mirror of https://github.com/muety/wakapi.git
84 lines
2.9 KiB
Go
84 lines
2.9 KiB
Go
package utils
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"github.com/gorilla/mux"
|
|
"github.com/muety/wakapi/middlewares"
|
|
"github.com/muety/wakapi/mocks"
|
|
"github.com/muety/wakapi/models"
|
|
"github.com/stretchr/testify/assert"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func TestCheckEffectiveUser_Current(t *testing.T) {
|
|
// request current as normal user -> return myself
|
|
r, w, userServiceMock := mockUserAwareRequest("current", "user1")
|
|
user, err := CheckEffectiveUser(w, r, userServiceMock, "current")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "user1", user.ID)
|
|
userServiceMock.AssertNumberOfCalls(t, "GetUserById", 0)
|
|
}
|
|
|
|
func TestCheckEffectiveUser_Other(t *testing.T) {
|
|
// request someone else as admin -> return someone else
|
|
r, w, userServiceMock := mockUserAwareRequest("user2", "admin")
|
|
user, err := CheckEffectiveUser(w, r, userServiceMock, "current")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "user2", user.ID)
|
|
userServiceMock.AssertCalled(t, "GetUserById", "user2")
|
|
userServiceMock.AssertNumberOfCalls(t, "GetUserById", 1)
|
|
}
|
|
|
|
func TestCheckEffectiveUser_FallbackUnauthorized(t *testing.T) {
|
|
// request someone else as non-admin -> error
|
|
r, w, userServiceMock := mockUserAwareRequest("user2", "user1")
|
|
user, err := CheckEffectiveUser(w, r, userServiceMock, "current")
|
|
assert.NotNil(t, err)
|
|
assert.Nil(t, user)
|
|
userServiceMock.AssertNumberOfCalls(t, "GetUserById", 0)
|
|
}
|
|
|
|
func TestCheckEffectiveUser_FallbackEmpty(t *testing.T) {
|
|
// request none -> return myself
|
|
r, w, userServiceMock := mockUserAwareRequest("", "user1")
|
|
user, err := CheckEffectiveUser(w, r, userServiceMock, "current")
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, "user1", user.ID)
|
|
userServiceMock.AssertNumberOfCalls(t, "GetUserById", 0)
|
|
}
|
|
|
|
func TestCheckEffectiveUser_FallbackUnauthenticated(t *testing.T) {
|
|
// request anyone without authentication -> error
|
|
r, w, userServiceMock := mockUserAwareRequest("user1", "")
|
|
user, err := CheckEffectiveUser(w, r, userServiceMock, "current")
|
|
assert.NotNil(t, err)
|
|
assert.Nil(t, user)
|
|
userServiceMock.AssertNumberOfCalls(t, "GetUserById", 0)
|
|
}
|
|
|
|
func mockUserAwareRequest(requestedUser, authorizedUser string) (*http.Request, http.ResponseWriter, *mocks.UserServiceMock) {
|
|
testUser := models.User{
|
|
ID: authorizedUser,
|
|
IsAdmin: authorizedUser == "admin",
|
|
}
|
|
|
|
testPrincipal := middlewares.PrincipalContainer{}
|
|
if authorizedUser != "" {
|
|
testPrincipal.SetPrincipal(&testUser)
|
|
}
|
|
|
|
r := httptest.NewRequest("GET", fmt.Sprintf("http://localhost:3000/api/%s/data", requestedUser), nil)
|
|
r = mux.SetURLVars(r, map[string]string{"user": requestedUser})
|
|
r = r.WithContext(context.WithValue(r.Context(), "principal", &testPrincipal))
|
|
|
|
userServiceMock := new(mocks.UserServiceMock)
|
|
userServiceMock.On("GetUserById", "user1").Return(&models.User{ID: "user1"}, nil)
|
|
userServiceMock.On("GetUserById", "user2").Return(&models.User{ID: "user2"}, nil)
|
|
userServiceMock.On("GetUserById", "admin").Return(&models.User{ID: "admin"}, nil)
|
|
|
|
return r, httptest.NewRecorder(), userServiceMock
|
|
}
|