Add integration tests for users

2017-11-25 12:44:32 -08:00 · 2017-11-25 12:44:32 -08:00 · ec0f642d5d
parent 142e8b3e0c
commit ec0f642d5d
11 changed files with 267 additions and 33 deletions
--- a/integration_test.go
+++ b/integration_test.go
@ -7,23 +7,43 @@
 package main

 import (
+	"math/rand"
+	"strconv"
+	"strings"
 	"testing"
+	"time"

 	"github.com/miniflux/miniflux-go"
 )

 const (
-	testBaseURL  = "http://127.0.0.1:8080"
-	testUsername = "admin"
-	testPassword = "test123"
+	testBaseURL          = "http://127.0.0.1:8080"
+	testAdminUsername    = "admin"
+	testAdminPassword    = "test123"
+	testStandardPassword = "secret"
 )

+func TestWithBadEndpoint(t *testing.T) {
+	client := miniflux.NewClient("bad url", testAdminUsername, testAdminPassword)
+	_, err := client.Users()
+	if err == nil {
+		t.Fatal(`Using a bad url should raise an error`)
+	}
+}
+
+func TestWithWrongCredentials(t *testing.T) {
+	client := miniflux.NewClient(testBaseURL, "invalid", "invalid")
+	_, err := client.Users()
+	if err == nil {
+		t.Fatal(`Using bad credentials should raise an error`)
+	}
+}
+
 func TestGetUsers(t *testing.T) {
-	client := miniflux.NewClient(testBaseURL, testUsername, testPassword)
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
 	users, err := client.Users()
 	if err != nil {
 		t.Fatal(err)
-		return
 	}

 	if len(users) == 0 {
@ -31,71 +51,263 @@ func TestGetUsers(t *testing.T) {
 	}

 	if users[0].ID == 0 {
-		t.Fatalf(`Invalid userID, got %v`, users[0].ID)
+		t.Fatalf(`Invalid userID, got "%v"`, users[0].ID)
 	}

-	if users[0].Username != testUsername {
-		t.Fatalf(`Invalid username, got %v`, users[0].Username)
+	if users[0].Username != testAdminUsername {
+		t.Fatalf(`Invalid username, got "%v" instead of "%v"`, users[0].Username, testAdminUsername)
 	}

 	if users[0].Password != "" {
-		t.Fatalf(`Invalid password, got %v`, users[0].Password)
+		t.Fatalf(`Invalid password, got "%v"`, users[0].Password)
 	}

 	if users[0].Language != "en_US" {
-		t.Fatalf(`Invalid language, got %v`, users[0].Language)
+		t.Fatalf(`Invalid language, got "%v"`, users[0].Language)
 	}

 	if users[0].Theme != "default" {
-		t.Fatalf(`Invalid theme, got %v`, users[0].Theme)
+		t.Fatalf(`Invalid theme, got "%v"`, users[0].Theme)
 	}

 	if users[0].Timezone != "UTC" {
-		t.Fatalf(`Invalid timezone, got %v`, users[0].Timezone)
+		t.Fatalf(`Invalid timezone, got "%v"`, users[0].Timezone)
 	}

 	if !users[0].IsAdmin {
-		t.Fatalf(`Invalid role, got %v`, users[0].IsAdmin)
+		t.Fatalf(`Invalid role, got "%v"`, users[0].IsAdmin)
 	}
 }

 func TestCreateStandardUser(t *testing.T) {
-	client := miniflux.NewClient(testBaseURL, testUsername, testPassword)
-	user, err := client.CreateUser("test", "test123", false)
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
 	if err != nil {
 		t.Fatal(err)
-		return
 	}

 	if user.ID == 0 {
-		t.Fatalf(`Invalid userID, got %v`, user.ID)
+		t.Fatalf(`Invalid userID, got "%v"`, user.ID)
 	}

-	if user.Username != "test" {
-		t.Fatalf(`Invalid username, got %v`, user.Username)
+	if user.Username != username {
+		t.Fatalf(`Invalid username, got "%v" instead of "%v"`, user.Username, username)
 	}

 	if user.Password != "" {
-		t.Fatalf(`Invalid password, got %v`, user.Password)
+		t.Fatalf(`Invalid password, got "%v"`, user.Password)
 	}

 	if user.Language != "en_US" {
-		t.Fatalf(`Invalid language, got %v`, user.Language)
+		t.Fatalf(`Invalid language, got "%v"`, user.Language)
 	}

 	if user.Theme != "default" {
-		t.Fatalf(`Invalid theme, got %v`, user.Theme)
+		t.Fatalf(`Invalid theme, got "%v"`, user.Theme)
 	}

 	if user.Timezone != "UTC" {
-		t.Fatalf(`Invalid timezone, got %v`, user.Timezone)
+		t.Fatalf(`Invalid timezone, got "%v"`, user.Timezone)
 	}

 	if user.IsAdmin {
-		t.Fatalf(`Invalid role, got %v`, user.IsAdmin)
+		t.Fatalf(`Invalid role, got "%v"`, user.IsAdmin)
 	}

 	if user.LastLoginAt != nil {
-		t.Fatalf(`Invalid last login date, got %v`, user.LastLoginAt)
+		t.Fatalf(`Invalid last login date, got "%v"`, user.LastLoginAt)
 	}
 }
+
+func TestRemoveUser(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if err := client.DeleteUser(user.ID); err != nil {
+		t.Fatalf(`Unable to remove user: "%v"`, err)
+	}
+}
+
+func TestGetUser(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	user, err = client.User(user.ID)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if user.ID == 0 {
+		t.Fatalf(`Invalid userID, got "%v"`, user.ID)
+	}
+
+	if user.Username != username {
+		t.Fatalf(`Invalid username, got "%v" instead of "%v"`, user.Username, username)
+	}
+
+	if user.Password != "" {
+		t.Fatalf(`Invalid password, got "%v"`, user.Password)
+	}
+
+	if user.Language != "en_US" {
+		t.Fatalf(`Invalid language, got "%v"`, user.Language)
+	}
+
+	if user.Theme != "default" {
+		t.Fatalf(`Invalid theme, got "%v"`, user.Theme)
+	}
+
+	if user.Timezone != "UTC" {
+		t.Fatalf(`Invalid timezone, got "%v"`, user.Timezone)
+	}
+
+	if user.IsAdmin {
+		t.Fatalf(`Invalid role, got "%v"`, user.IsAdmin)
+	}
+
+	if user.LastLoginAt != nil {
+		t.Fatalf(`Invalid last login date, got "%v"`, user.LastLoginAt)
+	}
+}
+
+func TestUpdateUser(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	theme := "black"
+	user.Theme = theme
+	user, err = client.UpdateUser(user)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if user.Theme != theme {
+		t.Fatalf(`Unable to update user: got "%v" instead of "%v"`, user.Theme, theme)
+	}
+}
+
+func TestUpdateUserWithInvalidValue(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	theme := "something that doesn't exists"
+	user.Theme = theme
+	_, err = client.UpdateUser(user)
+	if err == nil {
+		t.Fatal(`Updating a user with an invalid value should raise an error`)
+	}
+}
+
+func TestCannotCreateDuplicateUser(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	_, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = client.CreateUser(username, testStandardPassword, false)
+	if err == nil {
+		t.Fatal(`Duplicate users should not be allowed`)
+	}
+}
+
+func TestCannotListUsersAsNonAdmin(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	_, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client = miniflux.NewClient(testBaseURL, username, testStandardPassword)
+	_, err = client.Users()
+	if err == nil {
+		t.Fatal(`Standard users should not be able to list any users`)
+	}
+}
+
+func TestCannotGetUserAsNonAdmin(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client = miniflux.NewClient(testBaseURL, username, testStandardPassword)
+	_, err = client.User(user.ID)
+	if err == nil {
+		t.Fatal(`Standard users should not be able to get any users`)
+	}
+}
+
+func TestCannotUpdateUserAsNonAdmin(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client = miniflux.NewClient(testBaseURL, username, testStandardPassword)
+	_, err = client.UpdateUser(user)
+	if err == nil {
+		t.Fatal(`Standard users should not be able to update any users`)
+	}
+}
+
+func TestCannotCreateUserAsNonAdmin(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	_, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client = miniflux.NewClient(testBaseURL, username, testStandardPassword)
+	_, err = client.CreateUser(username, testStandardPassword, false)
+	if err == nil {
+		t.Fatal(`Standard users should not be able to create users`)
+	}
+}
+
+func TestCannotDeleteUserAsNonAdmin(t *testing.T) {
+	username := getRandomUsername()
+	client := miniflux.NewClient(testBaseURL, testAdminUsername, testAdminPassword)
+	user, err := client.CreateUser(username, testStandardPassword, false)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	client = miniflux.NewClient(testBaseURL, username, testStandardPassword)
+	if err := client.DeleteUser(user.ID); err == nil {
+		t.Fatal(`Standard users should not be able to remove any users`)
+	}
+}
+
+func getRandomUsername() string {
+	rand.Seed(time.Now().UnixNano())
+	var suffix []string
+	for i := 0; i < 10; i++ {
+		suffix = append(suffix, strconv.Itoa(rand.Intn(1000)))
+	}
+	return "user" + strings.Join(suffix, "")
+}
--- a/locale/translations.go
+++ b/locale/translations.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.354922728 -0800 PST m=+0.035838197
+// 2017-11-25 10:47:30.371865884 -0800 PST m=+0.027993990

 package locale

--- a/locale/translations/fr_FR.json
+++ b/locale/translations/fr_FR.json
@ -133,5 +133,6 @@
    "Sign in with Google": "Se connecter avec Google",
    "Unlink my Google account": "Dissocier mon compte Google",
    "Link my Google account": "Associer mon compte Google",
-    "Category not found for this user.": "Cette catégorie n'existe pas pour cet utilisateur."
+    "Category not found for this user.": "Cette catégorie n'existe pas pour cet utilisateur.",
+    "Invalid theme.": "Le thème est invalide."
 }
--- a/model/theme.go
+++ b/model/theme.go
@ -4,6 +4,8 @@

 package model

+import "github.com/miniflux/miniflux2/errors"
+
 // GetThemes returns the list of available themes.
 func GetThemes() map[string]string {
 	return map[string]string{
@ -11,3 +13,14 @@ func GetThemes() map[string]string {
 		"black":   "Black",
 	}
 }
+
+// ValidateTheme validates theme value.
+func ValidateTheme(theme string) error {
+	for key := range GetThemes() {
+		if key == theme {
+			return nil
+		}
+	}
+
+	return errors.NewLocalizedError("Invalid theme.")
+}
--- a/model/user.go
+++ b/model/user.go
@ -27,6 +27,7 @@ func NewUser() *User {
 	return &User{Extra: make(map[string]string)}
 }

+// ValidateUserCreation validates new user.
 func (u User) ValidateUserCreation() error {
 	if err := u.ValidateUserLogin(); err != nil {
 		return err
@ -39,6 +40,7 @@ func (u User) ValidateUserCreation() error {
 	return nil
 }

+// ValidateUserModification validates user for modification.
 func (u User) ValidateUserModification() error {
 	if u.Username == "" {
 		return errors.New("The username is mandatory")
@ -48,9 +50,14 @@ func (u User) ValidateUserModification() error {
 		return err
 	}

+	if err := ValidateTheme(u.Theme); err != nil {
+		return err
+	}
+
 	return nil
 }

+// ValidateUserLogin validates user credential requirements.
 func (u User) ValidateUserLogin() error {
 	if u.Username == "" {
 		return errors.New("The username is mandatory")
@ -63,6 +70,7 @@ func (u User) ValidateUserLogin() error {
 	return nil
 }

+// ValidatePassword validates user password requirements.
 func (u User) ValidatePassword() error {
 	if u.Password != "" && len(u.Password) < 6 {
 		return errors.New("The password must have at least 6 characters")
--- a/server/static/bin.go
+++ b/server/static/bin.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.326996526 -0800 PST m=+0.007911995
+// 2017-11-25 10:47:30.351686806 -0800 PST m=+0.007814912

 package static

--- a/server/static/css.go
+++ b/server/static/css.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.330122316 -0800 PST m=+0.011037785
+// 2017-11-25 10:47:30.352812144 -0800 PST m=+0.008940250

 package static

--- a/server/static/js.go
+++ b/server/static/js.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.333049571 -0800 PST m=+0.013965040
+// 2017-11-25 10:47:30.357950671 -0800 PST m=+0.014078777

 package static

--- a/server/template/common.go
+++ b/server/template/common.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.353262943 -0800 PST m=+0.034178412
+// 2017-11-25 10:47:30.370347794 -0800 PST m=+0.026475900

 package template

--- a/server/template/views.go
+++ b/server/template/views.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.335450873 -0800 PST m=+0.016366342
+// 2017-11-25 10:47:30.359140331 -0800 PST m=+0.015268437

 package template

--- a/sql/sql.go
+++ b/sql/sql.go
@ -1,5 +1,5 @@
 // Code generated by go generate; DO NOT EDIT.
-// 2017-11-24 21:40:33.323320501 -0800 PST m=+0.004235970
+// 2017-11-25 10:47:30.347837046 -0800 PST m=+0.003965152

 package sql