From 09594cb5e1a6d49681771a509ae2a6067fec6a89 Mon Sep 17 00:00:00 2001 From: Naz Date: Tue, 10 May 2022 16:44:18 +0800 Subject: [PATCH] Updated version mismatch middleware to handle API keys refs https://github.com/TryGhost/Toolbox/issues/292 - The version mismatch middleware middleware is the best place where the information can be assembled for the APIVersionCompatibilityService to handle. We need API key identification information to be able to pick up the integration name when sending a notification email to the administrators --- .../lib/mw-api-version-mismatch.js | 8 ++- ghost/mw-api-version-mismatch/package.json | 3 + .../test/mw-api-version-mismatch.test.js | 55 +++++++++++++++++++ 3 files changed, 65 insertions(+), 1 deletion(-) diff --git a/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js b/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js index 69205fafeb..fb64a1d043 100644 --- a/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js +++ b/ghost/mw-api-version-mismatch/lib/mw-api-version-mismatch.js @@ -1,3 +1,5 @@ +const extractApiKey = require('@tryghost/extract-api-key'); + const versionMismatchHandler = (APIVersionCompatibilityService) => { /** * @param {Object} err @@ -8,11 +10,15 @@ const versionMismatchHandler = (APIVersionCompatibilityService) => { return async (err, req, res, next) => { if (err && err.errorType === 'RequestNotAcceptableError') { if (err.code === 'UPDATE_CLIENT') { + const {key, type} = extractApiKey(req); + await APIVersionCompatibilityService.handleMismatch({ acceptVersion: req.headers['accept-version'], contentVersion: `v${res.locals.safeVersion}`, requestURL: req.originalUrl, - userAgent: req.headers['user-agent'] + userAgent: req.headers['user-agent'], + apiKeyValue: key, + apiKeyType: type }); } } diff --git a/ghost/mw-api-version-mismatch/package.json b/ghost/mw-api-version-mismatch/package.json index 266467eab3..c396fbc9bf 100644 --- a/ghost/mw-api-version-mismatch/package.json +++ b/ghost/mw-api-version-mismatch/package.json @@ -24,5 +24,8 @@ "c8": "7.11.2", "mocha": "10.0.0", "sinon": "14.0.0" + }, + "dependencies": { + "@tryghost/extract-api-key": "^0.1.0" } } diff --git a/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js b/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js index cfa54d4047..7dc7058fc7 100644 --- a/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js +++ b/ghost/mw-api-version-mismatch/test/mw-api-version-mismatch.test.js @@ -26,10 +26,65 @@ describe('mw-api-version-mismatch', function () { code: 'UPDATE_CLIENT' }), req, res, () => { assert.equal(APIVersionCompatibilityService.handleMismatch.called, true); + assert.deepEqual(Object.keys(APIVersionCompatibilityService.handleMismatch.args[0][0]), [ + 'acceptVersion', + 'contentVersion', + 'requestURL', + 'userAgent', + 'apiKeyValue', + 'apiKeyType' + ], 'handleMismatch called with wrong arguments'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].acceptVersion, 'v3.28'); assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].contentVersion, 'v4.46'); assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].requestURL, '/api/admin/posts/1'); assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].userAgent, 'Zapier/2.1 GhostAdminSDK/3.28'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyValue, null); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyType, null); + + done(); + }); + }); + + it('Does call handle mismatch when with correct API key values when identification information is in the request', function (done) { + const APIVersionCompatibilityService = { + handleMismatch: sinon.stub().resolves() + }; + const req = { + originalUrl: '/api/admin/posts/1', + query: { + key: 'content_api_key_secret' + }, + headers: { + 'accept-version': 'v3.28', + 'user-agent': 'Zapier/2.1 GhostAdminSDK/3.28' + } + }; + const res = { + locals: { + safeVersion: '4.46' + } + }; + + versionMismatchMW(APIVersionCompatibilityService)(new errors.RequestNotAcceptableError({ + code: 'UPDATE_CLIENT' + }), req, res, () => { + assert.equal(APIVersionCompatibilityService.handleMismatch.called, true); + assert.deepEqual(Object.keys(APIVersionCompatibilityService.handleMismatch.args[0][0]), [ + 'acceptVersion', + 'contentVersion', + 'requestURL', + 'userAgent', + 'apiKeyValue', + 'apiKeyType' + ], 'handleMismatch called with wrong arguments'); + + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].acceptVersion, 'v3.28'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].contentVersion, 'v4.46'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].requestURL, '/api/admin/posts/1'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].userAgent, 'Zapier/2.1 GhostAdminSDK/3.28'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyValue, 'content_api_key_secret'); + assert.equal(APIVersionCompatibilityService.handleMismatch.args[0][0].apiKeyType, 'content'); done(); });