func TestLoginHandler(t *testing.T) { mockDb := db.NewMockDbManager(false) jar := sessions.NewCookieStore([]byte("secret key")) loginHandle := loginHandler(mockDb, jar) test := GenerateHandleTester(t, loginHandle) // Test GET request w := test("GET", "") if w.Code != http.StatusNotFound { t.Errorf( "GET /login returned %v. Expected %v", w.Code, http.StatusNotFound, ) } goodParams := `{"username":"******", "password":"******"}` // Test possible combinations of bad inputs badParams := [...]string{ `{}`, `{"username":"******"}`, `{"password":"******"}`, // Should fail because not in database goodParams, } for _, params := range badParams { w := test("POST", params) if w.Code != http.StatusBadRequest { t.Errorf( "POST /login: bad input returned %v. Expected %v.", w.Code, http.StatusBadRequest, ) } } // Test with good params hash, _ := bcrypt.GenerateFromPassword( []byte("test pass"), bcrypt.DefaultCost, ) mockDb.RegisterUser("test user", hash) w = test("POST", goodParams) if w.Code != http.StatusOK { t.Errorf( "POST /login: good input returned %v. Expected %v.", w.Code, http.StatusOK, ) } }
func TestRegisterHandle(t *testing.T) { mockDb := db.NewMockDbManager(true) jar := sessions.NewCookieStore([]byte("secret key")) registerHandle := registerHandler(mockDb, jar) test := GenerateHandleTester(t, registerHandle) // Test GET request w := test("GET", "") if w.Code != http.StatusNotFound { t.Errorf( "GET /register returned %v. Expected %v", w.Code, http.StatusNotFound, ) } goodParams := `{ "username": "******", "password1": "test pass", "password2": "test pass" }` // Test bad inputs and possible registration error badParams := [...]string{ `{}`, `{"username": "******"}`, `{"password1": "test pass", "password2": "test pass"}`, // This should fail because we created a mockDb that will // throw an error when attempting to register a new user. goodParams, } expectedCode := []int{ http.StatusBadRequest, http.StatusBadRequest, http.StatusBadRequest, http.StatusInternalServerError, } for i := range badParams { w := test("POST", badParams[i]) if w.Code != expectedCode[i] { t.Errorf( "POST /register: bad input returned %v. Expected %v.", w.Code, expectedCode[i], ) } } // Test register fails when user already logged in req, err := http.NewRequest("POST", "", nil) if err != nil { t.Errorf("%v", err) } w = httptest.NewRecorder() session, _ := jar.Get(req, "carton-session") session.Values["user"] = "******" session.Save(req, w) registerHandle.ServeHTTP(w, req) if w.Code != http.StatusBadRequest { t.Errorf( "POST /register: when user logged in returned %v. Expected %v.", w.Code, http.StatusBadRequest, ) } // Test that user is successfully registered mockDb = db.NewMockDbManager(false) registerHandle = registerHandler(mockDb, jar) test = GenerateHandleTester(t, registerHandle) w = test("POST", goodParams) if w.Code != http.StatusCreated { t.Errorf( "POST /register: good input returned %v. Expected %v.", w.Code, http.StatusCreated, ) } if !mockDb.IsUser("test user") { t.Error("test user was not added to the database.") } }
func TestFileUpload(t *testing.T) { mockDb := db.NewMockDbManager(false) jar := sessions.NewCookieStore([]byte("secret key")) tmpDirPath := os.TempDir() tmpUploadsPath, err := ioutil.TempDir(tmpDirPath, "cartonUploadTest") if err != nil { t.Error("Unable to set up tmp directory") } uploadHandle := fileHandler(mockDb, jar, tmpUploadsPath) test := GenerateHandleTester(t, uploadHandle) // Check GET request returns 404 w := test("GET", "") if w.Code != http.StatusUnauthorized { t.Errorf( "GET request returned %v. Expected %v", w.Code, http.StatusNotFound, ) } // Check that someone can't upload a file if they're not logged in w = test("POST", "") if w.Code != http.StatusUnauthorized { t.Errorf( "POST request returned %v. Expected %v", w.Code, http.StatusUnauthorized, ) } // Create a tmp file to upload tmpFile, err := ioutil.TempFile(tmpDirPath, "cartonUploadTestFile") if err != nil { t.Errorf("%v", err) } tmpFile.Close() // Test that file upload can succeed req, err := newFileUploadRequest("file", tmpFile.Name(), map[string]string{}) if err != nil { t.Errorf("%v", err) } w = httptest.NewRecorder() session, _ := jar.Get(req, "carton-session") session.Values["user"] = "******" session.Save(req, w) uploadHandle.ServeHTTP(w, req) if w.Code != http.StatusCreated { t.Errorf( "POST request returned %v. Expected %v", w.Code, http.StatusCreated, ) } c := mockDb.GetFileByName(filepath.Base(tmpFile.Name())) if c == nil { t.Error("Could not find file") } switch { case c.Name != tmpFile.Name(): case c.Owner != "test user": case c.Path != tmpFile.Name(): t.Error("Retrieved file does not have expected attributes") } os.Remove(tmpUploadsPath) os.Remove(tmpFile.Name()) }