Beispiel #1
0
func getCurUser(auth couchdb.Auth) *entities.CurrentUserInfo {
	userDoc, err := database.GetUserFromAuth(auth)
	if err != nil {
		fmt.Printf("\nERROR: %v\n", err)
	}
	return &entities.CurrentUserInfo{
		Auth: auth,
		User: userDoc,
	}

}
Beispiel #2
0
func afterTest(t *testing.T) {
	auth := &couchdb.BasicAuth{
		Username: "******",
		Password: "******",
	}
	userDoc, _ := database.GetUserFromAuth(auth)
	curUser := &entities.CurrentUserInfo{
		Auth: auth,
		User: userDoc,
	}
	um.Delete(user.UserName, curUser)
	database.DeleteDb(database.MainDbName())
}
Beispiel #3
0
// Authenticate a user
// Returns CurrentUserInfo if authenticated, error if not
func AuthUser(r *http.Request) (*entities.CurrentUserInfo, error) {
	cAuth, err := services.GetAuth(r)
	if err == http.ErrNoCookie && config.Auth.AllowGuest {
		cAuth = &couchdb.BasicAuth{
			Username: "******",
			Password: "******",
		}
	} else if err != nil {
		return nil, err
	}
	userInfo, err := database.GetUserFromAuth(cAuth)
	if err != nil {
		return nil, err
	}
	cui := &entities.CurrentUserInfo{
		Auth: cAuth,
		User: userInfo,
	}
	return cui, nil
}
Beispiel #4
0
func TestUsers(t *testing.T) {
	setup()
	defer database.DeleteDb(database.MainDb)
	smithUser := func() *entities.CurrentUserInfo {
		smithAuth := &couchdb.BasicAuth{Username: "******", Password: "******"}
		smith, err := database.GetUserFromAuth(smithAuth)
		if err != nil {
			t.Error(err)
			return &entities.CurrentUserInfo{}
		}
		return &entities.CurrentUserInfo{
			Auth: smithAuth,
			User: smith,
		}
	}
	//after test cleanup
	defer func() {
		getSmithUser := func() *entities.CurrentUserInfo {
			return smithUser()
		}
		um.Delete("Steven.Smith", getSmithUser())
	}()
	//Create a new master user
	user := entities.User{
		UserName: "******",
		Password: "******",
		Public: entities.UserPublic{
			LastName:  "Smith",
			FirstName: "Steven",
		},
	}
	registration := user_service.Registration{
		NewUser: user,
	}
	rev, err := um.SetUp(&registration)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	t.Logf("New user revision: %v", rev)
	//Create a new subuser
	subUser := entities.User{
		UserName: "******",
		Password: "******",
		Public: entities.UserPublic{
			LastName:  "Smith",
			FirstName: "Sally",
		},
	}
	rev, err = um.Create(&subUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	if !util.HasRole(subUser.Roles, "all_users") {
		t.Error("user doesn't have all_users role!")
	}
	//Update user
	auth := couchdb.BasicAuth{Username: "******", Password: "******"}
	updateUser := entities.User{}
	rev, err = um.Read("Sally.Smith", &updateUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	curUser := entities.CurrentUserInfo{
		User: &updateUser,
		Auth: &auth,
	}

	updateUser.Public.MiddleName = "Marie"
	rev, err = um.Update("Sally.Smith", rev, &updateUser, &curUser)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	rev, err = um.Read("Sally.Smith", &updateUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	//Change password
	auth = couchdb.BasicAuth{Username: "******", Password: "******"}
	updateUser = entities.User{}
	rev, err = um.Read("Sally.Smith", &updateUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	curUser = entities.CurrentUserInfo{
		User: &updateUser,
		Auth: &auth,
	}
	newPassword := "******"
	cpr := user_service.ChangePasswordRequest{
		NewPassword: newPassword,
		OldPassword: "******",
	}
	rev, err = um.ChangePassword("Sally.Smith", rev, &cpr, &curUser)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	rev, err = um.Read("Sally.Smith", &updateUser, &curUser)
	if err == nil {
		t.Error("Old password should not have worked!")
	}
	curUser.Auth = &couchdb.BasicAuth{Username: "******", Password: "******"}
	rev, err = um.Read("Sally.Smith", &updateUser, &curUser)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	//Grant role
	curUser = *smithUser()
	roleRequest := user_service.RoleRequest{
		ResourceType: "main",
		ResourceId:   "",
		AccessType:   "write",
	}
	rev, err = um.GrantRole("Sally.Smith", &roleRequest, &curUser)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	readUser := new(entities.User)
	_, err = um.Read("Sally.Smith", readUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	t.Logf("Sally's Record: %v", readUser)
	searchRole := "main_" + ":write"
	searchRoleFound := false
	if readUser.Roles[2] == searchRole {
		searchRoleFound = true
	}
	if !searchRoleFound {
		t.Error("Role not found!")
	}
	//Revoke role
	curUser = *smithUser()
	roleRequest = user_service.RoleRequest{
		ResourceType: "main",
		ResourceId:   "",
		AccessType:   "write",
	}
	rev, err = um.RevokeRole("Sally.Smith", &roleRequest, &curUser)
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("rev is empty!")
	}
	readUser = new(entities.User)
	_, err = um.Read("Sally.Smith", readUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	searchRole = "main" + ":write"
	searchRoleFound = false
	if len(readUser.Roles) > 1 && readUser.Roles[1] == searchRole {
		searchRoleFound = true
	}
	if searchRoleFound {
		t.Error("Role should not have been found!")
	}
	//User List
	userList := user_service.UserListQueryResponse{}
	err = um.GetUserList(1, 5, &userList, smithUser())
	if err != nil {
		t.Error(err)
	}
	if !(len(userList.Rows) >= 2) {
		t.Error("User list should be greater than or equal to 2!")
	}
	t.Logf("UserListResponse: %v", userList)
	//User search
	userList = user_service.UserListQueryResponse{}
	err = um.SearchForUsersByName(1, 5, "Smith", &userList, smithUser())
	if err != nil {
		t.Error(err)
	}
	if len(userList.Rows) != 2 {
		t.Errorf("Userlist should be length 2 was %v", len(userList.Rows))
	}
	t.Logf("UserListResponse: %v", userList)
	//Read user
	readUser = &entities.User{}
	rev, err = um.Read(user.UserName, readUser, smithUser())
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("Rev is empty!")
	}
	if readUser.UserName != "Steven.Smith" {
		t.Errorf("username should be Seteven.Smith, was %v", readUser.UserName)
	}
	//User by Roles list
	userList = user_service.UserListQueryResponse{}
	err = um.GetUserListForRole(1, 5, []string{"all_users"},
		&userList, smithUser())
	if err != nil {
		t.Error(err)
	}
	t.Logf("Response: %v", userList)
	//Password reset
	err = um.RequestPasswordReset("Steven.Smith")
	if err.Error() != "No notifications services listed!" {
		t.Error("Error is wrong")
	}
	//Delete user
	rev, err = um.Delete("Sally.Smith", smithUser())
	if err != nil {
		t.Error(err)
	}
	if rev == "" {
		t.Error("Rev is empty!")
	}
	t.Logf("Deleted User rev: %v", rev)
}
Beispiel #5
0
func TestUserAvatars(t *testing.T) {
	setup()
	uam := new(UserAvatarManager)
	//Create the user Avatar Db
	err := database.CreateDb(database.AvatarDb)
	if err != nil {
		t.Error(err)
	}
	err = setAvatarDbSecurity()
	if err != nil {
		t.Error(err)
	}
	defer database.DeleteDb(database.AvatarDb)
	defer database.DeleteDb(database.MainDb)
	smithUser := func() *entities.CurrentUserInfo {
		smithAuth := &couchdb.BasicAuth{Username: "******", Password: "******"}
		smith, err := database.GetUserFromAuth(smithAuth)
		if err != nil {
			t.Error(err)
			return &entities.CurrentUserInfo{}
		}
		return &entities.CurrentUserInfo{
			Auth: smithAuth,
			User: smith,
		}
	}
	//after test cleanup
	defer func() {
		getSmithUser := func() *entities.CurrentUserInfo {
			return smithUser()
		}
		um.Delete("Steven.Smith", getSmithUser())
	}()
	//Register user, get things set up, etc.
	user := entities.User{
		UserName: "******",
		Password: "******",
	}
	registration := Registration{
		NewUser: user,
	}
	rev, err := um.SetUp(&registration)
	if err != nil {
		t.Error(err)
	} else {
		t.Logf("User Rev: %v", rev)
	}
	//Now, create a User Avatar Record
	uar := entities.UserAvatar{
		UserName: "******",
	}
	aRev, err := uam.Save("Steven.Smith", "", &uar, smithUser())
	if err != nil {
		t.Error(err)
	} else {
		t.Logf("User Avatar Rev: %v", aRev)
	}
	//Save the image
	t.Logf("Decoding Hex String")
	imageBytes, err := hex.DecodeString(tinyJpeg)
	if err != nil {
		t.Error(err)
	}
	t.Logf("Creating io.Reader and sending to UAM")
	imageReader := bytes.NewReader(imageBytes)
	iRev, err := uam.SaveImage("Steven.Smith", aRev, "image/jpeg",
		imageReader, smithUser())
	if err != nil {
		t.Error(err)
	} else {
		t.Logf("User Avatar Image Rev: %v", iRev)
	}
	//Read the Avatar Record
	readRecord := entities.UserAvatar{}
	rRev, err := uam.Read("Steven.Smith", &readRecord, smithUser())
	if err != nil {
		t.Error(err)
	}
	t.Logf("Read Avatar Record with Revision: %v", rRev)
	//Read the Avatar Large Image
	imgData, err := uam.GetLargeAvatar("Steven.Smith")
	if err != nil {
		t.Error(err)
	}
	imgBytes, err := ioutil.ReadAll(imgData)
	imgData.Close()
	if len(imgBytes) == 0 {
		t.Error("Image was zero length!")
	}
	t.Logf("Read Avatar Large Image with %v bytes", len(imgBytes))
	//Read the Avatar Thumbnail
	imgData, err = uam.GetThumbnailAvatar("Steven.Smith")
	if err != nil {
		t.Error(err)
	}
	imgBytes, err = ioutil.ReadAll(imgData)
	imgData.Close()
	if len(imgBytes) == 0 {
		t.Error("Image was zero length!")
	}
	t.Logf("Read Avatar Thumbnail Image with %v bytes", len(imgBytes))
	//Delete Avatar Record
	dRev, err := uam.Delete("Steven.Smith", smithUser())
	if err != nil {
		t.Error(err)
	}
	t.Logf("Delete Avatar with Rev: %v", dRev)
}