Commit ba913f26 authored by Rémi PAILHAREY's avatar Rémi PAILHAREY
Browse files

test: user test on temp file

parent 33c62528
......@@ -12,7 +12,6 @@ import (
"time"
"forge.grandlyon.com/rpailharey/cyber-signal/internal/common"
"forge.grandlyon.com/rpailharey/cyber-signal/internal/log"
"forge.grandlyon.com/rpailharey/cyber-signal/internal/tokens"
)
......@@ -123,7 +122,6 @@ func HandleLogout(w http.ResponseWriter, r *http.Request) {
func WhoAmI() http.Handler {
whoAmI := func(w http.ResponseWriter, r *http.Request) {
user, err := GetTokenData(r)
log.Logger.Println(user)
if err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
return
......
......@@ -2,6 +2,7 @@ package rootmux
import (
"encoding/json"
"io/ioutil"
"net/http"
"net/http/cookiejar"
"net/http/httptest"
......@@ -28,7 +29,8 @@ func init() {
func TestAll(t *testing.T) {
// Set the users file
auth.UsersFile = "../../configs/users.json"
auth.UsersFile = writeUsers()
println(auth.UsersFile)
os.Setenv("ADMIN_ROLE", "ADMINS")
os.Setenv("LOGOUT_URL", "/")
......@@ -51,9 +53,9 @@ func unloggedTests(t *testing.T) {
do("GET", "/", noH, "", http.StatusOK, "<!DOCTYPE html>")
// Try to get the user informations (must fail)
do("GET", "/api/common/WhoAmI", noH, "", http.StatusUnauthorized, "error extracting token")
// Do a in memory login with an unknown user
// Do a in memory login with an unknown user (must fail)
do("POST", "/Login", noH, `{"login": "unknownuser","password": "password"}`, http.StatusForbidden, `user not found`)
// Do a in memory login with a known user but bad password
// Do a in memory login with a known user but bad password (must fail)
do("POST", "/Login", noH, `{"login": "admin","password": "badpassword"}`, http.StatusForbidden, `user not found`)
// Try to create a new sharetoken (must fail)
do("POST", "/api/admin/newShareToken", noH, "", http.StatusUnauthorized, "error extracting token")
......@@ -82,7 +84,7 @@ func userTests(t *testing.T) {
}
// Do a in memory login with an known user
// Do a in memory login with an known user (must pass)
do("POST", "/Login", nil, `{"login": "user","password": "password"}`, http.StatusOK, "")
// Run the tests
tests()
......@@ -128,3 +130,26 @@ func createTester(t *testing.T) (*httptest.Server, func(method string, route str
// wrap the testing function
return ts, tester.CreateServerTester(t, "localhost", port, jar)
}
func writeUsers() (name string) {
AdminRole := make([]string, 1)
AdminRole[0] = "ADMINS"
UserRole := make([]string, 1)
UserRole[0] = "USERS"
users := []*auth.User{
{ID: "1", Login: "admin", Roles: AdminRole, PasswordHash: "$2a$10$w6aIsC8lfMSB9tXIDRgk9OztQS.4gBQA9Uoi0X7mCzz5mlTRIx4tq"},
{ID: "2", Login: "user", Roles: UserRole, PasswordHash: "$2a$10$PgiAoLxZhgNtr7kRK/DH5ezwT./7vRkWqFNEtJD1670z3Zf60HqgG"},
}
f, err := ioutil.TempFile("", "users")
if err != nil {
panic(err)
}
defer f.Close()
err = json.NewEncoder(f).Encode(users)
if err != nil {
panic(err)
}
return f.Name()
}
......@@ -48,7 +48,7 @@ class ShareToken {
const control = document.getElementById("textarea-control");
control.classList.add("is-loading");
try {
const response = await fetch("/api/admin/newToken", {
const response = await fetch("/api/admin/newShareToken", {
method: "POST",
headers: new Headers({
"XSRF-Token": this.current_user.xsrftoken,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment