337 lines
8.6 KiB
Go
337 lines
8.6 KiB
Go
package api
|
|
|
|
import (
|
|
"bytes"
|
|
"database/sql"
|
|
"encoding/json"
|
|
"log"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.wntrmute.dev/kyle/mcias/data"
|
|
_ "github.com/mattn/go-sqlite3"
|
|
)
|
|
|
|
func setupTestDB(t *testing.T) *sql.DB {
|
|
db, err := sql.Open("sqlite3", ":memory:")
|
|
if err != nil {
|
|
t.Fatalf("Failed to open test database: %v", err)
|
|
}
|
|
|
|
schema, err := os.ReadFile("../schema.sql")
|
|
if err != nil {
|
|
t.Fatalf("Failed to read schema: %v", err)
|
|
}
|
|
|
|
if _, err := db.Exec(string(schema)); err != nil {
|
|
t.Fatalf("Failed to initialize test database: %v", err)
|
|
}
|
|
|
|
return db
|
|
}
|
|
|
|
func createTestUser(t *testing.T, db *sql.DB) *data.User {
|
|
user := &data.User{}
|
|
login := &data.Login{
|
|
User: "testuser",
|
|
Password: "testpassword",
|
|
}
|
|
|
|
if err := user.Register(login); err != nil {
|
|
t.Fatalf("Failed to register test user: %v", err)
|
|
}
|
|
|
|
query := `INSERT INTO users (id, created, user, password, salt) VALUES (?, ?, ?, ?, ?)`
|
|
_, err := db.Exec(query, user.ID, user.Created, user.User, user.Password, user.Salt)
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert test user: %v", err)
|
|
}
|
|
|
|
return user
|
|
}
|
|
|
|
func TestPasswordLogin(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestUser(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
loginReq := LoginRequest{
|
|
Version: "v1",
|
|
Login: data.Login{
|
|
User: user.User,
|
|
Password: "testpassword",
|
|
},
|
|
}
|
|
|
|
body, err := json.Marshal(loginReq)
|
|
if err != nil {
|
|
t.Fatalf("Failed to marshal request: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("POST", "/v1/login/password", bytes.NewBuffer(body))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handlePasswordLogin(recorder, req)
|
|
|
|
if recorder.Code != http.StatusOK {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code)
|
|
}
|
|
|
|
var response TokenResponse
|
|
if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil {
|
|
t.Fatalf("Failed to decode response: %v", err)
|
|
}
|
|
|
|
if response.Token == "" {
|
|
t.Error("Expected token in response, got empty string")
|
|
}
|
|
|
|
now := time.Now().Unix()
|
|
if response.Expires <= now {
|
|
t.Errorf("Expected token expiration in the future, got %d (now: %d)", response.Expires, now)
|
|
}
|
|
}
|
|
|
|
func TestTokenLogin(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestUser(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
|
|
token := "testtoken123456"
|
|
expires := time.Now().Add(24 * time.Hour).Unix()
|
|
|
|
tokenID := "token123"
|
|
query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)`
|
|
_, err := db.Exec(query, tokenID, user.ID, token, expires)
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert test token: %v", err)
|
|
}
|
|
|
|
loginReq := LoginRequest{
|
|
Version: "v1",
|
|
Login: data.Login{
|
|
User: user.User,
|
|
Token: token,
|
|
},
|
|
}
|
|
|
|
body, err := json.Marshal(loginReq)
|
|
if err != nil {
|
|
t.Fatalf("Failed to marshal request: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("POST", "/v1/login/token", bytes.NewBuffer(body))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handleTokenLogin(recorder, req)
|
|
|
|
if recorder.Code != http.StatusOK {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code)
|
|
}
|
|
|
|
var response TokenResponse
|
|
if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil {
|
|
t.Fatalf("Failed to decode response: %v", err)
|
|
}
|
|
|
|
if response.Token == "" {
|
|
t.Error("Expected token in response, got empty string")
|
|
}
|
|
|
|
now := time.Now().Unix()
|
|
if response.Expires <= now {
|
|
t.Errorf("Expected token expiration in the future, got %d (now: %d)", response.Expires, now)
|
|
}
|
|
}
|
|
|
|
func TestInvalidPasswordLogin(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestUser(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
|
|
loginReq := LoginRequest{
|
|
Version: "v1",
|
|
Login: data.Login{
|
|
User: user.User,
|
|
Password: "wrongpassword",
|
|
},
|
|
}
|
|
|
|
body, err := json.Marshal(loginReq)
|
|
if err != nil {
|
|
t.Fatalf("Failed to marshal request: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("POST", "/v1/login/password", bytes.NewBuffer(body))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handlePasswordLogin(recorder, req)
|
|
|
|
if recorder.Code != http.StatusUnauthorized {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusUnauthorized, recorder.Code)
|
|
}
|
|
}
|
|
|
|
func TestInvalidTokenLogin(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestUser(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
|
|
loginReq := LoginRequest{
|
|
Version: "v1",
|
|
Login: data.Login{
|
|
User: user.User,
|
|
Token: "invalidtoken",
|
|
},
|
|
}
|
|
|
|
body, err := json.Marshal(loginReq)
|
|
if err != nil {
|
|
t.Fatalf("Failed to marshal request: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("POST", "/v1/login/token", bytes.NewBuffer(body))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handleTokenLogin(recorder, req)
|
|
|
|
if recorder.Code != http.StatusUnauthorized {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusUnauthorized, recorder.Code)
|
|
}
|
|
}
|
|
|
|
func createTestAdminUser(t *testing.T, db *sql.DB) *data.User {
|
|
user := createTestUser(t, db)
|
|
|
|
// Add admin role
|
|
roleID := "role123"
|
|
_, err := db.Exec("INSERT INTO roles (id, role) VALUES (?, ?)", roleID, "admin")
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert admin role: %v", err)
|
|
}
|
|
|
|
// Assign admin role to user
|
|
userRoleID := "ur123"
|
|
_, err = db.Exec("INSERT INTO user_roles (id, uid, rid) VALUES (?, ?, ?)", userRoleID, user.ID, roleID)
|
|
if err != nil {
|
|
t.Fatalf("Failed to assign admin role to user: %v", err)
|
|
}
|
|
|
|
user.Roles = []string{"admin"}
|
|
return user
|
|
}
|
|
|
|
func insertTestDatabaseCredentials(t *testing.T, db *sql.DB) {
|
|
query := `INSERT INTO database (id, host, port, name, user, password)
|
|
VALUES (?, ?, ?, ?, ?, ?)`
|
|
_, err := db.Exec(query, "db123", "localhost", 5432, "testdb", "postgres", "securepassword")
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert test database credentials: %v", err)
|
|
}
|
|
}
|
|
|
|
func TestDatabaseCredentials(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestAdminUser(t, db)
|
|
insertTestDatabaseCredentials(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
|
|
token := "testtoken123456"
|
|
expires := time.Now().Add(24 * time.Hour).Unix()
|
|
|
|
tokenID := "token123"
|
|
query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)`
|
|
_, err := db.Exec(query, tokenID, user.ID, token, expires)
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert test token: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("GET", "/v1/database/credentials?username="+user.User, nil)
|
|
req.Header.Set("Authorization", "Bearer "+token)
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handleDatabaseCredentials(recorder, req)
|
|
|
|
if recorder.Code != http.StatusOK {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code)
|
|
}
|
|
|
|
var response DatabaseCredentials
|
|
if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil {
|
|
t.Fatalf("Failed to decode response: %v", err)
|
|
}
|
|
|
|
if response.Host != "localhost" {
|
|
t.Errorf("Expected host 'localhost', got '%s'", response.Host)
|
|
}
|
|
if response.Port != 5432 {
|
|
t.Errorf("Expected port 5432, got %d", response.Port)
|
|
}
|
|
if response.Name != "testdb" {
|
|
t.Errorf("Expected database name 'testdb', got '%s'", response.Name)
|
|
}
|
|
if response.User != "postgres" {
|
|
t.Errorf("Expected user 'postgres', got '%s'", response.User)
|
|
}
|
|
if response.Password != "securepassword" {
|
|
t.Errorf("Expected password 'securepassword', got '%s'", response.Password)
|
|
}
|
|
}
|
|
|
|
func TestDatabaseCredentialsUnauthorized(t *testing.T) {
|
|
db := setupTestDB(t)
|
|
defer db.Close()
|
|
|
|
user := createTestUser(t, db) // Regular user without admin role
|
|
insertTestDatabaseCredentials(t, db)
|
|
|
|
logger := log.New(os.Stdout, "TEST: ", log.LstdFlags)
|
|
server := NewServer(db, logger)
|
|
|
|
token := "testtoken123456"
|
|
expires := time.Now().Add(24 * time.Hour).Unix()
|
|
|
|
tokenID := "token123"
|
|
query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)`
|
|
_, err := db.Exec(query, tokenID, user.ID, token, expires)
|
|
if err != nil {
|
|
t.Fatalf("Failed to insert test token: %v", err)
|
|
}
|
|
|
|
req := httptest.NewRequest("GET", "/v1/database/credentials?username="+user.User, nil)
|
|
req.Header.Set("Authorization", "Bearer "+token)
|
|
|
|
recorder := httptest.NewRecorder()
|
|
server.handleDatabaseCredentials(recorder, req)
|
|
|
|
if recorder.Code != http.StatusForbidden {
|
|
t.Errorf("Expected status code %d, got %d", http.StatusForbidden, recorder.Code)
|
|
}
|
|
}
|