Esempio n. 1
0
func TestLoginHandler(t *testing.T) {
	mockDb := db.NewMockDbManager(false)
	jar := sessions.NewCookieStore([]byte("secret key"))
	loginHandle := loginHandler(mockDb, jar)
	test := GenerateHandleTester(t, loginHandle)

	// Test GET request
	w := test("GET", "")
	if w.Code != http.StatusNotFound {
		t.Errorf(
			"GET /login returned %v. Expected %v",
			w.Code,
			http.StatusNotFound,
		)
	}

	goodParams := `{"username":"******", "password":"******"}`

	// Test possible combinations of bad inputs
	badParams := [...]string{
		`{}`,
		`{"username":"******"}`,
		`{"password":"******"}`,
		// Should fail because not in database
		goodParams,
	}

	for _, params := range badParams {
		w := test("POST", params)
		if w.Code != http.StatusBadRequest {
			t.Errorf(
				"POST /login: bad input returned %v. Expected %v.",
				w.Code,
				http.StatusBadRequest,
			)
		}
	}

	// Test with good params
	hash, _ := bcrypt.GenerateFromPassword(
		[]byte("test pass"),
		bcrypt.DefaultCost,
	)
	mockDb.RegisterUser("test user", hash)

	w = test("POST", goodParams)
	if w.Code != http.StatusOK {
		t.Errorf(
			"POST /login: good input returned %v. Expected %v.",
			w.Code,
			http.StatusOK,
		)
	}
}
Esempio n. 2
0
func TestRegisterHandle(t *testing.T) {
	mockDb := db.NewMockDbManager(true)
	jar := sessions.NewCookieStore([]byte("secret key"))
	registerHandle := registerHandler(mockDb, jar)
	test := GenerateHandleTester(t, registerHandle)

	// Test GET request
	w := test("GET", "")
	if w.Code != http.StatusNotFound {
		t.Errorf(
			"GET /register returned %v. Expected %v",
			w.Code,
			http.StatusNotFound,
		)
	}

	goodParams := `{
		"username": "******",
		"password1": "test pass",
		"password2": "test pass"
	}`

	// Test bad inputs and possible registration error
	badParams := [...]string{
		`{}`,
		`{"username": "******"}`,
		`{"password1": "test pass", "password2": "test pass"}`,
		// This should fail because we created a mockDb that will
		// throw an error when attempting to register a new user.
		goodParams,
	}

	expectedCode := []int{
		http.StatusBadRequest,
		http.StatusBadRequest,
		http.StatusBadRequest,
		http.StatusInternalServerError,
	}

	for i := range badParams {
		w := test("POST", badParams[i])
		if w.Code != expectedCode[i] {
			t.Errorf(
				"POST /register: bad input returned %v. Expected %v.",
				w.Code,
				expectedCode[i],
			)
		}
	}

	// Test register fails when user already logged in
	req, err := http.NewRequest("POST", "", nil)
	if err != nil {
		t.Errorf("%v", err)
	}
	w = httptest.NewRecorder()
	session, _ := jar.Get(req, "carton-session")
	session.Values["user"] = "******"
	session.Save(req, w)
	registerHandle.ServeHTTP(w, req)
	if w.Code != http.StatusBadRequest {
		t.Errorf(
			"POST /register: when user logged in returned %v. Expected %v.",
			w.Code,
			http.StatusBadRequest,
		)
	}

	// Test that user is successfully registered
	mockDb = db.NewMockDbManager(false)
	registerHandle = registerHandler(mockDb, jar)
	test = GenerateHandleTester(t, registerHandle)
	w = test("POST", goodParams)
	if w.Code != http.StatusCreated {
		t.Errorf(
			"POST /register: good input returned %v. Expected %v.",
			w.Code,
			http.StatusCreated,
		)
	}
	if !mockDb.IsUser("test user") {
		t.Error("test user was not added to the database.")
	}
}
Esempio n. 3
0
func TestFileUpload(t *testing.T) {
	mockDb := db.NewMockDbManager(false)
	jar := sessions.NewCookieStore([]byte("secret key"))
	tmpDirPath := os.TempDir()
	tmpUploadsPath, err := ioutil.TempDir(tmpDirPath, "cartonUploadTest")
	if err != nil {
		t.Error("Unable to set up tmp directory")
	}
	uploadHandle := fileHandler(mockDb, jar, tmpUploadsPath)
	test := GenerateHandleTester(t, uploadHandle)

	// Check GET request returns 404
	w := test("GET", "")
	if w.Code != http.StatusUnauthorized {
		t.Errorf(
			"GET request returned %v. Expected %v",
			w.Code,
			http.StatusNotFound,
		)
	}

	// Check that someone can't upload a file if they're not logged in
	w = test("POST", "")
	if w.Code != http.StatusUnauthorized {
		t.Errorf(
			"POST request returned %v. Expected %v",
			w.Code,
			http.StatusUnauthorized,
		)
	}

	// Create a tmp file to upload
	tmpFile, err := ioutil.TempFile(tmpDirPath, "cartonUploadTestFile")
	if err != nil {
		t.Errorf("%v", err)
	}
	tmpFile.Close()

	// Test that file upload can succeed
	req, err := newFileUploadRequest("file", tmpFile.Name(), map[string]string{})
	if err != nil {
		t.Errorf("%v", err)
	}
	w = httptest.NewRecorder()
	session, _ := jar.Get(req, "carton-session")
	session.Values["user"] = "******"
	session.Save(req, w)
	uploadHandle.ServeHTTP(w, req)
	if w.Code != http.StatusCreated {
		t.Errorf(
			"POST request returned %v. Expected %v",
			w.Code,
			http.StatusCreated,
		)
	}

	c := mockDb.GetFileByName(filepath.Base(tmpFile.Name()))
	if c == nil {
		t.Error("Could not find file")
	}
	switch {
	case c.Name != tmpFile.Name():
	case c.Owner != "test user":
	case c.Path != tmpFile.Name():
		t.Error("Retrieved file does not have expected attributes")
	}

	os.Remove(tmpUploadsPath)
	os.Remove(tmpFile.Name())
}