From 1ae781608c9239ff607b5c323f4db78b3f096d97 Mon Sep 17 00:00:00 2001 From: Virgil Date: Sun, 5 Apr 2026 02:55:36 +0000 Subject: [PATCH] fix(api): honour unrestricted monitoring methods Co-Authored-By: Virgil --- api/router.go | 3 --- api/router_test.go | 35 +++++++++++++++++++++++++++++++++++ http_auth_test.go | 8 ++++---- state_impl.go | 2 +- 4 files changed, 40 insertions(+), 8 deletions(-) diff --git a/api/router.go b/api/router.go index 3d60232..a29ac49 100644 --- a/api/router.go +++ b/api/router.go @@ -53,9 +53,6 @@ func allowMonitoringRequest(proxyInstance *proxy.Proxy, request *http.Request) ( if proxyInstance == nil { return http.StatusServiceUnavailable, false } - if request.Method != http.MethodGet { - return http.StatusMethodNotAllowed, false - } return proxyInstance.AllowMonitoringRequest(request) } diff --git a/api/router_test.go b/api/router_test.go index 006cdb5..cd482a6 100644 --- a/api/router_test.go +++ b/api/router_test.go @@ -50,6 +50,9 @@ func TestRegisterRoutes_POSTSummary_Bad(t *testing.T) { Workers: proxy.WorkersByRigID, Bind: []proxy.BindAddr{{Host: "127.0.0.1", Port: 3333}}, Pools: []proxy.PoolConfig{{URL: "pool.example:3333", Enabled: true}}, + HTTP: proxy.HTTPConfig{ + Restricted: true, + }, } p, result := proxy.New(config) if !result.OK { @@ -68,6 +71,38 @@ func TestRegisterRoutes_POSTSummary_Bad(t *testing.T) { } } +func TestRegisterRoutes_POSTSummary_Unrestricted_Good(t *testing.T) { + config := &proxy.Config{ + Mode: "nicehash", + Workers: proxy.WorkersByRigID, + Bind: []proxy.BindAddr{{Host: "127.0.0.1", Port: 3333}}, + Pools: []proxy.PoolConfig{{URL: "pool.example:3333", Enabled: true}}, + } + p, result := proxy.New(config) + if !result.OK { + t.Fatalf("new proxy: %v", result.Error) + } + + router := http.NewServeMux() + RegisterRoutes(router, p) + + request := httptest.NewRequest(http.MethodPost, "/1/summary", nil) + recorder := httptest.NewRecorder() + router.ServeHTTP(recorder, request) + + if recorder.Code != http.StatusOK { + t.Fatalf("expected %d, got %d", http.StatusOK, recorder.Code) + } + + var document proxy.SummaryDocument + if err := json.Unmarshal(recorder.Body.Bytes(), &document); err != nil { + t.Fatalf("decode summary document: %v", err) + } + if document.Mode != "nicehash" { + t.Fatalf("expected mode %q, got %q", "nicehash", document.Mode) + } +} + func TestRegisterRoutes_GETMiners_Ugly(t *testing.T) { config := &proxy.Config{ Mode: "simple", diff --git a/http_auth_test.go b/http_auth_test.go index da87eed..92963ad 100644 --- a/http_auth_test.go +++ b/http_auth_test.go @@ -74,11 +74,11 @@ func TestProxy_allowHTTP_Unrestricted_Bad(t *testing.T) { } status, ok := p.allowMonitoringRequest(&http.Request{Method: http.MethodPost}) - if ok { - t.Fatal("expected non-GET request to be rejected even when unrestricted") + if !ok { + t.Fatalf("expected unrestricted non-GET request to pass, got status %d", status) } - if status != http.StatusMethodNotAllowed { - t.Fatalf("expected status %d, got %d", http.StatusMethodNotAllowed, status) + if status != http.StatusOK { + t.Fatalf("expected status %d, got %d", http.StatusOK, status) } } diff --git a/state_impl.go b/state_impl.go index 9d35b5b..dfd185f 100644 --- a/state_impl.go +++ b/state_impl.go @@ -677,7 +677,7 @@ func (p *Proxy) allowMonitoringRequest(r *http.Request) (int, bool) { if p == nil || p.config == nil { return http.StatusServiceUnavailable, false } - if r.Method != http.MethodGet { + if p.config.HTTP.Restricted && r.Method != http.MethodGet { return http.StatusMethodNotAllowed, false } if token := p.config.HTTP.AccessToken; token != "" {