func (s *S) TestAppInfoNotMember(c *C) {
alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"}
alice.Create()
t := account.Team{Name: "example"}
t.Create(alice)
app.Create(alice, t)
defer func() {
ap, _ := s.store.FindAppByClientId(app.ClientId)
s.store.DeleteApp(ap)
s.store.DeleteTeamByAlias(t.Alias)
alice.Delete()
}()
headers, code, body, _ := httpClient.MakeRequest(requests.Args{
AcceptableCode: http.StatusForbidden,
Method: "GET",
Path: fmt.Sprintf("/api/apps/%s", app.ClientId),
Headers: http.Header{"Authorization": {s.authHeader}},
})
c.Assert(code, Equals, http.StatusForbidden)
c.Assert(headers.Get("Content-Type"), Equals, "application/json")
c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`)
}
func (s *S) TestUpdateServiceNotMember(c *C) {
alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"}
alice.Create()
t := account.Team{Name: "example"}
t.Create(alice)
service.Create(alice, t)
defer func() {
serv, _ := s.store.FindServiceBySubdomain(service.Subdomain)
s.store.DeleteService(serv)
s.store.DeleteTeamByAlias(t.Alias)
alice.Delete()
}()
headers, code, body, _ := httpClient.MakeRequest(requests.Args{
AcceptableCode: http.StatusOK,
Method: "PUT",
Path: fmt.Sprintf("/api/services/%s", service.Subdomain),
Body: `{}`,
Headers: http.Header{"Authorization": {s.authHeader}},
})
c.Assert(code, Equals, http.StatusForbidden)
c.Assert(headers.Get("Content-Type"), Equals, "application/json")
c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`)
}
func (s *AuthenticatableSuite) TestAuthenticateWithInvalidCredentials(c *C) {
user := account.User{Name: "Alice", Email: "*****@*****.**", Password: "******"}
user.Create()
defer user.Delete()
_, ok := s.Auth.Authenticate(user.Email, "invalid-password")
c.Assert(ok, Equals, false)
}
func (s *S) TestDeleteAppWithoutPermission(c *C) {
alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"}
alice.Create()
defer alice.Delete()
app.Create(alice, team)
defer func() {
ap, _ := s.store.FindAppByClientId(app.ClientId)
s.store.DeleteApp(ap)
}()
headers, code, body, _ := httpClient.MakeRequest(requests.Args{
AcceptableCode: http.StatusForbidden,
Method: "DELETE",
Path: fmt.Sprintf("/api/apps/%s", app.ClientId),
Headers: http.Header{"Authorization": {s.authHeader}},
})
c.Assert(code, Equals, http.StatusForbidden)
c.Assert(headers.Get("Content-Type"), Equals, "application/json")
c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"Only the owner has permission to perform this operation."}`)
}
func (s *S) TestTeamInfoWithoutPermission(c *C) {
alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"}
alice.Create()
defer alice.Delete()
team := account.Team{Name: "Backstage Team", Alias: "backstage"}
team.Create(alice)
defer func() {
s.store.DeleteTeamByAlias(team.Alias)
}()
headers, code, body, _ := httpClient.MakeRequest(requests.Args{
AcceptableCode: http.StatusForbidden,
Method: "GET",
Path: fmt.Sprintf("/api/teams/%s", team.Alias),
Headers: http.Header{"Authorization": {s.authHeader}},
})
c.Assert(code, Equals, http.StatusForbidden)
c.Assert(headers.Get("Content-Type"), Equals, "application/json")
c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`)
}
func (s *S) TestRemoveUser(c *C) {
alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"}
alice.Create()
defer alice.Delete()
team := account.Team{Name: "Backstage Team", Alias: "backstage", Users: []string{alice.Email}}
team.Create(user)
defer func() {
s.store.DeleteTeamByAlias(team.Alias)
}()
headers, code, body, _ := httpClient.MakeRequest(requests.Args{
AcceptableCode: http.StatusOK,
Method: "DELETE",
Path: fmt.Sprintf("/api/teams/%s/users", team.Alias),
Headers: http.Header{"Authorization": {s.authHeader}},
Body: fmt.Sprintf(`{"users": ["%s"]}`, alice.Email),
})
c.Assert(code, Equals, http.StatusOK)
c.Assert(headers.Get("Content-Type"), Equals, "application/json")
c.Assert(string(body), Equals, `{"name":"Backstage Team","alias":"backstage","users":["*****@*****.**"],"owner":"*****@*****.**"}`)
}