Updates /api/v2/health endpoint

Makes it require authenticated users. Simplifies back the management of the returned "access" field.
mitre · Sep 25, 2024 · 1d3ccc3 · 1d3ccc3
1 parent 2322579
commit 1d3ccc3
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 16 deletions.
diff --git a/app/api/v2/handlers/health_api.py b/app/api/v2/handlers/health_api.py
@@ -4,7 +4,6 @@
 from aiohttp import web
 
 import app
-from app.api.v2 import security
 from app.api.v2.handlers.base_api import BaseApi
 from app.api.v2.schemas.caldera_info_schemas import CalderaInfoSchema
 
@@ -16,7 +15,7 @@ def __init__(self, services):
 
     def add_routes(self, app: web.Application):
         router = app.router
-        router.add_get('/health', security.authentication_exempt(self.get_health_info))
+        router.add_get('/health', self.get_health_info)
 
     @aiohttp_apispec.docs(tags=['health'],
                           summary='Health endpoints returns the status of Caldera',
@@ -29,7 +28,7 @@ async def get_health_info(self, request):
         mapping = {
             'application': 'Caldera',
             'version': app.get_version(),
-            'access': access[0].name if len(access) > 0 else None,  # 0 when not authenticated.
+            'access': access[0].name,
             'plugins': loaded_plugins_sorted
         }
 

diff --git a/tests/api/v2/handlers/test_health_api.py b/tests/api/v2/handlers/test_health_api.py
@@ -1,5 +1,3 @@
-import copy
-
 import pytest
 import app
 
@@ -16,22 +14,13 @@ def expected_caldera_info():
     }
 
 
-@pytest.fixture
-def expected_unauthorized_caldera_info(expected_caldera_info):
-    new_info = copy.deepcopy(expected_caldera_info)
-    new_info['access'] = None
-    return new_info
-
-
 class TestHealthApi:
     async def test_get_health(self, api_v2_client, api_cookies, expected_caldera_info):
         resp = await api_v2_client.get('/api/v2/health', cookies=api_cookies)
         assert resp.status == HTTPStatus.OK
         output_info = await resp.json()
         assert output_info == expected_caldera_info
 
-    async def test_unauthorized_get_health(self, api_v2_client, expected_unauthorized_caldera_info):
+    async def test_unauthorized_get_health(self, api_v2_client):
         resp = await api_v2_client.get('/api/v2/health')
-        assert resp.status == HTTPStatus.OK
-        output_info = await resp.json()
-        assert output_info == expected_unauthorized_caldera_info
+        assert resp.status == HTTPStatus.UNAUTHORIZED