|
|
@@ -3,40 +3,33 @@ package main
|
|
|
import (
|
|
|
"bytes"
|
|
|
"encoding/json"
|
|
|
- "io/ioutil"
|
|
|
"net/http"
|
|
|
"os"
|
|
|
"sync"
|
|
|
"testing"
|
|
|
"time"
|
|
|
|
|
|
- "github.com/chromedp/cdproto/database"
|
|
|
controller "github.com/gravitl/netmaker/controllers"
|
|
|
"github.com/gravitl/netmaker/models"
|
|
|
"github.com/gravitl/netmaker/mongoconn"
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
)
|
|
|
|
|
|
-//change this --- there is an existing type
|
|
|
-type AuthorizationResponse struct {
|
|
|
- Username string
|
|
|
- AuthToken string
|
|
|
-}
|
|
|
-
|
|
|
type databaseError struct {
|
|
|
Inner *int
|
|
|
Errors int
|
|
|
}
|
|
|
|
|
|
-type goodResponse struct {
|
|
|
+//should be use models.SuccessResponse and models.SuccessfulUserLoginResponse
|
|
|
+//rather than creating new type but having trouble decoding that way
|
|
|
+type Auth struct {
|
|
|
+ Username string
|
|
|
+ AuthToken string
|
|
|
+}
|
|
|
+type Success struct {
|
|
|
Code int
|
|
|
Message string
|
|
|
- Response AuthorizationResponse
|
|
|
-}
|
|
|
-
|
|
|
-type badResponse struct {
|
|
|
- Code int
|
|
|
- Message string
|
|
|
+ Response Auth
|
|
|
}
|
|
|
|
|
|
type AuthorizeTestCase struct {
|
|
|
@@ -54,7 +47,7 @@ func TestMain(m *testing.M) {
|
|
|
waitgroup.Add(1)
|
|
|
go controller.HandleRESTRequests(&waitgroup)
|
|
|
//wait for http server to start
|
|
|
- time.Sleep(time.Second * 1)
|
|
|
+ time.Sleep(time.Second * 30)
|
|
|
os.Exit(m.Run())
|
|
|
}
|
|
|
|
|
|
@@ -66,82 +59,53 @@ func TestUsers(t *testing.T) {
|
|
|
// })
|
|
|
}
|
|
|
func TestAdminCreation(t *testing.T) {
|
|
|
- t.Skip()
|
|
|
- var admin, user models.User
|
|
|
+ var admin models.UserAuthParams
|
|
|
+ var user models.User
|
|
|
admin.UserName = "admin"
|
|
|
admin.Password = "password"
|
|
|
- if !adminExists(t) {
|
|
|
- t.Run("AdminCreationValid", func(t *testing.T) {
|
|
|
- response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
- assert.NotNil(t, err, "create admin")
|
|
|
- if err != nil {
|
|
|
- t.Fatal("....")
|
|
|
- }
|
|
|
- defer response.Body.Close()
|
|
|
- json.NewDecoder(response.Body).Decode(&user)
|
|
|
- assert.Equal(t, admin.UserName, user.UserName)
|
|
|
- assert.Equal(t, true, user.IsAdmin)
|
|
|
- assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
- assert.True(t, adminExists(t), "Admin creation failed")
|
|
|
- })
|
|
|
- t.Run("AdminCreationInvalid", func(t *testing.T) {
|
|
|
- response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
- if err != nil {
|
|
|
- t.Error("error calling createadmin", err)
|
|
|
- }
|
|
|
- defer response.Body.Close()
|
|
|
- var message badResponse
|
|
|
- json.NewDecoder(response.Body).Decode(&message)
|
|
|
- assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
|
- assert.Equal(t, http.StatusUnauthorized, message.Code)
|
|
|
- assert.Equal(t, "W1R3: Admin already exists! ", message.Message)
|
|
|
- })
|
|
|
- } else {
|
|
|
- t.Run("AdminCreationInvalid", func(t *testing.T) {
|
|
|
- response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
- assert.NotNil(t, err, "createadmin")
|
|
|
- defer response.Body.Close()
|
|
|
- var message badResponse
|
|
|
- json.NewDecoder(response.Body).Decode(&message)
|
|
|
- assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
|
- assert.Equal(t, http.StatusUnauthorized, message.Code)
|
|
|
- assert.Equal(t, "W1R3: Admin already exists! ", message.Message)
|
|
|
- })
|
|
|
- //deleteAdmin()
|
|
|
- t.Run("Admin Creation - Valid", func(t *testing.T) {
|
|
|
- t.Skip()
|
|
|
- response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
- if err != nil {
|
|
|
- t.Error("error calling createadmin", err)
|
|
|
- }
|
|
|
- defer response.Body.Close()
|
|
|
- json.NewDecoder(response.Body).Decode(&user)
|
|
|
- assert.Equal(t, admin.UserName, user.UserName)
|
|
|
- assert.Equal(t, true, user.IsAdmin)
|
|
|
- assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
- assert.True(t, adminExists(t), "Admin creation failed")
|
|
|
- })
|
|
|
- }
|
|
|
+ t.Run("AdminCreationSuccess", func(t *testing.T) {
|
|
|
+ if adminExists(t) {
|
|
|
+ deleteAdmin(t)
|
|
|
+ }
|
|
|
+ response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ defer response.Body.Close()
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&user)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ assert.Equal(t, admin.UserName, user.UserName)
|
|
|
+ assert.Equal(t, true, user.IsAdmin)
|
|
|
+ assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
+ assert.True(t, adminExists(t), "Admin creation failed")
|
|
|
+ })
|
|
|
+ t.Run("AdminCreationFailure", func(t *testing.T) {
|
|
|
+ if !adminExists(t) {
|
|
|
+ addAdmin(t)
|
|
|
+ }
|
|
|
+ response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "")
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ defer response.Body.Close()
|
|
|
+ var message models.ErrorResponse
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&message)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
|
+ assert.Equal(t, http.StatusUnauthorized, message.Code)
|
|
|
+ assert.Equal(t, "W1R3: Admin already exists! ", message.Message)
|
|
|
+ })
|
|
|
+
|
|
|
}
|
|
|
|
|
|
func TestGetUser(t *testing.T) {
|
|
|
|
|
|
- t.Skip()
|
|
|
//ensure admin exists
|
|
|
if !adminExists(t) {
|
|
|
- t.Error("admin account does not exist")
|
|
|
- return
|
|
|
+ addAdmin(t)
|
|
|
}
|
|
|
//authenticate
|
|
|
- t.Run("GetUser ValidToken", func(t *testing.T) {
|
|
|
+ t.Run("GetUserWithValidToken", func(t *testing.T) {
|
|
|
token, err := authenticate(t)
|
|
|
- if err != nil {
|
|
|
- t.Error("could not authenticate")
|
|
|
- }
|
|
|
+ assert.Nil(t, err, err)
|
|
|
response, err := api(t, "", http.MethodGet, "http://localhost:8081/users/admin", token)
|
|
|
- if err != nil {
|
|
|
- t.Error("could not get user")
|
|
|
- }
|
|
|
+ assert.Nil(t, err, err)
|
|
|
defer response.Body.Close()
|
|
|
var user models.User
|
|
|
json.NewDecoder(response.Body).Decode(&user)
|
|
|
@@ -149,71 +113,63 @@ func TestGetUser(t *testing.T) {
|
|
|
assert.Equal(t, "admin", user.UserName)
|
|
|
assert.Equal(t, true, user.IsAdmin)
|
|
|
})
|
|
|
- t.Run("GetUser InvalidToken", func(t *testing.T) {
|
|
|
+ t.Run("GetUserWithInvalidToken", func(t *testing.T) {
|
|
|
//skip until sort out what should be returned
|
|
|
- t.Skip()
|
|
|
- response, err := api(t, "", http.MethodGet, "http://localhost:8081/users/admin", "xxxx")
|
|
|
- if err != nil {
|
|
|
- t.Error("error getting user")
|
|
|
- }
|
|
|
+ response, err := api(t, "", http.MethodGet, "http://localhost:8081/users/admin", "secretkey")
|
|
|
+ assert.Nil(t, err, err)
|
|
|
defer response.Body.Close()
|
|
|
///not sure what this should be
|
|
|
- var something string
|
|
|
- json.NewDecoder(response.Body).Decode(something)
|
|
|
- assert.Equal(t, "Some error message", something)
|
|
|
+ t.Log(response.Body)
|
|
|
+ //var something string
|
|
|
+
|
|
|
+ //json.NewDecoder(response.Body).Decode(something)
|
|
|
+ //assert.Equal(t, "Some error message", something)
|
|
|
})
|
|
|
}
|
|
|
|
|
|
func TestUpdateUser(t *testing.T) {
|
|
|
- t.Skip()
|
|
|
if !adminExists(t) {
|
|
|
addAdmin(t)
|
|
|
}
|
|
|
- //token, err := authenticate(t)
|
|
|
- //if err != nil {
|
|
|
- // t.Error("could not authenticate")
|
|
|
- //}
|
|
|
-
|
|
|
- var admin, user models.User
|
|
|
- admin.UserName = "admin"
|
|
|
- admin.Password = "admin"
|
|
|
+ token, err := authenticate(t)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ var admin models.UserAuthParams
|
|
|
+ var user models.User
|
|
|
+ var message models.ErrorResponse
|
|
|
+ t.Run("UpdateWrongToken", func(t *testing.T) {
|
|
|
+ admin.UserName = "admin"
|
|
|
+ admin.Password = "admin"
|
|
|
+ response, err := api(t, admin, http.MethodPut, "http://localhost:8081/users/admin", "secretkey")
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ defer response.Body.Close()
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&message)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
|
|
+ assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
|
+ })
|
|
|
+ t.Run("UpdateSuccess", func(t *testing.T) {
|
|
|
+ admin.UserName = "admin"
|
|
|
+ admin.Password = "password"
|
|
|
+ response, err := api(t, admin, http.MethodPut, "http://localhost:8081/users/admin", token)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ defer response.Body.Close()
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&user)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ assert.Equal(t, admin.UserName, user.UserName)
|
|
|
+ assert.Equal(t, true, user.IsAdmin)
|
|
|
+ assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
+ })
|
|
|
|
|
|
- //payload := map[string]string{"username": "admin", "password": "admin"}
|
|
|
- payload, _ := json.Marshal(admin)
|
|
|
- request, err := http.NewRequest(http.MethodPut, "http://localhost:8081/users/admin", bytes.NewBuffer(payload))
|
|
|
- if err != nil {
|
|
|
- t.Error(err)
|
|
|
- }
|
|
|
- request.Header.Set("Authorization", "Bearer secretkey")
|
|
|
- request.Header.Set("Content-Type", "application/json")
|
|
|
- client := &http.Client{}
|
|
|
- response, err := client.Do(request)
|
|
|
- if err != nil {
|
|
|
- t.Error("error calling createadmin", err)
|
|
|
- }
|
|
|
- defer response.Body.Close()
|
|
|
- body, _ := ioutil.ReadAll(response.Body)
|
|
|
- t.Log(string(body))
|
|
|
- _ = json.Unmarshal(body, &user)
|
|
|
- assert.Equal(t, admin.UserName, user.UserName)
|
|
|
- assert.Equal(t, true, user.IsAdmin)
|
|
|
- assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
}
|
|
|
|
|
|
func TestDeleteUser(t *testing.T) {
|
|
|
- expectedError := databaseError{
|
|
|
- Inner: nil,
|
|
|
- Errors: 1,
|
|
|
- }
|
|
|
-
|
|
|
if !adminExists(t) {
|
|
|
addAdmin(t)
|
|
|
}
|
|
|
token, err := authenticate(t)
|
|
|
- if err != nil {
|
|
|
- t.Error(err)
|
|
|
- }
|
|
|
+ assert.Nil(t, err, err)
|
|
|
t.Run("DeleteUser-WongAdmin", func(t *testing.T) {
|
|
|
+ //skip for now ... shouldn't panic
|
|
|
t.Skip()
|
|
|
function := func() {
|
|
|
_, _ = api(t, "", http.MethodDelete, "http://localhost:8081/users/xxxx", token)
|
|
|
@@ -222,33 +178,29 @@ func TestDeleteUser(t *testing.T) {
|
|
|
})
|
|
|
t.Run("DeleteUser-InvalidCredentials", func(t *testing.T) {
|
|
|
response, err := api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", "secretkey")
|
|
|
- if err != nil {
|
|
|
- t.Error(err)
|
|
|
- }
|
|
|
- var body database.Error
|
|
|
- json.NewDecoder(response.Body).Decode(body)
|
|
|
- assert.Equal(t, expectedError, body)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ var message models.ErrorResponse
|
|
|
+ json.NewDecoder(response.Body).Decode(message)
|
|
|
+ assert.Equal(t, "W1R3: Error Verifying Auth Token.", message.Message)
|
|
|
+ assert.Equal(t, http.StatusUnauthorized, response.StatusCode)
|
|
|
})
|
|
|
t.Run("DeleteUser-ValidCredentials", func(t *testing.T) {
|
|
|
- if err != nil {
|
|
|
- t.Error(err)
|
|
|
- }
|
|
|
response, err := api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
|
- if err != nil {
|
|
|
- t.Error(err)
|
|
|
- }
|
|
|
+ assert.Nil(t, err, err)
|
|
|
var body string
|
|
|
json.NewDecoder(response.Body).Decode(body)
|
|
|
assert.Equal(t, "admin deleted.", body)
|
|
|
assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
})
|
|
|
t.Run("DeletUser-NoAdmin", func(t *testing.T) {
|
|
|
+ //skip for now ... shouldn't panic
|
|
|
t.Skip()
|
|
|
function := func() {
|
|
|
_, _ = api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
|
}
|
|
|
assert.Panics(t, function, "")
|
|
|
})
|
|
|
+ addAdmin(t)
|
|
|
}
|
|
|
|
|
|
func TestAuthenticateUser(t *testing.T) {
|
|
|
@@ -259,7 +211,7 @@ func TestAuthenticateUser(t *testing.T) {
|
|
|
password: "password",
|
|
|
code: http.StatusBadRequest,
|
|
|
tokenExpected: false,
|
|
|
- errMessage: "W1R3: It's not you it's me.",
|
|
|
+ errMessage: "W1R3: User invaliduser not found.",
|
|
|
},
|
|
|
AuthorizeTestCase{
|
|
|
testname: "empty user",
|
|
|
@@ -281,9 +233,9 @@ func TestAuthenticateUser(t *testing.T) {
|
|
|
testname: "Invalid Passord",
|
|
|
name: "admin",
|
|
|
password: "xxxxxxx",
|
|
|
- code: http.StatusBadRequest,
|
|
|
+ code: http.StatusUnauthorized,
|
|
|
tokenExpected: false,
|
|
|
- errMessage: "W1R3: It's not you it's me.",
|
|
|
+ errMessage: "W1R3: Wrong Password.",
|
|
|
},
|
|
|
AuthorizeTestCase{
|
|
|
testname: "Valid User",
|
|
|
@@ -305,16 +257,18 @@ func TestAuthenticateUser(t *testing.T) {
|
|
|
admin.Password = tc.password
|
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/authenticate", "secretkey")
|
|
|
assert.Nil(t, err, err)
|
|
|
+ defer response.Body.Close()
|
|
|
if tc.tokenExpected {
|
|
|
- var body goodResponse
|
|
|
- json.NewDecoder(response.Body).Decode(&body)
|
|
|
+ var body Success
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&body)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
assert.NotEmpty(t, body.Response.AuthToken, "token not returned")
|
|
|
assert.Equal(t, "W1R3: Device admin Authorized", body.Message)
|
|
|
- } //else {
|
|
|
- // var bad badResponse
|
|
|
- // json.NewDecoder(response.Body).Decode(&bad)
|
|
|
- // assert.Equal(t, tc.errMessage, bad.Message)
|
|
|
- //}
|
|
|
+ } else {
|
|
|
+ var bad models.ErrorResponse
|
|
|
+ json.NewDecoder(response.Body).Decode(&bad)
|
|
|
+ assert.Equal(t, tc.errMessage, bad.Message)
|
|
|
+ }
|
|
|
assert.Equal(t, tc.code, response.StatusCode)
|
|
|
})
|
|
|
}
|
|
|
@@ -331,13 +285,18 @@ func adminExists(t *testing.T) bool {
|
|
|
}
|
|
|
|
|
|
func api(t *testing.T, data interface{}, method, url, authorization string) (*http.Response, error) {
|
|
|
- payload, err := json.Marshal(data)
|
|
|
- assert.Nil(t, err, err)
|
|
|
- return nil, err
|
|
|
- request, err := http.NewRequest(method, url, bytes.NewBuffer(payload))
|
|
|
- assert.Nil(t, err, err)
|
|
|
- return nil, err
|
|
|
- request.Header.Set("Content-Type", "application/json")
|
|
|
+ var request *http.Request
|
|
|
+ var err error
|
|
|
+ if data != "" {
|
|
|
+ payload, err := json.Marshal(data)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ request, err = http.NewRequest(method, url, bytes.NewBuffer(payload))
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ request.Header.Set("Content-Type", "application/json")
|
|
|
+ } else {
|
|
|
+ request, err = http.NewRequest(method, url, nil)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ }
|
|
|
if authorization != "" {
|
|
|
request.Header.Set("Authorization", "Bearer "+authorization)
|
|
|
}
|
|
|
@@ -351,8 +310,7 @@ func addAdmin(t *testing.T) {
|
|
|
admin.Password = "password"
|
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/createadmin", "secretkey")
|
|
|
assert.Nil(t, err, err)
|
|
|
- t.Log(response)
|
|
|
- //assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
+ assert.Equal(t, http.StatusOK, response.StatusCode)
|
|
|
}
|
|
|
|
|
|
func authenticate(t *testing.T) (string, error) {
|
|
|
@@ -360,9 +318,23 @@ func authenticate(t *testing.T) (string, error) {
|
|
|
admin.UserName = "admin"
|
|
|
admin.Password = "password"
|
|
|
response, err := api(t, admin, http.MethodPost, "http://localhost:8081/users/authenticate", "secretkey")
|
|
|
- assert.NotNil(t, err, "authenticate")
|
|
|
- var body goodResponse
|
|
|
- json.NewDecoder(response.Body).Decode(&body)
|
|
|
- token := body.Response.AuthToken
|
|
|
- return token, nil
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+
|
|
|
+ var body Success
|
|
|
+ err = json.NewDecoder(response.Body).Decode(&body)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ assert.NotEmpty(t, body.Response.AuthToken, "token not returned")
|
|
|
+ assert.Equal(t, "W1R3: Device admin Authorized", body.Message)
|
|
|
+
|
|
|
+ return body.Response.AuthToken, nil
|
|
|
+}
|
|
|
+
|
|
|
+func deleteAdmin(t *testing.T) {
|
|
|
+ if !adminExists(t) {
|
|
|
+ return
|
|
|
+ }
|
|
|
+ token, err := authenticate(t)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
+ _, err = api(t, "", http.MethodDelete, "http://localhost:8081/users/admin", token)
|
|
|
+ assert.Nil(t, err, err)
|
|
|
}
|
Mattthew R Kasun