rc: methods marked as AuthRequired need auth unless --rc-no-auth

Methods which can read or mutate external storage will require authorisation - enforce this. This can be overidden by `--rc-no-auth`.
2018-11-03 16:37:09 +00:00 · 2018-11-03 16:37:09 +00:00 · fa0a9653d2
commit fa0a9653d2
parent 181267e20e
8 changed files with 102 additions and 4 deletions
--- a/fs/rc/rcserver/rcserver_test.go
+++ b/fs/rc/rcserver/rcserver_test.go
@ -537,6 +537,65 @@ func TestNoServe(t *testing.T) {
 	testServer(t, tests, &opt)
 }

+func TestAuthRequired(t *testing.T) {
+	tests := []testRun{{
+		Name:        "auth",
+		URL:         "rc/noopauth",
+		Method:      "POST",
+		Body:        `{}`,
+		ContentType: "application/javascript",
+		Status:      http.StatusForbidden,
+		Expected: `{
+	"error": "authentication must be set up on the rc server to use \"rc/noopauth\" or the --rc-no-auth flag must be in use",
+	"input": {},
+	"path": "rc/noopauth",
+	"status": 403
+}
+`,
+	}}
+	opt := newTestOpt()
+	opt.Serve = false
+	opt.Files = ""
+	opt.NoAuth = false
+	testServer(t, tests, &opt)
+}
+
+func TestNoAuth(t *testing.T) {
+	tests := []testRun{{
+		Name:        "auth",
+		URL:         "rc/noopauth",
+		Method:      "POST",
+		Body:        `{}`,
+		ContentType: "application/javascript",
+		Status:      http.StatusOK,
+		Expected:    "{}\n",
+	}}
+	opt := newTestOpt()
+	opt.Serve = false
+	opt.Files = ""
+	opt.NoAuth = true
+	testServer(t, tests, &opt)
+}
+
+func TestWithUserPass(t *testing.T) {
+	tests := []testRun{{
+		Name:        "auth",
+		URL:         "rc/noopauth",
+		Method:      "POST",
+		Body:        `{}`,
+		ContentType: "application/javascript",
+		Status:      http.StatusOK,
+		Expected:    "{}\n",
+	}}
+	opt := newTestOpt()
+	opt.Serve = false
+	opt.Files = ""
+	opt.NoAuth = false
+	opt.HTTPOptions.BasicUser = "user"
+	opt.HTTPOptions.BasicPass = "pass"
+	testServer(t, tests, &opt)
+}
+
 func TestRCAsync(t *testing.T) {
 	tests := []testRun{{
 		Name:        "ok",