { expect(error).to.not.be.ok(); expect(result.statusCode).to.equal(400); @@ -311,7 +313,29 @@ describe('Settings API', function () { it('cannot set certificate without key', function (done) { request.post(SERVER_URL + '/api/v1/settings/certificate') .query({ access_token: token }) - .attach('certificate', certFile, 'certificate') + .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8') }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('cannot set certificate with cert not being a string', function (done) { + request.post(SERVER_URL + '/api/v1/settings/certificate') + .query({ access_token: token }) + .send({ cert: 1234, key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') }) + .end(function (error, result) { + expect(error).to.not.be.ok(); + expect(result.statusCode).to.equal(400); + done(); + }); + }); + + it('cannot set certificate with key not being a string', function (done) { + request.post(SERVER_URL + '/api/v1/settings/certificate') + .query({ access_token: token }) + .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8'), key: true }) .end(function (error, result) { expect(error).to.not.be.ok(); expect(result.statusCode).to.equal(400); @@ -322,8 +346,7 @@ describe('Settings API', function () { it('can set certificate', function (done) { request.post(SERVER_URL + '/api/v1/settings/certificate') .query({ access_token: token }) - .attach('key', keyFile, 'key') - .attach('certificate', certFile, 'certificate') + .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8'), key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') }) .end(function (error, result) { expect(error).to.not.be.ok(); expect(result.statusCode).to.equal(202); @@ -333,10 +356,10 @@ describe('Settings API', function () { it('did set the certificate', function (done) { var cert = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.cert')); - expect(cert).to.eql(fs.readFileSync(certFile)); + expect(cert).to.eql(fs.readFileSync(TEST_CRT_FILEPATH)); var key = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.key')); - expect(key).to.eql(fs.readFileSync(keyFile)); + expect(key).to.eql(fs.readFileSync(TEST_KEY_FILEPATH)); done(); }); diff --git a/src/server.js b/src/server.js index 6e7b07434..40a8f5f8a 100644 --- a/src/server.js +++ b/src/server.js @@ -162,7 +162,7 @@ function initializeExpressSync() { router.post('/api/v1/settings/cloudron_avatar', settingsScope, multipart, routes.settings.setCloudronAvatar); router.get ('/api/v1/settings/dns_config', settingsScope, routes.settings.getDnsConfig); router.post('/api/v1/settings/dns_config', settingsScope, routes.settings.setDnsConfig); - router.post('/api/v1/settings/certificate', settingsScope, multipart, routes.settings.setCertificate); + router.post('/api/v1/settings/certificate', settingsScope, routes.settings.setCertificate); // backup routes router.get ('/api/v1/backups', settingsScope, routes.backups.get);