gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

authorize_test.go (4124B)

      1 package auth_test
      2 
      3 import (
      4 	"context"
      5 	"fmt"
      6 	"net/http"
      7 	"testing"
      8 	"time"
      9 
     10 	"github.com/gin-contrib/sessions"
     11 	"github.com/stretchr/testify/suite"
     12 	"github.com/superseriousbusiness/gotosocial/internal/api/auth"
     13 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
     14 	"github.com/superseriousbusiness/gotosocial/testrig"
     15 )
     16 
     17 type AuthAuthorizeTestSuite struct {
     18 	AuthStandardTestSuite
     19 }
     20 
     21 type authorizeHandlerTestCase struct {
     22 	description            string
     23 	mutateUserAccount      func(*gtsmodel.User, *gtsmodel.Account) []string
     24 	expectedStatusCode     int
     25 	expectedLocationHeader string
     26 }
     27 
     28 func (suite *AuthAuthorizeTestSuite) TestAccountAuthorizeHandler() {
     29 	tests := []authorizeHandlerTestCase{
     30 		{
     31 			description: "user has their email unconfirmed",
     32 			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
     33 				user.ConfirmedAt = time.Time{}
     34 				return []string{"confirmed_at"}
     35 			},
     36 			expectedStatusCode:     http.StatusSeeOther,
     37 			expectedLocationHeader: "/auth" + auth.AuthCheckYourEmailPath,
     38 		},
     39 		{
     40 			description: "user has their email confirmed but is not approved",
     41 			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
     42 				user.ConfirmedAt = time.Now()
     43 				user.Email = user.UnconfirmedEmail
     44 				return []string{"confirmed_at", "email"}
     45 			},
     46 			expectedStatusCode:     http.StatusSeeOther,
     47 			expectedLocationHeader: "/auth" + auth.AuthWaitForApprovalPath,
     48 		},
     49 		{
     50 			description: "user has their email confirmed and is approved, but User entity has been disabled",
     51 			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
     52 				user.ConfirmedAt = time.Now()
     53 				user.Email = user.UnconfirmedEmail
     54 				user.Approved = testrig.TrueBool()
     55 				user.Disabled = testrig.TrueBool()
     56 				return []string{"confirmed_at", "email", "approved", "disabled"}
     57 			},
     58 			expectedStatusCode:     http.StatusSeeOther,
     59 			expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
     60 		},
     61 		{
     62 			description: "user has their email confirmed and is approved, but Account entity has been suspended",
     63 			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
     64 				user.ConfirmedAt = time.Now()
     65 				user.Email = user.UnconfirmedEmail
     66 				user.Approved = testrig.TrueBool()
     67 				user.Disabled = testrig.FalseBool()
     68 				account.SuspendedAt = time.Now()
     69 				return []string{"confirmed_at", "email", "approved", "disabled"}
     70 			},
     71 			expectedStatusCode:     http.StatusSeeOther,
     72 			expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
     73 		},
     74 	}
     75 
     76 	doTest := func(testCase authorizeHandlerTestCase) {
     77 		ctx, recorder := suite.newContext(http.MethodGet, auth.OauthAuthorizePath, nil, "")
     78 
     79 		user := &gtsmodel.User{}
     80 		account := &gtsmodel.Account{}
     81 
     82 		*user = *suite.testUsers["unconfirmed_account"]
     83 		*account = *suite.testAccounts["unconfirmed_account"]
     84 
     85 		testSession := sessions.Default(ctx)
     86 		testSession.Set(sessionUserID, user.ID)
     87 		testSession.Set(sessionClientID, suite.testApplications["application_1"].ClientID)
     88 		if err := testSession.Save(); err != nil {
     89 			panic(fmt.Errorf("failed on case %s: %w", testCase.description, err))
     90 		}
     91 
     92 		columns := testCase.mutateUserAccount(user, account)
     93 
     94 		testCase.description = fmt.Sprintf("%s, %t, %s", user.Email, *user.Disabled, account.SuspendedAt)
     95 
     96 		err := suite.db.UpdateUser(context.Background(), user, columns...)
     97 		suite.NoError(err)
     98 		err = suite.db.UpdateAccount(context.Background(), account)
     99 		suite.NoError(err)
    100 
    101 		// call the handler
    102 		suite.authModule.AuthorizeGETHandler(ctx)
    103 
    104 		// 1. we should have a redirect
    105 		suite.Equal(testCase.expectedStatusCode, recorder.Code, fmt.Sprintf("failed on case: %s", testCase.description))
    106 
    107 		// 2. we should have a redirect to the check your email path, as this user has not confirmed their email yet.
    108 		suite.Equal(testCase.expectedLocationHeader, recorder.Header().Get("Location"), fmt.Sprintf("failed on case: %s", testCase.description))
    109 	}
    110 
    111 	for _, testCase := range tests {
    112 		doTest(testCase)
    113 	}
    114 }
    115 
    116 func TestAccountUpdateTestSuite(t *testing.T) {
    117 	suite.Run(t, new(AuthAuthorizeTestSuite))
    118 }