From 30cde3e521df06ab534834c981f54528e84137c9 Mon Sep 17 00:00:00 2001 From: Lakhan Samani Date: Fri, 24 Dec 2021 06:27:39 +0530 Subject: [PATCH] feat: add tests for all resolvers --- TODO.md | 6 +- server/resolvers/update_profile.go | 3 +- server/test/cors_test.go | 5 +- server/test/delete_user_test.go | 34 ++++++++++ server/test/forgot_password_test.go | 37 +++++----- server/test/login_test.go | 83 ++++++++++++----------- server/test/logout_test.go | 35 ++++++++++ server/test/magic_link_login_test.go | 35 ++++++++++ server/test/meta_test.go | 23 +++++++ server/test/profile_test.go | 42 ++++++++++++ server/test/resend_verify_email_test.go | 31 +++++---- server/test/reset_password_test.go | 65 +++++++++--------- server/test/resolvers_test.go | 19 ++++-- server/test/session_test.go | 42 ++++++++++++ server/test/signup_test.go | 61 +++++++++-------- server/test/test.go | 41 ++++------- server/test/update_profile_test.go | 53 +++++++++++++++ server/test/update_user_test.go | 40 +++++++++++ server/test/users_test.go | 33 +++++++++ server/test/verification_requests_test.go | 35 ++++++++++ server/test/verify_email_test.go | 43 ++++++------ 21 files changed, 577 insertions(+), 189 deletions(-) create mode 100644 server/test/delete_user_test.go create mode 100644 server/test/logout_test.go create mode 100644 server/test/magic_link_login_test.go create mode 100644 server/test/meta_test.go create mode 100644 server/test/profile_test.go create mode 100644 server/test/session_test.go create mode 100644 server/test/update_profile_test.go create mode 100644 server/test/update_user_test.go create mode 100644 server/test/users_test.go create mode 100644 server/test/verification_requests_test.go diff --git a/TODO.md b/TODO.md index 0dda0e5..4ecccad 100644 --- a/TODO.md +++ b/TODO.md @@ -8,11 +8,7 @@ - [x] Check extra data in oauth profile and save accordingly - [x] Update all the resolver to make them compatible with schema changes - [x] Update JWT claims -- [] Write integration tests for all resolvers -- [] Update doc - - [] Rename all schemas + vars -- [] Update JS lib -- [] Update react lib +- [x] Write integration tests for all resolvers ## Feature Multiple sessions diff --git a/server/resolvers/update_profile.go b/server/resolvers/update_profile.go index a943422..f1c01f2 100644 --- a/server/resolvers/update_profile.go +++ b/server/resolvers/update_profile.go @@ -113,7 +113,8 @@ func UpdateProfile(ctx context.Context, params model.UpdateProfileInput) (*model } newEmail := strings.ToLower(*params.Email) // check if user with new email exists - _, err = db.Mgr.GetUserByEmail(newEmail) + _, err := db.Mgr.GetUserByEmail(newEmail) + // err = nil means user exists if err == nil { return res, fmt.Errorf("user with this email address already exists") diff --git a/server/test/cors_test.go b/server/test/cors_test.go index dbe47b5..0dc5c77 100644 --- a/server/test/cors_test.go +++ b/server/test/cors_test.go @@ -15,8 +15,9 @@ func TestCors(t *testing.T) { defer s.Server.Close() client := &http.Client{} - s.Req.Header.Add("Origin", allowedOrigin) - res, _ := client.Do(s.Req) + req, _ := createContext(s) + req.Header.Add("Origin", allowedOrigin) + res, _ := client.Do(req) // You should get your origin (or a * depending on your config) if the // passed origin is allowed. diff --git a/server/test/delete_user_test.go b/server/test/delete_user_test.go new file mode 100644 index 0000000..4f306dc --- /dev/null +++ b/server/test/delete_user_test.go @@ -0,0 +1,34 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/constants" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func deleteUserTest(s TestSetup, t *testing.T) { + t.Run(`should delete users with admin secret only`, func(t *testing.T) { + req, ctx := createContext(s) + email := "delete_user." + s.TestInfo.Email + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err := resolvers.DeleteUser(ctx, model.DeleteUserInput{ + Email: email, + }) + assert.NotNil(t, err, "unauthorized") + + req.Header.Add("x-authorizer-admin-secret", constants.ADMIN_SECRET) + _, err = resolvers.DeleteUser(ctx, model.DeleteUserInput{ + Email: email, + }) + assert.Nil(t, err) + cleanData(email) + }) +} diff --git a/server/test/forgot_password_test.go b/server/test/forgot_password_test.go index 2ba02ba..007ac26 100644 --- a/server/test/forgot_password_test.go +++ b/server/test/forgot_password_test.go @@ -11,22 +11,25 @@ import ( ) func forgotPasswordTest(s TestSetup, t *testing.T) { - email := "forgot_password." + s.TestInfo.Email - _, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, + t.Run(`should run forgot password`, func(t *testing.T) { + _, ctx := createContext(s) + email := "forgot_password." + s.TestInfo.Email + _, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err = resolvers.ForgotPassword(ctx, model.ForgotPasswordInput{ + Email: email, + }) + assert.Nil(t, err, "no errors for forgot password") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.ForgotPassword.String()) + assert.Nil(t, err) + + assert.Equal(t, verificationRequest.Identifier, enum.ForgotPassword.String()) + + cleanData(email) }) - - _, err = resolvers.ForgotPassword(s.Ctx, model.ForgotPasswordInput{ - Email: email, - }) - assert.Nil(t, err, "no errors for forgot password") - - verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.ForgotPassword.String()) - assert.Nil(t, err) - - assert.Equal(t, verificationRequest.Identifier, enum.ForgotPassword.String()) - - cleanData(email) } diff --git a/server/test/login_test.go b/server/test/login_test.go index 0c1879b..b875081 100644 --- a/server/test/login_test.go +++ b/server/test/login_test.go @@ -11,45 +11,48 @@ import ( ) func loginTests(s TestSetup, t *testing.T) { - email := "login." + s.TestInfo.Email - _, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, + t.Run(`should login`, func(t *testing.T) { + _, ctx := createContext(s) + email := "login." + s.TestInfo.Email + _, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err = resolvers.Login(ctx, model.LoginInput{ + Email: email, + Password: s.TestInfo.Password, + }) + + assert.NotNil(t, err, "should fail because email is not verified") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + _, err = resolvers.Login(ctx, model.LoginInput{ + Email: email, + Password: s.TestInfo.Password, + Roles: []string{"test"}, + }) + assert.NotNil(t, err, "invalid roles") + + _, err = resolvers.Login(ctx, model.LoginInput{ + Email: email, + Password: s.TestInfo.Password + "s", + }) + assert.NotNil(t, err, "invalid password") + + loginRes, err := resolvers.Login(ctx, model.LoginInput{ + Email: email, + Password: s.TestInfo.Password, + }) + + assert.Nil(t, err, "login successful") + assert.NotNil(t, loginRes.AccessToken, "access token should not be empty") + + cleanData(email) }) - - _, err = resolvers.Login(s.Ctx, model.LoginInput{ - Email: email, - Password: s.TestInfo.Password, - }) - - assert.NotNil(t, err, "should fail because email is not verified") - - verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) - resolvers.VerifyEmail(s.Ctx, model.VerifyEmailInput{ - Token: verificationRequest.Token, - }) - - _, err = resolvers.Login(s.Ctx, model.LoginInput{ - Email: email, - Password: s.TestInfo.Password, - Roles: []string{"test"}, - }) - assert.NotNil(t, err, "invalid roles") - - _, err = resolvers.Login(s.Ctx, model.LoginInput{ - Email: email, - Password: s.TestInfo.Password + "s", - }) - assert.NotNil(t, err, "invalid password") - - loginRes, err := resolvers.Login(s.Ctx, model.LoginInput{ - Email: email, - Password: s.TestInfo.Password, - }) - - assert.Nil(t, err, "login successful") - assert.Nil(t, loginRes.AccessToken, "access token should not be empty") - - cleanData(email) } diff --git a/server/test/logout_test.go b/server/test/logout_test.go new file mode 100644 index 0000000..8ff892e --- /dev/null +++ b/server/test/logout_test.go @@ -0,0 +1,35 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/db" + "github.com/authorizerdev/authorizer/server/enum" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func logoutTests(s TestSetup, t *testing.T) { + t.Run(`should logout user`, func(t *testing.T) { + req, ctx := createContext(s) + email := "logout." + s.TestInfo.Email + + _, err := resolvers.MagicLinkLogin(ctx, model.MagicLinkLoginInput{ + Email: email, + }) + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.MagicLink.String()) + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + token := *verifyRes.AccessToken + req.Header.Add("Authorization", "Bearer "+token) + _, err = resolvers.Logout(ctx) + assert.Nil(t, err) + _, err = resolvers.Profile(ctx) + assert.NotNil(t, err, "unauthorized") + cleanData(email) + }) +} diff --git a/server/test/magic_link_login_test.go b/server/test/magic_link_login_test.go new file mode 100644 index 0000000..6d025c0 --- /dev/null +++ b/server/test/magic_link_login_test.go @@ -0,0 +1,35 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/db" + "github.com/authorizerdev/authorizer/server/enum" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func magicLinkLoginTests(s TestSetup, t *testing.T) { + t.Run(`should login with magic link`, func(t *testing.T) { + req, ctx := createContext(s) + email := "magic_link_login." + s.TestInfo.Email + + _, err := resolvers.MagicLinkLogin(ctx, model.MagicLinkLoginInput{ + Email: email, + }) + assert.Nil(t, err) + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.MagicLink.String()) + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + token := *verifyRes.AccessToken + req.Header.Add("Authorization", "Bearer "+token) + _, err = resolvers.Profile(ctx) + assert.Nil(t, err) + + cleanData(email) + }) +} diff --git a/server/test/meta_test.go b/server/test/meta_test.go new file mode 100644 index 0000000..f4167c1 --- /dev/null +++ b/server/test/meta_test.go @@ -0,0 +1,23 @@ +package test + +import ( + "context" + "testing" + + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func metaTests(s TestSetup, t *testing.T) { + t.Run(`should get meta information`, func(t *testing.T) { + ctx := context.Background() + meta, err := resolvers.Meta(ctx) + assert.Nil(t, err) + assert.False(t, meta.IsFacebookLoginEnabled) + assert.False(t, meta.IsGoogleLoginEnabled) + assert.False(t, meta.IsGithubLoginEnabled) + assert.True(t, meta.IsEmailVerificationEnabled) + assert.True(t, meta.IsBasicAuthenticationEnabled) + assert.True(t, meta.IsMagicLinkLoginEnabled) + }) +} diff --git a/server/test/profile_test.go b/server/test/profile_test.go new file mode 100644 index 0000000..8693f37 --- /dev/null +++ b/server/test/profile_test.go @@ -0,0 +1,42 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/db" + "github.com/authorizerdev/authorizer/server/enum" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func profileTests(s TestSetup, t *testing.T) { + t.Run(`should get profile only with token`, func(t *testing.T) { + req, ctx := createContext(s) + email := "profile." + s.TestInfo.Email + + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err := resolvers.Profile(ctx) + assert.NotNil(t, err, "unauthorized") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + token := *verifyRes.AccessToken + req.Header.Add("Authorization", "Bearer "+token) + profileRes, err := resolvers.Profile(ctx) + assert.Nil(t, err) + + newEmail := *&profileRes.Email + assert.Equal(t, email, newEmail, "emails should be equal") + + cleanData(email) + }) +} diff --git a/server/test/resend_verify_email_test.go b/server/test/resend_verify_email_test.go index 65acae8..0eb733e 100644 --- a/server/test/resend_verify_email_test.go +++ b/server/test/resend_verify_email_test.go @@ -10,19 +10,22 @@ import ( ) func resendVerifyEmailTests(s TestSetup, t *testing.T) { - email := "resend_verify_email." + s.TestInfo.Email - _, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, + t.Run(`should resend verification email`, func(t *testing.T) { + _, ctx := createContext(s) + email := "resend_verify_email." + s.TestInfo.Email + _, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err = resolvers.ResendVerifyEmail(ctx, model.ResendVerifyEmailInput{ + Email: email, + Identifier: enum.BasicAuthSignup.String(), + }) + + assert.Nil(t, err) + + cleanData(email) }) - - _, err = resolvers.ResendVerifyEmail(s.Ctx, model.ResendVerifyEmailInput{ - Email: email, - Identifier: enum.BasicAuthSignup.String(), - }) - - assert.Nil(t, err) - - cleanData(email) } diff --git a/server/test/reset_password_test.go b/server/test/reset_password_test.go index 0cf574d..a9008d0 100644 --- a/server/test/reset_password_test.go +++ b/server/test/reset_password_test.go @@ -11,36 +11,39 @@ import ( ) func resetPasswordTest(s TestSetup, t *testing.T) { - email := "reset_password." + s.TestInfo.Email - _, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, + t.Run(`should reset password`, func(t *testing.T) { + email := "reset_password." + s.TestInfo.Email + _, ctx := createContext(s) + _, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err = resolvers.ForgotPassword(ctx, model.ForgotPasswordInput{ + Email: email, + }) + assert.Nil(t, err, "no errors for forgot password") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.ForgotPassword.String()) + assert.Nil(t, err, "should get forgot password request") + + _, err = resolvers.ResetPassword(ctx, model.ResetPasswordInput{ + Token: verificationRequest.Token, + Password: "test1", + ConfirmPassword: "test", + }) + + assert.NotNil(t, err, "passowrds don't match") + + _, err = resolvers.ResetPassword(ctx, model.ResetPasswordInput{ + Token: verificationRequest.Token, + Password: "test1", + ConfirmPassword: "test1", + }) + + assert.Nil(t, err, "password changed successfully") + + cleanData(email) }) - - _, err = resolvers.ForgotPassword(s.Ctx, model.ForgotPasswordInput{ - Email: email, - }) - assert.Nil(t, err, "no errors for forgot password") - - verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.ForgotPassword.String()) - assert.Nil(t, err, "should get forgot password request") - - _, err = resolvers.ResetPassword(s.Ctx, model.ResetPasswordInput{ - Token: verificationRequest.Token, - Password: "test1", - ConfirmPassword: "test", - }) - - assert.NotNil(t, err, "passowrds don't match") - - _, err = resolvers.ResetPassword(s.Ctx, model.ResetPasswordInput{ - Token: verificationRequest.Token, - Password: "test1", - ConfirmPassword: "test1", - }) - - assert.Nil(t, err, "password changed successfully") - - cleanData(email) } diff --git a/server/test/resolvers_test.go b/server/test/resolvers_test.go index 25be8a6..160265c 100644 --- a/server/test/resolvers_test.go +++ b/server/test/resolvers_test.go @@ -1,7 +1,6 @@ package test import ( - "log" "testing" "github.com/authorizerdev/authorizer/server/constants" @@ -16,21 +15,33 @@ func TestResolvers(t *testing.T) { enum.Mongodb.String(): "mongodb://localhost:27017", } - log.Println("==== Testing resolvers =====") - for dbType, dbURL := range databases { constants.DATABASE_URL = dbURL constants.DATABASE_TYPE = dbType db.InitDB() + s := testSetup() defer s.Server.Close() - t.Run("running test cases for "+dbType, func(t *testing.T) { + + t.Run("should pass tests for "+dbType, func(t *testing.T) { loginTests(s, t) signupTests(s, t) forgotPasswordTest(s, t) resendVerifyEmailTests(s, t) resetPasswordTest(s, t) verifyEmailTest(s, t) + sessionTests(s, t) + profileTests(s, t) + updateProfileTests(s, t) + magicLinkLoginTests(s, t) + logoutTests(s, t) + metaTests(s, t) + + // admin tests + verificationRequestsTest(s, t) + usersTest(s, t) + deleteUserTest(s, t) + updateUserTest(s, t) }) } } diff --git a/server/test/session_test.go b/server/test/session_test.go new file mode 100644 index 0000000..20f02ba --- /dev/null +++ b/server/test/session_test.go @@ -0,0 +1,42 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/db" + "github.com/authorizerdev/authorizer/server/enum" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func sessionTests(s TestSetup, t *testing.T) { + t.Run(`should allow access to profile with session only`, func(t *testing.T) { + req, ctx := createContext(s) + email := "session." + s.TestInfo.Email + + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + _, err := resolvers.Session(ctx, []string{}) + assert.NotNil(t, err, "unauthorized") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + token := *verifyRes.AccessToken + req.Header.Add("Authorization", "Bearer "+token) + sessionRes, err := resolvers.Session(ctx, []string{}) + assert.Nil(t, err) + + newToken := *sessionRes.AccessToken + assert.Equal(t, token, newToken, "tokens should be equal") + + cleanData(email) + }) +} diff --git a/server/test/signup_test.go b/server/test/signup_test.go index e9db88d..a7cda68 100644 --- a/server/test/signup_test.go +++ b/server/test/signup_test.go @@ -11,34 +11,37 @@ import ( ) func signupTests(s TestSetup, t *testing.T) { - email := "signup." + s.TestInfo.Email - res, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password + "s", + t.Run(`should complete the signup and check duplicates`, func(t *testing.T) { + _, ctx := createContext(s) + email := "signup." + s.TestInfo.Email + res, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password + "s", + }) + assert.NotNil(t, err, "invalid password errors") + + res, err = resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + user := *res.User + assert.Equal(t, email, user.Email) + assert.Nil(t, res.AccessToken, "access token should be nil") + + res, err = resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + assert.NotNil(t, err, "should throw duplicate email error") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + assert.Nil(t, err) + assert.Equal(t, email, verificationRequest.Email) + cleanData(email) }) - assert.NotNil(t, err, "invalid password errors") - - res, err = resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, - }) - - user := *res.User - assert.Equal(t, email, user.Email) - assert.Nil(t, res.AccessToken, "access token should be nil") - - res, err = resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, - }) - - assert.NotNil(t, err, "should throw duplicate email error") - - verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) - assert.Nil(t, err) - assert.Equal(t, email, verificationRequest.Email) - cleanData(email) } diff --git a/server/test/test.go b/server/test/test.go index dbd86be..1abd9f5 100644 --- a/server/test/test.go +++ b/server/test/test.go @@ -2,7 +2,6 @@ package test import ( "context" - "log" "net/http" "net/http/httptest" @@ -26,9 +25,7 @@ type TestData struct { type TestSetup struct { GinEngine *gin.Engine GinContext *gin.Context - Ctx context.Context Server *httptest.Server - Req *http.Request TestInfo TestData } @@ -49,21 +46,24 @@ func cleanData(email string) { } dbUser, err := db.Mgr.GetUserByEmail(email) - if err != nil { - log.Println("error getting user:", err) - } else { - err = db.Mgr.DeleteUser(dbUser) - if err != nil { - log.Println("error deleting user:", err) - } - - err = db.Mgr.DeleteUserSession(dbUser.ID) - if err != nil { - log.Println("error deleting user session:", err) - } + if err == nil { + db.Mgr.DeleteUser(dbUser) + db.Mgr.DeleteUserSession(dbUser.ID) } } +func createContext(s TestSetup) (*http.Request, context.Context) { + req, _ := http.NewRequest( + "POST", + "http://"+s.Server.Listener.Addr().String()+"/graphql", + nil, + ) + + ctx := context.WithValue(req.Context(), "GinContextKey", s.GinContext) + s.GinContext.Request = req + return req, ctx +} + func testSetup() TestSetup { testData := TestData{ Email: "authorizer_tester@yopmail.com", @@ -84,21 +84,10 @@ func testSetup() TestSetup { server := httptest.NewServer(r) - req, _ := http.NewRequest( - "POST", - "http://"+server.Listener.Addr().String()+"/graphql", - nil, - ) - req.Header.Add("x-authorizer-admin-secret", constants.ADMIN_SECRET) - c.Request = req - ctx := context.WithValue(req.Context(), "GinContextKey", c) - return TestSetup{ GinEngine: r, GinContext: c, - Ctx: ctx, Server: server, - Req: req, TestInfo: testData, } } diff --git a/server/test/update_profile_test.go b/server/test/update_profile_test.go new file mode 100644 index 0000000..7d6d4d1 --- /dev/null +++ b/server/test/update_profile_test.go @@ -0,0 +1,53 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/db" + "github.com/authorizerdev/authorizer/server/enum" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func updateProfileTests(s TestSetup, t *testing.T) { + t.Run(`should update the profile with access token only`, func(t *testing.T) { + req, ctx := createContext(s) + email := "update_profile." + s.TestInfo.Email + + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + fName := "samani" + _, err := resolvers.UpdateProfile(ctx, model.UpdateProfileInput{ + FamilyName: &fName, + }) + assert.NotNil(t, err, "unauthorized") + + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + + token := *verifyRes.AccessToken + req.Header.Add("Authorization", "Bearer "+token) + _, err = resolvers.UpdateProfile(ctx, model.UpdateProfileInput{ + FamilyName: &fName, + }) + assert.Nil(t, err) + + newEmail := "new_" + email + _, err = resolvers.UpdateProfile(ctx, model.UpdateProfileInput{ + Email: &newEmail, + }) + assert.Nil(t, err) + _, err = resolvers.Profile(ctx) + assert.NotNil(t, err, "unauthorized") + + cleanData(newEmail) + cleanData(email) + }) +} diff --git a/server/test/update_user_test.go b/server/test/update_user_test.go new file mode 100644 index 0000000..45d614a --- /dev/null +++ b/server/test/update_user_test.go @@ -0,0 +1,40 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/constants" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func updateUserTest(s TestSetup, t *testing.T) { + t.Run(`should update the user with admin secret only`, func(t *testing.T) { + req, ctx := createContext(s) + email := "update_user." + s.TestInfo.Email + signupRes, _ := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + user := *signupRes.User + adminRole := "admin" + userRole := "user" + newRoles := []*string{&adminRole, &userRole} + _, err := resolvers.UpdateUser(ctx, model.UpdateUserInput{ + ID: user.ID, + Roles: newRoles, + }) + assert.NotNil(t, err, "unauthorized") + + req.Header.Add("x-authorizer-admin-secret", constants.ADMIN_SECRET) + _, err = resolvers.UpdateUser(ctx, model.UpdateUserInput{ + ID: user.ID, + Roles: newRoles, + }) + assert.Nil(t, err) + cleanData(email) + }) +} diff --git a/server/test/users_test.go b/server/test/users_test.go new file mode 100644 index 0000000..6386a8e --- /dev/null +++ b/server/test/users_test.go @@ -0,0 +1,33 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/constants" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func usersTest(s TestSetup, t *testing.T) { + t.Run(`should get users list with admin secret only`, func(t *testing.T) { + req, ctx := createContext(s) + email := "users." + s.TestInfo.Email + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + users, err := resolvers.Users(ctx) + assert.NotNil(t, err, "unauthorized") + + req.Header.Add("x-authorizer-admin-secret", constants.ADMIN_SECRET) + users, err = resolvers.Users(ctx) + assert.Nil(t, err) + rLen := len(users) + assert.GreaterOrEqual(t, rLen, 1) + + cleanData(email) + }) +} diff --git a/server/test/verification_requests_test.go b/server/test/verification_requests_test.go new file mode 100644 index 0000000..22fc26e --- /dev/null +++ b/server/test/verification_requests_test.go @@ -0,0 +1,35 @@ +package test + +import ( + "testing" + + "github.com/authorizerdev/authorizer/server/constants" + "github.com/authorizerdev/authorizer/server/graph/model" + "github.com/authorizerdev/authorizer/server/resolvers" + "github.com/stretchr/testify/assert" +) + +func verificationRequestsTest(s TestSetup, t *testing.T) { + t.Run(`should get verification requests with admin secret only`, func(t *testing.T) { + req, ctx := createContext(s) + + email := "verification_requests." + s.TestInfo.Email + resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + requests, err := resolvers.VerificationRequests(ctx) + assert.NotNil(t, err, "unauthorizer") + + req.Header.Add("x-authorizer-admin-secret", constants.ADMIN_SECRET) + requests, err = resolvers.VerificationRequests(ctx) + + assert.Nil(t, err) + rLen := len(requests) + assert.GreaterOrEqual(t, rLen, 1) + + cleanData(email) + }) +} diff --git a/server/test/verify_email_test.go b/server/test/verify_email_test.go index 80e3d20..aa01619 100644 --- a/server/test/verify_email_test.go +++ b/server/test/verify_email_test.go @@ -11,25 +11,28 @@ import ( ) func verifyEmailTest(s TestSetup, t *testing.T) { - email := "verify_email." + s.TestInfo.Email - res, err := resolvers.Signup(s.Ctx, model.SignUpInput{ - Email: email, - Password: s.TestInfo.Password, - ConfirmPassword: s.TestInfo.Password, + t.Run(`should verify email`, func(t *testing.T) { + _, ctx := createContext(s) + email := "verify_email." + s.TestInfo.Email + res, err := resolvers.Signup(ctx, model.SignUpInput{ + Email: email, + Password: s.TestInfo.Password, + ConfirmPassword: s.TestInfo.Password, + }) + + user := *res.User + assert.Equal(t, email, user.Email) + assert.Nil(t, res.AccessToken, "access token should be nil") + verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) + assert.Nil(t, err) + assert.Equal(t, email, verificationRequest.Email) + + verifyRes, err := resolvers.VerifyEmail(ctx, model.VerifyEmailInput{ + Token: verificationRequest.Token, + }) + assert.Nil(t, err) + assert.NotEqual(t, verifyRes.AccessToken, "", "access token should not be empty") + + cleanData(email) }) - - user := *res.User - assert.Equal(t, email, user.Email) - assert.Nil(t, res.AccessToken, "access token should be nil") - verificationRequest, err := db.Mgr.GetVerificationByEmail(email, enum.BasicAuthSignup.String()) - assert.Nil(t, err) - assert.Equal(t, email, verificationRequest.Email) - - verifyRes, err := resolvers.VerifyEmail(s.Ctx, model.VerifyEmailInput{ - Token: verificationRequest.Token, - }) - assert.Nil(t, err) - assert.NotEqual(t, verifyRes.AccessToken, "", "access token should not be empty") - - cleanData(email) }