diff --git a/src/apps.js b/src/apps.js index 9260bf61b..61d9499b8 100644 --- a/src/apps.js +++ b/src/apps.js @@ -1502,6 +1502,8 @@ async function setUpstreamUri(app, upstreamUri, auditSource) { assert.strictEqual(typeof upstreamUri, 'string'); assert.strictEqual(typeof auditSource, 'object'); + if (app.manifest.id !== constants.PROXY_APP_APPSTORE_ID) throw new BoxError(BoxError.BAD_FIELD, 'upstreamUri can only be set for proxy app'); + const appId = app.id; const error = validateUpstreamUri(upstreamUri); if (error) throw error; @@ -2109,6 +2111,8 @@ async function getLogs(app, options) { assert.strictEqual(typeof options.format, 'string'); assert.strictEqual(typeof options.follow, 'boolean'); + if (app.manifest.id !== constants.PROXY_APP_APPSTORE_ID) throw new BoxError(BoxError.BAD_FIELD, 'upstreamUri can only be set for proxy app'); + const appId = app.id; const logPaths = await getLogPaths(app); @@ -2510,6 +2514,8 @@ async function createExec(app, options) { assert.strictEqual(typeof app, 'object'); assert(options && typeof options === 'object'); + if (app.manifest.id !== constants.PROXY_APP_APPSTORE_ID) throw new BoxError(BoxError.BAD_FIELD, 'upstreamUri can only be set for proxy app'); + const cmd = options.cmd || [ '/bin/bash' ]; assert(Array.isArray(cmd) && cmd.length > 0); diff --git a/src/routes/apps.js b/src/routes/apps.js index 729e17303..d002f2102 100644 --- a/src/routes/apps.js +++ b/src/routes/apps.js @@ -106,16 +106,16 @@ function getApp(req, res, next) { async function listByUser(req, res, next) { assert.strictEqual(typeof req.user, 'object'); - let [error, result] = await safe(apps.listByUser(req.user)); + const [error, result] = await safe(apps.listByUser(req.user)); if (error) return next(BoxError.toHttpError(error)); - result = result.map(r => { + const filteredResult = result.map(r => { const app = apps.removeRestrictedFields(r); app.accessLevel = apps.accessLevel(r, req.user); return app; }); - next(new HttpSuccess(200, { apps: result })); + next(new HttpSuccess(200, { apps: filteredResult })); } async function getAppIcon(req, res, next) { @@ -960,7 +960,7 @@ async function setMounts(req, res, next) { assert.strictEqual(typeof req.app, 'object'); if (!Array.isArray(req.body.mounts)) return next(new HttpError(400, 'mounts should be an array')); - for (let m of req.body.mounts) { + for (const m of req.body.mounts) { if (!m || typeof m !== 'object') return next(new HttpError(400, 'mounts must be an object')); if (typeof m.volumeId !== 'string') return next(new HttpError(400, 'volumeId must be a string')); if (typeof m.readOnly !== 'boolean') return next(new HttpError(400, 'readOnly must be a boolean')); @@ -976,7 +976,6 @@ async function setUpstreamUri(req, res, next) { assert.strictEqual(typeof req.body, 'object'); assert.strictEqual(typeof req.app, 'object'); - if (req.app.manifest.id !== constants.PROXY_APP_APPSTORE_ID) return next(new HttpError(400, 'upstreamUri can only be set for proxy app')); if (typeof req.body.upstreamUri !== 'string') return next(new HttpError(400, 'upstreamUri must be a string')); const [error] = await safe(apps.setUpstreamUri(req.app, req.body.upstreamUri, AuditSource.fromRequest(req))); diff --git a/src/test/apps-test.js b/src/test/apps-test.js index 0294817d5..4577e96cb 100644 --- a/src/test/apps-test.js +++ b/src/test/apps-test.js @@ -54,17 +54,17 @@ describe('Apps', function () { describe('validateLocations', function () { it('does not allow reserved subdomain', async function () { - let location = new Location('my', domain.domain, Location.TYPE_ALIAS); + const location = new Location('my', domain.domain, Location.TYPE_ALIAS); expect(await apps._validateLocations([location])).to.be.an(Error); }); it('does not allow unknown domain', async function () { - let location = new Location('my2', domain.domain + 'x', Location.TYPE_PRIMARY); + const location = new Location('my2', domain.domain + 'x', Location.TYPE_PRIMARY); expect(await apps._validateLocations([location])).to.be.an(Error); }); it('allows valid locations', async function () { - let location = new Location('my2', domain.domain, Location.TYPE_SECONDARY); + const location = new Location('my2', domain.domain, Location.TYPE_SECONDARY); expect(await apps._validateLocations([location])).to.be(null); }); }); @@ -355,21 +355,21 @@ describe('Apps', function () { }); describe('proxy app', function () { - const app = require('./common.js').proxyApp; + const proxyApp = require('./common.js').proxyApp; const newUpstreamUri = 'https://foobar.com:443'; before(async function () { - await apps.add(app.id, app.appStoreId, app.manifest, app.subdomain, app.domain, app.portBindings, app); + await apps.add(proxyApp.id, proxyApp.appStoreId, proxyApp.manifest, proxyApp.subdomain, proxyApp.domain, proxyApp.portBindings, proxyApp); }); it('cannot set invalid upstream uri', async function () { - const [error] = await safe(apps.setUpstreamUri(app, 'foo:bar:80', AuditSource.PLATFORM)); + const [error] = await safe(apps.setUpstreamUri(proxyApp, 'foo:bar:80', AuditSource.PLATFORM)); expect(error.reason).to.be(BoxError.BAD_FIELD); }); it('can set upstream uri', async function () { - await apps.setUpstreamUri(app, newUpstreamUri, AuditSource.PLATFORM); - const result = await apps.get(app.id); + await apps.setUpstreamUri(proxyApp, newUpstreamUri, AuditSource.PLATFORM); + const result = await apps.get(proxyApp.id); expect(result.upstreamUri).to.equal(newUpstreamUri); }); diff --git a/src/test/common.js b/src/test/common.js index 75d293c03..a3893cbae 100644 --- a/src/test/common.js +++ b/src/test/common.js @@ -151,7 +151,7 @@ const proxyApp = { upstreamUri: 'http://1.2.3.4:80', domain: domain.domain, fqdn: domain.domain + '.' + 'proxylocation', - manifest, + manifest: proxyAppManifest, containerId: '', portBindings: null, accessRestriction: null,