func (s *S) TestAddKeyShouldNotAcceptRepeatedKeysForDifferentUsers(c *gocheck.C) {
usr, err := user.New("Frodo", map[string]string{"keyname": rawKey})
c.Assert(err, gocheck.IsNil)
defer user.Remove(usr.Name)
usr2, err := user.New("tempo", nil)
c.Assert(err, gocheck.IsNil)
defer user.Remove(usr2.Name)
b := strings.NewReader(fmt.Sprintf(`{"keyname": %q}`, rawKey))
recorder, request := post(fmt.Sprintf("/user/%s/key?:name=%s", usr2.Name, usr2.Name), b, c)
AddKey(recorder, request)
got := readBody(recorder.Body, c)
expected := "Key already exists.\n"
c.Assert(got, gocheck.Equals, expected)
c.Assert(recorder.Code, gocheck.Equals, http.StatusConflict)
}
func (s *S) TestGrantAccessUpdatesReposDocument(c *gocheck.C) {
u, err := user.New("pippin", map[string]string{})
conn, err := db.Conn()
c.Assert(err, gocheck.IsNil)
defer conn.Close()
defer conn.User().Remove(bson.M{"_id": "pippin"})
c.Assert(err, gocheck.IsNil)
r := repository.Repository{Name: "onerepo"}
err = conn.Repository().Insert(&r)
c.Assert(err, gocheck.IsNil)
defer conn.Repository().Remove(bson.M{"_id": r.Name})
r2 := repository.Repository{Name: "otherepo"}
err = conn.Repository().Insert(&r2)
c.Assert(err, gocheck.IsNil)
defer conn.Repository().Remove(bson.M{"_id": r2.Name})
b := bytes.NewBufferString(fmt.Sprintf(`{"repositories": ["%s", "%s"], "users": ["%s"]}`, r.Name, r2.Name, u.Name))
rec, req := del("/repository/grant", b, c)
GrantAccess(rec, req)
var repos []repository.Repository
err = conn.Repository().Find(bson.M{"_id": bson.M{"$in": []string{r.Name, r2.Name}}}).All(&repos)
c.Assert(err, gocheck.IsNil)
c.Assert(rec.Code, gocheck.Equals, 200)
for _, repo := range repos {
c.Assert(repo.Users, gocheck.DeepEquals, []string{u.Name})
}
}
func (s *S) TestRemoveKeyShouldRemoveKeyFromAuthorizedKeysFile(c *gocheck.C) {
u, err := user.New("Gandalf", map[string]string{"keyname": rawKey})
c.Assert(err, gocheck.IsNil)
defer user.Remove(u.Name)
url := "/user/Gandalf/key/keyname?:keyname=keyname&:name=Gandalf"
recorder, request := del(url, nil, c)
RemoveKey(recorder, request)
content := s.authKeysContent(c)
c.Assert(content, gocheck.Equals, "")
}
func (s *S) TestRemoveKeyGivesExpectedSuccessResponse(c *gocheck.C) {
u, err := user.New("Gandalf", map[string]string{"keyname": rawKey})
c.Assert(err, gocheck.IsNil)
defer user.Remove(u.Name)
url := "/user/Gandalf/key/keyname?:keyname=keyname&:name=Gandalf"
recorder, request := del(url, nil, c)
RemoveKey(recorder, request)
c.Assert(recorder.Code, gocheck.Equals, 200)
b := readBody(recorder.Body, c)
c.Assert(b, gocheck.Equals, `Key "keyname" successfully removed`)
}
func (s *S) TestHasReadPermissionShouldReturnTrueWhenRepositoryIsNotPublicAndUserHasPermissionToRead(c *check.C) {
user, err := user.New("readonlyuser", map[string]string{})
c.Check(err, check.IsNil)
repo := &repository.Repository{
Name: "otherapp",
Users: []string{s.user.Name},
ReadOnlyUsers: []string{user.Name},
}
allowed := hasReadPermission(user, repo)
c.Assert(allowed, check.Equals, true)
}
func NewUser(w http.ResponseWriter, r *http.Request) {
var usr jsonUser
if err := parseBody(r.Body, &usr); err != nil {
http.Error(w, "Got error while parsing body: "+err.Error(), http.StatusBadRequest)
return
}
u, err := user.New(usr.Name, usr.Keys)
if err != nil {
http.Error(w, "Got error while creating user: "******"User \"%s\" successfully created\n", u.Name)
}
func (s *S) TestRemoveUser(c *gocheck.C) {
u, err := user.New("username", map[string]string{})
c.Assert(err, gocheck.IsNil)
url := fmt.Sprintf("/user/%s/?:name=%s", u.Name, u.Name)
request, err := http.NewRequest("DELETE", url, nil)
c.Assert(err, gocheck.IsNil)
recorder := httptest.NewRecorder()
RemoveUser(recorder, request)
c.Assert(recorder.Code, gocheck.Equals, 200)
b, err := ioutil.ReadAll(recorder.Body)
c.Assert(err, gocheck.IsNil)
c.Assert(string(b), gocheck.Equals, "User \"username\" successfully removed\n")
}
func (s *S) TestListKeysWithoutKeysGivesEmptyJSON(c *gocheck.C) {
u, err := user.New("Gandalf", map[string]string{})
c.Assert(err, gocheck.IsNil)
defer user.Remove(u.Name)
url := "/user/Gandalf/keys?:name=Gandalf"
request, err := http.NewRequest("GET", url, nil)
c.Assert(err, gocheck.IsNil)
recorder := httptest.NewRecorder()
ListKeys(recorder, request)
c.Assert(recorder.Code, gocheck.Equals, 200)
b := readBody(recorder.Body, c)
c.Assert(b, gocheck.Equals, "{}")
}
func (s *S) TestRemoveKeyRemovesKeyFromDatabase(c *gocheck.C) {
u, err := user.New("Gandalf", map[string]string{"keyname": rawKey})
c.Assert(err, gocheck.IsNil)
defer user.Remove(u.Name)
url := "/user/Gandalf/key/keyname?:keyname=keyname&:name=Gandalf"
recorder, request := del(url, nil, c)
RemoveKey(recorder, request)
conn, err := db.Conn()
c.Assert(err, gocheck.IsNil)
defer conn.Close()
count, err := conn.Key().Find(bson.M{"name": "keyname", "username": "******"}).Count()
c.Assert(err, gocheck.IsNil)
c.Assert(count, gocheck.Equals, 0)
}
func (s *S) TestRemoveUserShouldRemoveFromDB(c *gocheck.C) {
u, err := user.New("anuser", map[string]string{})
c.Assert(err, gocheck.IsNil)
url := fmt.Sprintf("/user/%s/?:name=%s", u.Name, u.Name)
request, err := http.NewRequest("DELETE", url, nil)
c.Assert(err, gocheck.IsNil)
recorder := httptest.NewRecorder()
RemoveUser(recorder, request)
conn, err := db.Conn()
c.Assert(err, gocheck.IsNil)
defer conn.Close()
collection := conn.User()
lenght, err := collection.Find(bson.M{"_id": u.Name}).Count()
c.Assert(err, gocheck.IsNil)
c.Assert(lenght, gocheck.Equals, 0)
}
func (s *S) SetUpSuite(c *gocheck.C) {
var err error
log, err = syslog.New(syslog.LOG_INFO, "gandalf-listener")
c.Check(err, gocheck.IsNil)
err = config.ReadConfigFile("../etc/gandalf.conf")
c.Check(err, gocheck.IsNil)
config.Set("database:name", "gandalf_bin_tests")
s.user, err = user.New("testuser", map[string]string{})
c.Check(err, gocheck.IsNil)
// does not uses repository.New to avoid creation of bare git repo
s.repo = &repository.Repository{Name: "myapp", Users: []string{s.user.Name}}
conn, err := db.Conn()
c.Assert(err, gocheck.IsNil)
defer conn.Close()
err = conn.Repository().Insert(s.repo)
c.Check(err, gocheck.IsNil)
}
func (s *S) TestListKeysGivesExpectedSuccessResponse(c *gocheck.C) {
keys := map[string]string{"key1": rawKey, "key2": otherKey}
u, err := user.New("Gandalf", keys)
c.Assert(err, gocheck.IsNil)
defer user.Remove(u.Name)
url := "/user/Gandalf/keys?:name=Gandalf"
request, err := http.NewRequest("GET", url, nil)
c.Assert(err, gocheck.IsNil)
recorder := httptest.NewRecorder()
ListKeys(recorder, request)
c.Assert(recorder.Code, gocheck.Equals, 200)
body, err := ioutil.ReadAll(recorder.Body)
c.Assert(err, gocheck.IsNil)
var data map[string]string
err = json.Unmarshal(body, &data)
c.Assert(err, gocheck.IsNil)
c.Assert(data, gocheck.DeepEquals, keys)
}
func newUser(w http.ResponseWriter, r *http.Request) {
var usr jsonUser
if err := parseBody(r.Body, &usr); err != nil {
http.Error(w, "Got error while parsing body: "+err.Error(), http.StatusBadRequest)
return
}
u, err := user.New(usr.Name, usr.Keys)
if err != nil {
status := http.StatusInternalServerError
if err == user.ErrUserAlreadyExists {
status = http.StatusConflict
}
if _, ok := err.(*user.InvalidUserError); ok {
status = http.StatusBadRequest
}
http.Error(w, err.Error(), status)
return
}
fmt.Fprintf(w, "User \"%s\" successfully created\n", u.Name)
}
func (s *S) TestAddKey(c *gocheck.C) {
usr, err := user.New("Frodo", map[string]string{})
c.Assert(err, gocheck.IsNil)
defer user.Remove(usr.Name)
b := strings.NewReader(fmt.Sprintf(`{"keyname": %q}`, rawKey))
recorder, request := post(fmt.Sprintf("/user/%s/key?:name=%s", usr.Name, usr.Name), b, c)
AddKey(recorder, request)
got := readBody(recorder.Body, c)
expected := "Key(s) successfully created"
c.Assert(got, gocheck.Equals, expected)
c.Assert(recorder.Code, gocheck.Equals, 200)
var k user.Key
conn, err := db.Conn()
c.Assert(err, gocheck.IsNil)
defer conn.Close()
err = conn.Key().Find(bson.M{"name": "keyname", "username": usr.Name}).One(&k)
c.Assert(err, gocheck.IsNil)
c.Assert(k.Body, gocheck.Equals, keyBody)
c.Assert(k.Comment, gocheck.Equals, keyComment)
}
