Merge branch 'feature/preps-for-2.0-rc3' into 'master'

Preps for 2.0 RC3

See merge request lightmeter/controlcenter!891

Author: suelaP

api/detective.go

@@ -14,6 +14,7 @@ import (
 	"gitlab.com/lightmeter/controlcenter/metadata"
 	"gitlab.com/lightmeter/controlcenter/pkg/httperror"
 	detectivesettings "gitlab.com/lightmeter/controlcenter/settings/detective"
+	"gitlab.com/lightmeter/controlcenter/util/emailutil"
 	"gitlab.com/lightmeter/controlcenter/util/errorutil"
 	"gitlab.com/lightmeter/controlcenter/util/httputil"
 	"gitlab.com/lightmeter/controlcenter/util/timeutil"
@@ -22,34 +23,72 @@ import (
 	"time"
 )
 
+func isUserAuthenticated(auth *httpauth.Authenticator, r *http.Request) bool {
+	sessionData, err := httpauth.GetSessionData(auth, r)
+	if err != nil {
+		return false
+	}
+
+	return sessionData.IsAuthenticated()
+}
+
+func checkQueryParameters(r *http.Request, isAuthenticated bool) error {
+	err := r.ParseForm()
+	if err != nil {
+		return httperror.NewHTTPStatusCodeError(http.StatusUnprocessableEntity, errorutil.Wrap(err))
+	}
+
+	// Parameters mail_from and mail_to can be partial (even void), but only for authenticated users
+	paramOk := func(value string, isAuthenticated bool) int {
+		switch {
+		case len(value) == 0 && isAuthenticated:
+			return http.StatusOK
+		case len(value) == 0 && !isAuthenticated:
+			return http.StatusUnauthorized
+		}
+
+		_, _, partial, err := emailutil.SplitPartial(value)
+		if err != nil {
+			return http.StatusUnprocessableEntity
+		}
+
+		if partial && !isAuthenticated {
+			return http.StatusUnauthorized
+		}
+
+		return http.StatusOK
+	}
+
+	if fromOk := paramOk(r.Form.Get("mail_from"), isAuthenticated); fromOk != http.StatusOK {
+		return httperror.NewHTTPStatusCodeError(fromOk, errors.New("Partial from or to parameter not allowed"))
+	}
+
+	if toOk := paramOk(r.Form.Get("mail_to"), isAuthenticated); toOk != http.StatusOK {
+		return httperror.NewHTTPStatusCodeError(toOk, errors.New("Partial from or to parameter not allowed"))
+	}
+
+	return nil
+}
+
 func requireDetectiveAuth(auth *httpauth.Authenticator, settingsReader metadata.Reader) httpmiddleware.Middleware {
 	return func(h httpmiddleware.CustomHTTPHandler) httpmiddleware.CustomHTTPHandler {
 		return httpmiddleware.CustomHTTPHandler(func(w http.ResponseWriter, r *http.Request) error {
 			/* The detective handler can be accessed if authenticated
 			 * or if the 'open to end users' setting is enabled.
 			 */
+			isAuthenticated := isUserAuthenticated(auth, r)
 
 			settings := detectivesettings.Settings{}
 			err := settingsReader.RetrieveJson(r.Context(), detectivesettings.SettingKey, &settings)
 			if err != nil && !errors.Is(err, metadata.ErrNoSuchKey) {
 				return httperror.NewHTTPStatusCodeError(http.StatusInternalServerError, errorutil.Wrap(err))
 			}
 
-			if settings.EndUsersEnabled {
-				if err := h.ServeHTTP(w, r); err != nil {
-					return httperror.NewHTTPStatusCodeError(http.StatusInternalServerError, errorutil.Wrap(err))
-				}
-
-				return nil
+			if err := checkQueryParameters(r, isAuthenticated); err != nil {
+				return err // NOTE: already an XHTTPError
 			}
 
-			// If setting is disabled, user must be authenticated
-			sessionData, err := httpauth.GetSessionData(auth, r)
-			if err != nil {
-				return httperror.NewHTTPStatusCodeError(http.StatusUnauthorized, errorutil.Wrap(err))
-			}
-
-			if !sessionData.IsAuthenticated() {
+			if !isAuthenticated && !settings.EndUsersEnabled {
 				return httperror.NewHTTPStatusCodeError(http.StatusUnauthorized, httpauth.ErrUnauthenticated)
 			}
 
@@ -75,6 +114,8 @@ type Interval string
 // @Param mail_to        query string true "Recipient email address"
 // @Param timestamp_from query string true "Initial timestamp in the format 1999-12-23 12:00:00"
 // @Param timestamp_to   query string true "Final timestamp in the format 1999-12-23 14:00:00"
+// @Param status         query string true "A status to filter messages (-1: all, 0: sent... see smtp.go)"
+// @Param page           query string true "Page number to return results"
 // @Produce json
 // @Success 200 {object} []detective.MessageDelivery "desc"
 // @Failure 422 {string} string "desc"
@@ -89,12 +130,17 @@ func (h checkMessageDeliveryHandler) ServeHTTP(w http.ResponseWriter, r *http.Re
 		return httperror.NewHTTPStatusCodeError(http.StatusUnprocessableEntity, err)
 	}
 
+	status, err := strconv.Atoi(r.Form.Get("status"))
+	if err != nil {
+		return httperror.NewHTTPStatusCodeError(http.StatusUnprocessableEntity, err)
+	}
+
 	page, err := strconv.Atoi(r.Form.Get("page"))
 	if err != nil {
 		return httperror.NewHTTPStatusCodeError(http.StatusUnprocessableEntity, err)
 	}
 
-	messages, err := h.detective.CheckMessageDelivery(r.Context(), r.Form.Get("mail_from"), r.Form.Get("mail_to"), interval, page)
+	messages, err := h.detective.CheckMessageDelivery(r.Context(), r.Form.Get("mail_from"), r.Form.Get("mail_to"), interval, status, page)
 
 	if err != nil {
 		return httperror.NewHTTPStatusCodeError(http.StatusUnprocessableEntity, err)
@@ -130,7 +176,7 @@ func (h oldestAvailableTimeHandler) ServeHTTP(w http.ResponseWriter, r *http.Req
 
 func HttpDetective(auth *auth.Authenticator, mux *http.ServeMux, timezone *time.Location, detective detective.Detective, escalator escalator.Requester, settingsReader metadata.Reader, isBehindReverseProxy bool) {
 	publicIfEnabled := httpmiddleware.New(
-		httpmiddleware.RequestWithRateLimit(10*time.Minute, 20, isBehindReverseProxy, httpmiddleware.BlockQuery),
+		httpmiddleware.RequestWithRateLimit(10*time.Minute, 50, isBehindReverseProxy, httpmiddleware.BlockQuery),
 		httpmiddleware.RequestWithTimeout(httpmiddleware.DefaultTimeout),
 		requireDetectiveAuth(auth, settingsReader),
 	)

api/detective_auth_test.go

@@ -81,23 +81,30 @@ func buildTestEnv(t *testing.T) (*httptest.Server, *mock_detective.MockDetective
 
 func TestDetectiveAuth(t *testing.T) {
 	Convey("Detective auth", t, func() {
-		detectiveURL := "/api/v0/checkMessageDeliveryStatus?mail_from=a@b.c&mail_to=d@e.f&from=2020-01-01&to=2020-12-31&page=1"
+		detectiveURL := "/api/v0/checkMessageDeliveryStatus?mail_from=a@b.c&mail_to=d@e.f&from=2020-01-01&to=2020-12-31&status=-1&page=1"
+		detectiveURLPartialMailFrom := "/api/v0/checkMessageDeliveryStatus?mail_from=b.c&mail_to=d@e.f&from=2020-01-01&to=2020-12-31&status=-1&page=1"
+		detectiveURLPartialMailTo := "/api/v0/checkMessageDeliveryStatus?mail_from=a@b.c&mail_to=e.f&from=2020-01-01&to=2020-12-31&status=-1&page=1"
+		detectiveURLEmptyMailFrom := "/api/v0/checkMessageDeliveryStatus?mail_to=d@e.f&from=2020-01-01&to=2020-12-31&status=-1&page=1"
+		detectiveURLEmptyMailTo := "/api/v0/checkMessageDeliveryStatus?mail_from=a@b.c&from=2020-01-01&to=2020-12-31&status=-1&page=1"
 
 		c := buildCookieClient()
 
 		s, d, settingsWriter, clear := buildTestEnv(t)
 		defer clear()
 
-		d.EXPECT().
-			CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).
-			Return(&detective.MessagesPage{}, nil)
+		expect := func(d *mock_detective.MockDetective) {
+			d.EXPECT().
+				CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).
+				Return(&detective.MessagesPage{}, nil)
+		}
 
 		Convey("Detective API not accessible to non-authenticated user", func() {
 			r, err := c.Get(s.URL + detectiveURL)
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnauthorized)
 
 			Convey("Once we are logged in, detective API is accessible", func() {
+				expect(d)
 				r, err = c.PostForm(s.URL+"/login", url.Values{"email": {"alice@example.com"}, "password": {"super-secret"}})
 				So(err, ShouldBeNil)
 				So(r.StatusCode, ShouldEqual, http.StatusOK)
@@ -107,6 +114,32 @@ func TestDetectiveAuth(t *testing.T) {
 					So(r.StatusCode, ShouldEqual, http.StatusOK)
 				}
 			})
+
+			Convey("Partial searches available to authenticated users", func() {
+				r, err = c.PostForm(s.URL+"/login", url.Values{"email": {"alice@example.com"}, "password": {"super-secret"}})
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+
+				expect(d)
+				r, err := c.Get(s.URL + detectiveURLPartialMailFrom)
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+
+				expect(d)
+				r, err = c.Get(s.URL + detectiveURLPartialMailTo)
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+
+				expect(d)
+				r, err = c.Get(s.URL + detectiveURLEmptyMailFrom)
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+
+				expect(d)
+				r, err = c.Get(s.URL + detectiveURLEmptyMailTo)
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+			})
 		})
 
 		Convey("Detective API only accessible to end-users if setting is enabled", func() {
@@ -119,11 +152,28 @@ func TestDetectiveAuth(t *testing.T) {
 				settings.EndUsersEnabled = true
 				detectivesettings.SetSettings(context.Background(), settingsWriter, settings)
 
-				{
-					r, err := c.Get(s.URL + detectiveURL)
+				expect(d)
+				r, err := c.Get(s.URL + detectiveURL)
+				So(err, ShouldBeNil)
+				So(r.StatusCode, ShouldEqual, http.StatusOK)
+
+				Convey("Partial searches unavailable to unauthenticated users", func() {
+					r, err := c.Get(s.URL + detectiveURLPartialMailFrom)
 					So(err, ShouldBeNil)
-					So(r.StatusCode, ShouldEqual, http.StatusOK)
-				}
+					So(r.StatusCode, ShouldEqual, http.StatusUnauthorized)
+
+					r, err = c.Get(s.URL + detectiveURLPartialMailTo)
+					So(err, ShouldBeNil)
+					So(r.StatusCode, ShouldEqual, http.StatusUnauthorized)
+
+					r, err = c.Get(s.URL + detectiveURLEmptyMailFrom)
+					So(err, ShouldBeNil)
+					So(r.StatusCode, ShouldEqual, http.StatusUnauthorized)
+
+					r, err = c.Get(s.URL + detectiveURLEmptyMailTo)
+					So(err, ShouldBeNil)
+					So(r.StatusCode, ShouldEqual, http.StatusUnauthorized)
+				})
 			})
 		})
 	})

api/detective_test.go

@@ -47,36 +47,36 @@ func TestDetectiveCheckMessageDeliveryHandler(t *testing.T) {
 		})
 
 		Convey("No Time Interval", func() {
-			r, err := http.Get(fmt.Sprintf("%s?mail_from=user1@example.org&mail_to=user2@example.org&page=1", s.URL))
+			r, err := http.Get(fmt.Sprintf("%s?mail_from=user1@example.org&mail_to=user2@example.org&status=-1&page=1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnprocessableEntity)
 		})
 
 		emptyResult := detective.MessagesPage{}
 
 		Convey("No Sender", func() {
-			m.EXPECT().CheckMessageDelivery(gomock.Any(), "", "user2@example.org", interval, 1).Return(&emptyResult, emailutil.ErrInvalidEmail)
-			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_to=user2@example.org&page=1", s.URL))
+			m.EXPECT().CheckMessageDelivery(gomock.Any(), "", "user2@example.org", interval, -1, 1).Return(&emptyResult, emailutil.ErrInvalidEmail)
+			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_to=user2@example.org&status=-1&page=1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnprocessableEntity)
 		})
 
 		Convey("No Recipient", func() {
-			m.EXPECT().CheckMessageDelivery(gomock.Any(), "user1@example.org", "", interval, 1).Return(&emptyResult, emailutil.ErrInvalidEmail)
-			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&page=1", s.URL))
+			m.EXPECT().CheckMessageDelivery(gomock.Any(), "user1@example.org", "", interval, -1, 1).Return(&emptyResult, emailutil.ErrInvalidEmail)
+			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&status=-1&page=1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnprocessableEntity)
 		})
 
 		Convey("Dates out of order", func() {
 			// "from" comes after "to"
-			r, err := http.Get(fmt.Sprintf("%s?to=1999-01-01&from=1999-12-31&mail_from=user1@example.org&mail_to=user2&page=1", s.URL))
+			r, err := http.Get(fmt.Sprintf("%s?to=1999-01-01&from=1999-12-31&mail_from=user1@example.org&mail_to=user2&status=-1&page=1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnprocessableEntity)
 		})
 
 		Convey("No page", func() {
-			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&mail_to=user2@example.org", s.URL))
+			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&mail_to=user2@example.org&status=-1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusUnprocessableEntity)
 		})
@@ -97,15 +97,17 @@ func TestDetectiveCheckMessageDeliveryHandler(t *testing.T) {
 							detective.Status(parser.SentStatus),
 							"2.0.0",
 							nil,
+							"user1@example.org",
+							"user2@example.org",
 						},
 						},
 					},
 				},
 			}
 
-			m.EXPECT().CheckMessageDelivery(gomock.Any(), "user1@example.org", "user2@example.org", interval, 1).Return(&messages, nil)
+			m.EXPECT().CheckMessageDelivery(gomock.Any(), "user1@example.org", "user2@example.org", interval, -1, 1).Return(&messages, nil)
 
-			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&mail_to=user2@example.org&page=1", s.URL))
+			r, err := http.Get(fmt.Sprintf("%s?from=1999-01-01&to=1999-12-31&mail_from=user1@example.org&mail_to=user2@example.org&status=-1&page=1", s.URL))
 			So(err, ShouldBeNil)
 			So(r.StatusCode, ShouldEqual, http.StatusOK)
 
@@ -177,7 +179,7 @@ func TestEscalation(t *testing.T) {
 		s := httptest.NewServer(httpmiddleware.New().WithEndpoint(detectiveEscalatorHandler{requester: e, detective: d}))
 
 		Convey("No message escalated", func() {
-			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(&detective.MessagesPage{}, nil)
+			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(&detective.MessagesPage{}, nil)
 
 			r, err := http.PostForm(s.URL, url.Values{
 				"from":      []string{"2000-01-01"},
@@ -192,7 +194,7 @@ func TestEscalation(t *testing.T) {
 		})
 
 		Convey("Internal error if detective check fails", func() {
-			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(&detective.MessagesPage{}, errors.New(`Some error`))
+			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(&detective.MessagesPage{}, errors.New(`Some error`))
 
 			r, err := http.PostForm(s.URL, url.Values{
 				"from":      []string{"2000-01-01"},
@@ -220,7 +222,7 @@ func TestEscalation(t *testing.T) {
 		})
 
 		Convey("Escalate issue", func() {
-			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(
+			d.EXPECT().CheckMessageDelivery(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(
 				&detective.MessagesPage{
 					PageNumber:   1,
 					FirstPage:    1,
@@ -231,11 +233,13 @@ func TestEscalation(t *testing.T) {
 							Queue: "AAA",
 							Entries: []detective.MessageDelivery{
 								{
-									TimeMin: timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
-									TimeMax: timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
-									Status:  detective.Status(parser.BouncedStatus),
-									Dsn:     "3.4.6",
-									Expired: nil,
+									TimeMin:  timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
+									TimeMax:  timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
+									Status:   detective.Status(parser.BouncedStatus),
+									Dsn:      "3.4.6",
+									Expired:  nil,
+									MailFrom: "user1@example.com",
+									MailTo:   "user2@example.com",
 								},
 							},
 						},
@@ -261,11 +265,13 @@ func TestEscalation(t *testing.T) {
 							Queue: "AAA",
 							Entries: []detective.MessageDelivery{
 								{
-									TimeMin: timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
-									TimeMax: timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
-									Status:  detective.Status(parser.BouncedStatus),
-									Dsn:     "3.4.6",
-									Expired: nil,
+									TimeMin:  timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
+									TimeMax:  timeutil.MustParseTime(`2000-01-01 10:00:00 +0000`),
+									Status:   detective.Status(parser.BouncedStatus),
+									Dsn:      "3.4.6",
+									Expired:  nil,
+									MailFrom: "user1@example.com",
+									MailTo:   "user2@example.com",
 								},
 							},
 						},

api/status_message.go

@@ -18,11 +18,13 @@ type statusMessageHandler struct {
 	accessor *collector.Accessor
 }
 
-// NOTE: for swagger only
-type Event receptor.Event
+type MessageNotification struct {
+	ID           string                        `json:"id"`
+	Notification *receptor.MessageNotification `json:"notification,omitempty"`
+}
 
 // @Summary
-// @Success 200 {object} receptor.Event "desc"
+// @Success 200 {object} MessageNotification "desc"
 // @Failure 422 {string} string "desc"
 // @Failure 500 {string} string "desc"
 // @Router /api/v0/intelstatus [post]
@@ -40,7 +42,7 @@ func (h statusMessageHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
 		return httputil.WriteJson(w, statusMessage, http.StatusOK)
 	}
 
-	return httputil.WriteJson(w, statusMessage.MessageNotification, http.StatusOK)
+	return httputil.WriteJson(w, MessageNotification{ID: statusMessage.ID, Notification: statusMessage.MessageNotification}, http.StatusOK)
 }
 
 func HttpStatusMessage(auth *auth.Authenticator, mux *http.ServeMux, accessor *collector.Accessor) {