cloudapi: add helper method to extract tenant channel from echo.Context
Extract the determination of tenant channel into a helper function. This will simplify handler and middleware methods, which won't have to implement the same logic by themselves. Fix the multi-tenancy unit test to pass the appropriate context when querying compose statuses, because the server that is being use has JWT enabled and expects the tenant to be set in it.
This commit is contained in:
Tomas Hozza
Tom Gundersen
parent
947a083aae
commit
6fa2aa7b4a
3 changed files with 25 additions and 10 deletions
|
|
@ -14,7 +14,6 @@ import (
|
|||
"github.com/google/uuid"
|
||||
"github.com/labstack/echo/v4"
|
||||
|
||||
"github.com/osbuild/osbuild-composer/internal/auth"
|
||||
"github.com/osbuild/osbuild-composer/internal/blueprint"
|
||||
"github.com/osbuild/osbuild-composer/internal/common"
|
||||
"github.com/osbuild/osbuild-composer/internal/distro"
|
||||
|
|
@ -123,15 +122,9 @@ func (h *apiHandlers) PostCompose(ctx echo.Context) error {
|
|||
}
|
||||
|
||||
// channel is empty if JWT is not enabled
|
||||
var channel string
|
||||
if h.server.config.JWTEnabled {
|
||||
tenant, err := auth.GetFromClaims(ctx.Request().Context(), h.server.config.TenantProviderFields)
|
||||
if err != nil {
|
||||
return HTTPErrorWithInternal(ErrorTenantNotFound, err)
|
||||
}
|
||||
|
||||
// prefix the tenant to prevent collisions if support for specifying channels in a request is ever added
|
||||
channel = "org-" + tenant
|
||||
channel, err := h.server.getTenantChannel(ctx)
|
||||
if err != nil {
|
||||
return HTTPErrorWithInternal(ErrorTenantNotFound, err)
|
||||
}
|
||||
|
||||
distribution := h.server.distros.GetDistro(request.Distribution)
|
||||
|
|
|
|||
21
internal/cloudapi/v2/middleware.go
Normal file
21
internal/cloudapi/v2/middleware.go
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
package v2
|
||||
|
||||
import (
|
||||
"github.com/labstack/echo/v4"
|
||||
"github.com/osbuild/osbuild-composer/internal/auth"
|
||||
)
|
||||
|
||||
// getTenantChannel returns the tenant channel for the provided request context
|
||||
func (s *Server) getTenantChannel(ctx echo.Context) (string, error) {
|
||||
// channel is empty if JWT is not enabled
|
||||
var channel string
|
||||
if s.config.JWTEnabled {
|
||||
tenant, err := auth.GetFromClaims(ctx.Request().Context(), s.config.TenantProviderFields)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
// prefix the tenant to prevent collisions if support for specifying channels in a request is ever added
|
||||
channel = "org-" + tenant
|
||||
}
|
||||
return channel, nil
|
||||
}
|
||||
|
|
@ -267,6 +267,7 @@ func TestMultitenancy(t *testing.T) {
|
|||
resp := test.APICall{
|
||||
Handler: handler,
|
||||
Method: http.MethodGet,
|
||||
Context: reqContext(c.orgID),
|
||||
Path: "/api/image-builder-composer/v2/composes/" + c.id.String(),
|
||||
ExpectedStatus: http.StatusOK,
|
||||
}.Do(t)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue