credentials backport

This commit is contained in:
Pavel 2021-12-13 16:49:42 +03:00
parent 52109ee4ba
commit 5ddaa6fc8a
2 changed files with 67 additions and 8 deletions

View File

@ -31,10 +31,16 @@ var (
slashRegex = regexp.MustCompile(`/+$`) slashRegex = regexp.MustCompile(`/+$`)
) )
var DefaultScopes = []string{ var (
"integration_read", DefaultScopes = []string{
"integration_write", "integration_read",
} "integration_write",
}
DefaultCredentials = []string{
"/api/integration-modules/{code}",
"/api/integration-modules/{code}/edit",
}
)
var defaultCurrencies = map[string]string{ var defaultCurrencies = map[string]string{
"rub": "₽", "rub": "₽",
@ -123,7 +129,9 @@ func (u *Utils) GenerateToken() string {
} }
// GetAPIClient will initialize RetailCRM api client from url and key. // GetAPIClient will initialize RetailCRM api client from url and key.
func (u *Utils) GetAPIClient(url, key string, scopes []string) (*retailcrm.Client, int, error) { // Scopes will be used to determine if client is valid. If there are no scopes - credentials will be used instead.
func (u *Utils) GetAPIClient(
url, key string, scopes []string, credentials ...[]string) (*retailcrm.Client, int, error) {
client := retailcrm.New(url, key). client := retailcrm.New(url, key).
WithLogger(retailcrm.DebugLoggerAdapter(u.Logger)) WithLogger(retailcrm.DebugLoggerAdapter(u.Logger))
client.Debug = u.IsDebug client.Debug = u.IsDebug
@ -134,8 +142,15 @@ func (u *Utils) GetAPIClient(url, key string, scopes []string) (*retailcrm.Clien
} }
if res := u.checkScopes(cr.Scopes, scopes); len(res) != 0 { if res := u.checkScopes(cr.Scopes, scopes); len(res) != 0 {
u.Logger.Error(url, status, res) if len(credentials) == 0 || len(cr.Scopes) > 0 {
return nil, http.StatusBadRequest, errorutil.NewInsufficientScopesErr(res) u.Logger.Error(url, status, res)
return nil, http.StatusBadRequest, errorutil.NewInsufficientScopesErr(res)
}
if res := u.checkScopes(cr.Credentials, credentials[0]); len(res) != 0 {
u.Logger.Error(url, status, res)
return nil, http.StatusBadRequest, errorutil.NewInsufficientScopesErr(res)
}
} }
return client, 0, nil return client, 0, nil

View File

@ -97,7 +97,7 @@ func (u *UtilsTest) Test_GetAPIClient_FailAPI() {
} }
} }
func (u *UtilsTest) Test_GetAPIClient_FailAPICredentials() { func (u *UtilsTest) Test_GetAPIClient_FailAPIScopes() {
resp := retailcrm.CredentialResponse{ resp := retailcrm.CredentialResponse{
Success: true, Success: true,
Scopes: []string{}, Scopes: []string{},
@ -120,6 +120,50 @@ func (u *UtilsTest) Test_GetAPIClient_FailAPICredentials() {
} }
} }
func (u *UtilsTest) Test_GetAPIClient_FailAPICredentials() {
resp := retailcrm.CredentialResponse{
Success: true,
Credentials: []string{DefaultCredentials[0]},
SiteAccess: "all",
SitesAvailable: []string{},
}
data, _ := json.Marshal(resp)
defer gock.Off()
gock.New(testCRMURL).
Get("/credentials").
Reply(http.StatusOK).
BodyString(string(data))
_, status, err := u.utils.GetAPIClient(testCRMURL, "key", DefaultScopes, DefaultCredentials)
assert.Equal(u.T(), http.StatusBadRequest, status)
if assert.NotNil(u.T(), err) {
assert.True(u.T(), errors.Is(err, errorutil.ErrInsufficientScopes))
}
}
func (u *UtilsTest) Test_GetAPIClient_SuccessCredentials() {
resp := retailcrm.CredentialResponse{
Success: true,
Credentials: DefaultCredentials,
SiteAccess: "all",
SitesAvailable: []string{"site"},
}
data, _ := json.Marshal(resp)
defer gock.Off()
gock.New(testCRMURL).
Get("/credentials").
Reply(http.StatusOK).
BodyString(string(data))
_, status, err := u.utils.GetAPIClient(testCRMURL, "key", DefaultScopes, DefaultCredentials)
require.NoError(u.T(), err)
assert.Equal(u.T(), 0, status)
}
func (u *UtilsTest) Test_GetAPIClient_Success() { func (u *UtilsTest) Test_GetAPIClient_Success() {
resp := retailcrm.CredentialResponse{ resp := retailcrm.CredentialResponse{
Success: true, Success: true,