From d490247d1e337a680b385d2115e82f79ba54a601 Mon Sep 17 00:00:00 2001 From: Nicolai Ort Date: Thu, 21 Jan 2021 17:30:43 +0100 Subject: [PATCH] Implemented a registration key for organisations ref #112 --- .../RunnerSelfServiceController.ts | 22 ++++++++++++++----- src/models/entities/RunnerOrganisation.ts | 12 +++++++++- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/src/controllers/RunnerSelfServiceController.ts b/src/controllers/RunnerSelfServiceController.ts index 92628ba..b1cf8dd 100644 --- a/src/controllers/RunnerSelfServiceController.ts +++ b/src/controllers/RunnerSelfServiceController.ts @@ -6,24 +6,26 @@ import { config } from '../config'; import { InvalidCredentialsError } from '../errors/AuthError'; import { RunnerEmailNeededError, RunnerNotFoundError } from '../errors/RunnerErrors'; import { RunnerGroupNotFoundError } from '../errors/RunnerGroupErrors'; +import { RunnerOrganisationNotFoundError } from '../errors/RunnerOrganisationErrors'; import { CreateSelfServiceCitizenRunner } from '../models/actions/create/CreateSelfServiceCitizenRunner'; import { CreateSelfServiceRunner } from '../models/actions/create/CreateSelfServiceRunner'; import { Runner } from '../models/entities/Runner'; import { RunnerGroup } from '../models/entities/RunnerGroup'; +import { RunnerOrganisation } from '../models/entities/RunnerOrganisation'; import { ResponseSelfServiceRunner } from '../models/responses/ResponseSelfServiceRunner'; @JsonController('/runners') export class RunnerSelfServiceController { private runnerRepository: Repository; - private groupRepository: Repository; + private orgRepository: Repository; /** * Gets the repository of this controller's model/entity. */ constructor() { this.runnerRepository = getConnectionManager().get().getRepository(Runner); - this.groupRepository = getConnectionManager().get().getRepository(RunnerGroup); + this.orgRepository = getConnectionManager().get().getRepository(RunnerOrganisation); } @Get('/me/:jwt') @@ -50,7 +52,7 @@ export class RunnerSelfServiceController { @ResponseSchema(ResponseSelfServiceRunner) @ResponseSchema(RunnerGroupNotFoundError, { statusCode: 404 }) @OpenAPI({ description: 'Create a new selfservice runner in a provided org.
The orgs get provided and authorized via api tokens that can be optained via the /organisations endpoint.' }) - async registerOrganisationRunner(@Param('token') token: number, @Body({ validate: true }) createRunner: CreateSelfServiceRunner) { + async registerOrganisationRunner(@Param('token') token: string, @Body({ validate: true }) createRunner: CreateSelfServiceRunner) { const org = await this.getOrgansisation(token); let runner = await createRunner.toEntity(org); @@ -76,8 +78,16 @@ export class RunnerSelfServiceController { return runner; } - private async getOrgansisation(token: number): Promise { - //TODO: Implement the real token checker - return await this.groupRepository.findOne({ id: token }); + /** + * Get's a runner org by a provided registration api key. + * @param token The organisation's registration api token. + */ + private async getOrgansisation(token: string): Promise { + token = Buffer.from(token, 'base64').toString(); + + const organisation = await this.orgRepository.findOne({ key: token }); + if (!organisation) { throw new RunnerOrganisationNotFoundError; } + + return organisation; } } \ No newline at end of file diff --git a/src/models/entities/RunnerOrganisation.ts b/src/models/entities/RunnerOrganisation.ts index e5f3330..9ac106d 100644 --- a/src/models/entities/RunnerOrganisation.ts +++ b/src/models/entities/RunnerOrganisation.ts @@ -1,4 +1,4 @@ -import { IsInt, IsOptional } from "class-validator"; +import { IsInt, IsOptional, IsString } from "class-validator"; import { ChildEntity, Column, OneToMany } from "typeorm"; import { ResponseRunnerOrganisation } from '../responses/ResponseRunnerOrganisation'; import { Address } from './Address'; @@ -27,6 +27,16 @@ export class RunnerOrganisation extends RunnerGroup { @OneToMany(() => RunnerTeam, team => team.parentGroup, { nullable: true }) teams: RunnerTeam[]; + /** + * The organisation's api key for self-service registration. + * The api key can be used for the /runners/register/:token endpoint. + * Is has to be base64 encoded if used via the api (to keep url-safety). + */ + @Column({ nullable: true }) + @IsString() + @IsOptional() + key?: string; + /** * Returns all runners associated with this organisation (directly or indirectly via teams). */