mirror of
https://github.com/usememos/memos.git
synced 2025-12-17 14:19:17 +08:00
166 lines
4.5 KiB
Go
166 lines
4.5 KiB
Go
package test
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
apiv1 "github.com/usememos/memos/proto/gen/api/v1"
|
|
)
|
|
|
|
func TestSetMemoAttachments(t *testing.T) {
|
|
ctx := context.Background()
|
|
|
|
t.Run("SetMemoAttachments success by memo owner", func(t *testing.T) {
|
|
ts := NewTestService(t)
|
|
defer ts.Cleanup()
|
|
|
|
// Create user
|
|
user, err := ts.CreateRegularUser(ctx, "user")
|
|
require.NoError(t, err)
|
|
userCtx := ts.CreateUserContext(ctx, user.ID)
|
|
|
|
// Create memo
|
|
memo, err := ts.Service.CreateMemo(userCtx, &apiv1.CreateMemoRequest{
|
|
Memo: &apiv1.Memo{
|
|
Content: "Test memo",
|
|
Visibility: apiv1.Visibility_PRIVATE,
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, memo)
|
|
|
|
// Create attachment
|
|
attachment, err := ts.Service.CreateAttachment(userCtx, &apiv1.CreateAttachmentRequest{
|
|
Attachment: &apiv1.Attachment{
|
|
Filename: "test.txt",
|
|
Size: 5,
|
|
Type: "text/plain",
|
|
Content: []byte("hello"),
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, attachment)
|
|
|
|
// Set memo attachments - should succeed
|
|
_, err = ts.Service.SetMemoAttachments(userCtx, &apiv1.SetMemoAttachmentsRequest{
|
|
Name: memo.Name,
|
|
Attachments: []*apiv1.Attachment{
|
|
{Name: attachment.Name},
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
})
|
|
|
|
t.Run("SetMemoAttachments success by host user", func(t *testing.T) {
|
|
ts := NewTestService(t)
|
|
defer ts.Cleanup()
|
|
|
|
// Create regular user
|
|
regularUser, err := ts.CreateRegularUser(ctx, "user")
|
|
require.NoError(t, err)
|
|
regularUserCtx := ts.CreateUserContext(ctx, regularUser.ID)
|
|
|
|
// Create host user
|
|
hostUser, err := ts.CreateHostUser(ctx, "admin")
|
|
require.NoError(t, err)
|
|
hostCtx := ts.CreateUserContext(ctx, hostUser.ID)
|
|
|
|
// Create memo by regular user
|
|
memo, err := ts.Service.CreateMemo(regularUserCtx, &apiv1.CreateMemoRequest{
|
|
Memo: &apiv1.Memo{
|
|
Content: "Test memo",
|
|
Visibility: apiv1.Visibility_PRIVATE,
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, memo)
|
|
|
|
// Host user can modify attachments - should succeed
|
|
_, err = ts.Service.SetMemoAttachments(hostCtx, &apiv1.SetMemoAttachmentsRequest{
|
|
Name: memo.Name,
|
|
Attachments: []*apiv1.Attachment{},
|
|
})
|
|
require.NoError(t, err)
|
|
})
|
|
|
|
t.Run("SetMemoAttachments permission denied for non-owner", func(t *testing.T) {
|
|
ts := NewTestService(t)
|
|
defer ts.Cleanup()
|
|
|
|
// Create user1
|
|
user1, err := ts.CreateRegularUser(ctx, "user1")
|
|
require.NoError(t, err)
|
|
user1Ctx := ts.CreateUserContext(ctx, user1.ID)
|
|
|
|
// Create user2
|
|
user2, err := ts.CreateRegularUser(ctx, "user2")
|
|
require.NoError(t, err)
|
|
user2Ctx := ts.CreateUserContext(ctx, user2.ID)
|
|
|
|
// Create memo by user1
|
|
memo, err := ts.Service.CreateMemo(user1Ctx, &apiv1.CreateMemoRequest{
|
|
Memo: &apiv1.Memo{
|
|
Content: "Test memo",
|
|
Visibility: apiv1.Visibility_PRIVATE,
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, memo)
|
|
|
|
// User2 tries to modify attachments - should fail
|
|
_, err = ts.Service.SetMemoAttachments(user2Ctx, &apiv1.SetMemoAttachmentsRequest{
|
|
Name: memo.Name,
|
|
Attachments: []*apiv1.Attachment{},
|
|
})
|
|
require.Error(t, err)
|
|
require.Contains(t, err.Error(), "permission denied")
|
|
})
|
|
|
|
t.Run("SetMemoAttachments unauthenticated", func(t *testing.T) {
|
|
ts := NewTestService(t)
|
|
defer ts.Cleanup()
|
|
|
|
// Create user
|
|
user, err := ts.CreateRegularUser(ctx, "user")
|
|
require.NoError(t, err)
|
|
userCtx := ts.CreateUserContext(ctx, user.ID)
|
|
|
|
// Create memo
|
|
memo, err := ts.Service.CreateMemo(userCtx, &apiv1.CreateMemoRequest{
|
|
Memo: &apiv1.Memo{
|
|
Content: "Test memo",
|
|
Visibility: apiv1.Visibility_PRIVATE,
|
|
},
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, memo)
|
|
|
|
// Unauthenticated user tries to modify attachments - should fail
|
|
_, err = ts.Service.SetMemoAttachments(ctx, &apiv1.SetMemoAttachmentsRequest{
|
|
Name: memo.Name,
|
|
Attachments: []*apiv1.Attachment{},
|
|
})
|
|
require.Error(t, err)
|
|
require.Contains(t, err.Error(), "not authenticated")
|
|
})
|
|
|
|
t.Run("SetMemoAttachments memo not found", func(t *testing.T) {
|
|
ts := NewTestService(t)
|
|
defer ts.Cleanup()
|
|
|
|
// Create user
|
|
user, err := ts.CreateRegularUser(ctx, "user")
|
|
require.NoError(t, err)
|
|
userCtx := ts.CreateUserContext(ctx, user.ID)
|
|
|
|
// Try to set attachments on non-existent memo - should fail
|
|
_, err = ts.Service.SetMemoAttachments(userCtx, &apiv1.SetMemoAttachmentsRequest{
|
|
Name: "memos/nonexistent-uid-12345",
|
|
Attachments: []*apiv1.Attachment{},
|
|
})
|
|
require.Error(t, err)
|
|
require.Contains(t, err.Error(), "not found")
|
|
})
|
|
}
|