diff options
author | Frédéric Guillot <fred@miniflux.net> | 2017-11-25 12:44:32 -0800 |
---|---|---|
committer | Frédéric Guillot <fred@miniflux.net> | 2017-11-25 12:44:32 -0800 |
commit | ec0f642d5d3ec636b158b5fb0125f3a28ff9bf37 (patch) | |
tree | 4f146de44b0f0d8568470b99822dbfcd6c24cc2f | |
parent | 142e8b3e0c94757585005cd00fc9ed24afe43f81 (diff) |
Add integration tests for users
-rw-r--r-- | integration_test.go | 262 | ||||
-rw-r--r-- | locale/translations.go | 2 | ||||
-rw-r--r-- | locale/translations/fr_FR.json | 3 | ||||
-rw-r--r-- | model/theme.go | 13 | ||||
-rw-r--r-- | model/user.go | 8 | ||||
-rw-r--r-- | server/static/bin.go | 2 | ||||
-rw-r--r-- | server/static/css.go | 2 | ||||
-rw-r--r-- | server/static/js.go | 2 | ||||
-rw-r--r-- | server/template/common.go | 2 | ||||
-rw-r--r-- | server/template/views.go | 2 | ||||
-rw-r--r-- | sql/sql.go | 2 |
11 files changed, 267 insertions, 33 deletions
diff --git a/integration_test.go b/integration_test.go index 934084d..e0f2bb0 100644 --- a/integration_test.go +++ b/integration_test.go @@ -7,23 +7,43 @@ package main import ( + "math/rand" + "strconv" + "strings" "testing" + "time" "github.com/miniflux/miniflux-go" ) const ( - testBaseURL = "http://127.0.0.1:8080" - testUsername = "admin" - testPassword = "test123" + testBaseURL = "http://127.0.0.1:8080" + testAdminUsername = "admin" + testAdminPassword = "test123" + testStandardPassword = "secret" ) +func TestWithBadEndpoint(t *testing.T) { + client := miniflux.NewClient("bad url", testAdminUsername, testAdminPassword) + _, err := client.Users() + if err == nil { + t.Fatal(`Using a bad url should raise an error`) + } +} + +func TestWithWrongCredentials(t *testing.T) { + client := miniflux.NewClient(testBaseURL, "invalid", "invalid") + _, err := client.Users() + if err == nil { + t.Fatal(`Using bad credentials should raise an error`) + } +} + func TestGetUsers(t *testing.T) { - client := miniflux.NewClient(testBaseURL, testUsername, testPassword) + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) users, err := client.Users() if err != nil { t.Fatal(err) - return } if len(users) == 0 { @@ -31,71 +51,263 @@ func TestGetUsers(t *testing.T) { } if users[0].ID == 0 { - t.Fatalf(`Invalid userID, got %v`, users[0].ID) + t.Fatalf(`Invalid userID, got "%v"`, users[0].ID) } - if users[0].Username != testUsername { - t.Fatalf(`Invalid username, got %v`, users[0].Username) + if users[0].Username != testAdminUsername { + t.Fatalf(`Invalid username, got "%v" instead of "%v"`, users[0].Username, testAdminUsername) } if users[0].Password != "" { - t.Fatalf(`Invalid password, got %v`, users[0].Password) + t.Fatalf(`Invalid password, got "%v"`, users[0].Password) } if users[0].Language != "en_US" { - t.Fatalf(`Invalid language, got %v`, users[0].Language) + t.Fatalf(`Invalid language, got "%v"`, users[0].Language) } if users[0].Theme != "default" { - t.Fatalf(`Invalid theme, got %v`, users[0].Theme) + t.Fatalf(`Invalid theme, got "%v"`, users[0].Theme) } if users[0].Timezone != "UTC" { - t.Fatalf(`Invalid timezone, got %v`, users[0].Timezone) + t.Fatalf(`Invalid timezone, got "%v"`, users[0].Timezone) } if !users[0].IsAdmin { - t.Fatalf(`Invalid role, got %v`, users[0].IsAdmin) + t.Fatalf(`Invalid role, got "%v"`, users[0].IsAdmin) } } func TestCreateStandardUser(t *testing.T) { - client := miniflux.NewClient(testBaseURL, testUsername, testPassword) - user, err := client.CreateUser("test", "test123", false) + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + if user.ID == 0 { + t.Fatalf(`Invalid userID, got "%v"`, user.ID) + } + + if user.Username != username { + t.Fatalf(`Invalid username, got "%v" instead of "%v"`, user.Username, username) + } + + if user.Password != "" { + t.Fatalf(`Invalid password, got "%v"`, user.Password) + } + + if user.Language != "en_US" { + t.Fatalf(`Invalid language, got "%v"`, user.Language) + } + + if user.Theme != "default" { + t.Fatalf(`Invalid theme, got "%v"`, user.Theme) + } + + if user.Timezone != "UTC" { + t.Fatalf(`Invalid timezone, got "%v"`, user.Timezone) + } + + if user.IsAdmin { + t.Fatalf(`Invalid role, got "%v"`, user.IsAdmin) + } + + if user.LastLoginAt != nil { + t.Fatalf(`Invalid last login date, got "%v"`, user.LastLoginAt) + } +} + +func TestRemoveUser(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + if err := client.DeleteUser(user.ID); err != nil { + t.Fatalf(`Unable to remove user: "%v"`, err) + } +} + +func TestGetUser(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + user, err = client.User(user.ID) if err != nil { t.Fatal(err) - return } if user.ID == 0 { - t.Fatalf(`Invalid userID, got %v`, user.ID) + t.Fatalf(`Invalid userID, got "%v"`, user.ID) } - if user.Username != "test" { - t.Fatalf(`Invalid username, got %v`, user.Username) + if user.Username != username { + t.Fatalf(`Invalid username, got "%v" instead of "%v"`, user.Username, username) } if user.Password != "" { - t.Fatalf(`Invalid password, got %v`, user.Password) + t.Fatalf(`Invalid password, got "%v"`, user.Password) } if user.Language != "en_US" { - t.Fatalf(`Invalid language, got %v`, user.Language) + t.Fatalf(`Invalid language, got "%v"`, user.Language) } if user.Theme != "default" { - t.Fatalf(`Invalid theme, got %v`, user.Theme) + t.Fatalf(`Invalid theme, got "%v"`, user.Theme) } if user.Timezone != "UTC" { - t.Fatalf(`Invalid timezone, got %v`, user.Timezone) + t.Fatalf(`Invalid timezone, got "%v"`, user.Timezone) } if user.IsAdmin { - t.Fatalf(`Invalid role, got %v`, user.IsAdmin) + t.Fatalf(`Invalid role, got "%v"`, user.IsAdmin) } if user.LastLoginAt != nil { - t.Fatalf(`Invalid last login date, got %v`, user.LastLoginAt) + t.Fatalf(`Invalid last login date, got "%v"`, user.LastLoginAt) + } +} + +func TestUpdateUser(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + theme := "black" + user.Theme = theme + user, err = client.UpdateUser(user) + if err != nil { + t.Fatal(err) + } + + if user.Theme != theme { + t.Fatalf(`Unable to update user: got "%v" instead of "%v"`, user.Theme, theme) + } +} + +func TestUpdateUserWithInvalidValue(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + theme := "something that doesn't exists" + user.Theme = theme + _, err = client.UpdateUser(user) + if err == nil { + t.Fatal(`Updating a user with an invalid value should raise an error`) + } +} + +func TestCannotCreateDuplicateUser(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + _, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + _, err = client.CreateUser(username, testStandardPassword, false) + if err == nil { + t.Fatal(`Duplicate users should not be allowed`) + } +} + +func TestCannotListUsersAsNonAdmin(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + _, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + client = miniflux.NewClient(testBaseURL, username, testStandardPassword) + _, err = client.Users() + if err == nil { + t.Fatal(`Standard users should not be able to list any users`) + } +} + +func TestCannotGetUserAsNonAdmin(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + client = miniflux.NewClient(testBaseURL, username, testStandardPassword) + _, err = client.User(user.ID) + if err == nil { + t.Fatal(`Standard users should not be able to get any users`) + } +} + +func TestCannotUpdateUserAsNonAdmin(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + client = miniflux.NewClient(testBaseURL, username, testStandardPassword) + _, err = client.UpdateUser(user) + if err == nil { + t.Fatal(`Standard users should not be able to update any users`) + } +} + +func TestCannotCreateUserAsNonAdmin(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + _, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + client = miniflux.NewClient(testBaseURL, username, testStandardPassword) + _, err = client.CreateUser(username, testStandardPassword, false) + if err == nil { + t.Fatal(`Standard users should not be able to create users`) + } +} + +func TestCannotDeleteUserAsNonAdmin(t *testing.T) { + username := getRandomUsername() + client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword) + user, err := client.CreateUser(username, testStandardPassword, false) + if err != nil { + t.Fatal(err) + } + + client = miniflux.NewClient(testBaseURL, username, testStandardPassword) + if err := client.DeleteUser(user.ID); err == nil { + t.Fatal(`Standard users should not be able to remove any users`) + } +} + +func getRandomUsername() string { + rand.Seed(time.Now().UnixNano()) + var suffix []string + for i := 0; i < 10; i++ { + suffix = append(suffix, strconv.Itoa(rand.Intn(1000))) } + return "user" + strings.Join(suffix, "") } diff --git a/locale/translations.go b/locale/translations.go index a5d2d78..863c746 100644 --- a/locale/translations.go +++ b/locale/translations.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.354922728 -0800 PST m=+0.035838197 +// 2017-11-25 10:47:30.371865884 -0800 PST m=+0.027993990 package locale diff --git a/locale/translations/fr_FR.json b/locale/translations/fr_FR.json index 01ad8fb..3b774cf 100644 --- a/locale/translations/fr_FR.json +++ b/locale/translations/fr_FR.json @@ -133,5 +133,6 @@ "Sign in with Google": "Se connecter avec Google", "Unlink my Google account": "Dissocier mon compte Google", "Link my Google account": "Associer mon compte Google", - "Category not found for this user.": "Cette catégorie n'existe pas pour cet utilisateur." + "Category not found for this user.": "Cette catégorie n'existe pas pour cet utilisateur.", + "Invalid theme.": "Le thème est invalide." } diff --git a/model/theme.go b/model/theme.go index bcbb23a..c9bbc05 100644 --- a/model/theme.go +++ b/model/theme.go @@ -4,6 +4,8 @@ package model +import "github.com/miniflux/miniflux2/errors" + // GetThemes returns the list of available themes. func GetThemes() map[string]string { return map[string]string{ @@ -11,3 +13,14 @@ func GetThemes() map[string]string { "black": "Black", } } + +// ValidateTheme validates theme value. +func ValidateTheme(theme string) error { + for key := range GetThemes() { + if key == theme { + return nil + } + } + + return errors.NewLocalizedError("Invalid theme.") +} diff --git a/model/user.go b/model/user.go index 7d5d52b..0fd5044 100644 --- a/model/user.go +++ b/model/user.go @@ -27,6 +27,7 @@ func NewUser() *User { return &User{Extra: make(map[string]string)} } +// ValidateUserCreation validates new user. func (u User) ValidateUserCreation() error { if err := u.ValidateUserLogin(); err != nil { return err @@ -39,6 +40,7 @@ func (u User) ValidateUserCreation() error { return nil } +// ValidateUserModification validates user for modification. func (u User) ValidateUserModification() error { if u.Username == "" { return errors.New("The username is mandatory") @@ -48,9 +50,14 @@ func (u User) ValidateUserModification() error { return err } + if err := ValidateTheme(u.Theme); err != nil { + return err + } + return nil } +// ValidateUserLogin validates user credential requirements. func (u User) ValidateUserLogin() error { if u.Username == "" { return errors.New("The username is mandatory") @@ -63,6 +70,7 @@ func (u User) ValidateUserLogin() error { return nil } +// ValidatePassword validates user password requirements. func (u User) ValidatePassword() error { if u.Password != "" && len(u.Password) < 6 { return errors.New("The password must have at least 6 characters") diff --git a/server/static/bin.go b/server/static/bin.go index ebd1888..3a5ca06 100644 --- a/server/static/bin.go +++ b/server/static/bin.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.326996526 -0800 PST m=+0.007911995 +// 2017-11-25 10:47:30.351686806 -0800 PST m=+0.007814912 package static diff --git a/server/static/css.go b/server/static/css.go index 7b7d2bb..39da75c 100644 --- a/server/static/css.go +++ b/server/static/css.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.330122316 -0800 PST m=+0.011037785 +// 2017-11-25 10:47:30.352812144 -0800 PST m=+0.008940250 package static diff --git a/server/static/js.go b/server/static/js.go index 627cd55..5076159 100644 --- a/server/static/js.go +++ b/server/static/js.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.333049571 -0800 PST m=+0.013965040 +// 2017-11-25 10:47:30.357950671 -0800 PST m=+0.014078777 package static diff --git a/server/template/common.go b/server/template/common.go index 00a6a7c..21f91aa 100644 --- a/server/template/common.go +++ b/server/template/common.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.353262943 -0800 PST m=+0.034178412 +// 2017-11-25 10:47:30.370347794 -0800 PST m=+0.026475900 package template diff --git a/server/template/views.go b/server/template/views.go index 6a55528..5db8713 100644 --- a/server/template/views.go +++ b/server/template/views.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.335450873 -0800 PST m=+0.016366342 +// 2017-11-25 10:47:30.359140331 -0800 PST m=+0.015268437 package template @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -// 2017-11-24 21:40:33.323320501 -0800 PST m=+0.004235970 +// 2017-11-25 10:47:30.347837046 -0800 PST m=+0.003965152 package sql |