Esempio n. 1
0
func initServices(wsContainer *restful.Container, db *mgo.Database) error {
	// manager
	mgr := manager.New(db)
	if err := mgr.Init(); err != nil {
		return err
	}

	// password manager for generation and verification passwords
	passCtx := passlib.NewContext()

	sch := scheduler.NewMemoryScheduler(mgr.Copy())

	// services
	base := services.New(mgr, passCtx, sch)
	all := []services.ServiceInterface{
		auth.New(base),
		plugin.New(base),
		plan.New(base),
		user.New(base),
		project.New(base),
		target.New(base),
		scan.New(base),
		me.New(base),
		agent.New(base),
		feed.New(base),
		file.New(base),
		issue.New(base),
	}

	// initialize services
	for _, s := range all {
		if err := s.Init(); err != nil {
			return err
		}
	}
	// register services in container
	for _, s := range all {
		s.Register(wsContainer)
	}

	return nil
}
Esempio n. 2
0
func TestChangePassword(t *testing.T) {
	logrus.SetLevel(logrus.PanicLevel)

	mongo, dbName, err := tests.RandomTestMongoUp()
	if err != nil {
		t.Fatal(err)
	}
	defer tests.RandomTestMongoDown(mongo, dbName)

	mgr := manager.New(mongo.DB(dbName))

	passCtx := passlib.NewContext()

	// create and auth user
	sess := filters.NewSession()
	service := New(services.New(mgr, passCtx, scheduler.NewFake()))
	wsContainer := restful.NewContainer()
	wsContainer.Router(restful.CurlyRouter{})
	wsContainer.Filter(filters.SessionFilterMock(sess))
	service.Register(wsContainer)

	ts := httptest.NewServer(wsContainer)
	defer ts.Close()

	c.Convey("Given authorized user with password - password", t, func() {
		pass, err := passCtx.Encrypt("password")
		if err != nil {
			t.Fatal(err)
		}
		u, err := mgr.Users.Create(&user.User{
			Password: pass,
		})
		if err != nil {
			t.Fatal(err)
		}
		sess.Set(filters.SessionUserKey, u.Id.Hex())

		c.Convey("Change password with wrong entity", func() {
			err, resp, sErr := changePassword(ts.URL, map[string]int{"old": 1})
			c.So(err, c.ShouldBeNil)
			c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
			c.So(sErr, c.ShouldNotBeNil)
			c.So(sErr.Code, c.ShouldEqual, services.CodeWrongEntity)
		})

		c.Convey("Change password with wrong old password", func() {
			err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "bad"})
			c.So(err, c.ShouldBeNil)
			c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
			c.So(sErr, c.ShouldNotBeNil)
			c.So(sErr.Code, c.ShouldEqual, services.CodeWrongData)
		})

		c.Convey("Change password with right old password, but new is short", func() {
			err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "password", "new": "short"})
			c.So(err, c.ShouldBeNil)
			c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
			c.So(sErr, c.ShouldNotBeNil)
			c.So(sErr.Code, c.ShouldEqual, services.CodeWrongData)
		})

		c.Convey("Change password with right old password, and good new password", func() {
			err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "password", "new": "password2"})
			c.So(err, c.ShouldBeNil)
			c.So(resp.StatusCode, c.ShouldEqual, http.StatusOK)
			c.So(sErr, c.ShouldBeNil)

			modified, err := mgr.Users.GetById(u.Id)
			if err != nil {
				t.Fatal(err)
			}
			verified, err := passCtx.Verify("password2", modified.Password)
			if err != nil {
				t.Fatal(err)
			}
			c.So(verified, c.ShouldBeTrue)
		})
	})
}