2022-07-07 00:19:05 +03:00
package apis_test
import (
2023-03-01 23:45:54 +02:00
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/x509"
"encoding/pem"
"fmt"
2022-07-07 00:19:05 +03:00
"net/http"
"strings"
"testing"
"github.com/pocketbase/pocketbase/tests"
)
func TestSettingsList ( t * testing . T ) {
2024-01-03 04:30:20 +02:00
t . Parallel ( )
2022-07-07 00:19:05 +03:00
scenarios := [ ] tests . ApiScenario {
{
Name : "unauthorized" ,
Method : http . MethodGet ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-07-07 00:19:05 +03:00
ExpectedStatus : 401 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-07-07 00:19:05 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as regular user" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodGet ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo" ,
2022-07-07 00:19:05 +03:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedStatus : 403 ,
2022-07-07 00:19:05 +03:00
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-07-07 00:19:05 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodGet ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedStatus : 200 ,
ExpectedContent : [ ] string {
` "meta": { ` ,
` "logs": { ` ,
` "smtp": { ` ,
` "s3": { ` ,
2023-05-13 22:10:14 +03:00
` "backups": { ` ,
2024-09-29 19:23:19 +03:00
` "batch": { ` ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
2022-07-07 00:19:05 +03:00
"OnSettingsListRequest" : 1 ,
} ,
} ,
}
for _ , scenario := range scenarios {
scenario . Test ( t )
}
}
func TestSettingsSet ( t * testing . T ) {
2024-01-03 04:30:20 +02:00
t . Parallel ( )
2024-09-29 19:23:19 +03:00
validData := ` {
"meta" : { "appName" : "update_test" } ,
"s3" : { "secret" : "s3_secret" } ,
"backups" : { "s3" : { "secret" : "backups_s3_secret" } }
} `
2022-07-07 00:19:05 +03:00
scenarios := [ ] tests . ApiScenario {
{
Name : "unauthorized" ,
Method : http . MethodPatch ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-07-07 00:19:05 +03:00
Body : strings . NewReader ( validData ) ,
ExpectedStatus : 401 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-07-07 00:19:05 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as regular user" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodPatch ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-07-07 00:19:05 +03:00
Body : strings . NewReader ( validData ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo" ,
2022-07-07 00:19:05 +03:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedStatus : 403 ,
2022-07-07 00:19:05 +03:00
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-07-07 00:19:05 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser submitting empty data" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodPatch ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-07-07 00:19:05 +03:00
Body : strings . NewReader ( ` ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedStatus : 200 ,
ExpectedContent : [ ] string {
` "meta": { ` ,
` "logs": { ` ,
` "smtp": { ` ,
` "s3": { ` ,
2023-05-13 22:10:14 +03:00
` "backups": { ` ,
2024-09-29 19:23:19 +03:00
` "batch": { ` ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
"OnSettingsUpdateRequest" : 1 ,
"OnModelUpdate" : 1 ,
"OnModelUpdateExecute" : 1 ,
"OnModelAfterUpdateSuccess" : 1 ,
"OnModelValidate" : 1 ,
"OnSettingsReload" : 1 ,
2022-07-07 00:19:05 +03:00
} ,
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser submitting invalid data" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodPatch ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-10-30 10:28:14 +02:00
Body : strings . NewReader ( ` { "meta": { "appName":""}} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "data": { ` ,
2022-10-30 10:28:14 +02:00
` "meta": { "appName": { "code":"validation_required" ` ,
2022-07-07 00:19:05 +03:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int {
"*" : 0 ,
"OnModelUpdate" : 1 ,
"OnModelAfterUpdateError" : 1 ,
"OnModelValidate" : 1 ,
"OnSettingsUpdateRequest" : 1 ,
} ,
2022-07-07 00:19:05 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser submitting valid data" ,
2022-07-07 00:19:05 +03:00
Method : http . MethodPatch ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings" ,
2022-07-07 00:19:05 +03:00
Body : strings . NewReader ( validData ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-07-07 00:19:05 +03:00
} ,
ExpectedStatus : 200 ,
ExpectedContent : [ ] string {
` "meta": { ` ,
` "logs": { ` ,
` "smtp": { ` ,
` "s3": { ` ,
2023-05-13 22:10:14 +03:00
` "backups": { ` ,
2024-09-29 19:23:19 +03:00
` "batch": { ` ,
2022-07-07 00:19:05 +03:00
` "appName":"update_test" ` ,
} ,
2024-09-29 19:23:19 +03:00
NotExpectedContent : [ ] string {
"secret" ,
"password" ,
2023-07-20 11:42:49 +03:00
} ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
"OnSettingsUpdateRequest" : 1 ,
"OnModelUpdate" : 1 ,
"OnModelUpdateExecute" : 1 ,
"OnModelAfterUpdateSuccess" : 1 ,
"OnModelValidate" : 1 ,
"OnSettingsReload" : 1 ,
2023-07-20 11:42:49 +03:00
} ,
} ,
2022-07-07 00:19:05 +03:00
}
for _ , scenario := range scenarios {
scenario . Test ( t )
}
}
2022-08-21 14:30:36 +03:00
func TestSettingsTestS3 ( t * testing . T ) {
2024-01-03 04:30:20 +02:00
t . Parallel ( )
2022-08-21 14:30:36 +03:00
scenarios := [ ] tests . ApiScenario {
{
Name : "unauthorized" ,
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/s3" ,
2022-08-21 14:30:36 +03:00
ExpectedStatus : 401 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as regular user" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/s3" ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo" ,
2022-08-21 14:30:36 +03:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedStatus : 403 ,
2022-08-21 14:30:36 +03:00
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (missing body + no s3)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/s3" ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
2023-05-13 22:10:14 +03:00
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "data": { ` ,
` "filesystem": { ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-05-13 22:10:14 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (invalid filesystem)" ,
2023-05-13 22:10:14 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/s3" ,
2023-05-13 22:10:14 +03:00
Body : strings . NewReader ( ` { "filesystem":"invalid"} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-05-13 22:10:14 +03:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "data": { ` ,
` "filesystem": { ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-05-13 22:10:14 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (valid filesystem and no s3)" ,
2023-05-13 22:10:14 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/s3" ,
2023-05-13 22:10:14 +03:00
Body : strings . NewReader ( ` { "filesystem":"storage"} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-05-13 22:10:14 +03:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "data": { } ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
}
for _ , scenario := range scenarios {
scenario . Test ( t )
}
}
func TestSettingsTestEmail ( t * testing . T ) {
2024-01-03 04:30:20 +02:00
t . Parallel ( )
2022-08-21 14:30:36 +03:00
scenarios := [ ] tests . ApiScenario {
{
Name : "unauthorized" ,
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` {
"template" : "verification" ,
"email" : "test@example.com"
} ` ) ,
ExpectedStatus : 401 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as regular user" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` {
"template" : "verification" ,
"email" : "test@example.com"
} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo" ,
2022-08-21 14:30:36 +03:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedStatus : 403 ,
2022-08-21 14:30:36 +03:00
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (invalid body)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` { ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (empty json)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` { } ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "email": { "code":"validation_required" ` ,
` "template": { "code":"validation_required" ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2022-08-21 14:30:36 +03:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (verifiation template)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` {
"template" : "verification" ,
"email" : "test@example.com"
} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
2024-09-29 19:23:19 +03:00
AfterTestFunc : func ( t testing . TB , app * tests . TestApp , res * http . Response ) {
if app . TestMailer . TotalSend ( ) != 1 {
t . Fatalf ( "[verification] Expected 1 sent email, got %d" , app . TestMailer . TotalSend ( ) )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if len ( app . TestMailer . LastMessage ( ) . To ) != 1 {
t . Fatalf ( "[verification] Expected 1 recipient, got %v" , app . TestMailer . LastMessage ( ) . To )
2023-02-01 22:07:46 +02:00
}
2024-09-29 19:23:19 +03:00
if app . TestMailer . LastMessage ( ) . To [ 0 ] . Address != "test@example.com" {
t . Fatalf ( "[verification] Expected the email to be sent to %s, got %s" , "test@example.com" , app . TestMailer . LastMessage ( ) . To [ 0 ] . Address )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if ! strings . Contains ( app . TestMailer . LastMessage ( ) . HTML , "Verify" ) {
t . Fatalf ( "[verification] Expected to sent a verification email, got \n%v\n%v" , app . TestMailer . LastMessage ( ) . Subject , app . TestMailer . LastMessage ( ) . HTML )
2022-08-21 14:30:36 +03:00
}
} ,
ExpectedStatus : 204 ,
ExpectedContent : [ ] string { } ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
"OnMailerSend" : 1 ,
"OnMailerRecordVerificationSend" : 1 ,
2022-08-21 14:30:36 +03:00
} ,
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (password reset template)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` {
"template" : "password-reset" ,
"email" : "test@example.com"
} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
2024-09-29 19:23:19 +03:00
AfterTestFunc : func ( t testing . TB , app * tests . TestApp , res * http . Response ) {
if app . TestMailer . TotalSend ( ) != 1 {
t . Fatalf ( "[password-reset] Expected 1 sent email, got %d" , app . TestMailer . TotalSend ( ) )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if len ( app . TestMailer . LastMessage ( ) . To ) != 1 {
t . Fatalf ( "[password-reset] Expected 1 recipient, got %v" , app . TestMailer . LastMessage ( ) . To )
2023-02-01 22:07:46 +02:00
}
2024-09-29 19:23:19 +03:00
if app . TestMailer . LastMessage ( ) . To [ 0 ] . Address != "test@example.com" {
t . Fatalf ( "[password-reset] Expected the email to be sent to %s, got %s" , "test@example.com" , app . TestMailer . LastMessage ( ) . To [ 0 ] . Address )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if ! strings . Contains ( app . TestMailer . LastMessage ( ) . HTML , "Reset password" ) {
t . Fatalf ( "[password-reset] Expected to sent a password-reset email, got \n%v\n%v" , app . TestMailer . LastMessage ( ) . Subject , app . TestMailer . LastMessage ( ) . HTML )
2022-08-21 14:30:36 +03:00
}
} ,
ExpectedStatus : 204 ,
ExpectedContent : [ ] string { } ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
"OnMailerSend" : 1 ,
"OnMailerRecordPasswordResetSend" : 1 ,
2022-08-21 14:30:36 +03:00
} ,
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (email change)" ,
2022-08-21 14:30:36 +03:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/test/email" ,
2022-08-21 14:30:36 +03:00
Body : strings . NewReader ( ` {
"template" : "email-change" ,
"email" : "test@example.com"
} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2022-08-21 14:30:36 +03:00
} ,
2024-09-29 19:23:19 +03:00
AfterTestFunc : func ( t testing . TB , app * tests . TestApp , res * http . Response ) {
if app . TestMailer . TotalSend ( ) != 1 {
t . Fatalf ( "[email-change] Expected 1 sent email, got %d" , app . TestMailer . TotalSend ( ) )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if len ( app . TestMailer . LastMessage ( ) . To ) != 1 {
t . Fatalf ( "[email-change] Expected 1 recipient, got %v" , app . TestMailer . LastMessage ( ) . To )
2023-02-01 22:07:46 +02:00
}
2024-09-29 19:23:19 +03:00
if app . TestMailer . LastMessage ( ) . To [ 0 ] . Address != "test@example.com" {
t . Fatalf ( "[email-change] Expected the email to be sent to %s, got %s" , "test@example.com" , app . TestMailer . LastMessage ( ) . To [ 0 ] . Address )
2022-08-21 14:30:36 +03:00
}
2024-09-29 19:23:19 +03:00
if ! strings . Contains ( app . TestMailer . LastMessage ( ) . HTML , "Confirm new email" ) {
t . Fatalf ( "[email-change] Expected to sent a confirm new email email, got \n%v\n%v" , app . TestMailer . LastMessage ( ) . Subject , app . TestMailer . LastMessage ( ) . HTML )
2022-08-21 14:30:36 +03:00
}
} ,
ExpectedStatus : 204 ,
ExpectedContent : [ ] string { } ,
ExpectedEvents : map [ string ] int {
2024-09-29 19:23:19 +03:00
"*" : 0 ,
"OnMailerSend" : 1 ,
"OnMailerRecordEmailChangeSend" : 1 ,
} ,
} ,
{
Name : "authorized as superuser (otp)" ,
Method : http . MethodPost ,
URL : "/api/settings/test/email" ,
Body : strings . NewReader ( ` {
"template" : "otp" ,
"email" : "test@example.com"
} ` ) ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
} ,
AfterTestFunc : func ( t testing . TB , app * tests . TestApp , res * http . Response ) {
if app . TestMailer . TotalSend ( ) != 1 {
t . Fatalf ( "[otp] Expected 1 sent email, got %d" , app . TestMailer . TotalSend ( ) )
}
if len ( app . TestMailer . LastMessage ( ) . To ) != 1 {
t . Fatalf ( "[otp] Expected 1 recipient, got %v" , app . TestMailer . LastMessage ( ) . To )
}
if app . TestMailer . LastMessage ( ) . To [ 0 ] . Address != "test@example.com" {
t . Fatalf ( "[otp] Expected the email to be sent to %s, got %s" , "test@example.com" , app . TestMailer . LastMessage ( ) . To [ 0 ] . Address )
}
if ! strings . Contains ( app . TestMailer . LastMessage ( ) . HTML , "one-time password" ) {
t . Fatalf ( "[otp] Expected to sent OTP email, got \n%v\n%v" , app . TestMailer . LastMessage ( ) . Subject , app . TestMailer . LastMessage ( ) . HTML )
}
} ,
ExpectedStatus : 204 ,
ExpectedContent : [ ] string { } ,
ExpectedEvents : map [ string ] int {
"*" : 0 ,
"OnMailerSend" : 1 ,
"OnMailerRecordOTPSend" : 1 ,
2022-08-21 14:30:36 +03:00
} ,
} ,
}
for _ , scenario := range scenarios {
scenario . Test ( t )
}
}
2023-03-01 23:45:54 +02:00
func TestGenerateAppleClientSecret ( t * testing . T ) {
2024-01-03 04:30:20 +02:00
t . Parallel ( )
2023-03-01 23:45:54 +02:00
key , err := ecdsa . GenerateKey ( elliptic . P256 ( ) , rand . Reader )
if err != nil {
t . Fatal ( err )
}
encodedKey , err := x509 . MarshalPKCS8PrivateKey ( key )
if err != nil {
t . Fatal ( err )
}
privatePem := pem . EncodeToMemory (
& pem . Block {
Type : "PRIVATE KEY" ,
Bytes : encodedKey ,
} ,
)
scenarios := [ ] tests . ApiScenario {
{
Name : "unauthorized" ,
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
2023-03-01 23:45:54 +02:00
ExpectedStatus : 401 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as regular user" ,
2023-03-01 23:45:54 +02:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.ZT3F0Z3iM-xbGgSG3LEKiEzHrPHr8t8IuHLZGGNuxLo" ,
2023-03-01 23:45:54 +02:00
} ,
2024-09-29 19:23:19 +03:00
ExpectedStatus : 403 ,
2023-03-01 23:45:54 +02:00
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (invalid body)" ,
2023-03-01 23:45:54 +02:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
2023-03-01 23:45:54 +02:00
Body : strings . NewReader ( ` { ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-03-01 23:45:54 +02:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string { ` "data": { } ` } ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (empty json)" ,
2023-03-01 23:45:54 +02:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
2023-03-01 23:45:54 +02:00
Body : strings . NewReader ( ` { } ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-03-01 23:45:54 +02:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "clientId": { "code":"validation_required" ` ,
` "teamId": { "code":"validation_required" ` ,
` "keyId": { "code":"validation_required" ` ,
` "privateKey": { "code":"validation_required" ` ,
` "duration": { "code":"validation_required" ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (invalid data)" ,
2023-03-01 23:45:54 +02:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
2023-03-01 23:45:54 +02:00
Body : strings . NewReader ( ` {
"clientId" : "" ,
"teamId" : "123456789" ,
"keyId" : "123456789" ,
"privateKey" : "invalid" ,
"duration" : - 1
} ` ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-03-01 23:45:54 +02:00
} ,
ExpectedStatus : 400 ,
ExpectedContent : [ ] string {
` "clientId": { "code":"validation_required" ` ,
` "teamId": { "code":"validation_length_invalid" ` ,
` "keyId": { "code":"validation_length_invalid" ` ,
` "privateKey": { "code":"validation_match_invalid" ` ,
` "duration": { "code":"validation_min_greater_equal_than_required" ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
{
2024-09-29 19:23:19 +03:00
Name : "authorized as superuser (valid data)" ,
2023-03-01 23:45:54 +02:00
Method : http . MethodPost ,
2024-09-29 19:23:19 +03:00
URL : "/api/settings/apple/generate-client-secret" ,
2023-03-01 23:45:54 +02:00
Body : strings . NewReader ( fmt . Sprintf ( ` {
"clientId" : "123" ,
"teamId" : "1234567890" ,
"keyId" : "1234567891" ,
"privateKey" : % q ,
"duration" : 1
} ` , privatePem ) ) ,
2024-09-29 19:23:19 +03:00
Headers : map [ string ] string {
"Authorization" : "eyJhbGciOiJIUzI1NiJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhdXRoIiwiY29sbGVjdGlvbklkIjoiX3BiY18zMzIzODY2MzM5IiwiZXhwIjoyNTI0NjA0NDYxLCJyZWZyZXNoYWJsZSI6dHJ1ZX0.v_bMAygr6hXPwD2DpPrFpNQ7dd68Q3pGstmYAsvNBJg" ,
2023-03-01 23:45:54 +02:00
} ,
ExpectedStatus : 200 ,
ExpectedContent : [ ] string {
` "secret":" ` ,
} ,
2024-09-29 19:23:19 +03:00
ExpectedEvents : map [ string ] int { "*" : 0 } ,
2023-03-01 23:45:54 +02:00
} ,
}
for _ , scenario := range scenarios {
scenario . Test ( t )
}
}
