Merge pull request #2436 from camptocamp/no-unauhenticated-versions

Make the versions view authenticated
camptocamp · Sep 26, 2024 · b469cc1 · b469cc1
2 parents 6549d60 + 90a2528
commit b469cc1
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 6 deletions.
diff --git a/acceptance_tests/out/tests/c2c.expected.png b/acceptance_tests/out/tests/c2c.expected.png
diff --git a/acceptance_tests/tests/tests/test_versions.py b/acceptance_tests/tests/tests/test_versions.py
@@ -1,5 +1,6 @@
 def test_ok(app_connection):
-    response = app_connection.get_json("c2c/versions.json", cors=False)
+    params = {"secret": "changeme"}
+    response = app_connection.get_json("c2c/versions.json", params=params, cors=False)
     assert "main" in response
     assert "git_hash" in response["main"]
     assert "packages" in response

diff --git a/c2cwsgiutils/index.py b/c2cwsgiutils/index.py
@@ -153,8 +153,8 @@ def _index(request: pyramid.request.Request) -> dict[str, str]:
     body = ""
     body += _health_check(request)
     body += _stats(request)
-    body += _versions(request)
     if has_access:
+        body += _versions(request)
         body += _debug(request)
         body += _db_maintenance(request)
         body += _logging(request)

diff --git a/c2cwsgiutils/version.py b/c2cwsgiutils/version.py
@@ -8,7 +8,7 @@
 import prometheus_client
 import pyramid.config
 
-from c2cwsgiutils import config_utils, prometheus
+from c2cwsgiutils import auth, config_utils, prometheus
 
 _VERSIONS_PATH = "/app/versions.json"
 _LOG = logging.getLogger(__name__)
@@ -41,6 +41,15 @@ def init(config: pyramid.config.Configurator) -> None:
     includeme(config)
 
 
+class _View:
+    def __init__(self, versions: dict[str, dict[str, str]]) -> None:
+        self.versions = versions
+
+    def __call__(self, request: pyramid.request.Request) -> dict[str, dict[str, str]]:
+        auth.auth_view(request)
+        return self.versions
+
+
 def includeme(config: pyramid.config.Configurator) -> None:
     """Initialize the versions view."""
 
@@ -49,9 +58,7 @@ def includeme(config: pyramid.config.Configurator) -> None:
         config.add_route(
             "c2c_versions", config_utils.get_base_path(config) + r"/versions.json", request_method="GET"
         )
-        config.add_view(
-            lambda request: versions, route_name="c2c_versions", renderer="fast_json", http_cache=0
-        )
+        config.add_view(_View(versions), route_name="c2c_versions", renderer="fast_json", http_cache=0)
         _LOG.info("Installed the /versions.json service")
         git_hash = versions["main"]["git_hash"]