-
Notifications
You must be signed in to change notification settings - Fork 147
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ReservedPackage + admin action. (#8105)
- Loading branch information
Showing
5 changed files
with
221 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
// Copyright (c) 2024, the Dart project authors. Please see the AUTHORS file | ||
// for details. All rights reserved. Use of this source code is governed by a | ||
// BSD-style license that can be found in the LICENSE file. | ||
|
||
import 'package:pub_dev/package/backend.dart'; | ||
import 'package:pub_dev/package/models.dart'; | ||
import 'package:pub_dev/shared/datastore.dart'; | ||
|
||
import 'actions.dart'; | ||
|
||
final packageReservationCreate = AdminAction( | ||
name: 'package-reservation-create', | ||
summary: 'Creates a ReservedPackage entity.', | ||
description: ''' | ||
Reserves a package name that can be claimed by the specified list of email addresses. | ||
The action can be re-run with the same package name. In such cases the previous | ||
email list will be discarded, and the specified email list will be updated to the | ||
existing ReservedPackage entity. | ||
When no emails are specified, the package will be reserved, but no user may be | ||
able to claim it. | ||
''', | ||
options: { | ||
'package': 'The package name to be reserved.', | ||
'emails': 'The list of email addresses, separated by comma.' | ||
}, | ||
invoke: (options) async { | ||
final package = options['package']; | ||
InvalidInputException.check( | ||
package != null && package.isNotEmpty, | ||
'`package` must be given', | ||
); | ||
final emails = options['emails']?.split(','); | ||
|
||
final p = await packageBackend.lookupPackage(package!); | ||
if (p != null) { | ||
throw InvalidInputException('Package `$package` exists.'); | ||
} | ||
final mp = await packageBackend.lookupModeratedPackage(package); | ||
if (mp != null) { | ||
throw InvalidInputException('ModeratedPackage `$package` exists.'); | ||
} | ||
|
||
final entry = await withRetryTransaction(dbService, (tx) async { | ||
final existing = await tx.lookupOrNull<ReservedPackage>( | ||
dbService.emptyKey.append(ReservedPackage, id: package)); | ||
final entry = existing ?? ReservedPackage.init(package); | ||
entry.emails = <String>{...?emails}.toList(); | ||
tx.insert(entry); | ||
return entry; | ||
}); | ||
|
||
return { | ||
'ReservedPackage': { | ||
'name': entry.name, | ||
'created': entry.created.toIso8601String(), | ||
'emails': entry.emails, | ||
}, | ||
}; | ||
}, | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
// Copyright (c) 2024, the Dart project authors. Please see the AUTHORS file | ||
// for details. All rights reserved. Use of this source code is governed by a | ||
// BSD-style license that can be found in the LICENSE file. | ||
|
||
import 'package:_pub_shared/data/admin_api.dart'; | ||
import 'package:clock/clock.dart'; | ||
import 'package:pub_dev/package/backend.dart'; | ||
import 'package:pub_dev/package/models.dart'; | ||
import 'package:pub_dev/shared/datastore.dart'; | ||
import 'package:test/test.dart'; | ||
|
||
import '../package/backend_test_utils.dart'; | ||
import '../shared/handlers_test_utils.dart'; | ||
import '../shared/test_models.dart'; | ||
import '../shared/test_services.dart'; | ||
|
||
void main() { | ||
group('Reserve package', () { | ||
Future<void> _reserve( | ||
String package, { | ||
List<String>? emails, | ||
}) async { | ||
final api = createPubApiClient(authToken: siteAdminToken); | ||
await api.adminInvokeAction( | ||
'package-reservation-create', | ||
AdminInvokeActionArguments(arguments: { | ||
'package': package, | ||
if (emails != null) 'emails': emails.join(','), | ||
}), | ||
); | ||
} | ||
|
||
testWithProfile('cannot reserve existing package', fn: () async { | ||
await expectApiException( | ||
_reserve('oxygen'), | ||
code: 'InvalidInput', | ||
status: 400, | ||
message: 'Package `oxygen` exists.', | ||
); | ||
}); | ||
|
||
testWithProfile('cannot reserve ModeratedPackage', fn: () async { | ||
await dbService.commit(inserts: [ | ||
ModeratedPackage() | ||
..id = 'pkg' | ||
..name = 'pkg' | ||
..moderated = clock.now() | ||
..uploaders = <String>[] | ||
..versions = <String>['1.0.0'] | ||
]); | ||
await expectApiException( | ||
_reserve('pkg'), | ||
code: 'InvalidInput', | ||
status: 400, | ||
message: 'ModeratedPackage `pkg` exists.', | ||
); | ||
}); | ||
|
||
testWithProfile('prevents non-whitelisted publishing', fn: () async { | ||
await _reserve('pkg'); | ||
|
||
final pubspecContent = generatePubspecYaml('pkg', '1.0.0'); | ||
final bytes = await packageArchiveBytes(pubspecContent: pubspecContent); | ||
await expectApiException( | ||
createPubApiClient(authToken: adminClientToken) | ||
.uploadPackageBytes(bytes), | ||
code: 'PackageRejected', | ||
status: 400, | ||
message: 'Package name pkg is reserved.', | ||
); | ||
}); | ||
|
||
testWithProfile('allows whitelisted publishing', fn: () async { | ||
await _reserve('pkg'); | ||
// update email addresses in a second request | ||
await _reserve('pkg', emails: ['admin@pub.dev']); | ||
|
||
final pubspecContent = generatePubspecYaml('pkg', '1.0.0'); | ||
final bytes = await packageArchiveBytes(pubspecContent: pubspecContent); | ||
await createPubApiClient(authToken: adminClientToken) | ||
.uploadPackageBytes(bytes); | ||
|
||
final rp = await packageBackend.lookupReservedPackage('pkg'); | ||
expect(rp, isNull); | ||
}); | ||
|
||
testWithProfile('no longer allows Dart-team exemption', fn: () async { | ||
await _reserve('pkg'); | ||
|
||
final pubspecContent = generatePubspecYaml('pkg', '1.0.0'); | ||
final bytes = await packageArchiveBytes(pubspecContent: pubspecContent); | ||
await expectApiException( | ||
createPubApiClient(authToken: adminClientToken) | ||
.uploadPackageBytes(bytes), | ||
code: 'PackageRejected', | ||
status: 400, | ||
message: 'Package name pkg is reserved.', | ||
); | ||
}); | ||
}); | ||
} |