fix(code): remove unused code EE-4431 (#7866)

2022-10-14 19:42:31 -03:00 · 2022-10-14 19:42:31 -03:00 · 191f8e17ee
parent ae2bec4bd9
commit 191f8e17ee
10 changed files with 8 additions and 397 deletions
--- a/api/cmd/portainer/import.go
+++ b/api/cmd/portainer/import.go
@ -1,28 +0,0 @@
 package main
 import (
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/datastore"
 	"github.com/rs/zerolog/log"
 )
 func importFromJson(fileService portainer.FileService, store *datastore.Store) {
 	// EXPERIMENTAL - if used with an incomplete json file, it will fail, as we don't have a way to default the model values
 	importFile := "/data/import.json"
 	if exists, _ := fileService.FileExists(importFile); exists {
 		if err := store.Import(importFile); err != nil {
 			log.Error().Str("filename", importFile).Err(err).Msg("import failed")
 			// TODO: should really rollback on failure, but then we have nothing.
 		} else {
 			log.Info().Str("filename", importFile).Msg("successfully imported the file to a new portainer database")
 		}
 		// TODO: this is bad - its to ensure that any defaults that were broken in import, or migrations get set back to what we want
 		// I also suspect that everything from "Init to Init" is potentially a migration
 		err := store.Init()
 		if err != nil {
 			log.Fatal().Err(err).Msg("failed initializing data store")
 		}
 	}
 }
--- a/api/datastore/migrator/migrate_dbversion34_test.go
+++ b/api/datastore/migrator/migrate_dbversion34_test.go
@ -1,94 +0,0 @@
 package migrator
 const (
 	db35TestFile = "portainer-mig-35.db"
 	username     = "portainer"
 	password     = "password"
 )
 // TODO: this is exactly the kind of reaching into the internals of the store we should not do
 // func setupDB35Test(t *testing.T) *Migrator {
 // 	is := assert.New(t)
 // 	dbConn, err := bolt.Open(path.Join(t.TempDir(), db35TestFile), 0600, &bolt.Options{Timeout: 1 * time.Second})
 // 	is.NoError(err, "failed to init testing DB connection")
 // 	// Create an old style dockerhub authenticated account
 // 	dockerhubService, err := dockerhub.NewService(&database.DbConnection{DB: dbConn})
 // 	is.NoError(err, "failed to init testing registry service")
 // 	err = dockerhubService.UpdateDockerHub(&portainer.DockerHub{true, username, password})
 // 	is.NoError(err, "failed to create dockerhub account")
 // 	registryService, err := registry.NewService(&database.DbConnection{DB: dbConn})
 // 	is.NoError(err, "failed to init testing registry service")
 // 	endpointService, err := endpoint.NewService(&database.DbConnection{DB: dbConn})
 // 	is.NoError(err, "failed to init endpoint service")
 // 	m := &Migrator{
 // 		db:               dbConn,
 // 		dockerhubService: dockerhubService,
 // 		registryService:  registryService,
 // 		endpointService:  endpointService,
 // 	}
 // 	return m
 // }
 // // TestUpdateDockerhubToDB32 tests a normal upgrade
 // func TestUpdateDockerhubToDB32(t *testing.T) {
 // 	is := assert.New(t)
 // 	m := setupDB35Test(t)
 // 	defer m.db.Close()
 // 	defer os.Remove(db35TestFile)
 // 	if err := m.updateDockerhubToDB32(); err != nil {
 // 		t.Errorf("failed to update settings: %v", err)
 // 	}
 // 	// Verify we have a single registry were created
 // 	registries, err := m.registryService.Registries()
 // 	is.NoError(err, "failed to read registries from the RegistryService")
 // 	is.Equal(len(registries), 1, "only one migrated registry expected")
 // }
 // // TestUpdateDockerhubToDB32_with_duplicate_migrations tests an upgrade where in earlier versions a broken migration
 // // created a large number of duplicate "dockerhub migrated" registry entries.
 // func TestUpdateDockerhubToDB32_with_duplicate_migrations(t *testing.T) {
 // 	is := assert.New(t)
 // 	m := setupDB35Test(t)
 // 	defer m.db.Close()
 // 	defer os.Remove(db35TestFile)
 // 	// Create lots of duplicate entries...
 // 	registry := &portainer.Registry{
 // 		Type:             portainer.DockerHubRegistry,
 // 		Name:             "Dockerhub (authenticated - migrated)",
 // 		URL:              "docker.io",
 // 		Authentication:   true,
 // 		Username:         "portainer",
 // 		Password:         "password",
 // 		RegistryAccesses: portainer.RegistryAccesses{},
 // 	}
 // 	for i := 1; i < 150; i++ {
 // 		err := m.registryService.CreateRegistry(registry)
 // 		assert.NoError(t, err, "create registry failed")
 // 	}
 // 	// Verify they were created
 // 	registries, err := m.registryService.Registries()
 // 	is.NoError(err, "failed to read registries from the RegistryService")
 // 	is.Condition(func() bool {
 // 		return len(registries) > 1
 // 	}, "expected multiple duplicate registry entries")
 // 	// Now run the migrator
 // 	if err := m.updateDockerhubToDB32(); err != nil {
 // 		t.Errorf("failed to update settings: %v", err)
 // 	}
 // 	// Verify we have a single registry were created
 // 	registries, err = m.registryService.Registries()
 // 	is.NoError(err, "failed to read registries from the RegistryService")
 // 	is.Equal(len(registries), 1, "only one migrated registry expected")
 // }
--- a/api/http/handler/backup/handler.go
+++ b/api/http/handler/backup/handler.go
@ -6,7 +6,6 @@ import (
 	"github.com/gorilla/mux"
 	httperror "github.com/portainer/libhttp/error"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/adminmonitor"
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/demo"
@ -71,11 +70,3 @@ func adminAccess(next http.Handler) http.Handler {
 		next.ServeHTTP(w, r)
 	})
 }
 func systemWasInitialized(dataStore dataservices.DataStore) (bool, error) {
 	users, err := dataStore.User().UsersByRole(portainer.AdministratorRole)
 	if err != nil {
 		return false, err
 	}
 	return len(users) > 0, nil
 }
--- a/api/http/handler/customtemplates/handler.go
+++ b/api/http/handler/customtemplates/handler.go
@ -8,7 +8,6 @@ import (
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/http/security"
 	"github.com/portainer/portainer/api/internal/authorization"
 )
 // Handler is the HTTP handler used to handle environment(endpoint) group operations.
@ -42,20 +41,3 @@ func NewHandler(bouncer *security.RequestBouncer) *Handler {
 func userCanEditTemplate(customTemplate *portainer.CustomTemplate, securityContext *security.RestrictedRequestContext) bool {
 	return securityContext.IsAdmin || customTemplate.CreatedByUserID == securityContext.UserID
 }
 func userCanAccessTemplate(customTemplate portainer.CustomTemplate, securityContext *security.RestrictedRequestContext, resourceControl *portainer.ResourceControl) bool {
 	if securityContext.IsAdmin || customTemplate.CreatedByUserID == securityContext.UserID {
 		return true
 	}
 	userTeamIDs := make([]portainer.TeamID, 0)
 	for _, membership := range securityContext.UserMemberships {
 		userTeamIDs = append(userTeamIDs, membership.TeamID)
 	}
 	if resourceControl != nil && authorization.UserCanAccessResource(securityContext.UserID, userTeamIDs, resourceControl) {
 		return true
 	}
 	return false
 }
--- a/api/http/handler/hostmanagement/openamt/amtrpc.go
+++ b/api/http/handler/hostmanagement/openamt/amtrpc.go
@ -298,20 +298,3 @@ func (handler *Handler) activateDevice(endpoint *portainer.Endpoint, settings po
 	return err
 }
 func (handler *Handler) deactivateDevice(endpoint *portainer.Endpoint, settings portainer.Settings) error {
 	ctx := context.TODO()
 	config := settings.OpenAMTConfiguration
 	cmdLine := []string{
 		"deactivate",
 		"-n",
 		"-v",
 		"-u", fmt.Sprintf("wss://%s/activate", config.MPSServer),
 		"-password", config.MPSPassword,
 	}
 	_, err := handler.PullAndRunContainer(ctx, endpoint, rpcGoImageName, rpcGoContainerName, cmdLine)
 	return err
 }
--- a/api/http/handler/registries/registry_create_test.go
+++ b/api/http/handler/registries/registry_create_test.go
@ -1,15 +1,9 @@
 package registries
 import (
 	"bytes"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/http/security"
 	"github.com/stretchr/testify/assert"
 )
@ -49,85 +43,3 @@ func Test_registryCreatePayload_Validate(t *testing.T) {
 		assert.NoError(t, err)
 	})
 }
 type testRegistryService struct {
 	dataservices.RegistryService
 	createRegistry func(r *portainer.Registry) error
 	updateRegistry func(ID portainer.RegistryID, r *portainer.Registry) error
 	getRegistry    func(ID portainer.RegistryID) (*portainer.Registry, error)
 }
 type testDataStore struct {
 	dataservices.DataStore
 	registry *testRegistryService
 }
 func (t testDataStore) Registry() dataservices.RegistryService {
 	return t.registry
 }
 func (t testRegistryService) CreateRegistry(r *portainer.Registry) error {
 	return t.createRegistry(r)
 }
 func (t testRegistryService) UpdateRegistry(ID portainer.RegistryID, r *portainer.Registry) error {
 	return t.updateRegistry(ID, r)
 }
 func (t testRegistryService) Registry(ID portainer.RegistryID) (*portainer.Registry, error) {
 	return t.getRegistry(ID)
 }
 func (t testRegistryService) Registries() ([]portainer.Registry, error) {
 	return nil, nil
 }
 func (t testRegistryService) Create(registry *portainer.Registry) error {
 	return nil
 }
 // Not entirely sure what this is intended to test
 func deleteTestHandler_registryCreate(t *testing.T) {
 	payload := registryCreatePayload{
 		Name:           "Test registry",
 		Type:           portainer.ProGetRegistry,
 		URL:            "http://example.com",
 		BaseURL:        "http://example.com",
 		Authentication: false,
 		Username:       "username",
 		Password:       "password",
 		Gitlab:         portainer.GitlabRegistryData{},
 	}
 	payloadBytes, err := json.Marshal(payload)
 	assert.NoError(t, err)
 	r := httptest.NewRequest(http.MethodPost, "/", bytes.NewReader(payloadBytes))
 	w := httptest.NewRecorder()
 	restrictedContext := &security.RestrictedRequestContext{
 		IsAdmin: true,
 		UserID:  portainer.UserID(1),
 	}
 	ctx := security.StoreRestrictedRequestContext(r, restrictedContext)
 	r = r.WithContext(ctx)
 	registry := portainer.Registry{}
 	handler := Handler{}
 	handler.DataStore = testDataStore{
 		registry: &testRegistryService{
 			createRegistry: func(r *portainer.Registry) error {
 				registry = *r
 				return nil
 			},
 		},
 	}
 	handlerError := handler.registryCreate(w, r)
 	assert.Nil(t, handlerError)
 	assert.Equal(t, payload.Name, registry.Name)
 	assert.Equal(t, payload.Type, registry.Type)
 	assert.Equal(t, payload.URL, registry.URL)
 	assert.Equal(t, payload.BaseURL, registry.BaseURL)
 	assert.Equal(t, payload.Authentication, registry.Authentication)
 	assert.Equal(t, payload.Username, registry.Username)
 	assert.Equal(t, payload.Password, registry.Password)
 }
--- a/api/http/handler/registries/registry_update_test.go
+++ b/api/http/handler/registries/registry_update_test.go
@ -1,88 +0,0 @@
 package registries
 import (
 	"bytes"
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/http/security"
 	"github.com/stretchr/testify/assert"
 )
 func ps(s string) *string {
 	return &s
 }
 func pb(b bool) *bool {
 	return &b
 }
 type TestBouncer struct{}
 func (t TestBouncer) AdminAccess(h http.Handler) http.Handler {
 	return h
 }
 func (t TestBouncer) AuthenticatedAccess(h http.Handler) http.Handler {
 	return h
 }
 func (t TestBouncer) AuthorizedEndpointOperation(r *http.Request, endpoint *portainer.Endpoint) error {
 	return nil
 }
 // TODO, no i don't know what this is actually intended to test either.
 func delete_TestHandler_registryUpdate(t *testing.T) {
 	payload := registryUpdatePayload{
 		Name:           ps("Updated test registry"),
 		URL:            ps("http://example.org/feed"),
 		BaseURL:        ps("http://example.org"),
 		Authentication: pb(true),
 		Username:       ps("username"),
 		Password:       ps("password"),
 	}
 	payloadBytes, err := json.Marshal(payload)
 	assert.NoError(t, err)
 	registry := portainer.Registry{Type: portainer.ProGetRegistry, ID: 5}
 	r := httptest.NewRequest(http.MethodPut, "/registries/5", bytes.NewReader(payloadBytes))
 	w := httptest.NewRecorder()
 	restrictedContext := &security.RestrictedRequestContext{
 		IsAdmin: true,
 		UserID:  portainer.UserID(1),
 	}
 	ctx := security.StoreRestrictedRequestContext(r, restrictedContext)
 	r = r.WithContext(ctx)
 	updatedRegistry := portainer.Registry{}
 	handler := newHandler(nil)
 	handler.initRouter(TestBouncer{})
 	handler.DataStore = testDataStore{
 		registry: &testRegistryService{
 			getRegistry: func(_ portainer.RegistryID) (*portainer.Registry, error) {
 				return &registry, nil
 			},
 			updateRegistry: func(ID portainer.RegistryID, r *portainer.Registry) error {
 				assert.Equal(t, ID, r.ID)
 				updatedRegistry = *r
 				return nil
 			},
 		},
 	}
 	handler.ServeHTTP(w, r)
 	assert.Equal(t, http.StatusOK, w.Code)
 	// Registry type should remain intact
 	assert.Equal(t, registry.Type, updatedRegistry.Type)
 	assert.Equal(t, *payload.Name, updatedRegistry.Name)
 	assert.Equal(t, *payload.URL, updatedRegistry.URL)
 	assert.Equal(t, *payload.BaseURL, updatedRegistry.BaseURL)
 	assert.Equal(t, *payload.Authentication, updatedRegistry.Authentication)
 	assert.Equal(t, *payload.Username, updatedRegistry.Username)
 	assert.Equal(t, *payload.Password, updatedRegistry.Password)
 }
--- a/api/http/handler/resourcecontrols/resourcecontrol_create.go
+++ b/api/http/handler/resourcecontrols/resourcecontrol_create.go
@ -29,10 +29,7 @@ type resourceControlCreatePayload struct {
 	SubResourceIDs []string `example:"617c5f22bb9b023d6daab7cba43a57576f83492867bc767d1c59416b065e5f08"`
 }
-var (
+var errResourceControlAlreadyExists = errors.New("A resource control is already applied on this resource") //http/resourceControl
 	errResourceControlAlreadyExists = errors.New("A resource control is already applied on this resource") //http/resourceControl
 	errInvalidResourceControlType   = errors.New("Unsupported resource control type")                      //http/resourceControl
 )
 func (payload *resourceControlCreatePayload) Validate(r *http.Request) error {
 	if govalidator.IsNull(payload.ResourceID) {
--- a/api/http/handler/webhooks/handler.go
+++ b/api/http/handler/webhooks/handler.go
@ -1,12 +1,11 @@
 package webhooks
 import (
 	"github.com/portainer/portainer/api/dataservices"
 	"github.com/portainer/portainer/api/internal/authorization"
 	"net/http"
 	"github.com/portainer/portainer/api/dataservices"
 	httperror "github.com/portainer/libhttp/error"
 	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/docker"
 	"github.com/portainer/portainer/api/http/security"
@ -39,43 +38,3 @@ func NewHandler(bouncer *security.RequestBouncer) *Handler {
 		bouncer.PublicAccess(httperror.LoggerHandler(h.webhookExecute))).Methods(http.MethodPost)
 	return h
 }
 func (handler *Handler) checkResourceAccess(r *http.Request, resourceID string, resourceControlType portainer.ResourceControlType) *httperror.HandlerError {
 	securityContext, err := security.RetrieveRestrictedRequestContext(r)
 	if err != nil {
 		return httperror.InternalServerError("Unable to retrieve user info from request context", err)
 	}
 	// non-admins
 	rc, err := handler.DataStore.ResourceControl().ResourceControlByResourceIDAndType(resourceID, resourceControlType)
 	if rc == nil || err != nil {
 		return httperror.InternalServerError("Unable to retrieve a resource control associated to the resource", err)
 	}
 	userTeamIDs := make([]portainer.TeamID, 0)
 	for _, membership := range securityContext.UserMemberships {
 		userTeamIDs = append(userTeamIDs, membership.TeamID)
 	}
 	canAccess := authorization.UserCanAccessResource(securityContext.UserID, userTeamIDs, rc)
 	if !canAccess {
 		return &httperror.HandlerError{StatusCode: http.StatusForbidden, Message: "This operation is disabled for non-admin users and unassigned access users"}
 	}
 	return nil
 }
 func (handler *Handler) checkAuthorization(r *http.Request, endpoint *portainer.Endpoint, authorizations []portainer.Authorization) (bool, *httperror.HandlerError) {
 	err := handler.requestBouncer.AuthorizedEndpointOperation(r, endpoint)
 	if err != nil {
 		return false, httperror.Forbidden("Permission denied to access environment", err)
 	}
 	securityContext, err := security.RetrieveRestrictedRequestContext(r)
 	if err != nil {
 		return false, httperror.InternalServerError("Unable to retrieve user info from request context", err)
 	}
 	authService := authorization.NewService(handler.DataStore)
 	isAdminOrAuthorized, err := authService.UserIsAdminOrAuthorized(securityContext.UserID, endpoint.ID, authorizations)
 	if err != nil {
 		return false, httperror.InternalServerError("Unable to get user authorizations", err)
 	}
 	return isAdminOrAuthorized, nil
 }
--- a/api/http/proxy/factory/agent/transport.go
+++ b/api/http/proxy/factory/agent/transport.go
@ -6,14 +6,11 @@ import (
 	portainer "github.com/portainer/portainer/api"
 )
-type (
+// Transport is an http.Transport wrapper that adds custom http headers to communicate to an Agent
-	// Transport is an http.Transport wrapper that adds custom http headers to communicate to an Agent
+type Transport struct {
-	Transport struct {
+	httpTransport    *http.Transport
-		httpTransport      *http.Transport
+	signatureService portainer.DigitalSignatureService
-		signatureService   portainer.DigitalSignatureService
+}
 		endpointIdentifier portainer.EndpointID
 	}
 )
 // NewTransport returns a new transport that can be used to send signed requests to a Portainer agent
 func NewTransport(signatureService portainer.DigitalSignatureService, httpTransport *http.Transport) *Transport {