Allow container creation via PUT #513
Conversation
- WIP (fix standard warnings) - WIP (moving oidcConfig to config.json) - Add OIDC Issuer discovery link header on OPTIONS - Refactor OIDC client/handler code - Bump dep version, fix gitignore - Integrate Sign In w WebID page with OIDC login - Fix OIDC create user functionality - Fix storing redirectTo URL in session - Remove unneeded options obj (oidc.js) - WIP (create account using webid as OIDC _id) - Fix extraneous oidcIssuerHeader - WIP (fix response types) - Fix token() params - Fix authCallback() - WIP (switch to implicit workflow) - WIP (fix registration configs) - wip - Switch to authz code flow - Move createOIDCUser to oidc-rp-client (from identity-provider) - Implement OIDC /signout support - Do not create a Solid account folder if OIDC user creation fails - WIP - signin session / resume workflow - Signin api: send 500 error if oidc client not initialized - Remove invalid test - Implement user creation via api - Add username & pw auth logic to signin.js - Add bcrypt compilation Travis CI directives - Mount OIDC Identity Provider API into solid server routes - Initialize multi-rp client store collections - Change oidc packages to use github links - Disable the certificate test for the time being - Derive session cookie domain from root uri - Bump oidc-op-express dep - Output auth method at startup - Implement injected Provider logout() behavior - Remove legacy signout logic - Refactoring OIDC initialization from server config in create-app - Simplify createApp() - Move unit tests to their own test/unit/ folder - Refactor lib/api/authn/ files - Move tests to test/unit/ and test/integration/ - Implement CreateOidcAccountRequest and unit tests - Add OIDC account creation integration tests - Extract OidcManager code to external lib - Fix Provider Discover integration tests - Fix existing Login workflow integration test - Implement DiscoverProviderRequest, refactor - Extract login logic to LoginByPasswordRequest - Unit tests for LoginByPasswordRequest - Implement login via either username or webid - Add /login integration tests - Normalize webid if needed during provider discovery - Render Obtain Consent handlebars view - Save provider config on startup, install nyc / code coverage - Move options handler to before authentication or account api - Ensure local client registered on startup
* Add WWW-Authenticate to exposed CORS headers * Fix 401 error handling, add tests * Add a test for expired token error * Update to supertest 3.0.0 * Convert 401 tests to Promise interface * Rewrite error-pages handler, add tests * Change 401 error logic on empty bearer token * Return a 400 error on empty bearer token header
* Make ./data the default root folder * Add ./data to .gitignore * Fix typo in help text
The patch handler contains logic for multiple request body types. Moving them to separate files facilitates adding support for more types.
The PATCH handler for application/sparql does not perform any patching, i.e., nothing is ever written to disk. Since our next goal is to further abstract patching code (which includes writing), this incomplete code cannot be used.
This reduces the task of individual patch handlers to parsing the patch and applying it.
|
cc @dan-f @RubenVerborgh for review. |
| if (filePath.endsWith('/')) { | ||
| return callback(error(409, | ||
| 'PUT not supported on containers, use POST instead')) | ||
| const statusCode = fs.existsSync(filePath) ? 204 : 201 |
There was a problem hiding this comment.
Nitpick, but might want to have this async?
There was a problem hiding this comment.
If you prefer. I used a sync operation here because exists is a pretty lightweight operation, and it avoids introducing another level of callback nesting to the function. Happy to change it tho.
There was a problem hiding this comment.
Yes, indeed… I don't mind either way. Can't wait to switch to Node 8 though, where sync and async have essentially the same syntax 😄
There was a problem hiding this comment.
Rule of thumb is async when available for code handling a request, sync for everything else.
@dan-f Are those not the expected semantics? What would you like to see happen instead? |
test/integration/acl-tls.js
Outdated
| rm('/acl-tls/write-acl/empty-acl/another-empty-folder/test-file.acl') | ||
| rm('/acl-tls/write-acl/empty-acl/test-folder/test-file') | ||
| rm('/acl-tls/write-acl/empty-acl/test-file') | ||
| rm('/acl-tls/write-acl/test-file') | ||
| rm('/acl-tls/write-acl/test-file.acl') | ||
| rm('/acl-tls/write-acl/empty-acl/test-folder2/') |
There was a problem hiding this comment.
You've got this in the before and after. Not really sure what the intention is here.
test/integration/http.js
Outdated
|
|
||
| after(() => { | ||
| rm('/foo/') | ||
| }) |
There was a problem hiding this comment.
Again, not sure why this is in both the before and after.
There was a problem hiding this comment.
It's in the before and after to ensure the directory is clear before the tests run; fairly standard procedure. Happy to take it out if you think it excessive.
There was a problem hiding this comment.
I understand cleanup is necessary, but I've never had to do it both before and after a test is run. Either should suffice.
There was a problem hiding this comment.
Np, will take the before() out.
There was a problem hiding this comment.
Oh I see, these are before/after all the tests in the block, not each test individually. I think this intersects with the issue of shared state between tests.
test/integration/http.js
Outdated
| .then(() => { | ||
| let stats = fs.statSync(path.join(__dirname, '../resources/foo/two/')) | ||
|
|
||
| if (!stats.isDirectory()) { |
There was a problem hiding this comment.
You can just write expect(statsisDirectory()).toBe(true) if you're using the expect library.
test/integration/http.js
Outdated
| let metaFilePath = path.join(__dirname, '../resources/foo/four/.meta') | ||
| let meta = fs.readFileSync(metaFilePath, 'utf8') | ||
|
|
||
| assert.equal(meta, containerMeta) |
There was a problem hiding this comment.
I think @deiu has pointed this out before, but testing for graph equality based on serialization can be brittle. Better to use something like rdflib to assert that the graphs are equal.
There was a problem hiding this comment.
I agree, for tests of graph equality. But there isn't any parsing or serialization taking place here. This is just straight file read/write operations.
There was a problem hiding this comment.
Can I point out that hardcoding .meta is probably a bad idea? I think the config options contains a variable with the name for the meta document.
There was a problem hiding this comment.
That's an implementation detail of the fact that node-solid-server doesn't yet use a database. It's generally best for integration tests not to assume any particular implementation.
|
|
||
| assert.equal(meta, newMeta) | ||
| }) | ||
| }) |
There was a problem hiding this comment.
Missing a test for the case in which there are already graphs in the container.
test/integration/ldp.js
Outdated
| }) | ||
|
|
||
| after(() => { | ||
| rm('sampleContainer/example1-copy.ttl') |
test/integration/ldp.js
Outdated
| }) | ||
| }) | ||
|
|
||
| it('should update existing container meta', done => { |
There was a problem hiding this comment.
I'd much prefer if we didn't share state between tests. Having a test rely on the output of a previous test introduces a possible race condition, especially since, depending on the test runner, tests may be run concurrently.
There was a problem hiding this comment.
This is actually okay; within a single describe block, we can have multiple assertions (and in fact, it's in general better to split assertions as much as possible).
There was a problem hiding this comment.
I'm not objecting to multiple assertions - I'm objecting to the fact that this test (the code in the callback passed to it) relies on the fact that some other test created some data on the file system.
There was a problem hiding this comment.
Ah yes, the scoping should be different. That's what I dislike about super-agent: it makes it hard to do that separation right (first create context, then assert).
Well, I'm not exactly sure, as the LDP spec doesn't seem to specify what to do when the container already exists. That said, I'd expect either a) to recreate the container (removing the existing container entirely) or not to modify it at all. The current implementation rewrites the |
Maybe @timbl can clarify Solid semantics of PUT to a container..? (with regards to the .meta etc)? |
|
Would need a serious rebase. |
No description provided.