Add the acl token as a header to client requests

2017-10-18 19:04:19 -07:00 · 2017-10-18 19:04:19 -07:00 · 189403c5b9
parent d448f888b8
commit 189403c5b9
2 changed files with 19 additions and 6 deletions
--- a/ui/app/models/allocation.js
+++ b/ui/app/models/allocation.js
@ -3,12 +3,11 @@ import Model from 'ember-data/model';
 import attr from 'ember-data/attr';
 import { belongsTo } from 'ember-data/relationships';
 import { fragment, fragmentArray } from 'ember-data-model-fragments/attributes';
-import fetch from 'fetch';
 import PromiseObject from '../utils/classes/promise-object';
 import timeout from '../utils/timeout';
 import shortUUIDProperty from '../utils/properties/short-uuid';

-const { computed, RSVP } = Ember;
+const { computed, RSVP, inject } = Ember;

 const STATUS_ORDER = {
  pending: 1,
@ -19,6 +18,8 @@ const STATUS_ORDER = {
 };

 export default Model.extend({
+  token: inject.service(),
+
  shortId: shortUUIDProperty('id'),
  job: belongsTo('job'),
  node: belongsTo('node'),
@ -74,7 +75,12 @@ export default Model.extend({

    const url = `//${this.get('node.httpAddr')}/v1/client/allocation/${this.get('id')}/stats`;
    return PromiseObject.create({
-      promise: RSVP.Promise.race([fetch(url).then(res => res.json()), timeout(2000)]),
+      promise: RSVP.Promise.race([
+        this.get('token')
+          .authorizedRequest(url)
+          .then(res => res.json()),
+        timeout(2000),
+      ]),
    });
  }),

--- a/ui/tests/acceptance/token-test.js
+++ b/ui/tests/acceptance/token-test.js
@ -48,7 +48,7 @@ test('the X-Nomad-Token header gets sent with requests once it is set', function
    assert.ok(server.pretender.handledRequests.length > 1, 'Requests have been made');

    server.pretender.handledRequests.forEach(req => {
-      assert.notOk(req.requestHeaders['X-Nomad-Token'], `No token for ${req.url}`);
+      assert.notOk(getHeader(req, 'X-Nomad-Token'), `No token for ${req.url}`);
    });

    requestPosition = server.pretender.handledRequests.length;
@ -68,8 +68,8 @@ test('the X-Nomad-Token header gets sent with requests once it is set', function
    assert.ok(newRequests.length > 1, 'New requests have been made');

    // Cross-origin requests can't have a token
-    newRequests.filter(req => !req.url.startsWith('//')).forEach(req => {
-      assert.equal(req.requestHeaders['X-Nomad-Token'], secretId, `Token set for ${req.url}`);
+    newRequests.forEach(req => {
+      assert.equal(getHeader(req, 'X-Nomad-Token'), secretId, `Token set for ${req.url}`);
    });
  });
 });
@ -199,3 +199,10 @@ test('setting a token clears the store', function(assert) {
  // If jobs are lingering in the store, they would show up
  assert.notOk(find('.job-row'), 'No jobs found');
 });
+
+function getHeader({ requestHeaders }, name) {
+  // Headers are case-insensitive, but object property look up is not
+  return (
+    requestHeaders[name] || requestHeaders[name.toLowerCase()] || requestHeaders[name.toUpperCase()]
+  );
+}