akillibulut
/
porter
-ын хуулбар https://github.com/porter-dev/porter


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574
							package api_test

import (
	"encoding/json"
	"fmt"
	"net/http"
	"net/http/httptest"
	"reflect"
	"strings"
	"testing"

	"github.com/go-test/deep"
	"github.com/porter-dev/porter/internal/auth/token"
	"github.com/porter-dev/porter/internal/models"
)

// ------------------------- TEST TYPES AND MAIN LOOP ------------------------- //

type userTest struct {
	initializers []func(t *tester)
	msg          string
	method       string
	endpoint     string
	body         string
	expStatus    int
	expBody      string
	useCookie    bool
	validators   []func(c *userTest, tester *tester, t *testing.T)
}

func testUserRequests(t *testing.T, tests []*userTest, canQuery bool) {
	for _, c := range tests {
		// create a new tester
		tester := newTester(canQuery)

		// if there's an initializer, call it
		for _, init := range c.initializers {
			init(tester)
		}

		req, err := http.NewRequest(
			c.method,
			c.endpoint,
			strings.NewReader(c.body),
		)

		tester.req = req

		if c.useCookie {
			req.AddCookie(tester.cookie)
		}

		if err != nil {
			t.Fatal(err)
		}

		tester.execute()
		rr := tester.rr

		// first, check that the status matches
		if status := rr.Code; status != c.expStatus {
			t.Errorf("%s, handler returned wrong status code: got %v want %v",
				c.msg, status, c.expStatus)
		}

		// if there's a validator, call it
		for _, validate := range c.validators {
			validate(c, tester, t)
		}
	}
}

// ------------------------- TEST FIXTURES AND FUNCTIONS  ------------------------- //

var authCheckTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Auth check successful. User is logged in.",
		method:    "GET",
		endpoint:  "/api/auth/check",
		expStatus: http.StatusOK,
		body:      "",
		expBody:   `{"id":1,"email":"belanger@getporter.dev"}`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Auth check failure. User is not logged in.",
		method:    "GET",
		endpoint:  "/api/auth/check",
		body:      "",
		expStatus: http.StatusForbidden,
		expBody:   http.StatusText(http.StatusForbidden) + "\n",
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleAuthCheck(t *testing.T) {
	testUserRequests(t, authCheckTests, true)
}

func TestHandleAuthCheckToken(t *testing.T) {
	tester := newTester(true)

	initUserDefault(tester)
	initProject(tester)

	// generate a new token
	tokGen, _ := token.GetTokenForAPI(1, 1)

	tok, _ := tokGen.EncodeToken(&token.TokenGeneratorConf{
		TokenSecret: "secret",
	})

	req, err := http.NewRequest(
		"GET",
		"/api/auth/check",
		strings.NewReader(""),
	)

	tester.req = req
	req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", tok))
	tester.execute()

	rr := tester.rr

	if err != nil {
		t.Fatal(err)
	}

	// first, check that the status matches
	if status := rr.Code; status != 200 {
		t.Errorf("%s, handler returned wrong status code: got %v want %v",
			"auth check token", status, 200)
	}

	gotBody := &models.UserExternal{}
	expBody := &models.UserExternal{}

	json.Unmarshal(tester.rr.Body.Bytes(), gotBody)
	json.Unmarshal([]byte(`{"id":1,"email":"belanger@getporter.dev"}`), expBody)

	if !reflect.DeepEqual(gotBody, expBody) {
		t.Errorf("%s, handler returned wrong body: got %v want %v",
			"auth check token", gotBody, expBody)
	}
}

var createUserTests = []*userTest{
	&userTest{
		msg:      "Create user",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusCreated,
		expBody:   `{"id":1,"email":"belanger@getporter.dev"}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userModelBodyValidator,
		},
	},
	&userTest{
		msg:      "Create user invalid email",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
			"email": "notanemail",
			"password": "hello"
		}`,
		expStatus: http.StatusUnprocessableEntity,
		expBody:   `{"code":601,"errors":["email validation failed"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		msg:      "Create user missing field",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
			"password": "hello"
		}`,
		expStatus: http.StatusUnprocessableEntity,
		expBody:   `{"code":601,"errors":["required validation failed"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:      "Create user same email",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusUnprocessableEntity,
		expBody:   `{"code":601,"errors":["email already taken"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		msg:      "Create user invalid field type",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
			"email": "belanger@getporter.dev",
			"password": 0
		}`,
		expStatus: http.StatusBadRequest,
		expBody:   `{"code":600,"errors":["could not process request"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleCreateUser(t *testing.T) {
	testUserRequests(t, createUserTests, true)
}

var createUserTestsWriteFail = []*userTest{
	&userTest{
		msg:      "Create user db connection down",
		method:   "POST",
		endpoint: "/api/users",
		body: `{
		"email": "belanger@getporter.dev",
		"password": "hello"
	}`,
		expStatus: http.StatusInternalServerError,
		expBody:   `{"code":500,"errors":["could not read from database"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleCreateUserWriteFail(t *testing.T) {
	testUserRequests(t, createUserTestsWriteFail, false)
}

var loginUserTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:      "Login user successful",
		method:   "POST",
		endpoint: "/api/login",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusOK,
		expBody:   `{"id":1,"email":"belanger@getporter.dev"}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:      "Login user already logged in",
		method:   "POST",
		endpoint: "/api/login",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusOK,
		expBody:   `{"id":1,"email":"belanger@getporter.dev"}`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		msg:      "Login user unregistered email",
		method:   "POST",
		endpoint: "/api/login",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusUnauthorized,
		expBody:   `{"code":401,"errors":["email not registered"]}`,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:      "Login user incorrect password",
		method:   "POST",
		endpoint: "/api/login",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "notthepassword"
		}`,
		expStatus: http.StatusUnauthorized,
		expBody:   `{"code":401,"errors":["incorrect password"]}`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleLoginUser(t *testing.T) {
	testUserRequests(t, loginUserTests, true)
}

var logoutUserTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:      "Logout user successful",
		method:   "POST",
		endpoint: "/api/logout",
		body: `{
			"email": "belanger@getporter.dev",
			"password": "hello"
		}`,
		expStatus: http.StatusOK,
		expBody:   ``,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			func(c *userTest, tester *tester, t *testing.T) {
				req, err := http.NewRequest(
					"GET",
					"/api/users/1",
					strings.NewReader(""),
				)

				req.AddCookie(tester.cookie)

				if err != nil {
					t.Fatal(err)
				}

				rr2 := httptest.NewRecorder()
				tester.router.ServeHTTP(rr2, req)

				if status := rr2.Code; status != http.StatusForbidden {
					t.Errorf("%s, handler returned wrong status: got %v want %v",
						"validator failed", status, http.StatusForbidden)
				}
			},
		},
	},
}

func TestHandleLogoutUser(t *testing.T) {
	testUserRequests(t, logoutUserTests, true)
}

var readUserTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Read user successful",
		method:    "GET",
		endpoint:  "/api/users/1",
		body:      "",
		expStatus: http.StatusOK,
		expBody:   `{"id":1,"email":"belanger@getporter.dev"}`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userModelBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Read user unauthorized",
		method:    "GET",
		endpoint:  "/api/users/2",
		body:      "",
		expStatus: http.StatusForbidden,
		expBody:   http.StatusText(http.StatusForbidden) + "\n",
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleReadUser(t *testing.T) {
	testUserRequests(t, readUserTests, true)
}

var listUserProjectsTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
			initProject,
		},
		msg:       "List user projects successful",
		method:    "GET",
		endpoint:  "/api/users/1/projects",
		body:      "",
		expStatus: http.StatusOK,
		expBody:   `[{"id":1,"name":"project-test","roles":[{"id":0,"kind":"admin","user_id":1,"project_id":1}]}]`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userProjectsListValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "List user projects unauthorized",
		method:    "GET",
		endpoint:  "/api/users/2/projects",
		body:      "",
		expStatus: http.StatusForbidden,
		expBody:   http.StatusText(http.StatusForbidden) + "\n",
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleListUserProjects(t *testing.T) {
	testUserRequests(t, listUserProjectsTests, true)
}

var deleteUserTests = []*userTest{
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Delete user successful",
		method:    "DELETE",
		endpoint:  "/api/users/1",
		body:      `{"password":"hello"}`,
		expStatus: http.StatusNoContent,
		expBody:   "",
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			func(c *userTest, tester *tester, t *testing.T) {
				req, err := http.NewRequest(
					"GET",
					"/api/users/1",
					strings.NewReader(""),
				)

				req.AddCookie(tester.cookie)

				if err != nil {
					t.Fatal(err)
				}

				rr2 := httptest.NewRecorder()

				tester.router.ServeHTTP(rr2, req)

				gotBody := &models.UserExternal{}
				expBody := &models.UserExternal{}

				if status := rr2.Code; status != 404 {
					t.Errorf("DELETE user validation, handler returned wrong status code: got %v want %v",
						status, 404)
				}

				json.Unmarshal(rr2.Body.Bytes(), gotBody)
				json.Unmarshal([]byte(`{"code":602,"errors":["could not find requested object"]}`), expBody)

				if !reflect.DeepEqual(gotBody, expBody) {
					t.Errorf("%s, handler returned wrong body: got %v want %v",
						"validator failed", gotBody, expBody)
				}
			},
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Delete user invalid id",
		method:    "DELETE",
		endpoint:  "/api/users/aldkjf",
		body:      `{"password":"hello"}`,
		expStatus: http.StatusForbidden,
		expBody:   http.StatusText(http.StatusForbidden) + "\n",
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
	&userTest{
		initializers: []func(tester *tester){
			initUserDefault,
		},
		msg:       "Delete user missing password",
		method:    "DELETE",
		endpoint:  "/api/users/1",
		body:      `{}`,
		expStatus: http.StatusUnprocessableEntity,
		expBody:   `{"code":601,"errors":["required validation failed"]}`,
		useCookie: true,
		validators: []func(c *userTest, tester *tester, t *testing.T){
			userBasicBodyValidator,
		},
	},
}

func TestHandleDeleteUser(t *testing.T) {
	testUserRequests(t, deleteUserTests, true)
}

// ------------------------- INITIALIZERS AND VALIDATORS ------------------------- //

func initUserDefault(tester *tester) {
	tester.createUserSession("belanger@getporter.dev", "hello")
}

func initUserAlt(tester *tester) {
	tester.createUserSession("test@test.it", "hello")
}

func userBasicBodyValidator(c *userTest, tester *tester, t *testing.T) {
	if body := tester.rr.Body.String(); strings.TrimSpace(body) != strings.TrimSpace(c.expBody) {
		t.Errorf("%s, handler returned wrong body: got %v want %v",
			c.msg, body, c.expBody)
	}
}

func userModelBodyValidator(c *userTest, tester *tester, t *testing.T) {
	gotBody := &models.UserExternal{}
	expBody := &models.UserExternal{}

	json.Unmarshal(tester.rr.Body.Bytes(), gotBody)
	json.Unmarshal([]byte(c.expBody), expBody)

	if !reflect.DeepEqual(gotBody, expBody) {
		t.Errorf("%s, handler returned wrong body: got %v want %v",
			c.msg, gotBody, expBody)
	}
}

func userProjectsListValidator(c *userTest, tester *tester, t *testing.T) {
	gotBody := make([]*models.ProjectExternal, 0)
	expBody := make([]*models.ProjectExternal, 0)

	json.Unmarshal(tester.rr.Body.Bytes(), &gotBody)
	json.Unmarshal([]byte(c.expBody), &expBody)

	if diff := deep.Equal(gotBody, expBody); diff != nil {
		t.Errorf("handler returned wrong body:\n")
		t.Error(diff)
	}
}