Complete browser extension gRPC flow #4

Merged
joejulian merged 19 commits from feature/browser-extension-grpc into main 2026-04-12 18:58:34 +00:00
2 changed files with 8 additions and 5 deletions
Showing only changes of commit 12796ef639 - Show all commits
+1 -1
View File
@@ -109,7 +109,7 @@ func (s *Server) SetSessionState(model vault.Model, locked, dirty bool) {
}
func (s *Server) GetSessionStatus(ctx context.Context, _ *keepassgov1.GetSessionStatusRequest) (*keepassgov1.GetSessionStatusResponse, error) {
if _, err := s.authorizeVaultRequest(ctx, apitokens.OperationManageVault); err != nil {
if _, err := s.authenticateRequest(ctx); err != nil {
return nil, err
}
s.mu.RLock()
+7 -4
View File
@@ -100,7 +100,7 @@ func TestVaultServiceRejectsUnauthorizedEntryAccess(t *testing.T) {
}
}
func TestVaultServiceRejectsUnauthorizedVaultManagement(t *testing.T) {
func TestVaultServiceAllowsSessionStatusWithoutManageVault(t *testing.T) {
t.Parallel()
client, _, cleanup := newTestClientForModel(t, vault.Model{
@@ -112,9 +112,12 @@ func TestVaultServiceRejectsUnauthorizedVaultManagement(t *testing.T) {
})
defer cleanup()
_, err := client.GetSessionStatus(tokenContext(defaultTestTokenSecret), &keepassgov1.GetSessionStatusRequest{})
if status.Code(err) != codes.PermissionDenied {
t.Fatalf("GetSessionStatus() code = %v, want %v", status.Code(err), codes.PermissionDenied)
resp, err := client.GetSessionStatus(tokenContext(defaultTestTokenSecret), &keepassgov1.GetSessionStatusRequest{})
if err != nil {
t.Fatalf("GetSessionStatus() error = %v", err)
}
if resp.GetLocked() {
t.Fatal("GetSessionStatus().Locked = true, want false")
}
}