Commit a95c289e authored by Antonio Terceiro's avatar Antonio Terceiro

api: don't display retry button to unauthenticated users

parent 3bb70b83
...@@ -126,7 +126,12 @@ module Debci ...@@ -126,7 +126,12 @@ module Debci
Presents a simple UI for retrying a test Presents a simple UI for retrying a test
get '/retry/:run_id' do get '/retry/:run_id' do
erb :retry @user = ENV['FAKE_CERTIFICATE_USER'] || env['SSL_CLIENT_S_DN_CN']
if @user
erb :retry
[403, erb(:cant_retry)]
end end
doc <<-EOF doc <<-EOF
...@@ -138,8 +143,8 @@ module Debci ...@@ -138,8 +143,8 @@ module Debci
* `:run_id`: which Job ID to retry * `:run_id`: which Job ID to retry
post '/retry/:run_id' do post '/retry/:run_id' do
if not username if not @user
authenticate! authenticate!
end end
run_id = params[:run_id] run_id = params[:run_id]
<!DOCTYPE html>
<style type='text/css'>
form { display: none }
<style type='text/css'>
body {
font-family: sans-serif;
max-width: 960px;
margin: 50px auto;
background-color: #fff0f0;
h1 {
color: #663333
pre {
background-color: #eeeeec;
border: 1px solid #babdb6;
border-radius: 2px;
padding: 0.5em;
<h1>403 Forbidden: missing authentication</h1>
To retry a test job, you need to be authenticated with a client certificate
(e.g. Debian SSO), or with a API key. See the <a href="../../doc">API
documentation</a> for more information.
Once you are properly authenticated, just reload this page to get the retry
...@@ -252,12 +252,18 @@ describe Debci::API do ...@@ -252,12 +252,18 @@ describe Debci::API do
expect(last_response.status).to eq(403) expect(last_response.status).to eq(403)
end end
it 'displays a user friendly page' do it 'displays a user friendly page to authenticated users' do
get '/api/v1/retry/1' get '/api/v1/retry/1', {}, { 'SSL_CLIENT_S_DN_CN' => '' }
expect(last_response.status).to eq(200) expect(last_response.status).to eq(200)
expect(last_response.content_type).to match('text/html') expect(last_response.content_type).to match('text/html')
end end
it 'displays a "Forbidden" page to non-authenticated users' do
get '/api/v1/retry/1'
expect(last_response.status).to eq(403)
expect(last_response.content_type).to match('text/html')
it 'can retrigger a valid request with key' do it 'can retrigger a valid request with key' do
package = 'mypackage' package = 'mypackage'
user = 'myuser' user = 'myuser'
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment