forbid PSS API endpoints in the Gateway mode (#1004)

a5a57a1b · Janoš Guljaš · GitHub · 78848e99 · a5a57a1b · a5a57a1b
Commit a5a57a1b authored Nov 23, 2020 by Janoš Guljaš Committed by GitHub Nov 23, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 7 deletions

gatewaymode_test.go pkg/api/gatewaymode_test.go +5 -0

router.go pkg/api/router.go +13 -7

No files found.
--- a/pkg/api/gatewaymode_test.go
+++ b/pkg/api/gatewaymode_test.go
@@ -48,6 +48,11 @@ func TestGatewayMode(t *testing.T) {
 		jsonhttptest.Request(t, client, http.MethodGet, "/tags", http.StatusForbidden, forbiddenResponseOption)
 	})
+	t.Run("pss endpoints", func(t *testing.T) {
+		jsonhttptest.Request(t, client, http.MethodPost, "/pss/send/test-topic/ab", http.StatusForbidden, forbiddenResponseOption)
+		jsonhttptest.Request(t, client, http.MethodGet, "/pss/subscribe/test-topic", http.StatusForbidden, forbiddenResponseOption)
+	})
 	t.Run("pinning", func(t *testing.T) {
 		headerOption := jsonhttptest.WithRequestHeader(api.SwarmPinHeader, "true")

--- a/pkg/api/router.go
+++ b/pkg/api/router.go
@@ -90,14 +90,20 @@ func (s *server) setupRouting() {
 		),
 	})
-	handle(router, "/pss/send/{topic}/{targets}", jsonhttp.MethodHandler{
+	handle(router, "/pss/send/{topic}/{targets}", web.ChainHandlers(
-		"POST": web.ChainHandlers(
+		s.gatewayModeForbidEndpointHandler,
-			jsonhttp.NewMaxBodyBytesHandler(swarm.ChunkSize),
+		web.FinalHandler(jsonhttp.MethodHandler{
-			web.FinalHandlerFunc(s.pssPostHandler),
+			"POST": web.ChainHandlers(
-		),
+				jsonhttp.NewMaxBodyBytesHandler(swarm.ChunkSize),
-	})
+				web.FinalHandlerFunc(s.pssPostHandler),
+			),
+		})),
+	)
-	handle(router, "/pss/subscribe/{topic}", http.HandlerFunc(s.pssWsHandler))
+	handle(router, "/pss/subscribe/{topic}", web.ChainHandlers(
+		s.gatewayModeForbidEndpointHandler,
+		web.FinalHandlerFunc(s.pssWsHandler),
+	))
 	handle(router, "/tags", web.ChainHandlers(
 		s.gatewayModeForbidEndpointHandler,