Files
authorizer/server/test/update_user_test.go

58 lines
1.7 KiB
Go
Raw Normal View History

2021-12-24 06:27:39 +05:30
package test
import (
2022-01-09 17:35:37 +05:30
"fmt"
2021-12-24 06:27:39 +05:30
"testing"
"github.com/authorizerdev/authorizer/server/constants"
2022-02-28 21:26:49 +05:30
"github.com/authorizerdev/authorizer/server/crypto"
2021-12-24 06:27:39 +05:30
"github.com/authorizerdev/authorizer/server/graph/model"
2022-05-30 09:19:55 +05:30
"github.com/authorizerdev/authorizer/server/memorystore"
2021-12-24 06:27:39 +05:30
"github.com/authorizerdev/authorizer/server/resolvers"
"github.com/stretchr/testify/assert"
)
2022-01-17 11:32:13 +05:30
func updateUserTest(t *testing.T, s TestSetup) {
t.Helper()
2021-12-24 06:27:39 +05:30
t.Run(`should update the user with admin secret only`, func(t *testing.T) {
req, ctx := createContext(s)
email := "update_user." + s.TestInfo.Email
2022-01-17 11:32:13 +05:30
signupRes, _ := resolvers.SignupResolver(ctx, model.SignUpInput{
2021-12-24 06:27:39 +05:30
Email: email,
Password: s.TestInfo.Password,
ConfirmPassword: s.TestInfo.Password,
})
user := *signupRes.User
2022-05-13 07:49:45 +05:30
2022-01-31 11:35:24 +05:30
adminRole := "supplier"
2021-12-24 06:27:39 +05:30
userRole := "user"
newRoles := []*string{&adminRole, &userRole}
2022-01-17 11:32:13 +05:30
_, err := resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
2021-12-24 06:27:39 +05:30
ID: user.ID,
Roles: newRoles,
})
assert.NotNil(t, err, "unauthorized")
2022-05-30 12:47:50 +05:30
adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
assert.Nil(t, err)
h, err := crypto.EncryptPassword(adminSecret)
2022-01-09 17:35:37 +05:30
assert.Nil(t, err)
2022-05-30 12:47:50 +05:30
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
2022-01-17 11:32:13 +05:30
_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
2021-12-24 06:27:39 +05:30
ID: user.ID,
Roles: newRoles,
})
2022-05-13 07:49:45 +05:30
// supplier is not part of envs
assert.Error(t, err)
adminRole = "admin"
2022-05-31 13:11:54 +05:30
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyProtectedRoles, adminRole)
2022-05-13 07:49:45 +05:30
newRoles = []*string{&adminRole, &userRole}
_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
ID: user.ID,
Roles: newRoles,
})
2021-12-24 06:27:39 +05:30
assert.Nil(t, err)
cleanData(email)
})
}