func TestFromNameBadId(t *testing.T) {
Secret = "secret"
user := DefaultUser()
password, err := HashPassword("testpassword")
if assert.NoError(t, err, "An error was not expected") {
assert.NotNil(t, password, "password should be returned")
}
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
rows := sqlmock.NewRows([]string{"id", "password"}).AddRow(0, password)
mock.ExpectQuery("select user_id, user_password from users where user_name").WillReturnRows(rows)
err = user.FromName("test")
if assert.Error(t, err, "An error was expected") {
assert.Equal(t, err, e.ErrUserNotValid, "Error should match")
}
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestAudit(t *testing.T) {
var err error
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
mock.ExpectExec(`INSERT INTO audit \(user_id,ib_id,audit_type,audit_ip,audit_time,audit_action,audit_info\)`).
WithArgs(1, 1, UserLog, "10.0.0.1", AuditEmailUpdate, "meta info").
WillReturnResult(sqlmock.NewResult(1, 1))
audit := Audit{
User: 1,
Ib: 1,
Type: UserLog,
IP: "10.0.0.1",
Action: AuditEmailUpdate,
Info: "meta info",
}
// submit audit
err = audit.Submit()
assert.NoError(t, err, "An error was not expected")
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestFromName(t *testing.T) {
Secret = "secret"
user := DefaultUser()
password, err := HashPassword("testpassword")
if assert.NoError(t, err, "An error was not expected") {
assert.NotNil(t, password, "password should be returned")
}
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
rows := sqlmock.NewRows([]string{"id", "password"}).AddRow(2, password)
mock.ExpectQuery("select user_id, user_password from users where user_name").WillReturnRows(rows)
err = user.FromName("testaccount")
if assert.NoError(t, err, "An error was not expected") {
assert.Equal(t, user.ID, uint(2), "Id should match")
assert.True(t, user.IsAuthenticated, "User should be authenticated")
assert.True(t, user.ComparePassword("testpassword"), "Password should validate")
}
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestUserBadPassword(t *testing.T) {
Secret = "secret"
user := DefaultUser()
user.SetID(2)
user.SetAuthenticated()
password, err := HashPassword("testpassword")
if assert.NoError(t, err, "An error was not expected") {
assert.NotNil(t, password, "password should be returned")
}
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
rows := sqlmock.NewRows([]string{"name", "password"}).AddRow("testaccount", password)
mock.ExpectQuery("select user_name, user_password from users where user_id").WillReturnRows(rows)
err = user.Password()
if assert.NoError(t, err, "An error was not expected") {
assert.Equal(t, user.Name, "testaccount", "Name should match")
assert.False(t, user.ComparePassword("badpassword"), "Password should not validate")
}
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestCheckDuplicateBad(t *testing.T) {
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
rows := sqlmock.NewRows([]string{"count"}).AddRow(1)
mock.ExpectQuery(`select count\(\*\) from users where user_name`).WillReturnRows(rows)
assert.True(t, CheckDuplicate("test"), "Should be a duplicate")
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestIsAuthorizedDefault(t *testing.T) {
user := DefaultUser()
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
rows := sqlmock.NewRows([]string{"role"}).AddRow(1)
mock.ExpectQuery(`SELECT COALESCE`).WillReturnRows(rows)
assert.False(t, user.IsAuthorized(1), "Should not be authorized")
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestUpdatePassword(t *testing.T) {
var err error
_, hash, err := RandomPassword()
if assert.NoError(t, err, "An error was not expected") {
assert.NotNil(t, hash, "hash should be returned")
}
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
mock.ExpectExec("UPDATE users SET user_password").
WithArgs(hash, 2).
WillReturnResult(sqlmock.NewResult(1, 1))
err = UpdatePassword(hash, 2)
assert.NoError(t, err, "An error was not expected")
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}
func TestProtect(t *testing.T) {
var err error
Secret = "secret"
mock, err := db.NewTestDb()
assert.NoError(t, err, "An error was not expected")
gin.SetMode(gin.ReleaseMode)
router := gin.New()
router.Use(validate.ValidateParams())
router.Use(Auth(true))
router.Use(Protect())
router.GET("/important/:ib", func(c *gin.Context) {
c.String(200, "OK")
return
})
first := performRequest(router, "GET", "/important/1")
assert.Equal(t, first.Code, 403, "HTTP request code should match")
user := DefaultUser()
user.SetID(2)
user.SetAuthenticated()
user.hash, err = HashPassword("testpassword")
if assert.NoError(t, err, "An error was not expected") {
assert.NotNil(t, user.hash, "password should be returned")
}
assert.True(t, user.ComparePassword("testpassword"), "Password should validate")
token, err := user.CreateToken()
if assert.NoError(t, err, "An error was not expected") {
assert.NotEmpty(t, token, "token should be returned")
}
firstrows := sqlmock.NewRows([]string{"role"}).AddRow(1)
mock.ExpectQuery(`SELECT COALESCE`).WillReturnRows(firstrows)
second := performJWTCookieRequest(router, "GET", "/important/1", token)
assert.Equal(t, second.Code, 403, "HTTP request code should match")
secondrows := sqlmock.NewRows([]string{"role"}).AddRow(3)
mock.ExpectQuery(`SELECT COALESCE`).WillReturnRows(secondrows)
third := performJWTCookieRequest(router, "GET", "/important/1", token)
assert.Equal(t, third.Code, 200, "HTTP request code should match")
assert.NoError(t, mock.ExpectationsWereMet(), "An error was not expected")
}