go/golang-saas-starter-kit
1
0
Fork 0
mirror of https://github.com/raseels-repos/golang-saas-starter-kit.git synced 2025-06-06 23:46:29 +02:00
Code Issues Releases Activity
golang-saas-starter-kit/example-project/internal/user/user_test.go

559 lines
15 KiB
Go
Raw Blame History

package user
import (
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
"github.com/dgrijalva/jwt-go"
"github.com/google/go-cmp/cmp"
"github.com/huandu/go-sqlbuilder"
"github.com/pborman/uuid"
"github.com/pkg/errors"
"os"
"testing"
"time"
)
var test *tests.Test
// TestMain is the entry point for testing.
func TestMain(m *testing.M) {
os.Exit(testMain(m))
}
func testMain(m *testing.M) int {
test = tests.New()
defer test.TearDown()
return m.Run()
}
// TestUserFindRequestQuery validates userFindRequestQuery
func TestUserFindRequestQuery(t *testing.T) {
where := "name = ? or email = ?"
var (
limit uint = 12
offset uint = 34
)
req := UserFindRequest{
Where: &where,
Args: []interface{}{
"lee brown",
"lee@geeksinthewoods.com",
},
Order: []string{
"id asc",
"created_at desc",
},
Limit: &limit,
Offset: &offset,
}
expected := "SELECT " + usersMapColumns + " FROM " + usersTableName + " WHERE name = ? or email = ? ORDER BY id asc, created_at desc LIMIT 12 OFFSET 34"
res := userFindRequestQuery(req)
if diff := cmp.Diff(res.String(), expected); diff != "" {
t.Fatalf("\t%s\tExpected result query to match. Diff:\n%s", tests.Failed, diff)
}
}
// TestApplyClaimsUserSelect validates applyClaimsUserSelect
func TestApplyClaimsUserSelect(t *testing.T) {
var claimTests = []struct {
name string
claims auth.Claims
expectedSql string
error error
}{
{"EmptyClaims",
auth.Claims{},
"SELECT " + usersMapColumns + " FROM " + usersTableName,
nil,
},
{"RoleUser",
auth.Claims{
Roles: []string{auth.RoleUser},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
"SELECT " + usersMapColumns + " FROM " + usersTableName + " WHERE id IN (SELECT user_id FROM " + usersAccountsTableName + " WHERE account_id = 'acc1' AND user_id = 'user1')",
nil,
},
{"RoleAdmin",
auth.Claims{
Roles: []string{auth.RoleAdmin},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
"SELECT " + usersMapColumns + " FROM " + usersTableName + " WHERE id IN (SELECT user_id FROM " + usersAccountsTableName + " WHERE account_id = 'acc1' AND user_id = 'user1')",
nil,
},
}
t.Log("Given the need to validate ACLs are enforced by claims to a select query.")
{
for i, tt := range claimTests {
t.Logf("\tTest: %d\tWhen running test: %s", i, tt.name)
{
ctx := tests.Context()
query := selectQuery()
err := applyClaimsUserSelect(ctx, tt.claims, query)
if err != tt.error {
t.Logf("\t\tGot : %+v", err)
t.Logf("\t\tWant: %+v", tt.error)
t.Fatalf("\t%s\tapplyClaimsUserSelect failed.", tests.Failed)
}
sql, args := query.Build()
// Use mysql flavor so placeholders will get replaced for comparison.
sql, err = sqlbuilder.MySQL.Interpolate(sql, args)
if err != nil {
t.Log("\t\tGot :", err)
t.Fatalf("\t%s\tapplyClaimsUserSelect failed.", tests.Failed)
}
if diff := cmp.Diff(sql, tt.expectedSql); diff != "" {
t.Fatalf("\t%s\tExpected result query to match. Diff:\n%s", tests.Failed, diff)
}
t.Logf("\t%s\tapplyClaimsUserSelect ok.", tests.Success)
}
}
}
}
// TestCreateUser validates CreateUser
func TestCreateUser(t *testing.T) {
now := time.Date(2018, time.October, 1, 0, 0, 0, 0, time.UTC)
// Use disabled status since default is active
us := UserStatus_Disabled
utz := "America/Santiago"
dupEmail := uuid.NewRandom().String() + "@geeksinthewoods.com"
var userTests = []struct {
name string
claims auth.Claims
req CreateUserRequest
error error
}{
{"EmptyClaims",
auth.Claims{},
CreateUserRequest{
Name: "Lee Brown",
Email: dupEmail,
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
Status: &us,
Timezone: &utz,
},
nil,
},
{"DuplicateEmailValidation",
auth.Claims{},
CreateUserRequest{
Name: "Lee Brown",
Email: dupEmail,
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
Status: &us,
Timezone: &utz,
},
errors.New("Key: 'CreateUserRequest.Email' Error:Field validation for 'Email' failed on the 'unique' tag"),
},
{"RoleUser",
auth.Claims{
Roles: []string{auth.RoleUser},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
CreateUserRequest{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
Status: &us,
Timezone: &utz,
},
ErrForbidden,
},
{"RoleAdmin",
auth.Claims{
Roles: []string{auth.RoleAdmin},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
CreateUserRequest{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
Status: &us,
Timezone: &utz,
},
nil,
},
}
t.Log("Given the need to validate ACLs are enforced by claims for user create.")
{
for i, tt := range userTests {
t.Logf("\tTest: %d\tWhen running test: %s", i, tt.name)
{
ctx := tests.Context()
dbConn := test.MasterDB
defer dbConn.Close()
res, err := Create(ctx, tt.claims, dbConn, tt.req, now)
if err != tt.error {
// TODO: need a better way to handle validation errors as they are
// of type interface validator.ValidationErrorsTranslations
var errStr string
if err != nil {
errStr = err.Error()
}
var expectStr string
if tt.error != nil {
expectStr = tt.error.Error()
}
if errStr != expectStr {
t.Logf("\t\tGot : %+v", err)
t.Logf("\t\tWant: %+v", tt.error)
t.Fatalf("\t%s\tapplyClaimsUserSelect failed.", tests.Failed)
}
}
// If there was an error that was expected, then don't go any further
if tt.error != nil {
continue
}
expected := &User{
Name: tt.req.Name,
Email: tt.req.Email,
Status: *tt.req.Status,
Timezone: *tt.req.Timezone,
// Copy this fields from the result.
ID: res.ID,
PasswordSalt: res.PasswordSalt,
PasswordHash: res.PasswordHash,
PasswordReset: res.PasswordReset,
CreatedAt: res.CreatedAt,
UpdatedAt: res.UpdatedAt,
//ArchivedAt: nil,
}
if diff := cmp.Diff(res, expected); diff != "" {
t.Fatalf("\t%s\tExpected result should match. Diff:\n%s", tests.Failed, diff)
}
t.Logf("\t%s\tapplyClaimsUserSelect ok.", tests.Success)
}
}
}
}
// TestUpdateUser validates Update
func TestUpdateUser(t *testing.T) {
now := time.Date(2018, time.October, 1, 0, 0, 0, 0, time.UTC)
// Use disabled status since default is active
us := UserStatus_Disabled
utz := "America/Santiago"
create := CreateUserRequest{
Name: "Lee Brown",
Password: "akTechFr0n!ier",
PasswordConfirm: "akTechFr0n!ier",
Status: &us,
Timezone: &utz,
}
dupEmail := uuid.NewRandom().String() + "@geeksinthewoods.com"
var userTests = []struct {
name string
claims auth.Claims
req UpdateUserRequest
error error
}{
{"EmptyClaims",
auth.Claims{},
UpdateUserRequest{
Name: "Lee Brown",
Email: dupEmail,
Status: &us,
Timezone: &utz,
},
nil,
},
{"DuplicateEmailValidation",
auth.Claims{},
UpdateUserRequest{
Name: "Lee Brown",
Email: dupEmail,
Status: &us,
Timezone: &utz,
},
errors.New("Key: 'CreateUserRequest.Email' Error:Field validation for 'Email' failed on the 'unique' tag"),
},
{"RoleUser",
auth.Claims{
Roles: []string{auth.RoleUser},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
UpdateUserRequest{
Name: "Lee Brown",
Email: &uuid.NewRandom().String(),
Status: &us,
Timezone: &utz,
},
ErrForbidden,
},
{"RoleAdmin",
auth.Claims{
Roles: []string{auth.RoleAdmin},
StandardClaims: jwt.StandardClaims{
Subject: "user1",
Audience: "acc1",
},
},
UpdateUserRequest{
Name: "Lee Brown",
Email: uuid.NewRandom().String() + "@geeksinthewoods.com",
Status: &us,
Timezone: &utz,
},
nil,
},
}
t.Log("Given the need to validate ACLs are enforced by claims for user update.")
{
for i, tt := range userTests {
t.Logf("\tTest: %d\tWhen running test: %s", i, tt.name)
{
ctx := tests.Context()
dbConn := test.MasterDB
defer dbConn.Close()
err := Update(ctx, tt.claims, dbConn, tt.req, now)
if err != tt.error {
// TODO: need a better way to handle validation errors as they are
// of type interface validator.ValidationErrorsTranslations
var errStr string
if err != nil {
errStr = err.Error()
}
var expectStr string
if tt.error != nil {
expectStr = tt.error.Error()
}
if errStr != expectStr {
t.Logf("\t\tGot : %+v", err)
t.Logf("\t\tWant: %+v", tt.error)
t.Fatalf("\t%s\tapplyClaimsUserSelect failed.", tests.Failed)
}
}
// If there was an error that was expected, then don't go any further
if tt.error != nil {
continue
}
expected := &User{
Name: tt.req.Name,
Email: tt.req.Email,
Status: *tt.req.Status,
Timezone: *tt.req.Timezone,
// Copy this fields from the result.
ID: res.ID,
PasswordSalt: res.PasswordSalt,
PasswordHash: res.PasswordHash,
PasswordReset: res.PasswordReset,
CreatedAt: res.CreatedAt,
UpdatedAt: res.UpdatedAt,
//ArchivedAt: nil,
}
if diff := cmp.Diff(res, expected); diff != "" {
t.Fatalf("\t%s\tExpected result should match. Diff:\n%s", tests.Failed, diff)
}
t.Logf("\t%s\tapplyClaimsUserSelect ok.", tests.Success)
}
}
}
}
/*
// TestUser validates the full set of CRUD operations on User values.
func TestUser(t *testing.T) {
defer tests.Recover(t)
t.Log("Given the need to work with User records.")
{
t.Log("\tWhen handling a single User.")
{
ctx := tests.Context()
dbConn := test.MasterDB
defer dbConn.Close()
u, err := Create(ctx, dbConn, &nu, now)
if err != nil {
t.Fatalf("\t%s\tShould be able to create user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to create user.", tests.Success)
// claims is information about the person making the request.
claims := auth.NewClaims(bson.NewObjectId().Hex(), []string{auth.RoleAdmin}, now, time.Hour)
savedU, err := user.Retrieve(ctx, claims, dbConn, u.ID.Hex())
if err != nil {
t.Fatalf("\t%s\tShould be able to retrieve user by ID: %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to retrieve user by ID.", tests.Success)
if diff := cmp.Diff(u, savedU); diff != "" {
t.Fatalf("\t%s\tShould get back the same user. Diff:\n%s", tests.Failed, diff)
}
t.Logf("\t%s\tShould get back the same user.", tests.Success)
upd := user.UpdateUser{
Name: tests.StringPointer("Jacob Walker"),
Email: tests.StringPointer("jacob@ardanlabs.com"),
}
if err := user.Update(ctx, dbConn, u.ID.Hex(), &upd, now); err != nil {
t.Fatalf("\t%s\tShould be able to update user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to update user.", tests.Success)
savedU, err = user.Retrieve(ctx, claims, dbConn, u.ID.Hex())
if err != nil {
t.Fatalf("\t%s\tShould be able to retrieve user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to retrieve user.", tests.Success)
if savedU.Name != *upd.Name {
t.Errorf("\t%s\tShould be able to see updates to Name.", tests.Failed)
t.Log("\t\tGot:", savedU.Name)
t.Log("\t\tExp:", *upd.Name)
} else {
t.Logf("\t%s\tShould be able to see updates to Name.", tests.Success)
}
if savedU.Email != *upd.Email {
t.Errorf("\t%s\tShould be able to see updates to Email.", tests.Failed)
t.Log("\t\tGot:", savedU.Email)
t.Log("\t\tExp:", *upd.Email)
} else {
t.Logf("\t%s\tShould be able to see updates to Email.", tests.Success)
}
if err := user.Delete(ctx, dbConn, u.ID.Hex()); err != nil {
t.Fatalf("\t%s\tShould be able to delete user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to delete user.", tests.Success)
savedU, err = user.Retrieve(ctx, claims, dbConn, u.ID.Hex())
if errors.Cause(err) != user.ErrNotFound {
t.Fatalf("\t%s\tShould NOT be able to retrieve user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould NOT be able to retrieve user.", tests.Success)
}
}
}
// mockTokenGenerator is used for testing that Authenticate calls its provided
// token generator in a specific way.
type mockTokenGenerator struct{}
// GenerateToken implements the TokenGenerator interface. It returns a "token"
// that includes some information about the claims it was passed.
func (mockTokenGenerator) GenerateToken(claims auth.Claims) (string, error) {
return fmt.Sprintf("sub:%q iss:%d", claims.Subject, claims.IssuedAt), nil
}
// TestAuthenticate validates the behavior around authenticating users.
func TestAuthenticate(t *testing.T) {
defer tests.Recover(t)
t.Log("Given the need to authenticate users")
{
t.Log("\tWhen handling a single User.")
{
ctx := tests.Context()
dbConn := test.MasterDB.Copy()
defer dbConn.Close()
nu := user.NewUser{
Name: "Anna Walker",
Email: "anna@ardanlabs.com",
Roles: []string{auth.RoleAdmin},
Password: "goroutines",
PasswordConfirm: "goroutines",
}
now := time.Date(2018, time.October, 1, 0, 0, 0, 0, time.UTC)
u, err := user.Create(ctx, dbConn, &nu, now)
if err != nil {
t.Fatalf("\t%s\tShould be able to create user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to create user.", tests.Success)
var tknGen mockTokenGenerator
tkn, err := user.Authenticate(ctx, dbConn, tknGen, now, "anna@ardanlabs.com", "goroutines")
if err != nil {
t.Fatalf("\t%s\tShould be able to generate a token : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to generate a token.", tests.Success)
want := fmt.Sprintf("sub:%q iss:1538352000", u.ID.Hex())
if tkn.Token != want {
t.Log("\t\tGot :", tkn.Token)
t.Log("\t\tWant:", want)
t.Fatalf("\t%s\tToken should indicate the specified user and time were used.", tests.Failed)
}
t.Logf("\t%s\tToken should indicate the specified user and time were used.", tests.Success)
if err := user.Delete(ctx, dbConn, u.ID.Hex()); err != nil {
t.Fatalf("\t%s\tShould be able to delete user : %s.", tests.Failed, err)
}
t.Logf("\t%s\tShould be able to delete user.", tests.Success)
}
}
}
*/
Reference in New Issue View Git Blame Copy Permalink