list_access_info endpoint + delete_session + Implement role checking …

…in access endpoints (#74) * protobuf * Add role check to create_access and fix tests * Move comment * add list access info endpoint * add FromQueryResult so database can convert * list access info endpoints tests * get_access_by_model_id crud * get_access_by_model_id crud tests * protobufffffffffffffffffff * clippy * Implement role checking in create_access * protobuf stuff * Implement role checking in update_access * Add editor_role_check_helper method * Implement role checking in delete_access * clippy fmt * Add delete_session method and update protobuf pointer * cargo fmt * cargo fmt * Fix delete_session parameter naming * Add delete_session tests * Merge session_context from GetUsers * Add delete_by_token method to test helpers * Use delete_by_token instead * Remove unused import * Remove duplicate method definition --------- Co-authored-by: sabotack <[email protected]> Co-authored-by: Ali Khorami <[email protected]> Co-authored-by: williamwoldum <[email protected]>
Ecdar · Dec 7, 2023 · f4b22a7 · f4b22a7
1 parent a08f88e
commit f4b22a7
Show file tree

Hide file tree

Showing 2 changed files with 104 additions and 19 deletions.
diff --git a/src/api/ecdar_api.rs b/src/api/ecdar_api.rs
@@ -1,20 +1,22 @@
-use super::server::server::{
-    ecdar_api_auth_server::EcdarApiAuth,
-    ecdar_api_server::EcdarApi,
-    ecdar_backend_server::EcdarBackend,
-    get_auth_token_request::{user_credentials, UserCredentials},
-    CreateAccessRequest, CreateProjectRequest, CreateProjectResponse, CreateQueryRequest,
-    CreateUserRequest, DeleteAccessRequest, DeleteProjectRequest, DeleteQueryRequest,
-    GetAuthTokenRequest, GetAuthTokenResponse, GetProjectRequest, GetProjectResponse,
-    GetUsersRequest, GetUsersResponse, ListAccessInfoRequest, ListAccessInfoResponse,
-    ListProjectsInfoResponse, Query, QueryRequest, QueryResponse, SendQueryRequest,
-    SendQueryResponse, SimulationStartRequest, SimulationStepRequest, SimulationStepResponse,
-    UpdateAccessRequest, UpdateProjectRequest, UpdateQueryRequest, UpdateUserRequest,
-    UserTokenResponse,
+use super::{
+    context_collection::ContextCollection,
+    server::server::{
+        create_access_request::User,
+        ecdar_api_auth_server::EcdarApiAuth,
+        ecdar_api_server::EcdarApi,
+        ecdar_backend_server::EcdarBackend,
+        get_auth_token_request::{user_credentials, UserCredentials},
+        CreateAccessRequest, CreateProjectRequest, CreateProjectResponse, CreateQueryRequest,
+        CreateUserRequest, DeleteAccessRequest, DeleteProjectRequest, DeleteQueryRequest,
+        GetAuthTokenRequest, GetAuthTokenResponse, GetProjectRequest, GetProjectResponse,
+        GetUsersRequest, GetUsersResponse, ListAccessInfoRequest, ListAccessInfoResponse,
+        ListProjectsInfoResponse, Query, QueryRequest, QueryResponse, SendQueryRequest,
+        SendQueryResponse, SimulationStartRequest, SimulationStepRequest, SimulationStepResponse,
+        UpdateAccessRequest, UpdateProjectRequest, UpdateQueryRequest, UpdateUserRequest,
+        UserTokenResponse,
+    },
 };
 use crate::api::auth::TokenError;
-use crate::api::context_collection::ContextCollection;
-use crate::api::server::server::create_access_request::User;
 use crate::api::server::server::get_users_response::UserInfo;
 use crate::database::{session_context::SessionContextTrait, user_context::UserContextTrait};
 use crate::entities::{access, in_use, project, query, session, user};
@@ -974,8 +976,23 @@ impl EcdarApi for ConcreteEcdarApi {
         }))
     }
 
-    async fn delete_session(&self, _request: Request<()>) -> Result<Response<()>, Status> {
-        todo!()
+    /// Deletes the requester's session, found by their access token.
+    ///  
+    /// Returns the response that is received from Reveaal.
+    async fn delete_session(&self, request: Request<()>) -> Result<Response<()>, Status> {
+        let access_token = request
+            .token_string()
+            .ok_or(Status::unauthenticated("No access token provided"))?;
+
+        match self
+            .contexts
+            .session_context
+            .delete_by_token(TokenType::AccessToken, access_token)
+            .await
+        {
+            Ok(_) => Ok(Response::new(())),
+            Err(error) => Err(Status::new(Code::Internal, error.to_string())),
+        }
     }
 }
 

diff --git a/src/tests/api/session_logic.rs b/src/tests/api/session_logic.rs
@@ -1,11 +1,15 @@
 use crate::api::ecdar_api::update_session;
+use std::str::FromStr;
 
 use crate::entities::session;
-use crate::tests::api::helpers::get_mock_services;
+use crate::tests::api::helpers::{get_mock_concrete_ecdar_api, get_mock_services};
 
+use crate::api::auth::TokenType;
+use crate::api::server::server::ecdar_api_server::EcdarApi;
+use mockall::predicate;
 use sea_orm::DbErr;
 use std::sync::Arc;
-use tonic::Code;
+use tonic::{metadata, Code, Request};
 
 #[tokio::test]
 async fn update_session_no_session_exists_creates_session_returns_err() {
@@ -104,3 +108,67 @@ async fn update_session_returns_error_when_database_error_occurs() {
     assert!(result.is_err());
     assert_eq!(result.unwrap_err().code(), Code::Internal);
 }
+
+#[tokio::test]
+async fn delete_session_returns_ok() {
+    let mut mock_services = get_mock_services();
+
+    mock_services
+        .session_context_mock
+        .expect_delete_by_token()
+        .with(
+            predicate::eq(TokenType::AccessToken),
+            predicate::eq("test_token".to_string()),
+        )
+        .returning(move |_, _| {
+            Ok(session::Model {
+                id: 1,
+                refresh_token: Default::default(),
+                access_token: "test_token".to_string(),
+                updated_at: Default::default(),
+                user_id: Default::default(),
+            })
+        });
+
+    let api = get_mock_concrete_ecdar_api(mock_services);
+
+    let mut request = Request::new(());
+    request.metadata_mut().insert(
+        "authorization",
+        metadata::MetadataValue::from_str("Bearer test_token").unwrap(),
+    );
+
+    let res = api.delete_session(request).await;
+
+    assert!(res.is_ok());
+}
+
+#[tokio::test]
+async fn delete_session_no_session_returns_err() {
+    let mut mock_services = get_mock_services();
+
+    mock_services
+        .session_context_mock
+        .expect_delete_by_token()
+        .with(
+            predicate::eq(TokenType::AccessToken),
+            predicate::eq("test_token".to_string()),
+        )
+        .returning(move |_, _| {
+            Err(DbErr::RecordNotFound(
+                "No session found with the provided access token".to_string(),
+            ))
+        });
+
+    let api = get_mock_concrete_ecdar_api(mock_services);
+
+    let mut request = Request::new(());
+    request.metadata_mut().insert(
+        "authorization",
+        metadata::MetadataValue::from_str("Bearer test_token").unwrap(),
+    );
+
+    let res = api.delete_session(request).await;
+
+    assert_eq!(res.unwrap_err().code(), Code::Internal);
+}