currently also have to specify the admin user calling the request. also added a tiny manual test to imitate user. will add trails next

2023-02-15 15:20:16 +01:00 · 2023-02-15 15:20:16 +01:00 · 85bec3aaf0
parent 7bf1d6e95a
commit 85bec3aaf0
5 changed files with 30 additions and 23 deletions
--- a/scripts/manual-tests/16-change-user-tier.sh
+++ b/scripts/manual-tests/16-change-user-tier.sh
@ -1,5 +1,5 @@
-# docker-compose up -d
 # rm -rf data/
+# docker-compose up -d
 # sea-orm-cli migrate up

 # Use CLI to create the admin that will call the endpoint
--- a/scripts/manual-tests/19-admin-imitate-user.sh
+++ b/scripts/manual-tests/19-admin-imitate-user.sh
@ -1,27 +1,38 @@
-# Admin can login as a user ... (but again, we must first have logged in
-# docker-compose up -d
 # rm -rf data/
+# docker-compose up -d
 # sea-orm-cli migrate up

+# Use CLI to create the admin that will call the endpoint
 RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a
 RUSTFLAGS="--cfg tokio_unstable" cargo run change_admin_status 0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a true

+# Use CLI to create the user whose role will be changed via the endpoint
+RUSTFLAGS="--cfg tokio_unstable" cargo run create_user --address 0x077e43dcca20da9859daa3fd78b5998b81f794f7
+
 # Run the proxyd instance
-# cargo run --release -- proxyd
+RUSTFLAGS="--cfg tokio_unstable" cargo run --release -- proxyd

 # Check if the instance is running
-# curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544
+curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc":"2.0","method":"web3_clientVersion","id":1}' 127.0.0.1:8544

-# Login as user first
-curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
-#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
-curl -X GET "127.0.0.1:8544/user/login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
+# Open this website to get the nonce to log in
+curl \
+-H "Authorization: Bearer 01GSANKVBB22D5P2351P4Y42NV" \
+-X GET "http://127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/0x077e43dcca20da9859daa3fd78b5998b81f794f7"
+
+# Use this site to sign a message
+# https://www.myetherwallet.com/wallet/sign (whatever is output with the above code)
+curl -X POST http://127.0.0.1:8544/admin/imitate-login \
+  -H 'Content-Type: application/json' \
+  -H "Authorization: Bearer 01GSANKVBB22D5P2351P4Y42NV" \
+  -d '{"address": "0xeb3e928a2e54be013ef8241d4c9eaf4dfae94d5a", "msg": "0x6c6c616d616e6f6465732e636f6d2077616e747320796f7520746f207369676e20696e207769746820796f757220457468657265756d206163636f756e743a0a3078654233453932384132453534424530313345463832343164344339456146344466414539344435610a0af09fa699f09fa699f09fa699f09fa699f09fa6990a0a5552493a2068747470733a2f2f6c6c616d616e6f6465732e636f6d2f0a56657273696f6e3a20310a436861696e2049443a20310a4e6f6e63653a20303147534150545132413932415332435752563158504d4347470a4973737565642041743a20323032332d30322d31355431343a31343a33352e3835303636385a0a45787069726174696f6e2054696d653a20323032332d30322d31355431343a33343a33352e3835303636385a", "sig": "d5fed789e98769b8b726a79f222f2e06476de15948d35c167c4f294bb98edf42244edc703b6d729e5d08bd73c318fc9729b985022229c7669a945d64da47ab641c", "version": "3", "signer": "MEW"}'

 # Now modify the user role and check this in the database
+# 01GSAMMWQ41TVVH3DH8MSEP8X6
 # Now we can get a bearer-token to imitate the user
-curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a"
-#curl -X POST -H "Content-Type: application/json" --data '{}' 127.0.0.1:8544/user/login
-curl -X GET "127.0.0.1:8544/admin/imitate-login/0xeB3E928A2E54BE013EF8241d4C9EaF4DfAE94D5a/"
+curl \
+-H "Authorization: Bearer 01GSAPZNVZ96ADJAEZ1VTRSA5T" \
+-X GET "127.0.0.1:8544/user/keys"


 # docker-compose down
--- a/web3_proxy/src/admin_queries.rs
+++ b/web3_proxy/src/admin_queries.rs
@ -65,7 +65,7 @@ pub async fn query_admin_modify_usertier<'a>(
    // Check if the caller is an admin (i.e. if he is in an admin table)
    let admin: admin::Model = admin::Entity::find()
        .filter(admin::Column::UserId.eq(caller_id))
-        .one(db_replica.conn())
+        .one(&db_conn)
        .await?
        .ok_or(FrontendErrorResponse::AccessDenied)?;

@ -74,7 +74,7 @@ pub async fn query_admin_modify_usertier<'a>(
    // Fetch the admin, and the user
    let user: user::Model = user::Entity::find()
        .filter(user::Column::Address.eq(user_address))
-        .one(db_replica.conn())
+        .one(&db_conn)
        .await?
        .ok_or(FrontendErrorResponse::BadRequest("No user with this id found".to_string()))?;
    // Return early if the target user_tier_id is the same as the original user_tier_id
@ -86,7 +86,7 @@ pub async fn query_admin_modify_usertier<'a>(
    // Now we can modify the user's tier
    let new_user_tier: user_tier::Model = user_tier::Entity::find()
        .filter(user_tier::Column::Title.eq(user_tier_title.clone()))
-        .one(db_replica.conn())
+        .one(&db_conn)
        .await?
        .ok_or(FrontendErrorResponse::BadRequest("User Tier name was not found".to_string()))?;

@ -105,7 +105,7 @@ pub async fn query_admin_modify_usertier<'a>(
    // Query the login table, and get all bearer tokens by this user
    let bearer_tokens = login::Entity::find()
        .filter(login::Column::UserId.eq(user.id))
-        .all(db_replica.conn())
+        .all(&db_conn)
        .await?;

    // Now delete these tokens ...
--- a/web3_proxy/src/frontend/admin.rs
+++ b/web3_proxy/src/frontend/admin.rs
@ -173,11 +173,7 @@ pub async fn admin_login_get(
        .filter(user::Column::Address.eq(user_address))
        .one(db_replica.conn())
        .await?
-        .ok_or(FrontendErrorResponse::StatusCode(
-            StatusCode::BAD_REQUEST,
-            "Could not find user in db".to_string(),
-            None,
-        ))?;
+        .ok_or(FrontendErrorResponse::BadRequest("Could not find user in db".to_string()))?;

    // Can there be two login-sessions at the same time?
    // I supposed if the user logs in, the admin would be logged out and vice versa
--- a/web3_proxy/src/frontend/mod.rs
+++ b/web3_proxy/src/frontend/mod.rs
@ -170,9 +170,9 @@ pub async fn serve(port: u16, proxy_app: Arc<Web3ProxyApp>) -> anyhow::Result<()
        .route("/user/stats/detailed", get(users::user_stats_detailed_get))
        .route("/user/logout", post(users::user_logout_post))
        .route("/admin/modify_role", get(admin::admin_change_user_roles))
-        .route("/admin/imitate-login/:user_address", get(admin::admin_login_get))
+        .route("/admin/imitate-login/:admin_address/:user_address", get(admin::admin_login_get))
        .route(
-            "/admin/imitate-login/:user_address/:message_eip",
+            "/admin/imitate-login/:admin_address/:user_address/:message_eip",
            get(admin::admin_login_get),
        )
        .route("/admin/imitate-login", post(admin::admin_login_post))