1932303283

Committed 17 Jul 2025 12:36PM UTC coverage: 65.43% (-0.09%) from 65.521%

Build # 1932303283

Build Type

Pull #790

gitlab-ci

Committed by

bahaa-ghazal

Commit Message

feat(deployments): Implement new v2 GET `/artifacts` endpoint

Ticket: MEN-8181
Changelog: Title
Signed-off-by: Bahaa Aldeen Ghazal <bahaa.ghazal@northern.tech>

Pull Request Pull Request #790: feat(deployments): Implement new v2 GET `/artifacts` endpoint

Run Details

139 of 233 new or added lines in 7 files covered. (59.66%)

368 existing lines in 15 files now uncovered.

32211 of 49230 relevant lines covered (65.43%)

1.39 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

98.77

/backend/services/deviceauth/api/http/routing.go

// Copyright 2023 Northern.tech AS
//
//        Licensed under the Apache License, Version 2.0 (the "License");
//        you may not use this file except in compliance with the License.
//        You may obtain a copy of the License at
//
//            http://www.apache.org/licenses/LICENSE-2.0
//
//        Unless required by applicable law or agreed to in writing, software
//        distributed under the License is distributed on an "AS IS" BASIS,
//        WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//        See the License for the specific language governing permissions and
//        limitations under the License.
package http

import (
        "net/http"
        "strings"

        "github.com/gin-gonic/gin"

        "github.com/mendersoftware/mender-server/pkg/contenttype"
        "github.com/mendersoftware/mender-server/pkg/identity"
        "github.com/mendersoftware/mender-server/pkg/routing"
        "github.com/mendersoftware/mender-server/services/deviceauth/devauth"
        "github.com/mendersoftware/mender-server/services/deviceauth/store"
        "github.com/mendersoftware/mender-server/services/deviceauth/utils"
)

const (
        apiUrlDevicesV1 = "/api/devices/v1/authentication"
        uriAuthReqs     = "/auth_requests"

        // internal API
        apiUrlInternalV1      = "/api/internal/v1/devauth"
        uriAlive              = "/alive"
        uriHealth             = "/health"
        uriTokenVerify        = "/tokens/verify"
        uriTenantLimit        = "/tenant/:id/limits/:name"
        uriTokens             = "/tokens"
        uriTenants            = "/tenants"
        uriTenantDevice       = "/tenants/:tid/devices/:did"
        uriTenantDeviceStatus = "/tenants/:tid/devices/:did/status"
        uriTenantDevices      = "/tenants/:tid/devices"
        uriTenantDevicesCount = "/tenants/:tid/devices/count"

        // management API v2
        apiUrlManagementV2       = "/api/management/v2/devauth"
        v2uriDevices             = "/devices"
        v2uriDevicesCount        = "/devices/count"
        v2uriDevicesSearch       = "/devices/search"
        v2uriDevice              = "/devices/:id"
        v2uriDeviceAuthSet       = "/devices/:id/auth/:aid"
        v2uriDeviceAuthSetStatus = "/devices/:id/auth/:aid/status"
        v2uriToken               = "/tokens/:id"
        v2uriDevicesLimit        = "/limits/:name"

        HdrAuthReqSign = "X-MEN-Signature"
)

type HttpOptionsGenerator func(methods []string) gin.HandlerFunc

func AllowHeaderOptionsGenerator(methods []string) gin.HandlerFunc {
        // return a dummy handler for now
        return func(c *gin.Context) {
                for _, m := range methods {
                        c.Writer.Header().Add("Allow", m)
                }
        }
}

func supportsMethod(method string, methods []string) bool {
        return utils.ContainsString(method, methods)
}

// Automatically add OPTIONS method support for each defined route,
// only if there's no OPTIONS handler for that route yet
func AutogenOptionsRoutes(router *gin.Engine, gen HttpOptionsGenerator) {

        routes := router.Routes()
        methodGroups := make(map[string][]string, len(routes))

        for _, route := range routes {
                if strings.HasPrefix(route.Path, "/api/internal") {
                        continue
                }
                methods, ok := methodGroups[route.Path]
                if !ok {
                        methods = make([]string, 0)
                }

                methodGroups[route.Path] = append(methods, route.Method)
        }

        for route, methods := range methodGroups {
                // skip if there's a handler for OPTIONS already
                if !supportsMethod(http.MethodOptions, methods) {
                        router.OPTIONS(route, gen(methods))
                }
        }

}

func NewRouter(app devauth.App, db store.DataStore) http.Handler {
        router := routing.NewGinRouter()

        d := NewDevAuthApiHandlers(app, db)

        publicAPIs := router.Group(".")
        publicAPIs.Use(identity.Middleware())

        mgmtAPIV2 := publicAPIs.Group(apiUrlManagementV2)
        devicesAPIs := router.Group(apiUrlDevicesV1)

        // Devices API
        devicesAPIs.Group(".").Use(contenttype.CheckJSON()).
                POST(uriAuthReqs, d.SubmitAuthRequestHandler)

        // API v2
        mgmtAPIV2.GET(v2uriDevicesCount, d.GetDevicesCountHandler)
        mgmtAPIV2.GET(v2uriDevices, d.GetDevicesV2Handler)
        mgmtAPIV2.GET(v2uriDevice, d.GetDeviceV2Handler)
        mgmtAPIV2.GET(v2uriDeviceAuthSetStatus, d.GetAuthSetStatusHandler)
        mgmtAPIV2.GET(v2uriDevicesLimit, d.GetLimitHandler)
        mgmtAPIV2.DELETE(v2uriDevice, d.DecommissionDeviceHandler)
        mgmtAPIV2.DELETE(v2uriDeviceAuthSet, d.DeleteDeviceAuthSetHandler)
        mgmtAPIV2.DELETE(v2uriToken, d.DeleteTokenHandler)
        mgmtAPIV2.Group(".").Use(contenttype.CheckJSON()).
                POST(v2uriDevices, d.PostDevicesV2Handler).
                PUT(v2uriDeviceAuthSetStatus, d.UpdateDeviceStatusHandler).
                POST(v2uriDevicesSearch, d.SearchDevicesV2Handler)

        // automatically add Option routes for public endpoints
        AutogenOptionsRoutes(router, AllowHeaderOptionsGenerator)

        intrnlAPIV1 := router.Group(apiUrlInternalV1)

        intrnlAPIV1.GET(uriAlive, d.AliveHandler)
        intrnlAPIV1.GET(uriHealth, d.HealthCheckHandler)
        intrnlAPIV1.GET(uriTokenVerify,
                identity.Middleware(),
                d.VerifyTokenHandler)
        intrnlAPIV1.POST(uriTokenVerify,
                identity.Middleware(),
                d.VerifyTokenHandler)
        intrnlAPIV1.DELETE(uriTokens, d.DeleteTokensHandler)
        intrnlAPIV1.PUT(uriTenantLimit, d.PutTenantLimitHandler)
        intrnlAPIV1.GET(uriTenantLimit, d.GetTenantLimitHandler)
        intrnlAPIV1.DELETE(uriTenantLimit, d.DeleteTenantLimitHandler)
        intrnlAPIV1.POST(uriTenants, d.ProvisionTenantHandler)
        intrnlAPIV1.GET(uriTenantDeviceStatus, d.GetTenantDeviceStatus)
        intrnlAPIV1.GET(uriTenantDevices, d.GetTenantDevicesHandler)
        intrnlAPIV1.GET(uriTenantDevicesCount, d.GetTenantDevicesCountHandler)
        intrnlAPIV1.DELETE(uriTenantDevice, d.DeleteDeviceHandler)

        return router
}

1	// Copyright 2023 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14	package http
15
16	import (
17	"net/http"
18	"strings"
19
20	"github.com/gin-gonic/gin"
21
22	"github.com/mendersoftware/mender-server/pkg/contenttype"
23	"github.com/mendersoftware/mender-server/pkg/identity"
24	"github.com/mendersoftware/mender-server/pkg/routing"
25	"github.com/mendersoftware/mender-server/services/deviceauth/devauth"
26	"github.com/mendersoftware/mender-server/services/deviceauth/store"
27	"github.com/mendersoftware/mender-server/services/deviceauth/utils"
28	)
29
30	const (
31	apiUrlDevicesV1 = "/api/devices/v1/authentication"
32	uriAuthReqs = "/auth_requests"
33
34	// internal API
35	apiUrlInternalV1 = "/api/internal/v1/devauth"
36	uriAlive = "/alive"
37	uriHealth = "/health"
38	uriTokenVerify = "/tokens/verify"
39	uriTenantLimit = "/tenant/:id/limits/:name"
40	uriTokens = "/tokens"
41	uriTenants = "/tenants"
42	uriTenantDevice = "/tenants/:tid/devices/:did"
43	uriTenantDeviceStatus = "/tenants/:tid/devices/:did/status"
44	uriTenantDevices = "/tenants/:tid/devices"
45	uriTenantDevicesCount = "/tenants/:tid/devices/count"
46
47	// management API v2
48	apiUrlManagementV2 = "/api/management/v2/devauth"
49	v2uriDevices = "/devices"
50	v2uriDevicesCount = "/devices/count"
51	v2uriDevicesSearch = "/devices/search"
52	v2uriDevice = "/devices/:id"
53	v2uriDeviceAuthSet = "/devices/:id/auth/:aid"
54	v2uriDeviceAuthSetStatus = "/devices/:id/auth/:aid/status"
55	v2uriToken = "/tokens/:id"
56	v2uriDevicesLimit = "/limits/:name"
57
58	HdrAuthReqSign = "X-MEN-Signature"
59	)
60
61	type HttpOptionsGenerator func(methods []string) gin.HandlerFunc
62
63	func AllowHeaderOptionsGenerator(methods []string) gin.HandlerFunc {	3✔
64	// return a dummy handler for now	3✔
65	return func(c *gin.Context) {	4✔
66	for _, m := range methods {	2✔
67	c.Writer.Header().Add("Allow", m)	1✔
68	}	1✔
69	}
70	}
71
72	func supportsMethod(method string, methods []string) bool {	3✔
73	return utils.ContainsString(method, methods)	3✔
74	}	3✔
75
76	// Automatically add OPTIONS method support for each defined route,
77	// only if there's no OPTIONS handler for that route yet
78	func AutogenOptionsRoutes(router *gin.Engine, gen HttpOptionsGenerator) {	3✔
79		3✔
80	routes := router.Routes()	3✔
81	methodGroups := make(map[string][]string, len(routes))	3✔
82		3✔
83	for _, route := range routes {	6✔
84	if strings.HasPrefix(route.Path, "/api/internal") {	3✔
UNCOV 85	continue	×
86	}
87	methods, ok := methodGroups[route.Path]	3✔
88	if !ok {	6✔
89	methods = make([]string, 0)	3✔
90	}	3✔
91
92	methodGroups[route.Path] = append(methods, route.Method)	3✔
93	}
94
95	for route, methods := range methodGroups {	6✔
96	// skip if there's a handler for OPTIONS already	3✔
97	if !supportsMethod(http.MethodOptions, methods) {	6✔
98	router.OPTIONS(route, gen(methods))	3✔
99	}	3✔
100	}
101
102	}
103
104	func NewRouter(app devauth.App, db store.DataStore) http.Handler {	3✔
105	router := routing.NewGinRouter()	3✔
106		3✔
107	d := NewDevAuthApiHandlers(app, db)	3✔
108		3✔
109	publicAPIs := router.Group(".")	3✔
110	publicAPIs.Use(identity.Middleware())	3✔
111		3✔
112	mgmtAPIV2 := publicAPIs.Group(apiUrlManagementV2)	3✔
113	devicesAPIs := router.Group(apiUrlDevicesV1)	3✔
114		3✔
115	// Devices API	3✔
116	devicesAPIs.Group(".").Use(contenttype.CheckJSON()).	3✔
117	POST(uriAuthReqs, d.SubmitAuthRequestHandler)	3✔
118		3✔
119	// API v2	3✔
120	mgmtAPIV2.GET(v2uriDevicesCount, d.GetDevicesCountHandler)	3✔
121	mgmtAPIV2.GET(v2uriDevices, d.GetDevicesV2Handler)	3✔
122	mgmtAPIV2.GET(v2uriDevice, d.GetDeviceV2Handler)	3✔
123	mgmtAPIV2.GET(v2uriDeviceAuthSetStatus, d.GetAuthSetStatusHandler)	3✔
124	mgmtAPIV2.GET(v2uriDevicesLimit, d.GetLimitHandler)	3✔
125	mgmtAPIV2.DELETE(v2uriDevice, d.DecommissionDeviceHandler)	3✔
126	mgmtAPIV2.DELETE(v2uriDeviceAuthSet, d.DeleteDeviceAuthSetHandler)	3✔
127	mgmtAPIV2.DELETE(v2uriToken, d.DeleteTokenHandler)	3✔
128	mgmtAPIV2.Group(".").Use(contenttype.CheckJSON()).	3✔
129	POST(v2uriDevices, d.PostDevicesV2Handler).	3✔
130	PUT(v2uriDeviceAuthSetStatus, d.UpdateDeviceStatusHandler).	3✔
131	POST(v2uriDevicesSearch, d.SearchDevicesV2Handler)	3✔
132		3✔
133	// automatically add Option routes for public endpoints	3✔
134	AutogenOptionsRoutes(router, AllowHeaderOptionsGenerator)	3✔
135		3✔
136	intrnlAPIV1 := router.Group(apiUrlInternalV1)	3✔
137		3✔
138	intrnlAPIV1.GET(uriAlive, d.AliveHandler)	3✔
139	intrnlAPIV1.GET(uriHealth, d.HealthCheckHandler)	3✔
140	intrnlAPIV1.GET(uriTokenVerify,	3✔
141	identity.Middleware(),	3✔
142	d.VerifyTokenHandler)	3✔
143	intrnlAPIV1.POST(uriTokenVerify,	3✔
144	identity.Middleware(),	3✔
145	d.VerifyTokenHandler)	3✔
146	intrnlAPIV1.DELETE(uriTokens, d.DeleteTokensHandler)	3✔
147	intrnlAPIV1.PUT(uriTenantLimit, d.PutTenantLimitHandler)	3✔
148	intrnlAPIV1.GET(uriTenantLimit, d.GetTenantLimitHandler)	3✔
149	intrnlAPIV1.DELETE(uriTenantLimit, d.DeleteTenantLimitHandler)	3✔
150	intrnlAPIV1.POST(uriTenants, d.ProvisionTenantHandler)	3✔
151	intrnlAPIV1.GET(uriTenantDeviceStatus, d.GetTenantDeviceStatus)	3✔
152	intrnlAPIV1.GET(uriTenantDevices, d.GetTenantDevicesHandler)	3✔
153	intrnlAPIV1.GET(uriTenantDevicesCount, d.GetTenantDevicesCountHandler)	3✔
154	intrnlAPIV1.DELETE(uriTenantDevice, d.DeleteDeviceHandler)	3✔
155		3✔
156	return router	3✔
157	}	3✔

mendersoftware / mender-server / 1932303283

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous