mirror of
https://github.com/azaion/admin.git
synced 2026-06-21 10:31:09 +00:00
refactor: remove obsolete resource download and installer endpoints
- Deleted the `POST /resources/get/{dataFolder?}` and `GET /resources/get-installer` endpoints as part of the architectural shift towards simplified resource management.
- Removed associated methods and configurations, including `ResourcesService.GetEncryptedResource`, `ResourcesService.GetInstaller`, and related properties in `ResourcesConfig`.
- Cleaned up environment variables and configuration files to reflect the removal of installer-related settings.
- Eliminated the `GetResourceRequest` DTO and its validator, along with the `WrongResourceName` error code.
- Updated documentation to clarify the changes in resource handling and the retirement of per-user file encryption.
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
@@ -55,10 +55,6 @@ public sealed class SecurityTests
|
||||
|
||||
using (var r = await client.DeleteAsync($"/users/{Uri.EscapeDataString(probeEmail)}"))
|
||||
r.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
|
||||
|
||||
using (var r = await client.PostAsync("/resources/get",
|
||||
new { password = "irrelevant1", fileName = "f.bin" }))
|
||||
r.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
@@ -141,63 +137,6 @@ public sealed class SecurityTests
|
||||
response.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Per_user_encryption_produces_distinct_ciphertext_for_same_file()
|
||||
{
|
||||
// Arrange
|
||||
var folder = $"sectest-{Guid.NewGuid():N}";
|
||||
var fileName = $"enc-{Guid.NewGuid():N}.bin";
|
||||
var payload = Encoding.UTF8.GetBytes($"secret-{Guid.NewGuid()}");
|
||||
var email1 = $"{Guid.NewGuid():N}@sectest.example.com";
|
||||
var email2 = $"{Guid.NewGuid():N}@sectest.example.com";
|
||||
const string password = "TestPwd12345";
|
||||
|
||||
try
|
||||
{
|
||||
foreach (var email in new[] { email1, email2 })
|
||||
{
|
||||
var reg = JsonSerializer.Serialize(new { email, password, role = 10 }, JsonOptions);
|
||||
using var create = await _fixture.HttpClient.PostAsync("/users",
|
||||
new StringContent(reg, Encoding.UTF8, "application/json"));
|
||||
create.IsSuccessStatusCode.Should().BeTrue();
|
||||
}
|
||||
|
||||
using (var adminUpload = _fixture.CreateAuthenticatedClient(_fixture.AdminToken))
|
||||
{
|
||||
using var up = await adminUpload.UploadFileAsync($"/resources/{folder}", payload, fileName);
|
||||
up.IsSuccessStatusCode.Should().BeTrue();
|
||||
}
|
||||
|
||||
async Task<byte[]> DownloadForAsync(string email)
|
||||
{
|
||||
using var api = _fixture.CreateApiClient();
|
||||
var token = await api.LoginAsync(email, password);
|
||||
api.SetAuthToken(token);
|
||||
using var get = await api.PostAsync($"/resources/get/{folder}",
|
||||
new { password, fileName });
|
||||
get.IsSuccessStatusCode.Should().BeTrue();
|
||||
return await get.Content.ReadAsByteArrayAsync();
|
||||
}
|
||||
|
||||
// Act
|
||||
var bytes1 = await DownloadForAsync(email1);
|
||||
var bytes2 = await DownloadForAsync(email2);
|
||||
|
||||
// Assert
|
||||
bytes1.Should().NotBeEquivalentTo(bytes2);
|
||||
}
|
||||
finally
|
||||
{
|
||||
using var clearResponse = await _fixture.HttpClient.PostAsync($"/resources/clear/{folder}",
|
||||
new StringContent("", Encoding.UTF8, "application/json"));
|
||||
|
||||
foreach (var email in new[] { email1, email2 })
|
||||
{
|
||||
using var _ = await _fixture.HttpClient.DeleteAsync($"/users/{Uri.EscapeDataString(email)}");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public async Task Hardware_endpoints_are_removed_AZ_197()
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user