mirror of
https://github.com/gravitl/netmaker.git
synced 2025-09-29 08:24:23 +08:00
updated test/user tests
This commit is contained in:
Matthew R Kasun
parent
2e5511a0ab
commit
c533bf7183
3 changed files with 45 additions and 33 deletions
|
|
@ -50,13 +50,13 @@ func authenticateUser(response http.ResponseWriter, request *http.Request) {
|
|||
|
||||
jwt, err := VerifyAuthRequest(authRequest)
|
||||
if err != nil {
|
||||
errorResponse.Code = http.StatusBadRequest
|
||||
errorResponse.Message = err.Error()
|
||||
returnErrorResponse(response, request, errorResponse)
|
||||
returnErrorResponse(response, request, formatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
|
||||
if jwt == "" {
|
||||
returnErrorResponse(response, request, errorResponse)
|
||||
//very unlikely that err is !nil and no jwt returned, but handle it anyways.
|
||||
returnErrorResponse(response, request, formatError(errors.New("No token returned"), "internal"))
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -122,18 +122,13 @@ func VerifyAuthRequest(authRequest models.UserAuthParams) (string, error) {
|
|||
//TODO: Consider better RBAC implementations
|
||||
func authorizeUser(next http.Handler) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
var errorResponse = models.ErrorResponse{
|
||||
Code: http.StatusInternalServerError, Message: "W1R3: It's not you it's me.",
|
||||
}
|
||||
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
|
||||
//get the auth token
|
||||
bearerToken := r.Header.Get("Authorization")
|
||||
err := ValidateToken(bearerToken)
|
||||
if err != nil {
|
||||
returnErrorResponse(w, r, errorResponse)
|
||||
returnErrorResponse(w, r, formatError(err, "unauthorized"))
|
||||
return
|
||||
}
|
||||
next.ServeHTTP(w, r)
|
||||
|
|
@ -286,8 +281,9 @@ func createAdmin(w http.ResponseWriter, r *http.Request) {
|
|||
_ = json.NewDecoder(r.Body).Decode(&admin)
|
||||
|
||||
admin, err := CreateUser(admin)
|
||||
|
||||
if err != nil {
|
||||
json.NewEncoder(w).Encode(err)
|
||||
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -377,7 +373,7 @@ func updateUser(w http.ResponseWriter, r *http.Request) {
|
|||
user, err = UpdateUser(userchange, user)
|
||||
|
||||
if err != nil {
|
||||
json.NewEncoder(w).Encode(err)
|
||||
returnErrorResponse(w, r, formatError(err, "badrequest"))
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ func TestMain(m *testing.M) {
|
|||
func TestHasAdmin(t *testing.T) {
|
||||
_, err := DeleteUser("admin")
|
||||
assert.Nil(t, err)
|
||||
user := models.User{"admin", "admin", true}
|
||||
user := models.User{"admin", "password", true}
|
||||
_, err = CreateUser(user)
|
||||
assert.Nil(t, err, err)
|
||||
t.Run("AdminExists", func(t *testing.T) {
|
||||
|
|
@ -49,7 +49,7 @@ func TestHasAdmin(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestCreateUser(t *testing.T) {
|
||||
user := models.User{"admin", "admin", true}
|
||||
user := models.User{"admin", "password", true}
|
||||
t.Run("NoUser", func(t *testing.T) {
|
||||
_, err := DeleteUser("admin")
|
||||
assert.Nil(t, err, err)
|
||||
|
|
@ -68,7 +68,7 @@ func TestDeleteUser(t *testing.T) {
|
|||
hasadmin, err := HasAdmin()
|
||||
assert.Nil(t, err, err)
|
||||
if !hasadmin {
|
||||
user := models.User{"admin", "admin", true}
|
||||
user := models.User{"admin", "pasword", true}
|
||||
_, err := CreateUser(user)
|
||||
assert.Nil(t, err, err)
|
||||
}
|
||||
|
|
@ -95,7 +95,7 @@ func TestValidateUser(t *testing.T) {
|
|||
})
|
||||
t.Run("ValidUpdate", func(t *testing.T) {
|
||||
user.UserName = "admin"
|
||||
user.Password = "admin"
|
||||
user.Password = "password"
|
||||
err := ValidateUser("update", user)
|
||||
assert.Nil(t, err, err)
|
||||
})
|
||||
|
|
@ -122,10 +122,14 @@ func TestValidateUser(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestGetUser(t *testing.T) {
|
||||
user := models.User{"admin", "admin", true}
|
||||
t.Run("UserExisits", func(t *testing.T) {
|
||||
_, err := CreateUser(user)
|
||||
user := models.User{"admin", "password", true}
|
||||
hasadmin, err := HasAdmin()
|
||||
assert.Nil(t, err, err)
|
||||
if !hasadmin {
|
||||
_, err := CreateUser(user)
|
||||
assert.Nil(t, err, err)
|
||||
}
|
||||
admin, err := GetUser("admin")
|
||||
assert.Nil(t, err, err)
|
||||
assert.Equal(t, user.UserName, admin.UserName)
|
||||
|
|
@ -140,7 +144,7 @@ func TestGetUser(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestUpdateUser(t *testing.T) {
|
||||
user := models.User{"admin", "admin", true}
|
||||
user := models.User{"admin", "password", true}
|
||||
newuser := models.User{"hello", "world", true}
|
||||
t.Run("UserExisits", func(t *testing.T) {
|
||||
_, err := DeleteUser("admin")
|
||||
|
|
@ -220,7 +224,7 @@ func TestVerifyAuthRequest(t *testing.T) {
|
|||
})
|
||||
t.Run("WrongPassword", func(t *testing.T) {
|
||||
_, err := DeleteUser("admin")
|
||||
user := models.User{"admin", "admin", true}
|
||||
user := models.User{"admin", "password", true}
|
||||
_, err = CreateUser(user)
|
||||
assert.Nil(t, err)
|
||||
authRequest := models.UserAuthParams{"admin", "badpass"}
|
||||
|
|
@ -230,7 +234,7 @@ func TestVerifyAuthRequest(t *testing.T) {
|
|||
assert.Equal(t, "Wrong Password", err.Error())
|
||||
})
|
||||
t.Run("Success", func(t *testing.T) {
|
||||
authRequest := models.UserAuthParams{"admin", "admin"}
|
||||
authRequest := models.UserAuthParams{"admin", "password"}
|
||||
jwt, err := VerifyAuthRequest(authRequest)
|
||||
assert.Nil(t, err, err)
|
||||
assert.NotNil(t, jwt)
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package main
|
|||
|
||||
import (
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"testing"
|
||||
|
||||
|
|
@ -38,11 +39,9 @@ func TestAdminCreation(t *testing.T) {
|
|||
var message models.ErrorResponse
|
||||
err = json.NewDecoder(response.Body).Decode(&message)
|
||||
assert.Nil(t, err, err)
|
||||
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
||||
assert.Equal(t, http.StatusUnauthorized, message.Code)
|
||||
assert.Equal(t, "W1R3: Admin already exists! ", message.Message)
|
||||
assert.Equal(t, http.StatusBadRequest, response.StatusCode)
|
||||
assert.Equal(t, "Admin already Exists", message.Message)
|
||||
})
|
||||
|
||||
}
|
||||
|
||||
func TestGetUser(t *testing.T) {
|
||||
|
|
@ -70,12 +69,13 @@ func TestGetUser(t *testing.T) {
|
|||
assert.Nil(t, err, err)
|
||||
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
||||
assert.Equal(t, http.StatusUnauthorized, message.Code)
|
||||
assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
||||
assert.Equal(t, "Error Verifying Auth Token", message.Message)
|
||||
|
||||
})
|
||||
}
|
||||
|
||||
func TestUpdateUser(t *testing.T) {
|
||||
deleteAdmin(t)
|
||||
if !adminExists(t) {
|
||||
addAdmin(t)
|
||||
}
|
||||
|
|
@ -92,7 +92,7 @@ func TestUpdateUser(t *testing.T) {
|
|||
defer response.Body.Close()
|
||||
err = json.NewDecoder(response.Body).Decode(&message)
|
||||
assert.Nil(t, err, err)
|
||||
assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
||||
assert.Equal(t, "Error Verifying Auth Token", message.Message)
|
||||
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
||||
})
|
||||
t.Run("UpdateSuccess", func(t *testing.T) {
|
||||
|
|
@ -107,6 +107,18 @@ func TestUpdateUser(t *testing.T) {
|
|||
assert.Equal(t, true, user.IsAdmin)
|
||||
assert.Equal(t, http.StatusOK, response.StatusCode)
|
||||
})
|
||||
t.Run("ShortPassword", func(t *testing.T) {
|
||||
admin.UserName = "user"
|
||||
admin.Password = "123"
|
||||
response, err := api(t, admin, http.MethodPut, "http://localhost:8081/api/users/admin", token)
|
||||
assert.Nil(t, err, err)
|
||||
defer response.Body.Close()
|
||||
message, err := ioutil.ReadAll(response.Body)
|
||||
assert.Nil(t, err, err)
|
||||
assert.Contains(t, string(message), "Field validation for 'Password' failed")
|
||||
assert.Equal(t, http.StatusBadRequest, response.StatusCode)
|
||||
})
|
||||
|
||||
}
|
||||
|
||||
func TestDeleteUser(t *testing.T) {
|
||||
|
|
@ -123,7 +135,7 @@ func TestDeleteUser(t *testing.T) {
|
|||
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
||||
var message models.ErrorResponse
|
||||
json.NewDecoder(response.Body).Decode(&message)
|
||||
assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
||||
assert.Equal(t, "Error Verifying Auth Token", message.Message)
|
||||
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
||||
})
|
||||
t.Run("DeleteUser-ValidCredentials", func(t *testing.T) {
|
||||
|
|
@ -155,7 +167,7 @@ func TestAuthenticateUser(t *testing.T) {
|
|||
password: "password",
|
||||
code: http.StatusBadRequest,
|
||||
tokenExpected: false,
|
||||
errMessage: "W1R3: User invaliduser not found.",
|
||||
errMessage: "User invaliduser not found",
|
||||
},
|
||||
AuthorizeTestCase{
|
||||
testname: "empty user",
|
||||
|
|
@ -163,7 +175,7 @@ func TestAuthenticateUser(t *testing.T) {
|
|||
password: "password",
|
||||
code: http.StatusBadRequest,
|
||||
tokenExpected: false,
|
||||
errMessage: "W1R3: Username can't be empty",
|
||||
errMessage: "Username can't be empty",
|
||||
},
|
||||
AuthorizeTestCase{
|
||||
testname: "empty password",
|
||||
|
|
@ -171,15 +183,15 @@ func TestAuthenticateUser(t *testing.T) {
|
|||
password: "",
|
||||
code: http.StatusBadRequest,
|
||||
tokenExpected: false,
|
||||
errMessage: "W1R3: Password can't be empty",
|
||||
errMessage: "Password can't be empty",
|
||||
},
|
||||
AuthorizeTestCase{
|
||||
testname: "Invalid Password",
|
||||
name: "admin",
|
||||
password: "xxxxxxx",
|
||||
code: http.StatusUnauthorized,
|
||||
code: http.StatusBadRequest,
|
||||
tokenExpected: false,
|
||||
errMessage: "W1R3: Wrong Password.",
|
||||
errMessage: "Wrong Password",
|
||||
},
|
||||
AuthorizeTestCase{
|
||||
testname: "Valid User",
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue