Pass anonymous-read token along as header to web-api

2024-11-29 15:53:54 -05:00 · 2017-09-26 14:21:41 +01:00 · 2017-09-26 14:21:41 +01:00 · d4c735c3ea
commit d4c735c3ea
parent db824d9730
5 changed files with 17 additions and 7 deletions
--- a/services/real-time/app/coffee/Router.coffee
+++ b/services/real-time/app/coffee/Router.coffee
@ -67,6 +67,9 @@ module.exports = Router =
 				user = {_id: "anonymous-user"}
 			client.on "joinProject", (data = {}, callback) ->
 				anonToken = session?.anonReadOnlyTokenAccess?[data.project_id]
 				if anonToken
 					user.anonToken = anonToken
 				WebsocketController.joinProject client, user, data.project_id, (err, args...) ->
 					if err?
 						Router._handleError callback, err, client, "joinProject", {project_id: data.project_id, user_id: user?.id}
--- a/services/real-time/app/coffee/WebApiManager.coffee
+++ b/services/real-time/app/coffee/WebApiManager.coffee
@ -3,9 +3,13 @@ settings = require "settings-sharelatex"
 logger = require "logger-sharelatex"
 module.exports = WebApiManager =
-	joinProject: (project_id, user_id, callback = (error, project, privilegeLevel) ->) ->
+	joinProject: (project_id, user, callback = (error, project, privilegeLevel) ->) ->
 		user_id = user._id
 		logger.log {project_id, user_id}, "sending join project request to web"
 		url = "#{settings.apis.web.url}/project/#{project_id}/join"
 		headers = {}
 		if user.anonToken?
 			headers['x-sl-anon-token'] = user.anonToken
 		request.post {
 			url: url
 			qs: {user_id}
@ -15,6 +19,7 @@ module.exports = WebApiManager =
 				sendImmediately: true
 			json: true
 			jar: false
 			headers: headers
 		}, (error, response, data) ->
 			return callback(error) if error?
 			if 200 <= response.statusCode < 300
--- a/services/real-time/app/coffee/WebsocketController.coffee
+++ b/services/real-time/app/coffee/WebsocketController.coffee
@ -17,7 +17,7 @@ module.exports = WebsocketController =
 		user_id = user?._id
 		logger.log {user_id, project_id, client_id: client.id}, "user joining project"
 		metrics.inc "editor.join-project"
-		WebApiManager.joinProject project_id, user_id, (error, project, privilegeLevel) ->
+		WebApiManager.joinProject project_id, user, (error, project, privilegeLevel) ->
 			return callback(error) if error?
 			if !privilegeLevel or privilegeLevel == ""
--- a/services/real-time/test/unit/coffee/WebApiManagerTests.coffee
+++ b/services/real-time/test/unit/coffee/WebApiManagerTests.coffee
@ -8,6 +8,7 @@ describe 'WebApiManager', ->
 	beforeEach ->
 		@project_id = "project-id-123"
 		@user_id = "user-id-123"
 		@user = {_id: @user_id}
 		@callback = sinon.stub()
 		@WebApiManager = SandboxedModule.require modulePath, requires:
 			"request": @request = {}
@ -27,7 +28,7 @@ describe 'WebApiManager', ->
 					privilegeLevel: "owner"
 				}
 				@request.post = sinon.stub().callsArgWith(1, null, {statusCode: 200}, @response)
-				@WebApiManager.joinProject @project_id, @user_id, @callback
+				@WebApiManager.joinProject @project_id, @user, @callback
 			it "should send a request to web to join the project", ->
 				@request.post
@ -41,6 +42,7 @@ describe 'WebApiManager', ->
 							sendImmediately: true
 						json: true
 						jar: false
 						headers: {}
 					})
 					.should.equal true
--- a/services/real-time/test/unit/coffee/WebsocketControllerTests.coffee
+++ b/services/real-time/test/unit/coffee/WebsocketControllerTests.coffee
@ -58,7 +58,7 @@ describe 'WebsocketController', ->
 			it "should load the project from web", ->
 				@WebApiManager.joinProject
-					.calledWith(@project_id, @user._id)
+					.calledWith(@project_id, @user)
 					.should.equal true
 			it "should join the project room", ->