func TestCreateGetDeleteGet(t *testing.T) {
for k, c := range []test{
{subject: "peter", token: jwt.Token{Valid: false}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusUnauthorized},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["ok-max"], statusCreate: http.StatusOK, statusGet: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail"], statusCreate: http.StatusBadRequest},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail-validation"], statusCreate: http.StatusBadRequest},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"], policies["pass-get"]}, createData: data["ok-zac"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-all"]}, createData: data["ok-steve"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusAccepted, statusGetAfterDelete: http.StatusNotFound},
} {
func() {
handler := &Handler{s: store, m: mw}
router := mux.NewRouter()
handler.SetRoutes(router, mockAuthorization(c))
ts := httptest.NewServer(router)
defer ts.Close()
request := gorequest.New()
connectionsURL := fmt.Sprintf("%s/oauth2/connections?subject=%s", ts.URL, c.subject)
resp, body, _ := request.Post(connectionsURL).Send(*c.createData).End()
require.Equal(t, c.statusCreate, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
var conn DefaultConnection
assert.Nil(t, json.Unmarshal([]byte(body), &conn))
resp, body, _ = request.Get(connectionsURL).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Post(connectionsURL).Send(*c.createData).End()
require.Equal(t, http.StatusInternalServerError, resp.StatusCode, "case %d: %s", k, body)
resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusDelete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusGetAfterDelete, resp.StatusCode, "case %d: %s", k, body)
resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, http.StatusNotFound, resp.StatusCode, "case %d: %s", k, body)
}()
}
}
func TestCreateGetDeleteGet(t *testing.T) {
for k, c := range []test{
{subject: "peter", token: jwt.Token{Valid: false}, policies: []policy.Policy{policies["fail"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusUnauthorized},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["fail"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"], policies["pass-get"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-all"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusAccepted, statusGetAfterDelete: http.StatusNotFound},
} {
func() {
handler := &Handler{s: store, m: mw}
router := mux.NewRouter()
handler.SetRoutes(router, mockAuthorization(c))
ts := httptest.NewServer(router)
defer ts.Close()
request := gorequest.New()
resp, body, _ := request.Post(ts.URL + "/clients").Send(c.createData).End()
require.Equal(t, c.statusCreate, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
var client payload
json.Unmarshal([]byte(body), &client)
resp, body, _ = request.Get(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Delete(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusDelete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusGetAfterDelete, resp.StatusCode, "case %d: %s", k, body)
}()
}
}
func TestCreateGetDelete(t *testing.T) {
for k, c := range []test{
test{
subject: "peter", token: &jwt.Token{Valid: false},
expected: result{create: http.StatusUnauthorized, get: 0, delete: 0},
},
test{
subject: "peter", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "peter", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "max", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "max", token: &jwt.Token{Valid: true}, payload: payload{},
policies: policies["allow-create"],
expected: result{
create: http.StatusForbidden, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@foobar.com", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@foobar.com", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: "notemail", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "not json"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusOK, get: http.StatusForbidden, delete: http.StatusForbidden,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-create-get"],
expected: result{
create: http.StatusOK, get: http.StatusOK, delete: http.StatusForbidden,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-all"],
expected: result{
create: http.StatusOK, get: http.StatusOK, delete: http.StatusAccepted,
},
},
} {
router := mux.NewRouter()
hd.SetRoutes(router, mock(c))
ts := httptest.NewServer(router)
defer ts.Close()
t.Logf(ts.URL + "/accounts")
request := gorequest.New()
resp, body, _ := request.Post(ts.URL + "/accounts").Send(c.payload).End()
require.Equal(t, c.expected.create, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
user := assertAccount(t, c, body)
resp, body, _ = request.Get(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, c.expected.get, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
user = assertAccount(t, c, body)
resp, body, _ = request.Delete(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, c.expected.delete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, http.StatusNotFound, resp.StatusCode, "case %d: %s", k, body)
}
}
