Checkpoint sql work.

data/store_test.go

@@ -0,0 +1,61 @@
+package data
+
+import (
+    "context"
+    "testing"
+)
+
+func TestStoreUserCRUDAndRoles(t *testing.T) {
+    ctx := context.Background()
+    s, err := Open(ctx, ":memory:")
+    if err != nil {
+        t.Fatalf("open store: %v", err)
+    }
+    t.Cleanup(func() { _ = s.Close() })
+
+    u := &User{Username: "alice", Type: AccountHuman}
+    if err := u.SetPassword("correct horse battery staple"); err != nil {
+        t.Fatalf("set password: %v", err)
+    }
+    u.TOTPSecret = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ"
+    if err := s.CreateUser(ctx, u); err != nil {
+        t.Fatalf("create user: %v", err)
+    }
+    if u.ID == "" {
+        t.Fatal("expected ID to be set")
+    }
+
+    if err := s.AssignRole(ctx, u.ID, "admin"); err != nil {
+        t.Fatalf("assign role: %v", err)
+    }
+
+    got, err := s.GetUserByUsername(ctx, "alice")
+    if err != nil {
+        t.Fatalf("get user: %v", err)
+    }
+    if got.ID != u.ID || got.Username != "alice" || got.Type != AccountHuman {
+        t.Fatalf("unexpected user: %+v", got)
+    }
+    if !got.CheckPassword("correct horse battery staple") {
+        t.Fatal("password check failed after round-trip")
+    }
+    if len(got.Roles) != 1 || got.Roles[0] != "admin" {
+        t.Fatalf("expected role admin, got %#v", got.Roles)
+    }
+
+    // Update username and password
+    got.Username = "alice2"
+    if err := got.SetPassword("newpass"); err != nil {
+        t.Fatalf("set new password: %v", err)
+    }
+    if err := s.UpdateUser(ctx, got); err != nil {
+        t.Fatalf("update user: %v", err)
+    }
+    got2, err := s.GetUserByUsername(ctx, "alice2")
+    if err != nil {
+        t.Fatalf("get user 2: %v", err)
+    }
+    if !got2.CheckPassword("newpass") {
+        t.Fatal("new password check failed")
+    }
+}