webida · kyungmi · Nov 19, 2015 · Nov 16, 2015 · Nov 17, 2015 · Nov 17, 2015
diff --git a/src/server/app/lib/app-manager.js b/src/server/app/lib/app-manager.js
@@ -1355,7 +1355,7 @@ exports.deployFromWebidaFS = deployFromWebidaFS;
 
 // App APIs
 router.get('/webida/api/app/appinfo',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:getAppInfo', rsc:'app:*'}, res, next);
     },
@@ -1386,7 +1386,7 @@ router.get('/webida/api/app/appinfo',
 );
 
 router.get('/webida/api/app/allapps',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res) {
         getAllAppInfos(APPINFO_PROJECTIONS, function (err, appInfos) {
             logger.debug('allapps', arguments);
@@ -1401,7 +1401,7 @@ router.get('/webida/api/app/allapps',
 );
 
 router.get('/webida/api/app/isValidDomain',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:isValidDomain', rsc:'app:*'}, res, next);
     },
@@ -1425,7 +1425,7 @@ router.get('/webida/api/app/isValidDomain',
 );
 
 router.get('/webida/api/app/create',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:createApp', rsc:'app:*'}, res, next);
     },
@@ -1447,7 +1447,7 @@ router.get('/webida/api/app/create',
 );
 
 router.get('/webida/api/app/delete',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:deleteApp', rsc:'app:*'}, res, next);
     },
@@ -1465,7 +1465,7 @@ router.get('/webida/api/app/delete',
 );
 
 router.get('/webida/api/app/changeappinfo',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:setAppInfo', rsc:'app:*'}, res, next);
     },
@@ -1488,7 +1488,7 @@ router.get('/webida/api/app/changeappinfo',
 );
 
 router.get('/webida/api/app/myapps',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:getMyAppInfo', rsc:'app:*'}, res, next);
     },
@@ -1505,7 +1505,7 @@ router.get('/webida/api/app/myapps',
 );
 
 router.get('/webida/api/app/start',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:startApp', rsc:'app:*'}, res, next);
     },
@@ -1522,7 +1522,7 @@ router.get('/webida/api/app/start',
 );
 
 router.get('/webida/api/app/stop',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:stopApp', rsc:'app:*'}, res, next);
     },
@@ -1541,7 +1541,7 @@ router.get('/webida/api/app/stop',
 );
 
 router.get('/webida/api/app/deploy',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:deployApp', rsc:'app:*'}, res, next);
     },
@@ -1572,7 +1572,7 @@ router.get('/webida/api/app/deploy',
 
 //deploy package file
 router.post('/webida/api/app/deploy',
-    authMgr.verifyToken,
+    authMgr.ensureLogin,
     multipartMiddleware,
     function (req, res, next) {
         authMgr.checkAuthorize({uid:req.user.uid, action:'app:deployPkg', rsc:'app:*'}, res, next);

diff --git a/src/server/app/test/test-app.js b/src/server/app/test/test-app.js
@@ -33,7 +33,7 @@ var app;
 var appMgr;
 var isAdminValue = true;
 
-authMgr.verifyToken = function(req, res, next) {
+authMgr.ensureLogin = function(req, res, next) {
     req.user = {};
     req.user.uid = account.uid;
     req.user.isAdmin = isAdminValue;

diff --git a/src/server/auth/.jshintrc b/src/server/auth/.jshintrc
@@ -17,7 +17,7 @@
         "define",
         "require"
     ],
-
+    "esnext" : true,
     "bitwise": true,
     "curly": true,
     "eqeqeq": true,
@@ -33,10 +33,8 @@
     "unused": true,
     "strict": true,
     "trailing": true,
-
     "camelcase": true,
     "indent": 4,
     "maxlen": 120,
-    "quotmark": "single",
     "white": true
 }
diff --git a/src/server/auth/auth.js b/src/server/auth/auth.js
@@ -104,10 +104,10 @@ var register = function (auth, conf, unitName, svcType) {
     auth.use(user.router);
     auth.use(acl.router);
     auth.use(group.router);
-    auth.use(function(err, req, res) {
-        logger.debug('errorHandler middleware', err);
+    auth.use(function(err, req, res, next) {
+        logger.error('errorHandler middleware', err);
         res.status(500).send('Internal server error');
-    });
+    }); 
     auth.disable('x-powered-by');
 };
 

diff --git a/src/server/auth/lib/acl-manager.js b/src/server/auth/lib/acl-manager.js
@@ -689,37 +689,19 @@ router.get('/webida/api/acl/getownedpolicy',
     }
 );
 
-// aclInfo : {uid:int, action:string, rsc:string}
+// req.query : {uid:int, action:string, rsc:string;string;string}
 router.get('/checkauthorize',
-    function (req, res, next) {
-        var aclInfo = req.query;
-
-        userdb.checkAuthorize(aclInfo, function(err) {
-            if (!err) {
-                return res.send(utils.ok());
-            } else {
-                return res.sendfail(new ClientError(401, 'Not authorized.'));
-            }
-        });
-    }
-);
-
-// req.query : {uid:int, action:string, rsc:[string], fsid:string}
-router.get('/checkauthorizemulti',
     function (req, res, next) {
         var query = req.query;
-        var source = [];
+        var resources = [];
         if (query.rsc.length > 0) {
-            source = query.rsc.split(';');
+            resources = query.rsc.split(';');
         }
-
-        async.each(source, function(value, callback) {
-            if (value[0] !== '/') {
-                value = Path.join('/', value);
-            }
-
-            var rsc = 'fs:' + query.fsid + value;
-            var aclInfo = {uid:query.uid, action:query.action, rsc:rsc};
+        if (resources.length > 0 ) {
+            logger.debug('check authorize for : ', resources);
+        }
+        async.each(resources, function(resource, callback) {
+            var aclInfo = {uid:query.uid, action:query.action, rsc:resource};
             userdb.checkAuthorize(aclInfo, function(err) {
                     if (!err) {
                         return callback();
@@ -729,10 +711,10 @@ router.get('/checkauthorizemulti',
                 });
         }, function (err) {
             if (err) {
-                errLog('Not authorized.', err);
+                errLog('checkAuthroze error - will return not authorized.', err);
                 return res.send(401, utils.fail('Not authorized.'));
             } else {
-                return res.send(utils.ok());
+                return res.sendok(); 
             }
         });
     }

diff --git a/src/server/auth/lib/userdb.js b/src/server/auth/lib/userdb.js
@@ -1432,14 +1432,19 @@ exports.checkAuthorize = function (aclInfo, callback) {
         }, function (next) {
             var policy;
             var allowed = false;
-            dao.policy.getPolicyBySubjectIdsAndResources({subjectIds: idArr, resources: rscArr},
+            var daoRequest = {
+		subjectIds : idArr, 
+		resources : rscArr, 
+	    } 
+            logger.debug('getPolicyBySubjectIdAndResources - policy dao request', daoRequest)
+            dao.policy.getPolicyBySubjectIdsAndResources(daoRequest, 
                 function (err, context) {
                     var i;
                     var result = context.result();
                     if (err) {
                         next(new ServerError(500, 'Server error while check authorization.'));
                     } else {
-                        console.log('getPolicyBySubjectIdAndResources: ', idArr, rscArr, result);
+                        logger.debug('getPolicyBySubjectIdAndResources - result = ', result)
                         for (i = 0; i < result.length; i++) {
                             policy = result[i];
                             if ((policy.action.indexOf(aclInfo.action) > -1) || (policy.action.indexOf('*') > -1)) {
@@ -1467,7 +1472,7 @@ exports.checkAuthorize = function (aclInfo, callback) {
             return callback(err);
         } else {
             logger.info('[acl] checkAuthorize allowed for ', aclInfo);
-            return callback();
+            return callback(null);
         }
     });
 };

diff --git a/src/server/build/lib/build-manager.js b/src/server/build/lib/build-manager.js
@@ -123,7 +123,7 @@ function invokeBuild(profileInfo, platformInfo, user, taskFunc, cb) {
  * build specific profile
  */
 
-router.post('/webida/api/build/build', authMgr.verifyToken, function (req, res) {
+router.post('/webida/api/build/build', authMgr.ensureLogin, function (req, res) {
     var profileInfo = JSON.parse(req.body.profileInfo);
     var platformInfo = JSON.parse(req.body.platformInfo);
 
@@ -163,7 +163,7 @@ router.post('/webida/api/build/build', authMgr.verifyToken, function (req, res)
 });
 
 
-router.post('/webida/api/build/clean', authMgr.verifyToken, function (req, res) {
+router.post('/webida/api/build/clean', authMgr.ensureLogin, function (req, res) {
     logger.info('clean');
 
     // have to check whether proj belongs to requester
@@ -184,7 +184,7 @@ router.post('/webida/api/build/clean', authMgr.verifyToken, function (req, res)
 });
 
 
-router.post('/webida/api/build/rebuild', authMgr.verifyToken, function (req, res) {
+router.post('/webida/api/build/rebuild', authMgr.ensureLogin, function (req, res) {
 
     // have to check whether proj belongs to requester
     var profileInfo = JSON.parse(req.body.profileInfo);
@@ -226,7 +226,7 @@ router.post('/webida/api/build/rebuild', authMgr.verifyToken, function (req, res
 });
 
 
-router.post('/webida/api/build/gcm/:regid', authMgr.verifyToken, function (req, res) {
+router.post('/webida/api/build/gcm/:regid', authMgr.ensureLogin, function (req, res) {
     var uid = req.user.uid;
     var regid = req.params.regid;
     var info = req.body.info;
@@ -251,7 +251,7 @@ router.post('/webida/api/build/gcm/:regid', authMgr.verifyToken, function (req,
 });
 
 
-router.delete('/webida/api/build/gcm/:regid', authMgr.verifyToken, function(req, res) {
+router.delete('/webida/api/build/gcm/:regid', authMgr.ensureLogin, function(req, res) {
     var uid = req.user.uid;
     var regid = req.params.regid;
 
@@ -264,7 +264,7 @@ router.delete('/webida/api/build/gcm/:regid', authMgr.verifyToken, function(req,
     });
 });
 
-router.get('/webida/api/build/gcm', authMgr.verifyToken, function(req, res) {
+router.get('/webida/api/build/gcm', authMgr.ensureLogin, function(req, res) {
     var uid = req.user.uid;
 
     buildDb.getGcmInfo(uid, function (err, rs) {

diff --git a/src/server/buildjm/lib/emul.js b/src/server/buildjm/lib/emul.js
@@ -51,5 +51,5 @@ var parseParam = function (req, res, next) {
 }
 
 module.exports.parseParam = parseParam;
-module.exports.verifyToken = authMgr.verifyToken;
+module.exports.ensureLogin = authMgr.ensureLogin;
 
diff --git a/src/server/common/.jshintrc b/src/server/common/.jshintrc
@@ -13,11 +13,10 @@
         "waits",
         "waitsFor",
         "runs",
-
         "define",
         "require"
     ],
-
+    "esnext" : true,
     "bitwise": true,
     "curly": true,
     "eqeqeq": true,
@@ -33,10 +32,8 @@
     "unused": true,
     "strict": true,
     "trailing": true,
-
     "camelcase": true,
     "indent": 4,
     "maxlen": 120,
-    "quotmark": "single",
     "white": true
 }