diff --git a/src/cloudron.js b/src/cloudron.js index 8e0aa4acf..56ded4151 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -143,11 +143,11 @@ function getConfig(callback) { settings.getCloudronName(function (error, cloudronName) { if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)); + // be picky about what we send out here since this is sent for 'normal' users as well callback(null, { apiServerOrigin: config.apiServerOrigin(), webServerOrigin: config.webServerOrigin(), adminDomain: config.adminDomain(), - adminLocation: config.adminLocation(), adminFqdn: config.adminFqdn(), mailFqdn: config.mailFqdn(), version: config.version(), diff --git a/src/routes/index.js b/src/routes/index.js index 2bb360fe8..ea54dc1d4 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -19,6 +19,5 @@ exports = module.exports = { sysadmin: require('./sysadmin.js'), settings: require('./settings.js'), ssh: require('./ssh.js'), - user: require('./user.js'), users: require('./users.js') }; diff --git a/src/routes/test/cloudron-test.js b/src/routes/test/cloudron-test.js index 47e11138c..3fe2cca54 100644 --- a/src/routes/test/cloudron-test.js +++ b/src/routes/test/cloudron-test.js @@ -176,7 +176,7 @@ describe('Cloudron', function () { after(cleanup); it('cannot get without token', function (done) { - superagent.get(SERVER_URL + '/api/v1/cloudron/config') + superagent.get(SERVER_URL + '/api/v1/config') .end(function (error, result) { expect(result.statusCode).to.equal(401); done(); @@ -184,7 +184,7 @@ describe('Cloudron', function () { }); it('succeeds (admin)', function (done) { - superagent.get(SERVER_URL + '/api/v1/cloudron/config') + superagent.get(SERVER_URL + '/api/v1/config') .query({ access_token: token }) .end(function (error, result) { expect(result.statusCode).to.equal(200); @@ -202,7 +202,7 @@ describe('Cloudron', function () { }); it('fails (non-admin)', function (done) { - superagent.get(SERVER_URL + '/api/v1/cloudron/config') + superagent.get(SERVER_URL + '/api/v1/config') .query({ access_token: token_1 }) .end(function (error, result) { expect(result.statusCode).to.equal(403); diff --git a/src/routes/test/user-test.js b/src/routes/test/user-test.js deleted file mode 100644 index 235a80e4b..000000000 --- a/src/routes/test/user-test.js +++ /dev/null @@ -1,121 +0,0 @@ -'use strict'; - -/* global it:false */ -/* global describe:false */ -/* global before:false */ -/* global after:false */ - -var accesscontrol = require('../../accesscontrol.js'), - async = require('async'), - config = require('../../config.js'), - database = require('../../database.js'), - expect = require('expect.js'), - nock = require('nock'), - superagent = require('superagent'), - server = require('../../server.js'), - settings = require('../../settings.js'), - settingsdb = require('../../settingsdb.js'), - tokendb = require('../../tokendb.js'); - -var SERVER_URL = 'http://localhost:' + config.get('port'); - -var USERNAME = 'superadmin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; -var token = null; // authentication token -var USERNAME_1 = 'userTheFirst', EMAIL_1 = 'taO@zen.mac', userId_1, token_1; - -function setup(done) { - nock.cleanAll(); - config._reset(); - config.setFqdn('example-cloudron-test.com'); - config.setAdminFqdn('my.example-cloudron-test.com'); - - async.series([ - server.start.bind(server), - database._clear, - settings.setBackupConfig.bind(null, { provider: 'filesystem', backupFolder: '/tmp', format: 'tgz' }), - settingsdb.set.bind(null, settings.APPSTORE_CONFIG_KEY, JSON.stringify({ userId: 'USER_ID', cloudronId: 'CLOUDRON_ID', token: 'ACCESS_TOKEN' })) - ], done); -} - -function cleanup(done) { - database._clear(function (error) { - expect(error).to.not.be.ok(); - - config._reset(); - - server.stop(done); - }); -} - -describe('User test', function () { - describe('get config', function () { - before(function (done) { - async.series([ - setup, - - function (callback) { - superagent.post(SERVER_URL + '/api/v1/cloudron/activate') - .query({ setupToken: 'somesetuptoken' }) - .send({ username: USERNAME, password: PASSWORD, email: EMAIL }) - .end(function (error, result) { - expect(result).to.be.ok(); - - // stash token for further use - token = result.body.token; - - callback(); - }); - }, - - function (callback) { - superagent.post(SERVER_URL + '/api/v1/users') - .query({ access_token: token }) - .send({ username: USERNAME_1, email: EMAIL_1, invite: false }) - .end(function (error, result) { - expect(result).to.be.ok(); - expect(result.statusCode).to.eql(201); - - token_1 = tokendb.generateToken(); - userId_1 = result.body.id; - - // HACK to get a token for second user (passwords are generated and the user should have gotten a password setup link...) - tokendb.add(token_1, userId_1, 'test-client-id', Date.now() + 100000, 'profile', callback); - }); - } - ], done); - }); - - after(cleanup); - - it('cannot get without token', function (done) { - superagent.get(SERVER_URL + '/api/v1/user/cloudron_config') - .end(function (error, result) { - expect(result.statusCode).to.equal(401); - done(); - }); - }); - - it('succeeds', function (done) { - superagent.get(SERVER_URL + '/api/v1/user/cloudron_config') - .query({ access_token: token_1 }) - .end(function (error, result) { - expect(result.statusCode).to.equal(200); - - expect(result.body.apiServerOrigin).to.eql('http://localhost:6060'); - expect(result.body.webServerOrigin).to.eql(null); - expect(result.body.adminFqdn).to.eql(config.adminFqdn()); - expect(result.body.progress).to.be.an('object'); - expect(result.body.version).to.eql(config.version()); - expect(result.body.cloudronName).to.be.a('string'); - expect(result.body.provider).to.be.a('string'); - - expect(result.body.update).to.be(undefined); - expect(result.body.size).to.be(undefined); - expect(result.body.region).to.be(undefined); - expect(result.body.memory).to.be(undefined); - - done(); - }); - }); - }); -}); diff --git a/src/routes/user.js b/src/routes/user.js deleted file mode 100644 index c35627609..000000000 --- a/src/routes/user.js +++ /dev/null @@ -1,20 +0,0 @@ -'use strict'; - -exports = module.exports = { - getCloudronConfig: getCloudronConfig -}; - -var cloudron = require('../cloudron.js'), - HttpError = require('connect-lastmile').HttpError, - HttpSuccess = require('connect-lastmile').HttpSuccess, - _ = require('underscore'); - -function getCloudronConfig(req, res, next) { - cloudron.getConfig(function (error, cloudronConfig) { - if (error) return next(new HttpError(500, error)); - - var result = _.pick(cloudronConfig, 'apiServerOrigin', 'webServerOrigin', 'fqdn', 'adminFqdn', 'version', 'progress', 'isDemo', 'cloudronName', 'provider'); - - next(new HttpSuccess(200, result)); - }); -} diff --git a/src/server.js b/src/server.js index 989a03301..e471131a3 100644 --- a/src/server.js +++ b/src/server.js @@ -118,7 +118,6 @@ function initializeExpressSync() { router.post('/api/v1/developer/login', routes.developer.login); // cloudron routes - router.get ('/api/v1/cloudron/config', cloudronScope, routes.cloudron.getConfig); router.post('/api/v1/cloudron/update', cloudronScope, routes.cloudron.update); router.post('/api/v1/cloudron/check_for_updates', cloudronScope, routes.cloudron.checkForUpdates); router.post('/api/v1/cloudron/reboot', cloudronScope, routes.cloudron.reboot); @@ -132,8 +131,10 @@ function initializeExpressSync() { router.del ('/api/v1/cloudron/ssh/authorized_keys/:identifier', cloudronScope, routes.ssh.delAuthorizedKey); router.get ('/api/v1/cloudron/eventlog', cloudronScope, routes.eventlog.get); + // config route (for dashboard) + router.get ('/api/v1/config', profileScope, routes.cloudron.getConfig); + // working off the user behind the provided token - router.get ('/api/v1/user/cloudron_config', profileScope, routes.user.getCloudronConfig); router.get ('/api/v1/profile', profileScope, routes.profile.get); router.post('/api/v1/profile', profileScope, routes.profile.update); router.post('/api/v1/profile/password', profileScope, routes.users.verifyPassword, routes.profile.changePassword); diff --git a/src/test/server-test.js b/src/test/server-test.js index 00f06d0a1..f151d4d78 100644 --- a/src/test/server-test.js +++ b/src/test/server-test.js @@ -125,14 +125,14 @@ describe('Server', function () { }); it('config fails due missing token', function (done) { - superagent.get(SERVER_URL + '/api/v1/cloudron/config', function (err, res) { + superagent.get(SERVER_URL + '/api/v1/config', function (err, res) { expect(res.statusCode).to.equal(401); done(); }); }); it('config fails due wrong token', function (done) { - superagent.get(SERVER_URL + '/api/v1/cloudron/config').query({ access_token: 'somewrongtoken' }).end(function (err, res) { + superagent.get(SERVER_URL + '/api/v1/config').query({ access_token: 'somewrongtoken' }).end(function (err, res) { expect(res.statusCode).to.equal(401); done(); });