99 lines
3.0 KiB
Go
99 lines
3.0 KiB
Go
package test
|
|
|
|
import (
|
|
"fmt"
|
|
"github.com/authorizerdev/authorizer/server/crypto"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
|
"github.com/authorizerdev/authorizer/server/graph/model"
|
|
"github.com/authorizerdev/authorizer/server/memorystore"
|
|
"github.com/authorizerdev/authorizer/server/refs"
|
|
"github.com/authorizerdev/authorizer/server/resolvers"
|
|
)
|
|
|
|
func RoleDeletionTest(t *testing.T, s TestSetup) {
|
|
t.Helper()
|
|
t.Run(`should complete role deletion`, func(t *testing.T) {
|
|
// login as admin
|
|
req, ctx := createContext(s)
|
|
|
|
_, err := resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
|
|
AdminSecret: "admin_test",
|
|
})
|
|
assert.NotNil(t, err)
|
|
|
|
adminSecret, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAdminSecret)
|
|
assert.Nil(t, err)
|
|
_, err = resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
|
|
AdminSecret: adminSecret,
|
|
})
|
|
assert.Nil(t, err)
|
|
|
|
h, err := crypto.EncryptPassword(adminSecret)
|
|
assert.Nil(t, err)
|
|
req.Header.Set("Cookie", fmt.Sprintf("%s=%s", constants.AdminCookieName, h))
|
|
|
|
// add new default role to get role, if not present in roles
|
|
originalDefaultRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyDefaultRoles)
|
|
assert.Nil(t, err)
|
|
originalDefaultRolesSlice := strings.Split(originalDefaultRoles, ",")
|
|
|
|
data := model.UpdateEnvInput{
|
|
DefaultRoles: append(originalDefaultRolesSlice, "abc"),
|
|
}
|
|
_, err = resolvers.UpdateEnvResolver(ctx, data)
|
|
assert.Error(t, err)
|
|
|
|
// add new role
|
|
originalRoles, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyRoles)
|
|
assert.Nil(t, err)
|
|
originalRolesSlice := strings.Split(originalRoles, ",")
|
|
roleToBeAdded := "abc"
|
|
newRoles := append(originalRolesSlice, roleToBeAdded)
|
|
data = model.UpdateEnvInput{
|
|
Roles: newRoles,
|
|
}
|
|
_, err = resolvers.UpdateEnvResolver(ctx, data)
|
|
assert.Nil(t, err)
|
|
|
|
// register a user with all roles
|
|
email := "update_user." + s.TestInfo.Email
|
|
_, err = resolvers.SignupResolver(ctx, model.SignUpInput{
|
|
Email: refs.NewStringRef(email),
|
|
Password: s.TestInfo.Password,
|
|
ConfirmPassword: s.TestInfo.Password,
|
|
Roles: newRoles,
|
|
})
|
|
assert.Nil(t, err)
|
|
|
|
regUserDetails, _ := resolvers.UserResolver(ctx, model.GetUserRequest{
|
|
Email: refs.NewStringRef(email),
|
|
})
|
|
|
|
// update env by removing role "abc"
|
|
var newRolesAfterDeletion []string
|
|
for _, value := range newRoles {
|
|
if value != roleToBeAdded {
|
|
newRolesAfterDeletion = append(newRolesAfterDeletion, value)
|
|
}
|
|
}
|
|
data = model.UpdateEnvInput{
|
|
Roles: newRolesAfterDeletion,
|
|
}
|
|
_, err = resolvers.UpdateEnvResolver(ctx, data)
|
|
assert.Nil(t, err)
|
|
|
|
// check user if role still exist
|
|
userDetails, err := resolvers.UserResolver(ctx, model.GetUserRequest{
|
|
Email: refs.NewStringRef(email),
|
|
})
|
|
assert.Nil(t, err)
|
|
assert.Equal(t, newRolesAfterDeletion, userDetails.Roles)
|
|
assert.NotEqual(t, newRolesAfterDeletion, regUserDetails.Roles)
|
|
})
|
|
}
|