Merge pull request #968 from UniversityOfHelsinkiCS/trunk

Fix everything

.travis.yml

@@ -34,6 +34,7 @@ jobs:
         - time npm run test_services
         - time CYPRESS_baseUrl=http://localhost:1337/staging/ npm run cypress:record
         - docker ps -a
+        - if [[ $(docker ps --all | grep -Eo '(Exited|Restarting) \([0-9]+\)' | grep -Eo '[0-9]+' | awk '{ sum += $1 } END { print sum }') != '0' ]]; then echo 'Some process had nonzero exit code'; exit 1; fi
       deploy: # deploy is always skipped for PR
         provider: script
         skip_cleanup: true
@@ -54,10 +55,11 @@ jobs:
         - time npm run test_services
         - time CYPRESS_baseUrl=http://localhost:1337/ npm run cypress:record
         - docker ps -a
+        - if [[ $(docker ps --all | grep -Eo '(Exited|Restarting) \([0-9]+\)' | grep -Eo '[0-9]+' | awk '{ sum += $1 } END { print sum }') != '0' ]]; then echo 'Some process had nonzero exit code'; exit 1; fi
       deploy: # deploy is always skipped for PR
         provider: script
         skip_cleanup: true
-        script: "docker-compose -f docker-compose.lateste2e.production.yml push && curl -X POST -H 'Content-type: application/json' --data \"{\\\"text\\\":\\\"${TRAVIS_TAG} release waiting for manual deployment!\\\"}\" ${SLACKBOT_URL}"
+        script: "docker-compose -f docker-compose.lateste2e.production.yml push && curl -X POST -H 'Content-type: application/json' --data \"{\\\"text\\\":\\\"${TRAVIS_TAG} release started auto deployment!\\\"}\" ${SLACKBOT_URL}"
         on:
           tags: true
 

cypress/integration/Users.js

@@ -0,0 +1,39 @@
+
+describe('Users tests', () => {
+  beforeEach(() => {
+    cy.server({
+      onAnyRequest: function (route, proxy) {
+        if (Cypress.config().baseUrl.includes("http://localhost:1337/")) {
+          proxy.xhr.setRequestHeader('uid', 'admink')
+          proxy.xhr.setRequestHeader('shib-session-id', 'mock-shibboleth')
+          proxy.xhr.setRequestHeader('hygroupcn', 'grp-oodikone-users')
+          proxy.xhr.setRequestHeader('edupersonaffiliation', 'asdasd')
+        }
+      }
+    })
+    console.log(Cypress.config().baseUrl)
+    cy.visit(Cypress.config().baseUrl)
+    cy.reload()
+    cy.contains("Users").click()
+    cy.contains("Enable or disable access to Oodikone")
+  })
+
+  it("Admin mocking normal user shows only the mocked user's programmes", () => {
+    cy.contains("mocking").should('not.exist')
+    cy.contains("tr", "Normaalikäyttäjä").within(($row) => {
+      cy.contains('button', 'Edit').click()
+    })
+    cy.contains("Access rights").siblings().within(($row) => {
+      cy.get("div[role='listitem']").should('have.length', 1).contains("Tietojenkäsittelytieteen kandiohjelma")
+    })
+
+    cy.get('i.spy').click()
+    cy.contains("mocking as normk")
+    cy.contains("Study programme").click().siblings().contains("Search by class").click()
+    cy.contains("label", "Study programme")
+    cy.contains("label", "Study programme").siblings().within(($row) => {
+      cy.get("div[role='option']").should('have.length', 1).contains("Tietojenkäsittelytieteen kandiohjelma")
+    })
+  })
+
+})

package.json

@@ -6,7 +6,7 @@
   "scripts": {
     "cypress:open": "CYPRESS_baseUrl=http://localhost:8081 cypress open",
     "cypress:run": "CYPRESS_baseUrl=http://localhost:8081 cypress run --config video=false -P ./",
-    "cypress:record": "cypress run --config videoUploadOnPasses=false -P ./",
+    "cypress:record": "cypress run --config videoUploadOnPasses=false --record -P ./",
     "concurrently": "concurrently",
     "test": "./run_all_tests.sh",
     "test_services": "./run_service_tests.sh"

scripts.sh

@@ -57,7 +57,7 @@ get_anon_oodikone() {
 }
 
 unpack_oodikone_server_backup() {
-    bunzip2 -d -v ./$BACKUP_DIR/*.bz2
+    bunzip2 --force --decompress --verbose ./$BACKUP_DIR/*.bz2
 }
 
 restore_psql_from_backup () {

services/backend/oodikone2-backend/src/routes.js

@@ -4,6 +4,7 @@ const courses = require('./routes/courses')
 const students = require('./routes/students')
 const population = require('./routes/population')
 const login = require('./routes/login')
+const superlogin = require('./routes/superlogin')
 const language = require('./routes/language')
 const users = require('./routes/users')
 const elementdetails = require('./routes/elementdetails')
@@ -25,6 +26,7 @@ module.exports = (app, url) => {
   app.use(url, login)
   app.use(url, ping)
   app.use(auth.checkAuth, auth.checkRequiredGroup, auth.checkUserBlacklisting, accessLogger)
+  app.use(`${url}/superlogin`, auth.roles(['admin']), superlogin)
   app.use(url, elementdetails)
   app.use(url, courses)
   app.use(url, students)

services/backend/oodikone2-backend/src/routes/elementdetails.js

@@ -21,7 +21,7 @@ router.get('/v2/studyprogrammes/:id/mandatory_courses', async (req, res) => {
     const codes = await MandatoryCourses.byStudyprogramme(req.params.id)
     res.json(codes)
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
@@ -30,7 +30,7 @@ router.get('/v2/studyprogrammes/ping', async (req, res) => {
     const result = await ping()
     res.json(result)
   } catch (e) {
-    res.status(500)
+    res.status(500).end()
   }
 })
 
@@ -54,7 +54,7 @@ router.get('/v2/studyprogrammes/:id/productivity', async (req, res) => {
     }
     return res.json(data)
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
@@ -118,7 +118,7 @@ router.get('/v2/studyprogrammes/:id/throughput', async (req, res) => {
     }
     return res.json({ ...data, thesis: await thesisPromise })
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
@@ -162,7 +162,7 @@ router.get('/v2/studyprogrammes/:id/thesis', async (req, res) => {
     const thesis = await findProgrammeTheses(id)
     res.json(thesis)
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
@@ -173,7 +173,7 @@ router.post('/v2/studyprogrammes/:id/thesis', async (req, res) => {
     const thesis = await createThesisCourse(id, course, thesisType)
     res.status(201).json(thesis)
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
@@ -183,8 +183,8 @@ router.delete('/v2/studyprogrammes/:id/thesis/:course', async (req, res) => {
     const deleted = await deleteThesisCourse(id, course)
     res.status(204).json(deleted)
   } else {
-    res.status(422)
+    res.status(422).end()
   }
 })
 
-module.exports = router
+module.exports = router

services/backend/oodikone2-backend/src/routes/login.js

@@ -27,7 +27,7 @@ router.post('/login', async (req, res) => {
       const mail = req.headers.mail || ''
       const hyGroups = parseHyGroups(req.headers['hygroupcn'])
       const affiliations = parseHyGroups(req.headers['edupersonaffiliation'])
-   
+
       console.log(uid, 'trying to login, referring to userservice.')
       let { token, isNew } = await userService.login(uid, full_name, hyGroups, affiliations, mail)
       isNew && sendEmail(uid)
@@ -44,26 +44,6 @@ router.post('/login', async (req, res) => {
   }
 })
 
-router.post('/superlogin/:uid', async (req, res) => {
-  try {
-    const asUser = req.params.uid
-    const uid = req.headers['uid']
-    if (req.headers['shib-session-id'] && uid) {
-      console.log('super')
-      const token = await userService.superlogin(uid, asUser)
-      res.status(200).json({ token })
-    } else {
-      res.status(401).json({
-        message: `Not enough headers login, uid:
-        ${req.headers.uid} session-id ${req.headers['shib-session-id']}`
-      }).end()
-    }
-  } catch (err) {
-    console.log(err)
-    res.status(401).json({ message: 'problem with login', err })
-  }
-})
-
 router.delete('/logout', async (req, res) => {
   try {
     const logoutUrl = req.headers.shib_logout_url

services/backend/oodikone2-backend/src/routes/population.js

@@ -62,7 +62,7 @@ router.get('/v3/populationstatistics', async (req, res) => {
 
     if (result.error) {
       console.log(result.error)
-      res.status(400)
+      res.status(400).end()
       return
     }
 

services/backend/oodikone2-backend/src/routes/superlogin.js

@@ -0,0 +1,24 @@
+const router = require('express').Router()
+const userService = require('../services/userService')
+
+router.post('/:uid', async (req, res) => {
+  try {
+    const asUser = req.params.uid
+    const uid = req.decodedToken.mockedBy == null ? req.headers['uid'] : req.decodedToken.mockedBy
+    if (req.headers['shib-session-id'] && uid) {
+      console.log('super')
+      const token = await userService.superlogin(uid, asUser)
+      res.status(200).json({ token })
+    } else {
+      res.status(401).json({
+        message: `Not enough headers login, uid:
+        ${req.headers.uid} session-id ${req.headers['shib-session-id']}`
+      }).end()
+    }
+  } catch (err) {
+    console.log(err.message)
+    res.status(401).json({ message: 'problem with login', err: err.message })
+  }
+})
+
+module.exports = router

services/oodikone2-frontend/src/apiConnection/index.js

@@ -72,19 +72,6 @@ export const login = async () => {
   return response.data.token
 }
 
-export const superLogin = async (uid) => {
-  let options = null
-  if (isDevEnv) {
-    options = devOptions
-  }
-  if (isTestEnv) {
-    options = testOptions
-  }
-  const response = await getAxios().post(`/superlogin/${uid}`, null, options)
-  console.log(`Setting new token ${response.data.token}`)
-  await setToken(response.data.token)
-}
-
 export const returnToSelf = async () => {
   const token = await login()
   await setToken(token)
@@ -115,6 +102,12 @@ export const callApi = async (url, method = 'get', data, params, timeout = 0) =>
   }
 }
 
+export const superLogin = async (uid) => {
+  const response = await callApi(`/superlogin/${uid}`, 'post')
+  console.log(`Setting new token ${response.data.token}`)
+  await setToken(response.data.token)
+}
+
 export const callController = (route, prefix, data, method = 'get', query, params) => {
   const requestSettings = {
     route,

services/oodikone2-frontend/src/components/EnableUsers/index.jsx

@@ -158,11 +158,8 @@ class EnableUsers extends Component {
               title: '',
               getRowVal: user => (
                 <Button.Group compact widths={2}>
-                  <Button animated basic size="mini" onClick={this.openEditUserPage(user.id)}>
-                    <Button.Content hidden>Edit</Button.Content>
-                    <Button.Content visible>
-                      <Icon name="wrench" />
-                    </Button.Content>
+                  <Button basic size="mini" onClick={this.openEditUserPage(user.id)}>
+                    Edit
                   </Button>
                 </Button.Group>
               ),

services/oodikone2-frontend/src/components/UserPage/index.jsx

@@ -153,7 +153,7 @@ class UserPage extends Component {
                 { this.props.isAdmin && user.is_enabled && (
                   <Popup
                     content="Show Oodikone as this user"
-                    trigger={<Button floated="right" circular size="tiny" basic icon="spy" onClick={this.superLogin} />}
+                    trigger={<Button floated="right" circular size="tiny" basic icon="spy" onClick={() => this.showAs(user.username)} />}
                   />
                 )}
                 {user.full_name}

services/oodikone2-frontend/src/redux/students.js

@@ -3,7 +3,7 @@ import { callController } from '../apiConnection'
 export const findStudents = (searchStr) => {
   const route = `/students/?searchTerm=${searchStr}`
   const prefix = 'FIND_STUDENTS_'
-  return callController(route, prefix)
+  return callController(route, prefix, undefined, undefined, searchStr)
 }
 
 export const getStudent = (studentNumber) => {
@@ -31,6 +31,7 @@ const reducer = (state = { data: [] }, action) => {
       return {
         pending: true,
         selected: state.selected,
+        lastSearch: action.requestSettings.query,
         data: state.data
       }
     case 'FIND_STUDENTS_FAILURE':
@@ -45,7 +46,9 @@ const reducer = (state = { data: [] }, action) => {
         pending: false,
         error: false,
         selected: state.selected,
-        data: [...state.data.filter(student => student.fetched), ...action.response]
+        data: state.lastSearch === action.query ?
+          [...state.data.filter(student => student.fetched), ...action.response] :
+          state.data
       }
     case 'GET_STUDENT_SUCCESS':
       return {

services/oodikone2-usageservice/src/middlewares/secret.js

@@ -1,5 +1,5 @@
 const { SECRET } = require('../conf-usageservice')
 
-const checkSecret = (req, res, next) => req.headers.secret == SECRET ? next() : res.status(403)
+const checkSecret = (req, res, next) => req.headers.secret == SECRET ? next() : res.status(403).end()
 
 module.exports = checkSecret

services/oodikone2-userservice/index.js

@@ -84,7 +84,7 @@ app.post('/superlogin', async (req, res) => {
   if (token) {
     res.status(200).json(token)
   }
-  res.status(400)
+  res.status(400).end()
 })
 
 app.put('/user/:uid', async (req, res) => {
@@ -138,7 +138,7 @@ app.get('/access_groups', async (req, res) => {
     const groups = await AccessGroup.findAll()
     res.status(200).json(groups)
   } catch (e) {
-    res.status(400)
+    res.status(400).end()
   }
 })
 

services/oodikone2-userservice/src/middlewares/secret.js

@@ -1,5 +1,5 @@
-const checkSecret = (req, res, next) => req.headers.secret == process.env.SECRET ? next() : res.status(403)
+const checkSecret = (req, res, next) => req.headers.secret == process.env.SECRET ? next() : res.status(403).end()
 
 
-module.exports = 
+module.exports =
   checkSecret

services/oodikone2-userservice/src/services/users.js

@@ -108,7 +108,7 @@ const login = async (uid, full_name, hyGroups, affiliations, mail) => {
 }
 const superlogin = async (uid, asUser) => {
   const user = await byUsername(uid)
-  if (user.accessgroup.map(r => r.group_code).includes('admin')) {
+  if (user && user.accessgroup.map(r => r.group_code).includes('admin')) {
     const token = await generateToken(asUser, uid)
     return token
   }