rust-lang
diff --git a/‎src/controllers/version/yank.rs
Lines changed: 7 additions & 1 deletion b/‎src/controllers/version/yank.rs
Lines changed: 7 additions & 1 deletion
diff --git a/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_crate_scope.json
Lines changed: 122 additions & 0 deletions b/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_crate_scope.json
Lines changed: 122 additions & 0 deletions
diff --git a/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_endpoint_scope.json
Lines changed: 122 additions & 0 deletions b/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_endpoint_scope.json
Lines changed: 122 additions & 0 deletions
diff --git a/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_wildcard_crate_scope.json
Lines changed: 122 additions & 0 deletions b/‎src/tests/http-data/routes_crates_versions_yank_unyank_auth_token_user_with_correct_wildcard_crate_scope.json
Lines changed: 122 additions & 0 deletions
@@ -5,6 +5,7 @@ use swirl::Job;
 
 use super::{extract_crate_name_and_semver, version_and_crate};
 use crate::controllers::cargo_prelude::*;
+use crate::models::token::EndpointScope;
 use crate::models::Rights;
 use crate::models::{insert_version_owner_action, VersionAction};
 use crate::schema::versions;
@@ -32,9 +33,14 @@ pub fn unyank(req: &mut dyn RequestExt) -> EndpointResult {
 fn modify_yank(req: &mut dyn RequestExt, yanked: bool) -> EndpointResult {
     // FIXME: Should reject bad requests before authentication, but can't due to
     // lifetime issues with `req`.
-    let auth = AuthCheck::default().check(req)?;
+
     let (crate_name, semver) = extract_crate_name_and_semver(req)?;
 
+    let auth = AuthCheck::default()
+        .with_endpoint_scope(EndpointScope::Yank)
+        .for_crate(crate_name)
+        .check(req)?;
+
     let conn = req.db_write()?;
     let (version, krate) = version_and_crate(&conn, crate_name, semver)?;
     let api_token_id = auth.api_token_id();
 
@@ -0,0 +1,122 @@
+[
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/crates/fyk/fyk-1.0.0.crate",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "35"
+                ],
+                [
+                    "content-type",
+                    "application/gzip"
+                ]
+            ],
+            "body": "H4sIAAAAAAAA/+3AAQEAAACCIP+vbkhQwKsBLq+17wAEAAA="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "156"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjp0cnVlLCJsaW5rcyI6bnVsbH0K"
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    }
+]
@@ -0,0 +1,122 @@
+[
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/crates/fyk/fyk-1.0.0.crate",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "35"
+                ],
+                [
+                    "content-type",
+                    "application/gzip"
+                ]
+            ],
+            "body": "H4sIAAAAAAAA/+3AAQEAAACCIP+vbkhQwKsBLq+17wAEAAA="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "156"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjp0cnVlLCJsaW5rcyI6bnVsbH0K"
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    }
+]
@@ -0,0 +1,122 @@
+[
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/crates/fyk/fyk-1.0.0.crate",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "35"
+                ],
+                [
+                    "content-type",
+                    "application/gzip"
+                ]
+            ],
+            "body": "H4sIAAAAAAAA/+3AAQEAAACCIP+vbkhQwKsBLq+17wAEAAA="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "156"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjp0cnVlLCJsaW5rcyI6bnVsbH0K"
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    },
+    {
+        "request": {
+            "uri": "http://alexcrichton-test.s3.amazonaws.com/3/f/fyk",
+            "method": "PUT",
+            "headers": [
+                [
+                    "accept",
+                    "*/*"
+                ],
+                [
+                    "accept-encoding",
+                    "gzip"
+                ],
+                [
+                    "content-length",
+                    "157"
+                ],
+                [
+                    "content-type",
+                    "text/plain"
+                ]
+            ],
+            "body": "eyJuYW1lIjoiZnlrIiwidmVycyI6IjEuMC4wIiwiZGVwcyI6W10sImNrc3VtIjoiYWNiNTYwNGIxMjZhYzg5NGMxZWIxMWM0NTc1YmYyMDcyZmVhNjEyMzJhODg4ZTQ1Mzc3MGM3OWQ3ZWQ1NjQxOSIsImZlYXR1cmVzIjp7fSwieWFua2VkIjpmYWxzZSwibGlua3MiOm51bGx9Cg=="
+        },
+        "response": {
+            "status": 200,
+            "headers": [],
+            "body": ""
+        }
+    }
+]