func TestUnauthorize(t *testing.T) {
InitAuthenticatorTest()
user, password := user()
cookie, err := authorize(user.Email, password)
if err != nil {
t.Fatal(err)
}
ctx, _ := CreateReqContext("GET", "/protected", nil)
ctx.Request.AddCookie(cookie)
if !authenticator.IsAuthorized(ctx.Request) {
t.Fatal("Should be authenticated")
}
if authenticator.AuthorizedUserID(ctx.Request) != user.ID {
t.Fatal("ID doesn't match")
}
authenticator.Unauthorize(ctx.Writer, ctx.Request)
if authenticator.IsAuthorized(ctx.Request) {
t.Fatal("Should not be authenticated")
}
if authenticator.AuthorizedUserID(ctx.Request) == user.ID {
t.Fatal("ID matches!")
}
}
func TestIsAuthorizedWhenZeroUsers(t *testing.T) {
InitAuthenticatorTest()
ctx, _ := CreateReqContext("GET", "/", nil)
if !authenticator.IsAuthorized(ctx.Request) {
t.Fatal("Should not have failed here, Zero users in system should yield unlimited access")
}
}
func TestAuthorize(t *testing.T) {
InitAuthenticatorTest()
user, password := user()
if _, err := authorize(user.Email, password); err != nil {
t.Fatal(err)
}
}
func TestIsAuthorizedWhenNoAuthProcessIsCompleted(t *testing.T) {
InitAuthenticatorTest()
user()
ctx, _ := CreateReqContext("GET", "/", nil)
if authenticator.IsAuthorized(ctx.Request) {
t.Fatal("Should have failed here")
}
}
func TestGetCreatePage(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("GET", "/user/create", nil)
result := userHandler.Create(ctx)
if result != nil {
t.Fatal("Expected nil")
}
}
func TestCreateUserWithNoParameters(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("POST", "/user/create", nil)
userHandler.Create(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
}
func TestGetInitWhenOneOrMoreUsers(t *testing.T) {
initInitHandlerTest()
userController.Create("*****@*****.**", "password")
ctx, _ := CreateReqContext("GET", "/init", nil)
result := initHandler.Init(ctx)
if err, ok := result.(*AppError); !ok {
t.Fatalf("response returned %v", result)
} else if err.Status() != http.StatusNotFound {
t.Fatal("Expected 404")
}
}
func TestUpdateUserWithNoParameters(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("POST", "/user/update?id="+id, nil)
userHandler.Update(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
}
func TestGetLoginPage(t *testing.T) {
initAuthHandlerTest()
ctx, _ := CreateReqContext("GET", "/auth/login", nil)
result := authHandler.Login(ctx)
if result != nil {
t.Fatal("Expected nil")
}
if ctx.IsRedirected() {
t.Fatal("Should not redirect")
}
}
func TestRetrieveExistingUser(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("GET", "/user/retrieve?id="+id, nil)
result := userHandler.Retrieve(ctx)
if !user.Equals(result) {
t.Fatal("Expected equality")
}
}
func TestFailedLogin(t *testing.T) {
initAuthHandlerTest()
ctx, _ := CreateReqContext("POST", "/auth/login", map[string][]string{
"username": []string{"*****@*****.**"},
"password": []string{"testpass"},
})
result := authHandler.Login(ctx)
if result != nil {
t.Fatal("Expected nil")
}
if ctx.IsRedirected() {
t.Fatal("Should not redirect")
}
}
func TestRetrieveNonExistingUser(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("GET", "/user/retrieve", map[string][]string{
"id": []string{"123"},
})
result := userHandler.Retrieve(ctx)
if err, ok := result.(*AppError); ok {
if err.Status() != http.StatusNotFound {
t.Fatal("Expected 404")
}
} else {
t.Fatal("Expected app error")
}
}
func TestAdminProtectedResourceWhereUserDontHaveAdminRights(t *testing.T) {
InitAuthenticatorTest()
authenticator.SetRequiredPrivileges("/admin", "Admin")
user, password := user()
cookie, err := authorize(user.Email, password)
if err != nil {
t.Fatal(err)
}
ctx, _ := CreateReqContext("GET", "/admin", nil)
ctx.Request.AddCookie(cookie)
if authenticator.Handle(ctx.Writer, ctx.Request) {
t.Fatal("User doesnt have admin rights!")
}
}
func TestCreateUserWithSmallPasswordLength(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("POST", "/user/create", map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"pass"},
"password-again": []string{"pass"},
})
userHandler.Create(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
if ctx.ValidationErrors["password"] == nil {
t.Fatal("Expected failure on password field")
}
}
func TestCreateUserWithMismatchingPasswordEntries(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("POST", "/user/create", map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"myvalidpass"},
"password-again": []string{"mymismatchingpass"},
})
userHandler.Create(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
if ctx.ValidationErrors[""] == nil {
t.Fatal("Expected a general error")
}
}
func TestCreateUserWhereEmailAlreadyExist(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "mypassword")
ctx, _ := CreateReqContext("POST", "/user/create", map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"myvalidpass"},
"password-again": []string{"myvalidpass"},
})
result := userHandler.Create(ctx)
switch result.(type) {
case error:
//Expects a application error
default:
t.Fatal("Unexpected return type")
}
}
func TestUpdateUserWithMismatchingPasswordEntries(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("POST", "/user/update?id="+id, map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"myvalidpass"},
"password-again": []string{"mymismatchingpass"},
})
userHandler.Update(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
if ctx.ValidationErrors[""] == nil {
t.Fatal("Expected a general error")
}
}
func TestUpdateUserWithLargePasswordLength(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("POST", "/user/update?id="+id, map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"my-very-very-very-long-password"},
"password-again": []string{"my-very-very-very-long-password"},
})
userHandler.Update(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
if ctx.ValidationErrors["password"] == nil {
t.Fatal("Expected failure on password field")
}
}
func TestInitCreateUser(t *testing.T) {
initInitHandlerTest()
ctx, _ := CreateReqContext("POST", "/init", map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"testpasswd"},
"password-again": []string{"testpasswd"},
})
result := initHandler.Init(ctx)
if result != nil {
t.Fatalf("response returned %v", result)
}
if !ctx.IsRedirected() {
t.Fatal("Expected redirection")
}
if role, err := roleRepo.FindByName("Admin"); err != nil {
t.Fatalf("Error occured %v", err)
} else if role == nil {
t.Fatal("Did not create Admin role")
}
if user, err := userRepo.FindByEmail("*****@*****.**"); err != nil {
t.Fatalf("Error occured %v", err)
} else if user == nil {
t.Fatal("Did not create user")
}
}
func TestLogout(t *testing.T) {
initAuthHandlerTest()
user := &User{
Email: "*****@*****.**",
}
password := "******"
user.SetPassword(password)
userRepo.Store(user)
ctx, _ := CreateReqContext("POST", "/auth/login", map[string][]string{
"username": []string{user.Email},
"password": []string{password},
})
result := authHandler.Login(ctx)
if result != nil {
t.Fatal("Expected nil")
}
if !ctx.IsRedirected() {
t.Fatal("Should redirect to landing page")
}
ctx, _ = CreateReqContext("GET", "/auth/logout", nil)
result = authHandler.Logout(ctx)
if !ctx.IsRedirected() {
t.Fatal("Should redirect to landing page")
}
}
func TestUpdateUser(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("POST", "/user/update", map[string][]string{
"id": []string{id},
"email": []string{"*****@*****.**"},
"password": []string{"testpassword"},
"password-again": []string{"testpassword"},
})
userHandler.Update(ctx)
if ctx.HasValidationErrors() {
t.Log(ctx.ValidationErrors)
t.Fatal("Did not expect any errors")
}
if !ctx.IsRedirected() {
t.Fatal("Expected redirection")
}
user, _ = userRepo.FindByEmail("*****@*****.**")
if !user.PasswordEquals("testpassword") {
t.Fatal("Expected a updated password")
}
}
func TestUpdateUserWithInvalidEmail(t *testing.T) {
initUserHandlerTest()
userController.Create("*****@*****.**", "password")
user, _ := userRepo.FindByEmail("*****@*****.**")
id := strconv.Itoa(user.ID)
ctx, _ := CreateReqContext("POST", "/user/update", map[string][]string{
"id": []string{id},
"email": []string{"test[at]test.test"},
"password": []string{"testpassword"},
"password-again": []string{"testpassword"},
})
userHandler.Update(ctx)
if !ctx.HasValidationErrors() {
t.Fatal("Expected validation errors")
}
if ctx.ValidationErrors["email"] == nil {
t.Fatal("Expected failure on email field")
}
}
func TestAdminProtectedResourceWhereUserHasAdminRights(t *testing.T) {
InitAuthenticatorTest()
authenticator.SetRequiredPrivileges("/admin", "Admin")
user, password := user()
role, _ := roleRepo.FindByName("Admin")
role.Users = append(role.Users, *user)
roleRepo.Store(role)
cookie, err := authorize(user.Email, password)
if err != nil {
t.Fatal(err)
}
ctx, _ := CreateReqContext("GET", "/admin", nil)
ctx.Request.AddCookie(cookie)
if !authenticator.Handle(ctx.Writer, ctx.Request) {
t.Fatal("User has admin rights!")
}
}
func TestCreateUser(t *testing.T) {
initUserHandlerTest()
ctx, _ := CreateReqContext("POST", "/user/create", map[string][]string{
"email": []string{"*****@*****.**"},
"password": []string{"testpassword"},
"password-again": []string{"testpassword"},
})
userHandler.Create(ctx)
if ctx.HasValidationErrors() {
t.Log(ctx.ValidationErrors)
t.Fatal("Did not expect any errors")
}
if !ctx.IsRedirected() {
t.Fatal("Expected redirection")
}
result, _ := userRepo.All()
if len(result) != 1 {
t.Fatal("Expected user created")
}
}
func TestAuthorizeWithInvalidCredentials(t *testing.T) {
InitAuthenticatorTest()
if _, err := authorize("", ""); err == nil {
t.Fatal("Should have failed")
}
}