func initServices(wsContainer *restful.Container, db *mgo.Database) error {
// manager
mgr := manager.New(db)
if err := mgr.Init(); err != nil {
return err
}
// password manager for generation and verification passwords
passCtx := passlib.NewContext()
sch := scheduler.NewMemoryScheduler(mgr.Copy())
// services
base := services.New(mgr, passCtx, sch)
all := []services.ServiceInterface{
auth.New(base),
plugin.New(base),
plan.New(base),
user.New(base),
project.New(base),
target.New(base),
scan.New(base),
me.New(base),
agent.New(base),
feed.New(base),
file.New(base),
issue.New(base),
}
// initialize services
for _, s := range all {
if err := s.Init(); err != nil {
return err
}
}
// register services in container
for _, s := range all {
s.Register(wsContainer)
}
return nil
}
func TestChangePassword(t *testing.T) {
logrus.SetLevel(logrus.PanicLevel)
mongo, dbName, err := tests.RandomTestMongoUp()
if err != nil {
t.Fatal(err)
}
defer tests.RandomTestMongoDown(mongo, dbName)
mgr := manager.New(mongo.DB(dbName))
passCtx := passlib.NewContext()
// create and auth user
sess := filters.NewSession()
service := New(services.New(mgr, passCtx, scheduler.NewFake()))
wsContainer := restful.NewContainer()
wsContainer.Router(restful.CurlyRouter{})
wsContainer.Filter(filters.SessionFilterMock(sess))
service.Register(wsContainer)
ts := httptest.NewServer(wsContainer)
defer ts.Close()
c.Convey("Given authorized user with password - password", t, func() {
pass, err := passCtx.Encrypt("password")
if err != nil {
t.Fatal(err)
}
u, err := mgr.Users.Create(&user.User{
Password: pass,
})
if err != nil {
t.Fatal(err)
}
sess.Set(filters.SessionUserKey, u.Id.Hex())
c.Convey("Change password with wrong entity", func() {
err, resp, sErr := changePassword(ts.URL, map[string]int{"old": 1})
c.So(err, c.ShouldBeNil)
c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
c.So(sErr, c.ShouldNotBeNil)
c.So(sErr.Code, c.ShouldEqual, services.CodeWrongEntity)
})
c.Convey("Change password with wrong old password", func() {
err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "bad"})
c.So(err, c.ShouldBeNil)
c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
c.So(sErr, c.ShouldNotBeNil)
c.So(sErr.Code, c.ShouldEqual, services.CodeWrongData)
})
c.Convey("Change password with right old password, but new is short", func() {
err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "password", "new": "short"})
c.So(err, c.ShouldBeNil)
c.So(resp.StatusCode, c.ShouldEqual, http.StatusBadRequest)
c.So(sErr, c.ShouldNotBeNil)
c.So(sErr.Code, c.ShouldEqual, services.CodeWrongData)
})
c.Convey("Change password with right old password, and good new password", func() {
err, resp, sErr := changePassword(ts.URL, map[string]string{"old": "password", "new": "password2"})
c.So(err, c.ShouldBeNil)
c.So(resp.StatusCode, c.ShouldEqual, http.StatusOK)
c.So(sErr, c.ShouldBeNil)
modified, err := mgr.Users.GetById(u.Id)
if err != nil {
t.Fatal(err)
}
verified, err := passCtx.Verify("password2", modified.Password)
if err != nil {
t.Fatal(err)
}
c.So(verified, c.ShouldBeTrue)
})
})
}