2019-12-04 19:39:56 +00:00
|
|
|
// Vikunja is a todo-list application to facilitate your life.
|
2020-01-09 17:33:22 +00:00
|
|
|
// Copyright 2018-2020 Vikunja and contributors. All rights reserved.
|
2018-11-26 20:17:33 +00:00
|
|
|
//
|
2019-12-04 19:39:56 +00:00
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
|
// it under the terms of the GNU General Public License as published by
|
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
// (at your option) any later version.
|
2018-11-26 20:17:33 +00:00
|
|
|
//
|
2019-12-04 19:39:56 +00:00
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
// GNU General Public License for more details.
|
2018-11-26 20:17:33 +00:00
|
|
|
//
|
2019-12-04 19:39:56 +00:00
|
|
|
// You should have received a copy of the GNU General Public License
|
|
|
|
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
2018-11-26 20:17:33 +00:00
|
|
|
|
2018-06-10 09:11:41 +00:00
|
|
|
package models
|
|
|
|
|
|
|
|
|
|
import (
|
2018-10-31 12:42:38 +00:00
|
|
|
"code.vikunja.io/api/pkg/utils"
|
2018-06-10 09:11:41 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
|
"testing"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestCreateUser(t *testing.T) {
|
|
|
|
|
// Create test database
|
2019-04-21 18:18:17 +00:00
|
|
|
//assert.NoError(t, LoadFixtures())
|
2018-06-10 09:11:41 +00:00
|
|
|
|
|
|
|
|
// Get our doer
|
2018-08-30 17:14:02 +00:00
|
|
|
doer, err := GetUserByID(1)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Our dummy user for testing
|
2019-08-14 19:59:31 +00:00
|
|
|
dummyuser := &User{
|
2018-06-10 09:11:41 +00:00
|
|
|
Username: "testuu",
|
|
|
|
|
Password: "1234",
|
|
|
|
|
Email: "noone@example.com",
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Create a new user
|
2018-06-10 09:41:10 +00:00
|
|
|
createdUser, err := CreateUser(dummyuser)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Create a second new user
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CreateUser(&User{Username: dummyuser.Username + "2", Email: dummyuser.Email + "m", Password: dummyuser.Password})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Check if it fails to create the same user again
|
2018-06-10 09:41:10 +00:00
|
|
|
_, err = CreateUser(dummyuser)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
|
|
|
|
|
// Check if it fails to create a user with just the same username
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CreateUser(&User{Username: dummyuser.Username, Password: "12345", Email: "email@example.com"})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrUsernameExists(err))
|
|
|
|
|
|
|
|
|
|
// Check if it fails to create one with the same email
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CreateUser(&User{Username: "noone", Password: "1234", Email: dummyuser.Email})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrUserEmailExists(err))
|
|
|
|
|
|
|
|
|
|
// Check if it fails to create a user without password and username
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CreateUser(&User{})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrNoUsernamePassword(err))
|
|
|
|
|
|
|
|
|
|
// Check if he exists
|
2018-08-30 17:14:02 +00:00
|
|
|
theuser, err := GetUser(createdUser)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Get by his ID
|
2018-08-30 17:14:02 +00:00
|
|
|
_, err = GetUserByID(theuser.ID)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
2018-09-13 18:07:11 +00:00
|
|
|
// Passing 0 as ID should return an error
|
2018-08-30 17:14:02 +00:00
|
|
|
_, err = GetUserByID(0)
|
2018-09-13 18:07:11 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
2018-06-10 09:11:41 +00:00
|
|
|
|
2018-11-01 22:47:41 +00:00
|
|
|
// Check the user credentials with an unverified email
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CheckUserCredentials(&UserLogin{"user5", "1234"})
|
2018-11-01 22:47:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrEmailNotConfirmed(err))
|
|
|
|
|
|
|
|
|
|
// Update everything and check again
|
|
|
|
|
_, err = x.Cols("is_active").Where("true").Update(User{IsActive: true})
|
|
|
|
|
assert.NoError(t, err)
|
2019-08-14 19:59:31 +00:00
|
|
|
user, err := CheckUserCredentials(&UserLogin{"testuu", "1234"})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
2018-06-10 09:41:10 +00:00
|
|
|
assert.Equal(t, "testuu", user.Username)
|
2018-06-10 09:11:41 +00:00
|
|
|
|
|
|
|
|
// Check wrong password (should also fail)
|
|
|
|
|
_, err = CheckUserCredentials(&UserLogin{"testuu", "12345"})
|
|
|
|
|
assert.Error(t, err)
|
2018-11-01 22:47:41 +00:00
|
|
|
assert.True(t, IsErrWrongUsernameOrPassword(err))
|
2018-06-10 09:11:41 +00:00
|
|
|
|
|
|
|
|
// Check usercredentials for a nonexistent user (should fail)
|
|
|
|
|
_, err = CheckUserCredentials(&UserLogin{"dfstestuu", "1234"})
|
|
|
|
|
assert.Error(t, err)
|
2018-12-19 21:05:25 +00:00
|
|
|
assert.True(t, IsErrWrongUsernameOrPassword(err))
|
2018-06-10 09:11:41 +00:00
|
|
|
|
|
|
|
|
// Update the user
|
2019-08-14 19:59:31 +00:00
|
|
|
uuser, err := UpdateUser(&User{ID: theuser.ID, Password: "444444"})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.Equal(t, theuser.Password, uuser.Password) // Password should not change
|
|
|
|
|
assert.Equal(t, theuser.Username, uuser.Username) // Username should not change either
|
|
|
|
|
|
|
|
|
|
// Try updating one which does not exist
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = UpdateUser(&User{ID: 99999, Username: "dg"})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
|
|
|
|
|
|
|
|
|
// Update a users password
|
|
|
|
|
newpassword := "55555"
|
2019-08-14 19:59:31 +00:00
|
|
|
err = UpdateUserPassword(theuser, newpassword)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Check if it was changed
|
2019-08-14 19:59:31 +00:00
|
|
|
_, err = CheckUserCredentials(&UserLogin{theuser.Username, newpassword})
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Check if the searchterm works
|
|
|
|
|
all, err := ListUsers("test")
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.True(t, len(all) > 0)
|
|
|
|
|
|
|
|
|
|
all, err = ListUsers("")
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
assert.True(t, len(all) > 0)
|
|
|
|
|
|
|
|
|
|
// Try updating the password of a nonexistent user (should fail)
|
2018-10-03 17:28:17 +00:00
|
|
|
err = UpdateUserPassword(&User{ID: 9999}, newpassword)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
|
|
|
|
|
|
|
|
|
// Delete it
|
2019-08-14 19:59:31 +00:00
|
|
|
err = DeleteUserByID(theuser.ID, doer)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Try deleting one with ID = 0
|
2019-08-14 19:59:31 +00:00
|
|
|
err = DeleteUserByID(0, doer)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
|
|
|
|
assert.True(t, IsErrIDCannotBeZero(err))
|
2018-10-27 09:33:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestUserPasswordReset(t *testing.T) {
|
|
|
|
|
// Request a new token
|
|
|
|
|
tr := &PasswordTokenRequest{
|
2018-12-19 21:05:25 +00:00
|
|
|
Email: "user1@example.com",
|
2018-10-27 09:33:28 +00:00
|
|
|
}
|
|
|
|
|
err := RequestUserPasswordResetToken(tr)
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Get the token / inside the user object
|
|
|
|
|
userWithToken, err := GetUserByID(1)
|
|
|
|
|
assert.NoError(t, err)
|
|
|
|
|
|
|
|
|
|
// Try resetting it
|
|
|
|
|
reset := &PasswordReset{
|
2018-10-28 16:35:48 +00:00
|
|
|
Token: userWithToken.PasswordResetToken,
|
2018-10-27 09:33:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Try resetting it without a password
|
|
|
|
|
reset.NewPassword = ""
|
|
|
|
|
err = UserPasswordReset(reset)
|
|
|
|
|
assert.True(t, IsErrNoUsernamePassword(err))
|
|
|
|
|
|
|
|
|
|
// Reset it
|
|
|
|
|
reset.NewPassword = "1234"
|
|
|
|
|
err = UserPasswordReset(reset)
|
|
|
|
|
assert.NoError(t, err)
|
2018-06-10 09:11:41 +00:00
|
|
|
|
2018-10-27 09:33:28 +00:00
|
|
|
// Try resetting it with a wrong token
|
|
|
|
|
reset.Token = utils.MakeRandomString(400)
|
|
|
|
|
err = UserPasswordReset(reset)
|
2018-06-10 09:11:41 +00:00
|
|
|
assert.Error(t, err)
|
2018-10-27 09:33:28 +00:00
|
|
|
assert.True(t, IsErrInvalidPasswordResetToken(err))
|
2018-06-10 09:11:41 +00:00
|
|
|
}
|
