2021-05-26 12:38:43 +02:00
|
|
|
package auth
|
|
|
|
|
|
|
|
import (
|
|
|
|
"database/sql"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/golang/mock/gomock"
|
|
|
|
"github.com/mattermost/focalboard/server/model"
|
|
|
|
"github.com/mattermost/focalboard/server/services/config"
|
|
|
|
"github.com/mattermost/focalboard/server/services/store"
|
|
|
|
"github.com/mattermost/focalboard/server/services/store/mockstore"
|
|
|
|
"github.com/mattermost/focalboard/server/utils"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
|
|
|
|
|
|
|
type TestHelper struct {
|
|
|
|
Auth *Auth
|
|
|
|
Session model.Session
|
|
|
|
Store *mockstore.MockStore
|
|
|
|
}
|
|
|
|
|
|
|
|
var mockSession = &model.Session{
|
2021-10-05 15:52:59 +02:00
|
|
|
ID: utils.NewID(utils.IDTypeSession),
|
2021-05-26 12:38:43 +02:00
|
|
|
Token: "goodToken",
|
|
|
|
UserID: "12345",
|
2021-10-07 13:51:01 +02:00
|
|
|
CreateAt: utils.GetMillis() - utils.SecondsToMillis(2000),
|
|
|
|
UpdateAt: utils.GetMillis() - utils.SecondsToMillis(2000),
|
2021-05-26 12:38:43 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func setupTestHelper(t *testing.T) *TestHelper {
|
|
|
|
ctrl := gomock.NewController(t)
|
|
|
|
defer ctrl.Finish()
|
|
|
|
cfg := config.Configuration{}
|
|
|
|
mockStore := mockstore.NewMockStore(ctrl)
|
|
|
|
newAuth := New(&cfg, mockStore)
|
|
|
|
|
|
|
|
return &TestHelper{
|
|
|
|
Auth: newAuth,
|
|
|
|
Session: *mockSession,
|
|
|
|
Store: mockStore,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestGetSession(t *testing.T) {
|
|
|
|
th := setupTestHelper(t)
|
|
|
|
|
|
|
|
testcases := []struct {
|
|
|
|
title string
|
|
|
|
token string
|
|
|
|
refreshTime int64
|
|
|
|
isError bool
|
|
|
|
}{
|
|
|
|
{"fail, no token", "", 0, true},
|
|
|
|
{"fail, invalid username", "badToken", 0, true},
|
2021-06-11 14:24:51 +02:00
|
|
|
{"success, good token", "goodToken", 1000, false},
|
2021-05-26 12:38:43 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
th.Store.EXPECT().GetSession("badToken", gomock.Any()).Return(nil, errors.New("Invalid Token"))
|
|
|
|
th.Store.EXPECT().GetSession("goodToken", gomock.Any()).Return(mockSession, nil)
|
|
|
|
th.Store.EXPECT().RefreshSession(gomock.Any()).Return(nil)
|
|
|
|
|
|
|
|
for _, test := range testcases {
|
|
|
|
t.Run(test.title, func(t *testing.T) {
|
|
|
|
if test.refreshTime > 0 {
|
|
|
|
th.Auth.config.SessionRefreshTime = test.refreshTime
|
|
|
|
}
|
|
|
|
|
|
|
|
session, err := th.Auth.GetSession(test.token)
|
|
|
|
if test.isError {
|
|
|
|
require.Error(t, err)
|
|
|
|
} else {
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, session)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestIsValidReadToken(t *testing.T) {
|
|
|
|
th := setupTestHelper(t)
|
|
|
|
|
|
|
|
validBlockID := "testBlockID"
|
|
|
|
mockContainer := store.Container{
|
|
|
|
WorkspaceID: "testWorkspaceID",
|
|
|
|
}
|
|
|
|
validReadToken := "testReadToken"
|
|
|
|
mockSharing := model.Sharing{
|
|
|
|
ID: "testRootID",
|
|
|
|
Enabled: true,
|
|
|
|
Token: validReadToken,
|
|
|
|
}
|
|
|
|
|
|
|
|
testcases := []struct {
|
|
|
|
title string
|
|
|
|
container store.Container
|
|
|
|
blockID string
|
|
|
|
readToken string
|
|
|
|
isError bool
|
|
|
|
isSuccess bool
|
|
|
|
}{
|
|
|
|
{"fail, error GetRootID", mockContainer, "badBlock", "", true, false},
|
|
|
|
{"fail, rootID not found", mockContainer, "goodBlockID", "", false, false},
|
|
|
|
{"fail, sharing throws error", mockContainer, "goodBlockID2", "", true, false},
|
|
|
|
{"fail, bad readToken", mockContainer, validBlockID, "invalidReadToken", false, false},
|
|
|
|
{"success", mockContainer, validBlockID, validReadToken, false, true},
|
|
|
|
}
|
|
|
|
|
|
|
|
th.Store.EXPECT().GetRootID(gomock.Eq(mockContainer), "badBlock").Return("", errors.New("invalid block"))
|
|
|
|
th.Store.EXPECT().GetRootID(gomock.Eq(mockContainer), "goodBlockID").Return("rootNotFound", nil)
|
|
|
|
th.Store.EXPECT().GetRootID(gomock.Eq(mockContainer), "goodBlockID2").Return("rootError", nil)
|
|
|
|
th.Store.EXPECT().GetRootID(gomock.Eq(mockContainer), validBlockID).Return("testRootID", nil).Times(2)
|
|
|
|
th.Store.EXPECT().GetSharing(gomock.Eq(mockContainer), "rootNotFound").Return(nil, sql.ErrNoRows)
|
|
|
|
th.Store.EXPECT().GetSharing(gomock.Eq(mockContainer), "rootError").Return(nil, errors.New("another error"))
|
|
|
|
th.Store.EXPECT().GetSharing(gomock.Eq(mockContainer), "testRootID").Return(&mockSharing, nil).Times(2)
|
|
|
|
|
|
|
|
for _, test := range testcases {
|
|
|
|
t.Run(test.title, func(t *testing.T) {
|
|
|
|
success, err := th.Auth.IsValidReadToken(test.container, test.blockID, test.readToken)
|
|
|
|
if test.isError {
|
|
|
|
require.Error(t, err)
|
|
|
|
} else {
|
|
|
|
require.NoError(t, err)
|
|
|
|
}
|
|
|
|
if test.isSuccess {
|
|
|
|
require.True(t, success)
|
|
|
|
} else {
|
|
|
|
require.False(t, success)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|