fix code drift

2021-09-21 09:51:32 +10:00 · 2021-09-21 09:51:32 +10:00 · ce0c6551e4
--- a/cmd/aro/portal.go
+++ b/cmd/aro/portal.go
@ -158,6 +158,8 @@ func portal(ctx context.Context, log *logrus.Entry, audit *logrus.Entry) error {
 		return err
 	}

+	// In development the portal API is proxied by the frontend dev server which is
+	// hosted at localhost:3000, so the hostname needs to be set to that
 	hostname := "localhost:3000"
 	address := "localhost:8444"
 	sshAddress := "localhost:2222"
--- a/hack/aead/aead.go
+++ b/hack/aead/aead.go
@ -65,12 +65,7 @@ func run(ctx context.Context, log *logrus.Entry) error {

 	serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI)

-	key, err := serviceKeyvault.GetBase64Secret(ctx, env.EncryptionSecretName)
-	if err != nil {
-		return err
-	}
-
-	aead, err := encryption.NewXChaCha20Poly1305(ctx, key)
+	aead, err := encryption.NewMulti(ctx, serviceKeyvault, env.EncryptionSecretV2Name, env.EncryptionSecretName)
 	if err != nil {
 		return err
 	}
--- a/pkg/portal/cluster/clusteroperators.go
+++ b/pkg/portal/cluster/clusteroperators.go
@ -19,7 +19,7 @@ type ClusterOperatorsInformation struct {
 	Operators []OperatorInformation `json:"operators"`
 }

-func ClusterOperatorsInformationFromClusterDoc(operators *configv1.ClusterOperatorList) *ClusterOperatorsInformation {
+func clusterOperatorsInformationFromOperatorList(operators *configv1.ClusterOperatorList) *ClusterOperatorsInformation {
 	final := &ClusterOperatorsInformation{
 		Operators: make([]OperatorInformation, 0, len(operators.Items)),
 	}
@ -48,7 +48,7 @@ func (f *realFetcher) ClusterOperators(ctx context.Context) (*ClusterOperatorsIn
 		return nil, err
 	}

-	return ClusterOperatorsInformationFromClusterDoc(r), nil
+	return clusterOperatorsInformationFromOperatorList(r), nil
 }

 func (c *client) ClusterOperators(ctx context.Context) (*ClusterOperatorsInformation, error) {
--- a/pkg/portal/http_test.go
+++ b/pkg/portal/http_test.go
@ -33,7 +33,7 @@ func NewTestPortal(_env env.Core, dbOpenShiftClusters database.OpenShiftClusters
 	auditHook, portalAuditLog := testlog.NewAudit()

 	l := listener.NewListener()
-	p := NewPortal(_env, portalAuditLog, portalLog, portalAccessLog, l, nil, nil, "", nil, nil, "", nil, nil, make([]byte, 32), nil, nil, elevatedGroupIDs, dbOpenShiftClusters, dbPortal, nil).(*portal)
+	p := NewPortal(_env, portalAuditLog, portalLog, portalAccessLog, l, nil, nil, "", nil, nil, "", nil, nil, make([]byte, 32), nil, nonElevatedGroupIDs, elevatedGroupIDs, dbOpenShiftClusters, dbPortal, nil, nil).(*portal)

 	return &testPortal{
 		p:             p,
@ -90,6 +90,8 @@ func (p *testPortal) Request(method string, path string, authenticated bool, ele
 		var groups []string
 		if elevated {
 			groups = elevatedGroupIDs
+		} else {
+			groups = nonElevatedGroupIDs
 		}
 		err = addAuth(req, groups)
 		if err != nil {
--- a/pkg/portal/security_test.go
+++ b/pkg/portal/security_test.go
@ -34,7 +34,8 @@ import (
 )

 var (
-	elevatedGroupIDs = []string{"00000000-0000-0000-0000-000000000000"}
+	nonElevatedGroupIDs = []string{"00000000-1111-1111-1111-000000000000"}
+	elevatedGroupIDs    = []string{"00000000-0000-0000-0000-000000000000"}
 )

 func TestSecurity(t *testing.T) {