func (s *S) TestUpdateServiceNotMember(c *C) { alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"} alice.Create() t := account.Team{Name: "example"} t.Create(alice) service.Create(alice, t) defer func() { serv, _ := s.store.FindServiceBySubdomain(service.Subdomain) s.store.DeleteService(serv) s.store.DeleteTeamByAlias(t.Alias) alice.Delete() }() headers, code, body, _ := httpClient.MakeRequest(requests.Args{ AcceptableCode: http.StatusOK, Method: "PUT", Path: fmt.Sprintf("/api/services/%s", service.Subdomain), Body: `{}`, Headers: http.Header{"Authorization": {s.authHeader}}, }) c.Assert(code, Equals, http.StatusForbidden) c.Assert(headers.Get("Content-Type"), Equals, "application/json") c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`) }
func (s *S) TestAppInfoNotMember(c *C) { alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"} alice.Create() t := account.Team{Name: "example"} t.Create(alice) app.Create(alice, t) defer func() { ap, _ := s.store.FindAppByClientId(app.ClientId) s.store.DeleteApp(ap) s.store.DeleteTeamByAlias(t.Alias) alice.Delete() }() headers, code, body, _ := httpClient.MakeRequest(requests.Args{ AcceptableCode: http.StatusForbidden, Method: "GET", Path: fmt.Sprintf("/api/apps/%s", app.ClientId), Headers: http.Header{"Authorization": {s.authHeader}}, }) c.Assert(code, Equals, http.StatusForbidden) c.Assert(headers.Get("Content-Type"), Equals, "application/json") c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`) }
func (s *AuthenticatableSuite) TestAuthenticateWithInvalidCredentials(c *C) { user := account.User{Name: "Alice", Email: "*****@*****.**", Password: "******"} user.Create() defer user.Delete() _, ok := s.Auth.Authenticate(user.Email, "invalid-password") c.Assert(ok, Equals, false) }
func (api *Api) userSignup(rw http.ResponseWriter, r *http.Request) { user := account.User{} if err := json.NewDecoder(r.Body).Decode(&user); err != nil { handleError(rw, errors.ErrBadRequest) return } if err := user.Create(); err != nil { handleError(rw, err) return } // Remove hashed-password from response. user.Password = "" Created(rw, user) }
func (s *S) TestDeleteAppWithoutPermission(c *C) { alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"} alice.Create() defer alice.Delete() app.Create(alice, team) defer func() { ap, _ := s.store.FindAppByClientId(app.ClientId) s.store.DeleteApp(ap) }() headers, code, body, _ := httpClient.MakeRequest(requests.Args{ AcceptableCode: http.StatusForbidden, Method: "DELETE", Path: fmt.Sprintf("/api/apps/%s", app.ClientId), Headers: http.Header{"Authorization": {s.authHeader}}, }) c.Assert(code, Equals, http.StatusForbidden) c.Assert(headers.Get("Content-Type"), Equals, "application/json") c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"Only the owner has permission to perform this operation."}`) }
func (s *S) TestTeamInfoWithoutPermission(c *C) { alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"} alice.Create() defer alice.Delete() team := account.Team{Name: "Backstage Team", Alias: "backstage"} team.Create(alice) defer func() { s.store.DeleteTeamByAlias(team.Alias) }() headers, code, body, _ := httpClient.MakeRequest(requests.Args{ AcceptableCode: http.StatusForbidden, Method: "GET", Path: fmt.Sprintf("/api/teams/%s", team.Alias), Headers: http.Header{"Authorization": {s.authHeader}}, }) c.Assert(code, Equals, http.StatusForbidden) c.Assert(headers.Get("Content-Type"), Equals, "application/json") c.Assert(string(body), Equals, `{"error":"access_denied","error_description":"You do not belong to this team!"}`) }
func (s *S) TestRemoveUser(c *C) { alice := account.User{Name: "alice", Email: "*****@*****.**", Password: "******"} alice.Create() defer alice.Delete() team := account.Team{Name: "Backstage Team", Alias: "backstage", Users: []string{alice.Email}} team.Create(user) defer func() { s.store.DeleteTeamByAlias(team.Alias) }() headers, code, body, _ := httpClient.MakeRequest(requests.Args{ AcceptableCode: http.StatusOK, Method: "DELETE", Path: fmt.Sprintf("/api/teams/%s/users", team.Alias), Headers: http.Header{"Authorization": {s.authHeader}}, Body: fmt.Sprintf(`{"users": ["%s"]}`, alice.Email), }) c.Assert(code, Equals, http.StatusOK) c.Assert(headers.Get("Content-Type"), Equals, "application/json") c.Assert(string(body), Equals, `{"name":"Backstage Team","alias":"backstage","users":["*****@*****.**"],"owner":"*****@*****.**"}`) }
func (s *S) TestCreateUserWithoutRequiredFields(c *C) { user := account.User{} err := user.Create() _, ok := err.(errors.ValidationError) c.Assert(ok, Equals, true) }