#219

Committed 01 Nov 2024 05:48PM UTC coverage: 67.887% (-29.6%) from 97.504%

Build # #219

Build Type

push

Run Details

408 of 601 relevant lines covered (67.89%)

0.68 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

28.13

/app/controllers/resource_controller.rb

require_relative 'application_controller'
require_relative '../lib/oauth2/token'
require_relative '../lib/basic_auth/token'
require_relative '../helpers/json_to_redis_helpers'

class ResourceController < ApplicationController
  helpers Sinatra::JsonHelper
  helpers Sinatra::JsonToRedisHelper
  helpers Sinatra::IdHelper
  helpers Sinatra::LinkHelper

  before do
    auth_header = env.fetch('HTTP_AUTHORIZATION', '')
    if auth_header.slice(0..5) == 'Bearer'
      session[:access_token] = auth_header.slice(7..-1)
    elsif auth_header.slice(0..4) == 'Basic'
      session[:basic_token] = auth_header.slice(6..-1)
    end
  end

  before do
    next unless request.post?
    if request.path_info == '/reset_with_array'
      authenticate!(admin: true)
    else
      authenticate!
    end
  end

  get '/healthcheck' do
    content_type :json
    return {success: true}.to_json
  end

  get '/:identifier' do
    link = PersistentLink.new(id: "#{params['identifier']}")
    redirect to(link.url) if link.get_url && link.get_url != ''
    status 400
    erb :bad_request
  end

  post '/' do
    link = new_link(json_params)
    if link.save
      status 201
      link.to_json
    else
      status 422
      return {error: "Invalid resource: 'url' required"}.to_json
    end
  end

  post '/create_with_array' do
    if !json_params.is_a?(Array)
      status 422
      return {error: "Invalid resource: must be array"}.to_json
    end
    if link_collection.save_all
      status 201
      link_collection.to_json
    else
      status 422
      return {error: "Invalid resource: 'url' required"}.to_json
    end
  end

  post '/create_empty_resource' do
    link = PersistentLink.new
    link.save(validate: false)
    link.id.to_json
  end

  post '/reset_with_array' do
    if link_collection.save_all
      omitted_stored_links.each do |link|
        link.url = ""
        link.save
      end
      status 201
      link_collection.to_json
    else
      status 422
      return {error: "Invalid resource: 'url' required for all resources"}.to_json
    end
  end

  def authenticate!(admin: false)
    if !session[:access_token] && session[:basic_token]
      token = BasicAuth::Token.new(basic_token: session[:basic_token])
    else
      token = OAuth2::Token.new(access_token: session[:access_token])
    end
    token.scope = 'admin' if admin

    unless token.valid?
      halt 401, { error: "Unauthorized: The user does not have sufficient privileges to perform this action." }.to_json
    end
  end

end

1	require_relative 'application_controller'	1✔
2	require_relative '../lib/oauth2/token'	1✔
3	require_relative '../lib/basic_auth/token'	1✔
4	require_relative '../helpers/json_to_redis_helpers'	1✔
5
6	class ResourceController < ApplicationController	1✔
7	helpers Sinatra::JsonHelper	1✔
8	helpers Sinatra::JsonToRedisHelper	1✔
9	helpers Sinatra::IdHelper	1✔
10	helpers Sinatra::LinkHelper	1✔
11
12	before do	1✔
13	auth_header = env.fetch('HTTP_AUTHORIZATION', '')	×
14	if auth_header.slice(0..5) == 'Bearer'	×
15	session[:access_token] = auth_header.slice(7..-1)	×
16	elsif auth_header.slice(0..4) == 'Basic'	×
17	session[:basic_token] = auth_header.slice(6..-1)	×
18	end
19	end
20
21	before do	1✔
22	next unless request.post?	×
23	if request.path_info == '/reset_with_array'	×
24	authenticate!(admin: true)	×
25	else
26	authenticate!	×
27	end
28	end
29
30	get '/healthcheck' do	1✔
31	content_type :json	×
32	return {success: true}.to_json	×
33	end
34
35	get '/:identifier' do	1✔
36	link = PersistentLink.new(id: "#{params['identifier']}")	×
37	redirect to(link.url) if link.get_url && link.get_url != ''	×
38	status 400	×
39	erb :bad_request	×
40	end
41
42	post '/' do	1✔
43	link = new_link(json_params)	×
44	if link.save	×
45	status 201	×
46	link.to_json	×
47	else
48	status 422	×
49	return {error: "Invalid resource: 'url' required"}.to_json	×
50	end
51	end
52
53	post '/create_with_array' do	1✔
54	if !json_params.is_a?(Array)	×
55	status 422	×
56	return {error: "Invalid resource: must be array"}.to_json	×
57	end
58	if link_collection.save_all	×
59	status 201	×
60	link_collection.to_json	×
61	else
62	status 422	×
63	return {error: "Invalid resource: 'url' required"}.to_json	×
64	end
65	end
66
67	post '/create_empty_resource' do	1✔
68	link = PersistentLink.new	×
69	link.save(validate: false)	×
70	link.id.to_json	×
71	end
72
73	post '/reset_with_array' do	1✔
74	if link_collection.save_all	×
75	omitted_stored_links.each do \|link\|	×
76	link.url = ""	×
77	link.save	×
78	end
79	status 201	×
80	link_collection.to_json	×
81	else
82	status 422	×
83	return {error: "Invalid resource: 'url' required for all resources"}.to_json	×
84	end
85	end
86
87	def authenticate!(admin: false)	1✔
88	if !session[:access_token] && session[:basic_token]	×
89	token = BasicAuth::Token.new(basic_token: session[:basic_token])	×
90	else
91	token = OAuth2::Token.new(access_token: session[:access_token])	×
92	end
93	token.scope = 'admin' if admin	×
94
95	unless token.valid?	×
96	halt 401, { error: "Unauthorized: The user does not have sufficient privileges to perform this action." }.to_json	×
97	end
98	end
99
100	end

NYULibraries / salon / #219

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous