mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 23:36:18 +08:00
328 lines
9.4 KiB
Go
328 lines
9.4 KiB
Go
package main
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"net/http"
|
|
"os"
|
|
"sync"
|
|
"testing"
|
|
"time"
|
|
|
|
controller "github.com/gravitl/netmaker/controllers"
|
|
"github.com/gravitl/netmaker/models"
|
|
"github.com/gravitl/netmaker/mongoconn"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
type databaseError struct {
|
|
Inner *int
|
|
Errors int
|
|
}
|
|
|
|
//should be use models.SuccessResponse and models.SuccessfulUserLoginResponse
|
|
//rather than creating new type but having trouble decoding that way
|
|
type Auth struct {
|
|
Username string
|
|
AuthToken string
|
|
}
|
|
type Success struct {
|
|
Code int
|
|
Message string
|
|
Response Auth
|
|
}
|
|
|
|
type AuthorizeTestCase struct {
|
|
testname string
|
|
name string
|
|
password string
|
|
code int
|
|
tokenExpected bool
|
|
errMessage string
|
|
}
|
|
|
|
func TestMain(m *testing.M) {
|
|
mongoconn.ConnectDatabase()
|
|
var waitgroup sync.WaitGroup
|
|
waitgroup.Add(1)
|
|
go controller.HandleRESTRequests(&waitgroup)
|
|
//wait for http server to start
|
|
time.Sleep(time.Second * 1)
|
|
os.Exit(m.Run())
|
|
}
|
|
|
|
func TestAdminCreation(t *testing.T) {
|
|
var admin models.UserAuthParams
|
|
var user models.User
|
|
admin.UserName = "admin"
|
|
admin.Password = "password"
|
|
t.Run("AdminCreationSuccess", func(t *testing.T) {
|
|
if adminExists(t) {
|
|
deleteAdmin(t)
|
|
}
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
err = json.NewDecoder(response.Body).Decode(&user)
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, admin.UserName, user.UserName)
|
|
assert.Equal(t, true, user.IsAdmin)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
assert.True(t, adminExists(t), "Admin creation failed")
|
|
})
|
|
t.Run("AdminCreationFailure", func(t *testing.T) {
|
|
if !adminExists(t) {
|
|
addAdmin(t)
|
|
}
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
var message models.ErrorResponse
|
|
err = json.NewDecoder(response.Body).Decode(&message)
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
assert.Equal(t, http.StatusUnauthorized, message.Code)
|
|
assert.Equal(t, "W1R3: Admin already exists! ", message.Message)
|
|
})
|
|
|
|
}
|
|
|
|
func TestGetUser(t *testing.T) {
|
|
|
|
//ensure admin exists
|
|
if !adminExists(t) {
|
|
addAdmin(t)
|
|
}
|
|
//authenticate
|
|
t.Run("GetUserWithValidToken", func(t *testing.T) {
|
|
token, err := authenticate(t)
|
|
assert.Nil(t, err, err)
|
|
response, err := api(t, "", http.MethodGet, "http://localhost:8081/users/admin", token)
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
var user models.User
|
|
json.NewDecoder(response.Body).Decode(&user)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
assert.Equal(t, "admin", user.UserName)
|
|
assert.Equal(t, true, user.IsAdmin)
|
|
})
|
|
t.Run("GetUserWithInvalidToken", func(t *testing.T) {
|
|
response, err := api(t, "", http.MethodGet, "http://localhost:8081/users/admin", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
t.Log(response.Body)
|
|
})
|
|
}
|
|
|
|
func TestUpdateUser(t *testing.T) {
|
|
if !adminExists(t) {
|
|
addAdmin(t)
|
|
}
|
|
token, err := authenticate(t)
|
|
assert.Nil(t, err, err)
|
|
var admin models.UserAuthParams
|
|
var user models.User
|
|
var message models.ErrorResponse
|
|
t.Run("UpdateWrongToken", func(t *testing.T) {
|
|
admin.UserName = "admin"
|
|
admin.Password = "admin"
|
|
response, err := api(t, admin, http.MethodPut, "http://localhost:8081/users/admin", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
err = json.NewDecoder(response.Body).Decode(&message)
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
|
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
})
|
|
t.Run("UpdateSuccess", func(t *testing.T) {
|
|
admin.UserName = "admin"
|
|
admin.Password = "password"
|
|
response, err := api(t, admin, http.MethodPut, "http://localhost:8081/users/admin", token)
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
err = json.NewDecoder(response.Body).Decode(&user)
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, admin.UserName, user.UserName)
|
|
assert.Equal(t, true, user.IsAdmin)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
})
|
|
|
|
}
|
|
|
|
func TestDeleteUser(t *testing.T) {
|
|
if !adminExists(t) {
|
|
addAdmin(t)
|
|
}
|
|
token, err := authenticate(t)
|
|
assert.Nil(t, err, err)
|
|
t.Run("DeleteUser-WongAdmin", func(t *testing.T) {
|
|
//skip for now ... shouldn't panic
|
|
t.Skip()
|
|
function := func() {
|
|
_, _ = api(t, "", http.MethodDelete, "http://localhost:8081/users/xxxx", token)
|
|
}
|
|
assert.Panics(t, function, "")
|
|
})
|
|
t.Run("DeleteUser-InvalidCredentials", func(t *testing.T) {
|
|
response, err := api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
var message models.ErrorResponse
|
|
json.NewDecoder(response.Body).Decode(&message)
|
|
assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
|
assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
})
|
|
t.Run("DeleteUser-ValidCredentials", func(t *testing.T) {
|
|
response, err := api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
assert.Nil(t, err, err)
|
|
var body string
|
|
json.NewDecoder(response.Body).Decode(&body)
|
|
assert.Equal(t, "admin deleted.", body)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
})
|
|
t.Run("DeleteUser-NoAdmin", func(t *testing.T) {
|
|
//skip for now ... shouldn't panic
|
|
t.Skip()
|
|
function := func() {
|
|
_, _ = api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
}
|
|
assert.Panics(t, function, "")
|
|
})
|
|
addAdmin(t)
|
|
}
|
|
|
|
func TestAuthenticateUser(t *testing.T) {
|
|
cases := []AuthorizeTestCase{
|
|
AuthorizeTestCase{
|
|
testname: "Invalid User",
|
|
name: "invaliduser",
|
|
password: "password",
|
|
code: http.StatusBadRequest,
|
|
tokenExpected: false,
|
|
errMessage: "W1R3: User invaliduser not found.",
|
|
},
|
|
AuthorizeTestCase{
|
|
testname: "empty user",
|
|
name: "",
|
|
password: "password",
|
|
code: http.StatusBadRequest,
|
|
tokenExpected: false,
|
|
errMessage: "W1R3: Username can't be empty",
|
|
},
|
|
AuthorizeTestCase{
|
|
testname: "empty password",
|
|
name: "admin",
|
|
password: "",
|
|
code: http.StatusBadRequest,
|
|
tokenExpected: false,
|
|
errMessage: "W1R3: Password can't be empty",
|
|
},
|
|
AuthorizeTestCase{
|
|
testname: "Invalid Password",
|
|
name: "admin",
|
|
password: "xxxxxxx",
|
|
code: http.StatusUnauthorized,
|
|
tokenExpected: false,
|
|
errMessage: "W1R3: Wrong Password.",
|
|
},
|
|
AuthorizeTestCase{
|
|
testname: "Valid User",
|
|
name: "admin",
|
|
password: "password",
|
|
code: http.StatusOK,
|
|
tokenExpected: true,
|
|
errMessage: "W1R3: Device Admin Authorized",
|
|
},
|
|
}
|
|
|
|
if !adminExists(t) {
|
|
addAdmin(t)
|
|
}
|
|
for _, tc := range cases {
|
|
t.Run(tc.testname, func(t *testing.T) {
|
|
var admin models.User
|
|
admin.UserName = tc.name
|
|
admin.Password = tc.password
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/authenticate", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
defer response.Body.Close()
|
|
if tc.tokenExpected {
|
|
var body Success
|
|
err = json.NewDecoder(response.Body).Decode(&body)
|
|
assert.Nil(t, err, err)
|
|
assert.NotEmpty(t, body.Response.AuthToken, "token not returned")
|
|
assert.Equal(t, "W1R3: Device admin Authorized", body.Message)
|
|
} else {
|
|
var bad models.ErrorResponse
|
|
json.NewDecoder(response.Body).Decode(&bad)
|
|
assert.Equal(t, tc.errMessage, bad.Message)
|
|
}
|
|
assert.Equal(t, tc.code, response.StatusCode)
|
|
})
|
|
}
|
|
}
|
|
|
|
func adminExists(t *testing.T) bool {
|
|
response, err := http.Get("http://localhost:8081/users/hasadmin")
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
defer response.Body.Close()
|
|
var body bool
|
|
json.NewDecoder(response.Body).Decode(&body)
|
|
return body
|
|
}
|
|
|
|
func api(t *testing.T, data interface{}, method, url, authorization string) (*http.Response, error) {
|
|
var request *http.Request
|
|
var err error
|
|
if data != "" {
|
|
payload, err := json.Marshal(data)
|
|
assert.Nil(t, err, err)
|
|
request, err = http.NewRequest(method, url, bytes.NewBuffer(payload))
|
|
assert.Nil(t, err, err)
|
|
request.Header.Set("Content-Type", "application/json")
|
|
} else {
|
|
request, err = http.NewRequest(method, url, nil)
|
|
assert.Nil(t, err, err)
|
|
}
|
|
if authorization != "" {
|
|
request.Header.Set("Authorization", "Bearer "+authorization)
|
|
}
|
|
client := http.Client{}
|
|
return client.Do(request)
|
|
}
|
|
|
|
func addAdmin(t *testing.T) {
|
|
var admin models.User
|
|
admin.UserName = "admin"
|
|
admin.Password = "password"
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
}
|
|
|
|
func authenticate(t *testing.T) (string, error) {
|
|
var admin models.User
|
|
admin.UserName = "admin"
|
|
admin.Password = "password"
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/authenticate", "secretkey")
|
|
assert.Nil(t, err, err)
|
|
|
|
var body Success
|
|
err = json.NewDecoder(response.Body).Decode(&body)
|
|
assert.Nil(t, err, err)
|
|
assert.NotEmpty(t, body.Response.AuthToken, "token not returned")
|
|
assert.Equal(t, "W1R3: Device admin Authorized", body.Message)
|
|
|
|
return body.Response.AuthToken, nil
|
|
}
|
|
|
|
func deleteAdmin(t *testing.T) {
|
|
if !adminExists(t) {
|
|
return
|
|
}
|
|
token, err := authenticate(t)
|
|
assert.Nil(t, err, err)
|
|
_, err = api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
assert.Nil(t, err, err)
|
|
}
|