Make settings certificate upload route also just using the json body

2015-10-28 12:12:06 +01:00
parent a892de5c2d
commit 57de915133
3 changed files with 42 additions and 22 deletions
@@ -113,15 +113,12 @@ function setDnsConfig(req, res, next) {
 }

 function setCertificate(req, res, next) {
-    assert.strictEqual(typeof req.files, 'object');
+    assert.strictEqual(typeof req.body, 'object');

-    if (!req.files.certificate) return next(new HttpError(400, 'certificate must be provided'));
-    var certificate = safe.fs.readFileSync(req.files.certificate.path, 'utf8');
+    if (!req.body.cert || typeof req.body.cert !== 'string') return next(new HttpError(400, 'cert must be a string'));
+    if (!req.body.key || typeof req.body.key !== 'string') return next(new HttpError(400, 'key must be a string'));

-    if (!req.files.key) return next(new HttpError(400, 'key must be provided'));
-    var key = safe.fs.readFileSync(req.files.key.path, 'utf8');
-
-    settings.setCertificate(certificate, key, function (error) {
+    settings.setCertificate(req.body.cert, req.body.key, function (error) {
        if (error) return next(new HttpError(500, error));

        next(new HttpSuccess(202, {}));
@@ -8,6 +8,7 @@

 var appdb = require('../../appdb.js'),
    async = require('async'),
+    child_process = require('child_process'),
    config = require('../../config.js'),
    database = require('../../database.js'),
    expect = require('expect.js'),
@@ -273,19 +274,20 @@ describe('Settings API', function () {
    });

    describe('Certificates API', function () {
-        var certFile, keyFile;
+        var TEST_CRT_FILEPATH = null;
+        var TEST_KEY_FILEPATH = null;

-        before(function () {
-            certFile = '/tmp/host.cert';
-            fs.writeFileSync(certFile, 'test certificate');
+        before(function (done) {
+            // keep in sync with script
+            TEST_CRT_FILEPATH = '/tmp/test.crt';
+            TEST_KEY_FILEPATH = '/tmp/test.key';

-            keyFile = '/tmp/host.key';
-            fs.writeFileSync(keyFile, 'test key');
+            child_process.exec(__dirname + '/create_test_certificate.sh', done);
        });

        after(function () {
-            fs.unlinkSync(certFile);
-            fs.unlinkSync(keyFile);
+            fs.unlinkSync(TEST_CRT_FILEPATH);
+            fs.unlinkSync(TEST_KEY_FILEPATH);
        });

        it('cannot set certificate without token', function (done) {
@@ -300,7 +302,7 @@ describe('Settings API', function () {
        it('cannot set certificate without certificate', function (done) {
            request.post(SERVER_URL + '/api/v1/settings/certificate')
                   .query({ access_token: token })
-                   .attach('key', keyFile, 'key')
+                   .send({ key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') })
                   .end(function (error, result) {
                expect(error).to.not.be.ok();
                expect(result.statusCode).to.equal(400);
@@ -311,7 +313,29 @@ describe('Settings API', function () {
        it('cannot set certificate without key', function (done) {
            request.post(SERVER_URL + '/api/v1/settings/certificate')
                   .query({ access_token: token })
-                   .attach('certificate', certFile, 'certificate')
+                   .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8') })
+                   .end(function (error, result) {
+                expect(error).to.not.be.ok();
+                expect(result.statusCode).to.equal(400);
+                done();
+            });
+        });
+
+        it('cannot set certificate with cert not being a string', function (done) {
+            request.post(SERVER_URL + '/api/v1/settings/certificate')
+                   .query({ access_token: token })
+                   .send({ cert: 1234, key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') })
+                   .end(function (error, result) {
+                expect(error).to.not.be.ok();
+                expect(result.statusCode).to.equal(400);
+                done();
+            });
+        });
+
+        it('cannot set certificate with key not being a string', function (done) {
+            request.post(SERVER_URL + '/api/v1/settings/certificate')
+                   .query({ access_token: token })
+                   .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8'), key: true })
                   .end(function (error, result) {
                expect(error).to.not.be.ok();
                expect(result.statusCode).to.equal(400);
@@ -322,8 +346,7 @@ describe('Settings API', function () {
        it('can set certificate', function (done) {
            request.post(SERVER_URL + '/api/v1/settings/certificate')
                   .query({ access_token: token })
-                   .attach('key', keyFile, 'key')
-                   .attach('certificate', certFile, 'certificate')
+                   .send({ cert: fs.readFileSync(TEST_CRT_FILEPATH, 'utf-8'), key: fs.readFileSync(TEST_KEY_FILEPATH, 'utf-8') })
                   .end(function (error, result) {
                expect(error).to.not.be.ok();
                expect(result.statusCode).to.equal(202);
@@ -333,10 +356,10 @@ describe('Settings API', function () {

        it('did set the certificate', function (done) {
            var cert = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.cert'));
-            expect(cert).to.eql(fs.readFileSync(certFile));
+            expect(cert).to.eql(fs.readFileSync(TEST_CRT_FILEPATH));

            var key = fs.readFileSync(path.join(paths.NGINX_CERT_DIR, 'host.key'));
-            expect(key).to.eql(fs.readFileSync(keyFile));
+            expect(key).to.eql(fs.readFileSync(TEST_KEY_FILEPATH));

            done();
        });