add support staff flag to copayer lookup collection
This commit is contained in:
parent
c5d9f44b2d
commit
41c82e9e76
|
@ -39,7 +39,7 @@ ExpressApp.prototype.start = function(opts, cb) {
|
|||
this.app.use(function(req, res, next) {
|
||||
res.setHeader('Access-Control-Allow-Origin', '*');
|
||||
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
|
||||
res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,x-session,x-client-version,X-Requested-With,Content-Type,Authorization');
|
||||
res.setHeader('Access-Control-Allow-Headers', 'x-signature,x-identity,x-session,x-client-version,x-wallet-id,X-Requested-With,Content-Type,Authorization');
|
||||
res.setHeader('x-service-version', WalletService.getServiceVersion());
|
||||
next();
|
||||
});
|
||||
|
@ -165,6 +165,7 @@ ExpressApp.prototype.start = function(opts, cb) {
|
|||
message: req.method.toLowerCase() + '|' + req.url + '|' + JSON.stringify(req.body),
|
||||
signature: credentials.signature,
|
||||
clientVersion: req.header('x-client-version'),
|
||||
walletId: req.header('x-wallet-id'),
|
||||
};
|
||||
if (opts.allowSession) {
|
||||
auth.session = credentials.session;
|
||||
|
|
|
@ -200,6 +200,7 @@ WalletService.getInstance = function(opts) {
|
|||
* @param {string} opts.signature - (Optional) Signature of message to be verified using one of the copayer's requestPubKeys. Only needed if no session token is provided.
|
||||
* @param {string} opts.session - (Optional) A valid session token previously obtained using the #login method
|
||||
* @param {string} opts.clientVersion - A string that identifies the client issuing the request
|
||||
* @param {string} [opts.walletId] - The wallet id to use as current wallet for this request (only when copayer is support staff).
|
||||
*/
|
||||
WalletService.getInstanceWithAuth = function(opts, cb) {
|
||||
function withSignature(cb) {
|
||||
|
@ -216,12 +217,16 @@ WalletService.getInstanceWithAuth = function(opts, cb) {
|
|||
if (err) return cb(err);
|
||||
if (!copayer) return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Copayer not found'));
|
||||
|
||||
var isValid = !!server._getSigningKey(opts.message, opts.signature, copayer.requestPubKeys);
|
||||
if (!isValid)
|
||||
return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Invalid signature'));
|
||||
if (!copayer.isSupportStaff) {
|
||||
var isValid = !!server._getSigningKey(opts.message, opts.signature, copayer.requestPubKeys);
|
||||
if (!isValid)
|
||||
return cb(new ClientError(Errors.codes.NOT_AUTHORIZED, 'Invalid signature'));
|
||||
server.walletId = copayer.walletId;
|
||||
} else {
|
||||
server.walletId = opts.walletId || copayer.walletId;
|
||||
}
|
||||
|
||||
server.copayerId = opts.copayerId;
|
||||
server.walletId = copayer.walletId;
|
||||
return cb(null, server);
|
||||
});
|
||||
};
|
||||
|
|
|
@ -103,6 +103,7 @@ describe('Wallet service', function() {
|
|||
message: 'hello world',
|
||||
signature: sig,
|
||||
clientVersion: 'bwc-2.0.0',
|
||||
walletId: '123',
|
||||
}, function(err, server) {
|
||||
should.not.exist(err);
|
||||
server.walletId.should.equal(wallet.id);
|
||||
|
@ -140,6 +141,36 @@ describe('Wallet service', function() {
|
|||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('should get server instance for support staff', function(done) {
|
||||
helpers.createAndJoinWallet(1, 1, function(s, wallet) {
|
||||
var collections = require('../../lib/storage').collections;
|
||||
s.storage.db.collection(collections.COPAYERS_LOOKUP).update({
|
||||
copayerId: wallet.copayers[0].id
|
||||
}, {
|
||||
$set: {
|
||||
isSupportStaff: true
|
||||
}
|
||||
});
|
||||
|
||||
var xpriv = TestData.copayers[0].xPrivKey;
|
||||
var priv = TestData.copayers[0].privKey_1H_0;
|
||||
|
||||
var sig = helpers.signMessage('hello world', priv);
|
||||
|
||||
WalletService.getInstanceWithAuth({
|
||||
copayerId: wallet.copayers[0].id,
|
||||
message: 'hello world',
|
||||
signature: sig,
|
||||
walletId: '123',
|
||||
}, function(err, server) {
|
||||
should.not.exist(err);
|
||||
server.walletId.should.equal('123');
|
||||
server.copayerId.should.equal(wallet.copayers[0].id);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Session management (#login, #logout, #authenticate)', function() {
|
||||
|
|
Loading…
Reference in New Issue