Last active
May 4, 2020 20:36
-
-
Save hjwp/b079b708c27f1546fecaf5a3c688dcc5 to your computer and use it in GitHub Desktop.
Eventstore perms bug repro
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [{ | |
| "eventId": "7c314750-05e1-439f-b2eb-f5b0e019be72", | |
| "eventType": "update-default-acl", | |
| "data": { | |
| "$userStreamAcl" : { | |
| "$r" : ["$admin", "$ops", "test-user"], | |
| "$w" : ["$admin", "$ops", "test-user"], | |
| "$d" : ["$admin", "$ops"], | |
| "$mr" : ["$admin", "$ops"], | |
| "$mw" : ["$admin", "$ops"] | |
| }, | |
| "$systemStreamAcl" : { | |
| "$r" : "$admins", | |
| "$w" : "$admins", | |
| "$d" : "$admins", | |
| "$mr" : "$admins", | |
| "$mw" : "$admins" | |
| } | |
| } | |
| }] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -ex | |
| docker rm -f eventstore_local || echo 'not running' | |
| # start eventstore | |
| docker run -d --name eventstore_local -p 2113:2113 -p 1113:1113 eventstore/eventstore | |
| # wait for it to come up | |
| for i in {1..10}; do curl -f -i "http://127.0.0.1:2113/users" --user admin:changeit && break || sleep 1; done | |
| # set default acls | |
| curl -f -i "http://127.0.0.1:2113/streams/%24settings" \ | |
| --user admin:changeit \ | |
| -H "Content-Type: application/vnd.eventstore.events+json" \ | |
| -d @default-acl.json | |
| # set up a user | |
| curl -f -i "http://127.0.0.1:2113/users" \ | |
| --user admin:changeit \ | |
| -H "Content-Type: application/json" \ | |
| -d @test-user.json | |
| # create a stream | |
| curl -f -i "http://127.0.0.1:2113/streams/newstream" \ | |
| --user test-user:test-password \ | |
| -d '{"a": 1}' \ | |
| -H "Content-Type:application/json" -H "ES-EventType: SomeEvent" \ | |
| -H "ES-EventId: C322E299-CB73-4B47-97C5-5054F920746E" | |
| # reread the stream, with credentials | |
| curl -f -i "http://127.0.0.1:2113/streams/newstream" \ | |
| --user test-user:test-password \ | |
| -H "Accept: application/json" | |
| # reset the ACL | |
| curl -f -i "http://127.0.0.1:2113/streams/newstream/metadata" \ | |
| --user admin:changeit \ | |
| -H "Content-Type: application/vnd.eventstore.events+json" \ | |
| -d @reset-acl.json | |
| # reread the stream, with credentials | |
| curl -f -i "http://127.0.0.1:2113/streams/newstream" \ | |
| --user test-user:test-password \ | |
| -H "Accept: application/json" | |
| # reread the stream, with no credentials -- this should work | |
| curl -f -i "http://127.0.0.1:2113/streams/newstream" \ | |
| -H "Accept: application/json" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [{ | |
| "eventId": "72b98ba2-9e68-47e0-a3a5-09c173419b74", | |
| "eventType": "update-acl", | |
| "metadata": { | |
| "$acl": { | |
| "$w": "$all", | |
| "$r": "$all", | |
| "$d": "$all", | |
| "$mw": "$all", | |
| "$mr": "$all" | |
| } | |
| } | |
| }] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "LoginName": "test-user", | |
| "FullName": "Test User", | |
| "Groups": [], | |
| "Password": "test-password" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment