thomas.goyne_442

Committed 02 Jul 2024 07:51PM UTC coverage: 90.995% (+0.02%) from 90.974%

Build # thomas.goyne_442

Build Type

push

Evergreen

Committed by

web-flow

Commit Message

[RCORE-2146] CAPI Remove `is_fatal` flag flip (#7751)

Run Details

102372 of 180620 branches covered (56.68%)

0 of 1 new or added line in 1 file covered. (0.0%)

625 existing lines in 26 files now uncovered.

215592 of 236928 relevant lines covered (90.99%)

5608163.57 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

89.29

/test/object-store/util/sync/baas_admin_api.hpp

////////////////////////////////////////////////////////////////////////////
//
// Copyright 2021 Realm Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
////////////////////////////////////////////////////////////////////////////

#pragma once

#ifdef REALM_ENABLE_SYNC
#ifdef REALM_ENABLE_AUTH_TESTS

#include <util/sync/sync_test_utils.hpp>

#include <realm/object-store/property.hpp>
#include <realm/object-store/object_schema.hpp>
#include <realm/object-store/schema.hpp>

#include <realm/object-store/sync/app_credentials.hpp>
#include <realm/object-store/sync/generic_network_transport.hpp>

#include <realm/util/logger.hpp>

#include <external/json/json.hpp>
#include <external/mpark/variant.hpp>

namespace realm {

class AdminAPIEndpoint {
public:
    app::Response get(const std::vector<std::pair<std::string, std::string>>& params = {}) const;
    app::Response patch(std::string body) const;
    app::Response post(std::string body) const;
    app::Response put(std::string body) const;
    app::Response del() const;
    nlohmann::json get_json(const std::vector<std::pair<std::string, std::string>>& params = {}) const;
    nlohmann::json patch_json(nlohmann::json body) const;
    nlohmann::json post_json(nlohmann::json body) const;
    nlohmann::json put_json(nlohmann::json body) const;

    AdminAPIEndpoint operator[](StringData name) const;

protected:
    friend class AdminAPISession;
    AdminAPIEndpoint(std::string url, std::string access_token)
        : m_url(std::move(url))
        , m_access_token(std::move(access_token))
    {
    }

    app::Response do_request(app::Request request) const;

private:
    std::string m_url;
    std::string m_access_token;
};

struct AppCreateConfig;

class AdminAPISession {
public:
    static AdminAPISession login(const AppCreateConfig& config);

    enum class APIFamily { Admin, Private };
    AdminAPIEndpoint apps(APIFamily family = APIFamily::Admin) const;
    void revoke_user_sessions(const std::string& user_id, const std::string& app_id) const;
    void disable_user_sessions(const std::string& user_id, const std::string& app_id) const;
    void enable_user_sessions(const std::string& user_id, const std::string& app_id) const;
    bool verify_access_token(const std::string& access_token, const std::string& app_id) const;
    void set_development_mode_to(const std::string& app_id, bool enable) const;
    void delete_app(const std::string& app_id) const;
    void trigger_client_reset(const std::string& app_id, int64_t file_ident) const;
    void migrate_to_flx(const std::string& app_id, const std::string& service_id, bool migrate_to_flx) const;
    void create_schema(const std::string& app_id, const AppCreateConfig& config, bool use_draft = true) const;

    struct Service {
        std::string id;
        std::string name;
        std::string type;
        int64_t version;
        int64_t last_modified;
    };
    struct ServiceConfig {
        enum class SyncMode { Partitioned, Flexible } mode = SyncMode::Partitioned;
        std::string database_name;
        util::Optional<nlohmann::json> partition;
        util::Optional<nlohmann::json> queryable_field_names;
        util::Optional<nlohmann::json> permissions;
        util::Optional<nlohmann::json> asymmetric_tables;
        std::string state;
        bool recovery_is_disabled = false;
        std::string_view sync_service_name()
        {
            if (mode == SyncMode::Flexible) {
                return "flexible_sync";
            }
            else {
                return "sync";
            }
        }
    };

    std::vector<Service> get_services(const std::string& app_id) const;
    std::vector<std::string> get_errors(const std::string& app_id) const;
    Service get_sync_service(const std::string& app_id) const;
    ServiceConfig get_config(const std::string& app_id, const Service& service) const;
    ServiceConfig disable_sync(const std::string& app_id, const std::string& service_id,
                               ServiceConfig sync_config) const;
    ServiceConfig pause_sync(const std::string& app_id, const std::string& service_id,
                             ServiceConfig sync_config) const;
    ServiceConfig enable_sync(const std::string& app_id, const std::string& service_id,
                              ServiceConfig sync_config) const;
    ServiceConfig set_disable_recovery_to(const std::string& app_id, const std::string& service_id,
                                          ServiceConfig sync_config, bool disable) const;
    struct SchemaVersionInfo {
        int64_t version_major;
    };
    std::vector<SchemaVersionInfo> get_schema_versions(const std::string& app_id) const;
    bool is_sync_enabled(const std::string& app_id) const;
    bool is_sync_terminated(const std::string& app_id) const;
    bool is_initial_sync_complete(const std::string& app_id) const;

    struct MigrationStatus {
        std::string statusMessage;
        bool isMigrated = false;
        bool isCancelable = false;
        bool isRevertible = false;
        bool complete = false;
    };

    MigrationStatus get_migration_status(const std::string& app_id) const;

    const std::string& admin_url() const noexcept
    {
        return m_base_url;
    }

private:
    AdminAPISession(std::string admin_url, std::string access_token, std::string group_id)
        : m_base_url(std::move(admin_url))
        , m_access_token(std::move(access_token))
        , m_group_id(std::move(group_id))
    {
    }

    AdminAPIEndpoint service_config_endpoint(const std::string& app_id, const std::string& service_id) const;

    std::string m_base_url;
    std::string m_access_token;
    std::string m_group_id;
};

struct AppCreateConfig {
    struct FunctionDef {
        std::string name;
        std::string source;
        bool is_private;
    };

    struct UserPassAuthConfig {
        bool auto_confirm;
        std::string confirm_email_subject;
        std::string confirmation_function_name;
        std::string email_confirmation_url;
        std::string reset_function_name;
        std::string reset_password_subject;
        std::string reset_password_url;
        bool run_confirmation_function;
        bool run_reset_function;
    };

    struct ServiceRoleDocumentFilters {
        nlohmann::json read;
        nlohmann::json write;
    };

    // ServiceRole represents the set of permissions used MongoDB-based services (Flexible Sync, DataAPI, GraphQL,
    // etc.). In flexible sync, roles are assigned on a per-table, per-session basis by the server. NB: there are
    // restrictions on the role configuration when used with flexible sync. See
    // https://www.mongodb.com/docs/atlas/app-services/rules/sync-compatibility/ for more information.
    struct ServiceRole {
        std::string name;

        // apply_when describes when a role applies. Set it to an empty JSON expression ("{}") if
        // the role should always apply
        nlohmann::json apply_when = nlohmann::json::object();

        // document_filters describe which objects can be read from/written to, as
        // specified by the below read and write expressions. Set both to true to give read/write
        // access on all objects
        ServiceRoleDocumentFilters document_filters;

        // insert_filter and delete_filter describe which objects can be created and erased by the client,
        // respectively. Set both to true if all objects can be created/erased by the client
        nlohmann::json insert_filter;
        nlohmann::json delete_filter;

        // read and write describe the permissions for "read-all-fields"/"write-all-fields" behavior. Set both to true
        // if all fields should have read/write access
        nlohmann::json read;
        nlohmann::json write;

        // NB: for more granular field-level permissions, the "fields" and "additional_fields" keys can be included in
        // a service role to describe which fields individually can be read/written. These fields have been omitted
        // here for simplicity
    };

    struct FLXSyncConfig {
        std::vector<std::string> queryable_fields;
    };

    std::string app_name;
    std::string app_url;
    std::string admin_url;
    std::string admin_username;
    std::string admin_password;

    std::string mongo_uri;
    std::string mongo_dbname;

    Schema schema;
    Property partition_key;
    bool dev_mode_enabled;
    util::Optional<FLXSyncConfig> flx_sync_config;

    std::vector<FunctionDef> functions;

    util::Optional<UserPassAuthConfig> user_pass_auth;
    util::Optional<std::string> custom_function_auth;
    bool enable_api_key_auth = false;
    bool enable_anonymous_auth = false;
    bool enable_custom_token_auth = false;

    std::vector<ServiceRole> service_roles;

    std::shared_ptr<util::Logger> logger;
};

realm::Schema get_default_schema();
AppCreateConfig default_app_config();
AppCreateConfig minimal_app_config(const std::string& name, const Schema& schema);

struct AppSession {
    std::string client_app_id;
    std::string server_app_id;
    AdminAPISession admin_api;
    AppCreateConfig config;
};
AppSession create_app(const AppCreateConfig& config);

// This will create a new test app in the baas server - base_url and admin_url
// are automatically set
AppSession get_runtime_app_session();

std::string get_mongodb_server();
std::string get_base_url();
std::string get_admin_url();

template <typename Factory>
inline app::AppConfig get_config(Factory factory, const AppSession& app_session)
{
    return {app_session.client_app_id,
            factory,
            app_session.config.app_url,
            util::none,
            {"Object Store Platform Version Blah", "An sdk version", "An sdk name", "A device name",
             "A device version", "A framework name", "A framework version", "A bundle id"}};
}

} // namespace realm

#endif // REALM_ENABLE_AUTH_TESTS
#endif // REALM_ENABLE_SYNC

1	////////////////////////////////////////////////////////////////////////////
2	//
3	// Copyright 2021 Realm Inc.
4	//
5	// Licensed under the Apache License, Version 2.0 (the "License");
6	// you may not use this file except in compliance with the License.
7	// You may obtain a copy of the License at
8	//
9	// http://www.apache.org/licenses/LICENSE-2.0
10	//
11	// Unless required by applicable law or agreed to in writing, software
12	// distributed under the License is distributed on an "AS IS" BASIS,
13	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14	// See the License for the specific language governing permissions and
15	// limitations under the License.
16	//
17	////////////////////////////////////////////////////////////////////////////
18
19	#pragma once
20
21	#ifdef REALM_ENABLE_SYNC
22	#ifdef REALM_ENABLE_AUTH_TESTS
23
24	#include <util/sync/sync_test_utils.hpp>
25
26	#include <realm/object-store/property.hpp>
27	#include <realm/object-store/object_schema.hpp>
28	#include <realm/object-store/schema.hpp>
29
30	#include <realm/object-store/sync/app_credentials.hpp>
31	#include <realm/object-store/sync/generic_network_transport.hpp>
32
33	#include <realm/util/logger.hpp>
34
35	#include <external/json/json.hpp>
36	#include <external/mpark/variant.hpp>
37
38	namespace realm {
39
40	class AdminAPIEndpoint {
41	public:
42	app::Response get(const std::vector<std::pair<std::string, std::string>>& params = {}) const;
43	app::Response patch(std::string body) const;
44	app::Response post(std::string body) const;
45	app::Response put(std::string body) const;
46	app::Response del() const;
47	nlohmann::json get_json(const std::vector<std::pair<std::string, std::string>>& params = {}) const;
48	nlohmann::json patch_json(nlohmann::json body) const;
49	nlohmann::json post_json(nlohmann::json body) const;
50	nlohmann::json put_json(nlohmann::json body) const;
51
52	AdminAPIEndpoint operator[](StringData name) const;
53
54	protected:
55	friend class AdminAPISession;
56	AdminAPIEndpoint(std::string url, std::string access_token)
57	: m_url(std::move(url))	11,540✔
58	, m_access_token(std::move(access_token))	11,540✔
59	{	23,897✔
60	}	23,897✔
61
62	app::Response do_request(app::Request request) const;
63
64	private:
65	std::string m_url;
66	std::string m_access_token;
67	};
68
69	struct AppCreateConfig;
70
71	class AdminAPISession {
72	public:
73	static AdminAPISession login(const AppCreateConfig& config);
74
75	enum class APIFamily { Admin, Private };
76	AdminAPIEndpoint apps(APIFamily family = APIFamily::Admin) const;
77	void revoke_user_sessions(const std::string& user_id, const std::string& app_id) const;
78	void disable_user_sessions(const std::string& user_id, const std::string& app_id) const;
79	void enable_user_sessions(const std::string& user_id, const std::string& app_id) const;
80	bool verify_access_token(const std::string& access_token, const std::string& app_id) const;
81	void set_development_mode_to(const std::string& app_id, bool enable) const;
82	void delete_app(const std::string& app_id) const;
83	void trigger_client_reset(const std::string& app_id, int64_t file_ident) const;
84	void migrate_to_flx(const std::string& app_id, const std::string& service_id, bool migrate_to_flx) const;
85	void create_schema(const std::string& app_id, const AppCreateConfig& config, bool use_draft = true) const;
86
87	struct Service {
88	std::string id;
89	std::string name;
90	std::string type;
91	int64_t version;
92	int64_t last_modified;
93	};
94	struct ServiceConfig {
95	enum class SyncMode { Partitioned, Flexible } mode = SyncMode::Partitioned;
96	std::string database_name;
97	util::Optional<nlohmann::json> partition;
98	util::Optional<nlohmann::json> queryable_field_names;
99	util::Optional<nlohmann::json> permissions;
100	util::Optional<nlohmann::json> asymmetric_tables;
101	std::string state;
102	bool recovery_is_disabled = false;
103	std::string_view sync_service_name()
104	{
105	if (mode == SyncMode::Flexible) {
106	return "flexible_sync";
107	}
108	else {	387✔
109	return "sync";	387✔
110	}	199✔
111	}	199✔
112	};	188✔
113		188✔
114	std::vector<Service> get_services(const std::string& app_id) const;	188✔
115	std::vector<std::string> get_errors(const std::string& app_id) const;	387✔
116	Service get_sync_service(const std::string& app_id) const;
117	ServiceConfig get_config(const std::string& app_id, const Service& service) const;
118	ServiceConfig disable_sync(const std::string& app_id, const std::string& service_id,
119	ServiceConfig sync_config) const;
120	ServiceConfig pause_sync(const std::string& app_id, const std::string& service_id,
121	ServiceConfig sync_config) const;
122	ServiceConfig enable_sync(const std::string& app_id, const std::string& service_id,
123	ServiceConfig sync_config) const;
124	ServiceConfig set_disable_recovery_to(const std::string& app_id, const std::string& service_id,
125	ServiceConfig sync_config, bool disable) const;
126	struct SchemaVersionInfo {
127	int64_t version_major;
128	};
129	std::vector<SchemaVersionInfo> get_schema_versions(const std::string& app_id) const;
130	bool is_sync_enabled(const std::string& app_id) const;
131	bool is_sync_terminated(const std::string& app_id) const;
132	bool is_initial_sync_complete(const std::string& app_id) const;
133
134	struct MigrationStatus {
135	std::string statusMessage;
136	bool isMigrated = false;
137	bool isCancelable = false;
138	bool isRevertible = false;
139	bool complete = false;
140	};
141
142	MigrationStatus get_migration_status(const std::string& app_id) const;
143
144	const std::string& admin_url() const noexcept
145	{
146	return m_base_url;
147	}
148
149	private:
150	AdminAPISession(std::string admin_url, std::string access_token, std::string group_id)
UNCOV 151	: m_base_url(std::move(admin_url))	×
UNCOV 152	, m_access_token(std::move(access_token))	×
UNCOV 153	, m_group_id(std::move(group_id))	×
154	{
155	}
156
157	AdminAPIEndpoint service_config_endpoint(const std::string& app_id, const std::string& service_id) const;	182✔
158		182✔
159	std::string m_base_url;	182✔
160	std::string m_access_token;	381✔
161	std::string m_group_id;	381✔
162	};
163
164	struct AppCreateConfig {
165	struct FunctionDef {
166	std::string name;
167	std::string source;
168	bool is_private;
169	};
170
171	struct UserPassAuthConfig {
172	bool auto_confirm;
173	std::string confirm_email_subject;
174	std::string confirmation_function_name;
175	std::string email_confirmation_url;
176	std::string reset_function_name;
177	std::string reset_password_subject;
178	std::string reset_password_url;
179	bool run_confirmation_function;
180	bool run_reset_function;
181	};
182
183	struct ServiceRoleDocumentFilters {
184	nlohmann::json read;
185	nlohmann::json write;
186	};
187
188	// ServiceRole represents the set of permissions used MongoDB-based services (Flexible Sync, DataAPI, GraphQL,
189	// etc.). In flexible sync, roles are assigned on a per-table, per-session basis by the server. NB: there are
190	// restrictions on the role configuration when used with flexible sync. See
191	// https://www.mongodb.com/docs/atlas/app-services/rules/sync-compatibility/ for more information.
192	struct ServiceRole {
193	std::string name;
194
195	// apply_when describes when a role applies. Set it to an empty JSON expression ("{}") if
196	// the role should always apply
197	nlohmann::json apply_when = nlohmann::json::object();
198
199	// document_filters describe which objects can be read from/written to, as
200	// specified by the below read and write expressions. Set both to true to give read/write
201	// access on all objects
202	ServiceRoleDocumentFilters document_filters;
203
204	// insert_filter and delete_filter describe which objects can be created and erased by the client,
205	// respectively. Set both to true if all objects can be created/erased by the client
206	nlohmann::json insert_filter;
207	nlohmann::json delete_filter;
208
209	// read and write describe the permissions for "read-all-fields"/"write-all-fields" behavior. Set both to true
210	// if all fields should have read/write access
211	nlohmann::json read;
212	nlohmann::json write;
213
214	// NB: for more granular field-level permissions, the "fields" and "additional_fields" keys can be included in
215	// a service role to describe which fields individually can be read/written. These fields have been omitted
216	// here for simplicity
217	};
218
219	struct FLXSyncConfig {
220	std::vector<std::string> queryable_fields;
221	};
222
223	std::string app_name;
224	std::string app_url;
225	std::string admin_url;
226	std::string admin_username;
227	std::string admin_password;
228
229	std::string mongo_uri;
230	std::string mongo_dbname;
231
232	Schema schema;
233	Property partition_key;
234	bool dev_mode_enabled;
235	util::Optional<FLXSyncConfig> flx_sync_config;
236
237	std::vector<FunctionDef> functions;
238
239	util::Optional<UserPassAuthConfig> user_pass_auth;
240	util::Optional<std::string> custom_function_auth;
241	bool enable_api_key_auth = false;
242	bool enable_anonymous_auth = false;
243	bool enable_custom_token_auth = false;
244
245	std::vector<ServiceRole> service_roles;
246
247	std::shared_ptr<util::Logger> logger;
248	};
249
250	realm::Schema get_default_schema();
251	AppCreateConfig default_app_config();
252	AppCreateConfig minimal_app_config(const std::string& name, const Schema& schema);
253
254	struct AppSession {
255	std::string client_app_id;
256	std::string server_app_id;
257	AdminAPISession admin_api;
258	AppCreateConfig config;
259	};
260	AppSession create_app(const AppCreateConfig& config);
261
262	// This will create a new test app in the baas server - base_url and admin_url
263	// are automatically set
264	AppSession get_runtime_app_session();
265
266	std::string get_mongodb_server();
267	std::string get_base_url();
268	std::string get_admin_url();
269
270	template <typename Factory>
271	inline app::AppConfig get_config(Factory factory, const AppSession& app_session)
272	{
273	return {app_session.client_app_id,
274	factory,
275	app_session.config.app_url,
276	util::none,
277	{"Object Store Platform Version Blah", "An sdk version", "An sdk name", "A device name",
278	"A device version", "A framework name", "A framework version", "A bundle id"}};
279	}	535✔
280		535✔
281	} // namespace realm	535✔
282		535✔
283	#endif // REALM_ENABLE_AUTH_TESTS	535✔
284	#endif // REALM_ENABLE_SYNC	535✔

realm / realm-core / thomas.goyne_442

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous