vigdorov/storage-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Исправлена ошибка изза которой не было доступа по хуку

Browse Source
This commit is contained in:
vigdorov
2020-09-10 19:16:29 +03:00
parent 33d5e857b4
commit bca8c6cb81
3 changed files with 21 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
http/store.http
View File

@ -2,14 +2,12 @@
GET http://localhost:4001/store HTTP/1.1 GET http://localhost:4001/store HTTP/1.1
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6InZpZ2Rvcm92IiwiYWdlbnQiOiJ2c2NvZGUtcmVzdGNsaWVudCIsImlhdCI6MTU5OTQ5OTYyMSwiZXhwIjoxNTk5NDk5OTIxfQ.Ym4xOpoe8UvO626Vxp-XqxspoJSL7JpjZ1rlSW0vIWs Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6InZpZ2Rvcm92IiwiYWdlbnQiOiJ2c2NvZGUtcmVzdGNsaWVudCIsImlhdCI6MTU5OTQ5OTYyMSwiZXhwIjoxNTk5NDk5OTIxfQ.Ym4xOpoe8UvO626Vxp-XqxspoJSL7JpjZ1rlSW0vIWs
### ###
GET http://localhost:4001/store/rgfdfff HTTP/1.1 GET http://localhost:4001/store/rgfdfff HTTP/1.1
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6InZpZ2Rvcm92IiwiYWdlbnQiOiJ2c2NvZGUtcmVzdGNsaWVudCIsImlhdCI6MTU5OTQ5OTYyMSwiZXhwIjoxNTk5NDk5OTIxfQ.Ym4xOpoe8UvO626Vxp-XqxspoJSL7JpjZ1rlSW0vIWs Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6InZpZ2Rvcm92IiwiYWdlbnQiOiJ2c2NvZGUtcmVzdGNsaWVudCIsImlhdCI6MTU5OTQ5OTYyMSwiZXhwIjoxNTk5NDk5OTIxfQ.Ym4xOpoe8UvO626Vxp-XqxspoJSL7JpjZ1rlSW0vIWs
### ###
GET http://localhost:4001/store/rgfdfff?hook=sdf6sdfhs99-sdf HTTP/1.1 GET http://localhost:4001/store/testAp2?hook=c8d5f28b-4460-47b9-9369-01caf4951846 HTTP/1.1
### ###
POST http://localhost:4001/store HTTP/1.1 POST http://localhost:4001/store HTTP/1.1
@ -28,14 +26,15 @@ Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6InZpZ2Rvcm92Iiwi
} }
### Update Request ### Update Request
PUT http://localhost:4001/store HTTP/1.1 PUT http://localhost:4001/store?hook=c8d5f28b-4460-47b9-9369-01caf4951846 HTTP/1.1
content-type: application/json content-type: application/json
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dpbiI6ImFkbWluIiwiYWdlbnQiOiJ2c2NvZGUtcmVzdGNsaWVudCIsImlhdCI6MTU5OTQ5OTAxNCwiZXhwIjoxNTk5NDk5MzE0fQ.kpW1KPVGQvI7iZ1-EhyeO5MAGbo4clpQ0J-ategIf2w
{ {
"key": "testAp", "key": "testAp2",
"value": { "value": {
"test": 45,
"test2": 33,
"test3": 13
}, },
"description": "тестовое апи22", "description": "тестовое апи22",
"service_name": "test-api", "service_name": "test-api",

4
src/store/store.controller.ts
View File

@ -71,7 +71,7 @@ export class StoreController {
await this.authService.checkRequest(request); await this.authService.checkRequest(request);
} }
const store = await this.storeService.findOneStore(api, key, request.headers.authorization); const store = await this.storeService.findOneStore(api, key, isActualHook, request.headers.authorization);
return prepareStoreToStoreRequest(store); return prepareStoreToStoreRequest(store);
} }
@ -113,7 +113,7 @@ export class StoreController {
await this.authService.checkRequest(request); await this.authService.checkRequest(request);
} }
const store = await this.storeService.update(api, request.body, request.headers.authorization); const store = await this.storeService.update(api, request.body, isActualHook, request.headers.authorization);
return prepareStoreToStoreRequest(store); return prepareStoreToStoreRequest(store);
} }

19
src/store/store.service.ts
View File

@ -115,7 +115,7 @@ export class StoreService {
} }
} }
async loadUserByToken (access_token: string): Promise<User> { async loadUserByToken(access_token: string): Promise<User> {
const {login, agent} = jwt.decode(access_token) as Token; const {login, agent} = jwt.decode(access_token) as Token;
const apiPath = 'http://api.auth.vigdorov.ru/users/search/'; const apiPath = 'http://api.auth.vigdorov.ru/users/search/';
const headers = { const headers = {
@ -124,7 +124,7 @@ export class StoreService {
}; };
try { try {
const {data: currentUser} = await this.http.get<User>(`${apiPath}${login}`, {headers}).toPromise(); const {data: currentUser} = await this.http.get<User>(`${apiPath}${login}`, {headers}).toPromise();
return currentUser; return currentUser;
} catch (e) { } catch (e) {
if (e?.response?.status === 401) { if (e?.response?.status === 401) {
throw new UnauthorizedException('Доступ запрещен'); throw new UnauthorizedException('Доступ запрещен');
@ -134,14 +134,16 @@ export class StoreService {
} }
async update(api: string, {author, ...omitProps}: StoreRequest, access_token: string): Promise<Store> { async update(api: string, {author, ...omitProps}: StoreRequest, isActualHook: boolean, access_token: string): Promise<Store> {
const searchStore = await this.findOne(api, omitProps.key); const searchStore = await this.findOne(api, omitProps.key);
if (searchStore) { if (searchStore) {
const user = await this.loadUserByToken(access_token); if (!isActualHook) {
const user = await this.loadUserByToken(access_token);
if (!user.is_admin && user.login !== searchStore.author) { if (!user.is_admin && user.login !== searchStore.author) {
throw new NotFoundException(`Not found api key "${omitProps.key}"`); throw new NotFoundException(`Not found api key "${omitProps.key}"`);
}
} }
const store = { const store = {
@ -177,8 +179,11 @@ export class StoreService {
return searchStore; return searchStore;
} }
async findOneStore(api: string, key: string, access_token: string): Promise<Store> { async findOneStore(api: string, key: string, isActualHook: boolean, access_token: string): Promise<Store> {
const store = await this.findOne(api, key); const store = await this.findOne(api, key);
if (isActualHook) {
return store;
}
const user = await this.loadUserByToken(access_token); const user = await this.loadUserByToken(access_token);
if (user.is_admin || user.login === store.author || !store.hide) { if (user.is_admin || user.login === store.author || !store.hide) {
return store; return store;