Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 10 additions & 6 deletions internal/api/base_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,22 @@ func (h *BaseHandler) respondWithJSON(c *gin.Context, code int, payload interfac
// getUserID extracts the user ID from the context
func (h *BaseHandler) getUserID(c *gin.Context) string {
userID, _ := c.Get("user_id")
return userID.(string)
s, _ := userID.(string)
return s
}

// getTeamID extracts the team ID from the context
func (h *BaseHandler) getTeamID(c *gin.Context) string {
teamID, _ := c.Get("team_id")
return teamID.(string)
s, _ := teamID.(string)
return s
}

// getUserRole extracts the user role from the context
func (h *BaseHandler) getUserRole(c *gin.Context) string {
role, _ := c.Get("role")
return role.(string)
role, _ := c.Get("user_role")
s, _ := role.(string)
return s
}

// isAdmin checks if the user has admin role
Expand All @@ -60,10 +63,11 @@ func (h *BaseHandler) isManager(c *gin.Context) bool {
// getUserEmail extracts the user email from the context
func (h *BaseHandler) getUserEmail(c *gin.Context) string {
email, _ := c.Get("user_email")
return email.(string)
s, _ := email.(string)
return s
}

// ErrorResponse sends an error response with the given status code and message
func (h *BaseHandler) ErrorResponse(c *gin.Context, code int, message string) {
h.respondWithError(c, code, message)
}
}
58 changes: 58 additions & 0 deletions internal/api/base_handler_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
package api

import (
"net/http/httptest"

"github.com/gin-gonic/gin"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)

var _ = Describe("BaseHandler context getters", func() {
var handler *BaseHandler

BeforeEach(func() {
gin.SetMode(gin.TestMode)
handler = NewBaseHandler(nil)
})

// Regression for #180: the service-account auth path left user_id (and other
// keys) unset in the gin context. The getters used to do a direct type
// assertion on the nil interface, which panicked on project creation.
Context("when context values are missing", func() {
It("should return empty strings without panicking", func() {
c, _ := gin.CreateTestContext(httptest.NewRecorder())

Expect(func() {
Expect(handler.getUserID(c)).To(Equal(""))
Expect(handler.getTeamID(c)).To(Equal(""))
Expect(handler.getUserRole(c)).To(Equal(""))
Expect(handler.getUserEmail(c)).To(Equal(""))
}).NotTo(Panic())
})

It("should report not-admin and not-manager", func() {
c, _ := gin.CreateTestContext(httptest.NewRecorder())

Expect(handler.isAdmin(c)).To(BeFalse())
Expect(handler.isManager(c)).To(BeFalse())
})
})

Context("when context values are present", func() {
It("should return the values set in context", func() {
c, _ := gin.CreateTestContext(httptest.NewRecorder())
c.Set("user_id", "user-1")
c.Set("team_id", "team-1")
c.Set("user_role", "manager")
c.Set("user_email", "alice@example.com")

Expect(handler.getUserID(c)).To(Equal("user-1"))
Expect(handler.getTeamID(c)).To(Equal("team-1"))
Expect(handler.getUserRole(c)).To(Equal("manager"))
Expect(handler.getUserEmail(c)).To(Equal("alice@example.com"))
Expect(handler.isManager(c)).To(BeTrue())
Expect(handler.isAdmin(c)).To(BeFalse())
})
})
})
4 changes: 4 additions & 0 deletions internal/domains/auth/interfaces/middleware_adapter.go
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,9 @@ func (m *AuthMiddlewareAdapter) RequireAuth() gin.HandlerFunc {

// Set the service account user in context
c.Set("user", serviceAccountUser)
c.Set("user_id", userID)
c.Set("user_role", string(role))
c.Set("user_email", email)
c.Set("is_service_account", true)
c.Next()
return
Expand Down Expand Up @@ -512,6 +515,7 @@ func (m *AuthMiddlewareAdapter) setUserContext(c *gin.Context, user *domain.User
c.Set("user", user)
c.Set("user_id", user.UserID)
c.Set("user_role", string(user.Role))
c.Set("user_email", user.Email)
c.Set("session", session)
}

Expand Down
1 change: 1 addition & 0 deletions pkg/middleware/oauth.go
Original file line number Diff line number Diff line change
Expand Up @@ -624,6 +624,7 @@ func (m *OAuthMiddleware) setUserContext(c *gin.Context, user *database.User, se
c.Set("user", user)
c.Set("user_id", user.UserID)
c.Set("user_role", user.Role)
c.Set("user_email", user.Email)
c.Set("session", session)
}

Expand Down
Loading