status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #3892 from hashicorp/coordinate-acl-fix 

Fix the coordinate update endpoint not passing the ACL token
This commit is contained in:
Kyle Havlovitz 2018-02-15 13:47:40 -08:00 committed by GitHub
parent 264b4c0e04 139b98a427
commit 12da56849a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
agent/coordinate_endpoint.go
View File

@ -168,6 +168,7 @@ func (s *HTTPServer) CoordinateUpdate(resp http.ResponseWriter, req *http.Reques
return nil, nil
}
s.parseDC(req, &args.Datacenter)
s.parseToken(req, &args.Token)
var reply struct{}
if err := s.agent.RPC("Coordinate.Update", &args, &reply); err != nil {

29
agent/coordinate_endpoint_test.go
View File

@ -8,6 +8,7 @@ import (
"testing"
"time"
"github.com/hashicorp/consul/acl"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/serf/coordinate"
)
@ -325,3 +326,31 @@ func TestCoordinate_Update(t *testing.T) {
t.Fatalf("bad: %v", coordinates)
}
}
func TestCoordinate_Update_ACLDeny(t *testing.T) {
t.Parallel()
a := NewTestAgent(t.Name(), TestACLConfig())
defer a.Shutdown()
coord := coordinate.NewCoordinate(coordinate.DefaultConfig())
coord.Height = -5.0
body := structs.CoordinateUpdateRequest{
Datacenter: "dc1",
Node: "foo",
Coord: coord,
}
t.Run("no token", func(t *testing.T) {
req, _ := http.NewRequest("PUT", "/v1/coordinate/update", jsonReader(body))
if _, err := a.srv.CoordinateUpdate(nil, req); !acl.IsErrPermissionDenied(err) {
t.Fatalf("err: %v", err)
}
})
t.Run("valid token", func(t *testing.T) {
req, _ := http.NewRequest("PUT", "/v1/coordinate/update?token=root", jsonReader(body))
if _, err := a.srv.CoordinateUpdate(nil, req); err != nil {
t.Fatalf("err: %v", err)
}
})
}