Merge branch 'release/v1.2.3'

Wissance · Mar 28, 2022 · f0ade77 · f0ade77
2 parents ea5caf1 + 4d932cc
commit f0ade77
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 2 deletions.
diff --git a/api/rest/gorilla_cors.go b/api/rest/gorilla_cors.go
@@ -63,11 +63,16 @@ func EnableCorsAllOrigin(respWriter *http.ResponseWriter) {
  * Returns nothing
  */
 func EnableCors(respWriter *http.ResponseWriter, origin string, methods string) {
+	addCorsHeaders(respWriter, origin)
+	(*respWriter).Header().Set(AccessControlAllowMethodsHeader, methods)
+}
+
+func addCorsHeaders(respWriter *http.ResponseWriter, origin string) {
 	(*respWriter).Header().Set(AccessControlAllowHeadersHeader, AllowAllHeaderValues)
 	(*respWriter).Header().Set(AccessControlAllowOriginHeader, origin)
-	(*respWriter).Header().Set(AccessControlAllowMethodsHeader, methods)
 }
 
+
 func (handler *WebApiHandler) handlePreflightReq(respWriter http.ResponseWriter, request *http.Request) {
 	route := m.CurrentRoute(request)
 	if route != nil {
@@ -90,6 +95,17 @@ func join(values []string, separator string) string {
 	return line
 }
 
+
+// handleWithCors function that adds CORS headers before handler func is called
+func (handler *WebApiHandler) handleWithCors(f func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
+	return func(writer http.ResponseWriter, request *http.Request) {
+		if handler.AllowCors {
+			addCorsHeaders(&writer, handler.Origin)
+		}
+		f(writer, request)
+	}
+}
+
 // HandleFunc
 /* This is a Proxy function that assign handler to handle specific route by url but also simultaneously it configures CORS handler.
  * This function is almost equal to mux.Router.HandleFunc except fact that we passing
@@ -105,7 +121,7 @@ func join(values []string, separator string) string {
  */
 func (handler *WebApiHandler) HandleFunc(router *m.Router, path string, f func(http.ResponseWriter, *http.Request), handlerMethods ...string) *m.Route {
 	// 1. Create Route ...
-	route := router.HandleFunc(path, f).Methods(handlerMethods...)
+	route := router.HandleFunc(path, handler.handleWithCors(f)).Methods(handlerMethods...)
 	if handler.AllowCors {
 		// 2. Create Options route
 		optionRouteName := stringFormatter.Format("{0}_{1}", path, optionsRouteSuffix)
@@ -121,3 +137,4 @@ func (handler *WebApiHandler) HandleFunc(router *m.Router, path string, f func(h
 	}
 	return route
 }
+
diff --git a/api/rest/gorilla_cors_test.go b/api/rest/gorilla_cors_test.go
@@ -39,9 +39,17 @@ func TestHandleFuncWithCorsWithAnyOrigin(t *testing.T) {
 
 	checkOptionRouteCors(t, handler.Router, realmResource, AnyOrigin, "*", "OPTIONS,GET" )
 	checkOptionRouteCors(t, handler.Router, userResourceRoot, AnyOrigin, "*", "OPTIONS,GET,POST" )
+	checkRouteCors(t, handler.Router, "GET", realmResource,  AnyOrigin)
+
+	checkRouteCors(t, handler.Router, "GET", userResourceRoot,  AnyOrigin)
+	checkRouteCors(t, handler.Router, "POST", userResourceRoot,  AnyOrigin)
 
         userById := "/api/user/123/"
 	checkOptionRouteCors(t, handler.Router, userById, AnyOrigin, "*", "OPTIONS,GET,PUT,DELETE" )
+
+	checkRouteCors(t, handler.Router, "GET", userById,  AnyOrigin)
+	checkRouteCors(t, handler.Router, "PUT", userById,  AnyOrigin)
+	checkRouteCors(t, handler.Router, "DELETE", userById,  AnyOrigin)
 }
 
 func TestHandleFuncForSubRouterAndSpecificOrigin(t *testing.T) {
@@ -78,8 +86,17 @@ func TestHandleFuncForSubRouterAndSpecificOrigin(t *testing.T) {
 	checkOptionRouteCors(t, handler.Router, "/service1" + objectResource, internalSubNet, "*", "OPTIONS,GET,POST" )
 	checkOptionRouteCors(t, handler.Router, "/service2" + classRootResource, internalSubNet, "*", "OPTIONS,GET,POST" )
 
+	checkRouteCors(t,handler.Router, "GET", "/service1" + objectResource, internalSubNet)
+	checkRouteCors(t,handler.Router, "POST", "/service1" + objectResource, internalSubNet)
+
+	checkRouteCors(t,handler.Router, "GET", "/service2" + classRootResource, internalSubNet)
+	checkRouteCors(t,handler.Router, "POST", "/service2" + classRootResource, internalSubNet)
+
+
 	classById := "/api/class/356/"
 	checkOptionRouteCors(t, handler.Router, "/service2" + classById, internalSubNet, "*", "OPTIONS,DELETE" )
+
+	checkRouteCors(t,handler.Router, "DELETE", "/service2" + classById, internalSubNet)
 }
 
 func checkOptionRouteCors(t *testing.T, router *mux.Router, requestPath string, allowedOrigin string, allowedHeader string, allowedMethods string) {
@@ -91,3 +108,11 @@ func checkOptionRouteCors(t *testing.T, router *mux.Router, requestPath string,
 	assert.Equal(t, allowedHeader, writer.Header().Get(AccessControlAllowHeadersHeader))
 	assert.Equal(t, allowedMethods, writer.Header().Get(AccessControlAllowMethodsHeader))
 }
+
+func checkRouteCors(t *testing.T, router *mux.Router, method string, requestPath string, allowedOrigin string) {
+	request := http.Request{URL: &url.URL{Scheme: "http", Host: "127.0.0.1:8687", Path: requestPath},
+		Method: method}
+	writer := httptest.NewRecorder()
+	router.ServeHTTP(writer, &request)
+	assert.Equal(t, allowedOrigin, writer.Header().Get(AccessControlAllowOriginHeader))
+}