Commit a95c289e authored by Antonio Terceiro's avatar Antonio Terceiro

api: don't display retry button to unauthenticated users

parent 3bb70b83
...@@ -126,7 +126,12 @@ module Debci ...@@ -126,7 +126,12 @@ module Debci
Presents a simple UI for retrying a test Presents a simple UI for retrying a test
EOF EOF
get '/retry/:run_id' do get '/retry/:run_id' do
erb :retry @user = ENV['FAKE_CERTIFICATE_USER'] || env['SSL_CLIENT_S_DN_CN']
if @user
erb :retry
else
[403, erb(:cant_retry)]
end
end end
doc <<-EOF doc <<-EOF
...@@ -138,8 +143,8 @@ module Debci ...@@ -138,8 +143,8 @@ module Debci
* `:run_id`: which Job ID to retry * `:run_id`: which Job ID to retry
EOF EOF
post '/retry/:run_id' do post '/retry/:run_id' do
username = ENV['FAKE_CERTIFICATE_USER'] || env['SSL_CLIENT_S_DN_CN'] @user = ENV['FAKE_CERTIFICATE_USER'] || env['SSL_CLIENT_S_DN_CN']
if not username if not @user
authenticate! authenticate!
end end
run_id = params[:run_id] run_id = params[:run_id]
......
<!DOCTYPE html>
<html>
<head>
<noscript>
<style type='text/css'>
form { display: none }
</style>
</noscript>
<style type='text/css'>
body {
font-family: sans-serif;
max-width: 960px;
margin: 50px auto;
background-color: #fff0f0;
}
h1 {
color: #663333
}
pre {
background-color: #eeeeec;
border: 1px solid #babdb6;
border-radius: 2px;
padding: 0.5em;
}
</style>
</head>
<body>
<h1>403 Forbidden: missing authentication</h1>
<p>
To retry a test job, you need to be authenticated with a client certificate
(e.g. Debian SSO), or with a API key. See the <a href="../../doc">API
documentation</a> for more information.
</p>
<p>
Once you are properly authenticated, just reload this page to get the retry
form.
</p>
</body>
</html>
...@@ -252,12 +252,18 @@ describe Debci::API do ...@@ -252,12 +252,18 @@ describe Debci::API do
expect(last_response.status).to eq(403) expect(last_response.status).to eq(403)
end end
it 'displays a user friendly page' do it 'displays a user friendly page to authenticated users' do
get '/api/v1/retry/1' get '/api/v1/retry/1', {}, { 'SSL_CLIENT_S_DN_CN' => 'foo@bar.com' }
expect(last_response.status).to eq(200) expect(last_response.status).to eq(200)
expect(last_response.content_type).to match('text/html') expect(last_response.content_type).to match('text/html')
end end
it 'displays a "Forbidden" page to non-authenticated users' do
get '/api/v1/retry/1'
expect(last_response.status).to eq(403)
expect(last_response.content_type).to match('text/html')
end
it 'can retrigger a valid request with key' do it 'can retrigger a valid request with key' do
package = 'mypackage' package = 'mypackage'
user = 'myuser' user = 'myuser'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment