feat: adding user RoleAdmin ability to fetch user with projects (#4409)

Signed-off-by: William Johnson dos Santos Okano <[email protected]> Co-authored-by: Saranya Jena <[email protected]> Co-authored-by: Sarthak Jain <[email protected]>
litmuschaos · Feb 19, 2024 · 84b76bd · 84b76bd
1 parent b2147c5
commit 84b76bd
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 1 deletion.
diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler.go b/chaoscenter/authentication/api/handlers/rest/project_handler.go
@@ -36,7 +36,10 @@ func GetUserWithProject(service services.ApplicationService) gin.HandlerFunc {
 		username := c.Param("username")
 
 		// Validating logged in user
-		if c.MustGet("username").(string) != username {
+		// Must be either requesting info from the logged in user
+		// or any user if it has the admin role
+		role := c.MustGet("role").(string)
+		if c.MustGet("username").(string) != username && role != string(entities.RoleAdmin) {
 			log.Error("auth error: unauthorized")
 			c.JSON(utils.ErrorStatusCodes[utils.ErrUnauthorized],
 				presenter.CreateErrorResponse(utils.ErrUnauthorized))

diff --git a/chaoscenter/authentication/api/handlers/rest/project_handler_test.go b/chaoscenter/authentication/api/handlers/rest/project_handler_test.go
@@ -27,6 +27,7 @@ func TestGetUserWithProject(t *testing.T) {
 			{"username", username},
 		}
 		c.Set("username", username)
+		c.Set("role", string(entities.RoleUser))
 
 		user := &entities.User{
 			ID:       "testUID",
@@ -52,6 +53,7 @@ func TestGetUserWithProject(t *testing.T) {
 			{"username", username},
 		}
 		c.Set("username", username)
+		c.Set("role", string(entities.RoleUser))
 
 		user := &entities.User{
 			ID:       "testUID",
@@ -68,6 +70,32 @@ func TestGetUserWithProject(t *testing.T) {
 		assert.Equal(t, http.StatusOK, f.Code)
 	})
 
+	t.Run("Successfully retrieve user with projects if logged user has admin role", func(t *testing.T) {
+		service := new(mocks.MockedApplicationService)
+		username := "testUser"
+		w := httptest.NewRecorder()
+		c := GetTestGinContext(w)
+		c.Params = gin.Params{
+			{"username", username},
+		}
+		c.Set("username", "adminusername")
+		c.Set("role", string(entities.RoleAdmin))
+
+		user := &entities.User{
+			ID:       "testUID",
+			Username: "testUser",
+			Email:    "[email protected]",
+			Role:     entities.RoleAdmin,
+		}
+		project := &entities.Project{}
+
+		service.On("FindUserByUsername", "testUser").Return(user, nil)
+		service.On("GetProjectsByUserID", "testUID", false).Return([]*entities.Project{project}, nil)
+
+		rest.GetUserWithProject(service)(c)
+
+		assert.Equal(t, http.StatusOK, w.Code)
+	})
 }
 
 func TestGetProjectsByUserID(t *testing.T) {