diff options
Diffstat (limited to 'api4')
-rw-r--r-- | api4/system.go | 9 | ||||
-rw-r--r-- | api4/system_test.go | 108 |
2 files changed, 101 insertions, 16 deletions
diff --git a/api4/system.go b/api4/system.go index acb02bc3e..68f998d6d 100644 --- a/api4/system.go +++ b/api4/system.go @@ -250,7 +250,14 @@ func getClientConfig(c *Context, w http.ResponseWriter, r *http.Request) { return } - w.Write([]byte(model.MapToJson(c.App.ClientConfigWithComputed()))) + var config map[string]string + if *c.App.Config().ServiceSettings.ExperimentalLimitClientConfig && len(c.Session.UserId) == 0 { + config = c.App.LimitedClientConfigWithComputed() + } else { + config = c.App.ClientConfigWithComputed() + } + + w.Write([]byte(model.MapToJson(config))) } func getEnvironmentConfig(c *Context, w http.ResponseWriter, r *http.Request) { diff --git a/api4/system_test.go b/api4/system_test.go index f46ae7436..f784a8be4 100644 --- a/api4/system_test.go +++ b/api4/system_test.go @@ -228,27 +228,105 @@ func TestGetEnvironmentConfig(t *testing.T) { func TestGetOldClientConfig(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() defer th.TearDown() - Client := th.Client - config, resp := Client.GetOldClientConfig("") - CheckNoError(t, resp) + testKey := "supersecretkey" + th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.GoogleDeveloperKey = testKey }) - if len(config["Version"]) == 0 { - t.Fatal("config not returned correctly") - } + t.Run("with session, without limited config", func(t *testing.T) { + th.App.UpdateConfig(func(cfg *model.Config) { + cfg.ServiceSettings.GoogleDeveloperKey = testKey + *cfg.ServiceSettings.ExperimentalLimitClientConfig = false + }) - Client.Logout() + Client := th.Client - _, resp = Client.GetOldClientConfig("") - CheckNoError(t, resp) + config, resp := Client.GetOldClientConfig("") + CheckNoError(t, resp) - if _, err := Client.DoApiGet("/config/client", ""); err == nil || err.StatusCode != http.StatusNotImplemented { - t.Fatal("should have errored with 501") - } + if len(config["Version"]) == 0 { + t.Fatal("config not returned correctly") + } - if _, err := Client.DoApiGet("/config/client?format=junk", ""); err == nil || err.StatusCode != http.StatusBadRequest { - t.Fatal("should have errored with 400") - } + if config["GoogleDeveloperKey"] != testKey { + t.Fatal("config missing developer key") + } + }) + + t.Run("without session, without limited config", func(t *testing.T) { + th.App.UpdateConfig(func(cfg *model.Config) { + cfg.ServiceSettings.GoogleDeveloperKey = testKey + *cfg.ServiceSettings.ExperimentalLimitClientConfig = false + }) + + Client := th.CreateClient() + + config, resp := Client.GetOldClientConfig("") + CheckNoError(t, resp) + + if len(config["Version"]) == 0 { + t.Fatal("config not returned correctly") + } + + if config["GoogleDeveloperKey"] != testKey { + t.Fatal("config missing developer key") + } + }) + + t.Run("with session, with limited config", func(t *testing.T) { + th.App.UpdateConfig(func(cfg *model.Config) { + cfg.ServiceSettings.GoogleDeveloperKey = testKey + *cfg.ServiceSettings.ExperimentalLimitClientConfig = true + }) + + Client := th.Client + + config, resp := Client.GetOldClientConfig("") + CheckNoError(t, resp) + + if len(config["Version"]) == 0 { + t.Fatal("config not returned correctly") + } + + if config["GoogleDeveloperKey"] != testKey { + t.Fatal("config missing developer key") + } + }) + + t.Run("without session, without limited config", func(t *testing.T) { + th.App.UpdateConfig(func(cfg *model.Config) { + cfg.ServiceSettings.GoogleDeveloperKey = testKey + *cfg.ServiceSettings.ExperimentalLimitClientConfig = true + }) + + Client := th.CreateClient() + + config, resp := Client.GetOldClientConfig("") + CheckNoError(t, resp) + + if len(config["Version"]) == 0 { + t.Fatal("config not returned correctly") + } + + if _, ok := config["GoogleDeveloperKey"]; ok { + t.Fatal("config should be missing developer key") + } + }) + + t.Run("missing format", func(t *testing.T) { + Client := th.Client + + if _, err := Client.DoApiGet("/config/client", ""); err == nil || err.StatusCode != http.StatusNotImplemented { + t.Fatal("should have errored with 501") + } + }) + + t.Run("invalid format", func(t *testing.T) { + Client := th.Client + + if _, err := Client.DoApiGet("/config/client?format=junk", ""); err == nil || err.StatusCode != http.StatusBadRequest { + t.Fatal("should have errored with 400") + } + }) } func TestGetOldClientLicense(t *testing.T) { |