2022-07-06 23:19:05 +02:00
|
|
|
package apis_test
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
|
|
"github.com/labstack/echo/v5"
|
|
|
|
|
"github.com/pocketbase/pocketbase/apis"
|
|
|
|
|
"github.com/pocketbase/pocketbase/tests"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestRequireGuestOnly(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireGuestOnly(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 400,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireGuestOnly(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 400,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoxNjQwOTkxNjYxfQ.HqvpCpM0RAk3Qu9PfCMuZsk_DKh9UYuzFLwXBMTZd1w",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireGuestOnly(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireGuestOnly(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-30 10:28:14 +02:00
|
|
|
func TestRequireRecordAuth(t *testing.T) {
|
2022-07-06 23:19:05 +02:00
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoxNjQwOTkxNjYxfQ.HqvpCpM0RAk3Qu9PfCMuZsk_DKh9UYuzFLwXBMTZd1w",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token with collection not in the restricted list",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireRecordAuth("demo1", "demo2"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 403,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token with collection in the restricted list",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireRecordAuth("demo1", "demo2", "users"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRequireSameContextRecordAuth(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/users/test",
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireSameContextRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/users/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoxNjQwOTkxNjYxfQ.HqvpCpM0RAk3Qu9PfCMuZsk_DKh9UYuzFLwXBMTZd1w",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireSameContextRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/users/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireSameContextRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token but from different collection",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/users/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6ImdrMzkwcWVnczR5NDd3biIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoidjg1MXE0cjc5MHJoa25sIiwiZXhwIjoyMjA4OTg1MjYxfQ.q34IWXrRWsjLvbbVNRfAs_J4SoTHloNBfdGEiLmy-D8",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireSameContextRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 403,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRequireAdminAuth(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjJiNGE5N2NjLTNmODMtNGQwMS1hMjZiLTNkNzdiYzg0MmQzYyIsInR5cGUiOiJhZG1pbiIsImV4cCI6MTY0MTAxMzIwMH0.Gp_1b5WVhqjj2o3nJhNUlJmpdiwFLXN72LbMP-26gjA",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-10 10:46:21 +02:00
|
|
|
func TestRequireAdminAuthOnlyIfAny(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest (while having at least 1 existing admin)",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-10 10:46:21 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuthOnlyIfAny(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "guest (while having 0 existing admins)",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-10 10:46:21 +02:00
|
|
|
// delete all admins
|
|
|
|
|
_, err := app.Dao().DB().NewQuery("DELETE FROM {{_admins}}").Execute()
|
|
|
|
|
if err != nil {
|
|
|
|
|
t.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuthOnlyIfAny(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjJiNGE5N2NjLTNmODMtNGQwMS1hMjZiLTNkNzdiYzg0MmQzYyIsInR5cGUiOiJhZG1pbiIsImV4cCI6MTY0MTAxMzIwMH0.Gp_1b5WVhqjj2o3nJhNUlJmpdiwFLXN72LbMP-26gjA",
|
2022-07-10 10:46:21 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-10 10:46:21 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuthOnlyIfAny(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token",
|
2022-07-10 10:46:21 +02:00
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-10 10:46:21 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-10 10:46:21 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuthOnlyIfAny(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-10 10:46:21 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-10 10:46:21 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminAuthOnlyIfAny(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-30 10:28:14 +02:00
|
|
|
func TestRequireAdminOrRecordAuth(t *testing.T) {
|
2022-07-06 23:19:05 +02:00
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireAdminOrRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjJiNGE5N2NjLTNmODMtNGQwMS1hMjZiLTNkNzdiYzg0MmQzYyIsInR5cGUiOiJhZG1pbiIsImV4cCI6MTY0MTAxMzIwMH0.Gp_1b5WVhqjj2o3nJhNUlJmpdiwFLXN72LbMP-26gjA",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireAdminOrRecordAuth(),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireAdminOrRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token with collection not in the restricted list",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrRecordAuth("demo1", "demo2", "clients"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 403,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token with collection in the restricted list",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrRecordAuth("demo1", "demo2", "users"),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
2022-10-30 10:28:14 +02:00
|
|
|
apis.RequireAdminOrRecordAuth(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token + restricted collections list (should be ignored)",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrRecordAuth("demo1", "demo2"),
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestRequireAdminOrOwnerAuth(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
2022-10-30 10:28:14 +02:00
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:id",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth(""),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "expired/invalid token",
|
|
|
|
|
Method: http.MethodGet,
|
2022-10-30 10:28:14 +02:00
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
2022-07-06 23:19:05 +02:00
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoxNjQwOTkxNjYxfQ.HqvpCpM0RAk3Qu9PfCMuZsk_DKh9UYuzFLwXBMTZd1w",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:id",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth(""),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 401,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token (different user)",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6ImJnczgyMG4zNjF2ajFxZCIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.tW4NZWZ0mHBgvSZsQ0OOQhWajpUNFPCvNrOF9aCZLZs",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:id",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth(""),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 403,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token (different collection)",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
2022-10-30 10:28:14 +02:00
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
2022-07-06 23:19:05 +02:00
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6ImdrMzkwcWVnczR5NDd3biIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoidjg1MXE0cjc5MHJoa25sIiwiZXhwIjoyMjA4OTg1MjYxfQ.q34IWXrRWsjLvbbVNRfAs_J4SoTHloNBfdGEiLmy-D8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:id",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth(""),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 403,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
2022-10-30 10:28:14 +02:00
|
|
|
Name: "valid record token (owner)",
|
2022-07-06 23:19:05 +02:00
|
|
|
Method: http.MethodGet,
|
2022-10-30 10:28:14 +02:00
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
2022-07-06 23:19:05 +02:00
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:id",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth(""),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
2022-10-30 10:28:14 +02:00
|
|
|
Url: "/my/test/4q1xlclmfloku33",
|
2022-07-06 23:19:05 +02:00
|
|
|
RequestHeaders: map[string]string{
|
2022-10-30 10:28:14 +02:00
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
2022-07-06 23:19:05 +02:00
|
|
|
},
|
2022-09-07 19:31:05 +02:00
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
2022-07-06 23:19:05 +02:00
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/test/:custom",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.RequireAdminOrOwnerAuth("custom"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-10-30 10:28:14 +02:00
|
|
|
|
|
|
|
|
func TestLoadCollectionContext(t *testing.T) {
|
|
|
|
|
scenarios := []tests.ApiScenario{
|
|
|
|
|
{
|
|
|
|
|
Name: "missing collection",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/missing",
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 404,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "guest",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/demo1",
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid record token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/demo1",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.UwD8JvkbQtXpymT09d7J6fdA0aP9g4FJ1GPh_ggEkzc",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "valid admin token",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/demo1",
|
|
|
|
|
RequestHeaders: map[string]string{
|
|
|
|
|
"Authorization": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImV4cCI6MjIwODk4NTI2MX0.M1m--VOqGyv0d23eeUc0r9xE8ZzHaYVmVFw1VZW6gT8",
|
|
|
|
|
},
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "mismatched type",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/demo1",
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app, "auth"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 400,
|
|
|
|
|
ExpectedContent: []string{`"data":{}`},
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
Name: "matched type",
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Url: "/my/users",
|
|
|
|
|
BeforeTestFunc: func(t *testing.T, app *tests.TestApp, e *echo.Echo) {
|
|
|
|
|
e.AddRoute(echo.Route{
|
|
|
|
|
Method: http.MethodGet,
|
|
|
|
|
Path: "/my/:collection",
|
|
|
|
|
Handler: func(c echo.Context) error {
|
|
|
|
|
return c.String(200, "test123")
|
|
|
|
|
},
|
|
|
|
|
Middlewares: []echo.MiddlewareFunc{
|
|
|
|
|
apis.LoadCollectionContext(app, "auth"),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
ExpectedStatus: 200,
|
|
|
|
|
ExpectedContent: []string{"test123"},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, scenario := range scenarios {
|
|
|
|
|
scenario.Test(t)
|
|
|
|
|
}
|
|
|
|
|
}
|
