171 lines
5.0 KiB
Go
171 lines
5.0 KiB
Go
// Copyright 2020 Vikunja and contriubtors. All rights reserved.
|
|
//
|
|
// This file is part of Vikunja.
|
|
//
|
|
// Vikunja is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Vikunja is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Vikunja. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
package user
|
|
|
|
import (
|
|
"code.vikunja.io/api/pkg/db"
|
|
"code.vikunja.io/api/pkg/utils"
|
|
"github.com/stretchr/testify/assert"
|
|
"testing"
|
|
)
|
|
|
|
func TestCreateUser(t *testing.T) {
|
|
|
|
db.LoadAndAssertFixtures(t)
|
|
|
|
// Our dummy user for testing
|
|
dummyuser := &User{
|
|
Username: "testuu",
|
|
Password: "1234",
|
|
Email: "noone@example.com",
|
|
}
|
|
|
|
// Create a new user
|
|
createdUser, err := CreateUser(dummyuser)
|
|
assert.NoError(t, err)
|
|
|
|
// Create a second new user
|
|
_, err = CreateUser(&User{Username: dummyuser.Username + "2", Email: dummyuser.Email + "m", Password: dummyuser.Password})
|
|
assert.NoError(t, err)
|
|
|
|
// Check if it fails to create the same user again
|
|
_, err = CreateUser(dummyuser)
|
|
assert.Error(t, err)
|
|
|
|
// Check if it fails to create a user with just the same username
|
|
_, err = CreateUser(&User{Username: dummyuser.Username, Password: "12345", Email: "email@example.com"})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrUsernameExists(err))
|
|
|
|
// Check if it fails to create one with the same email
|
|
_, err = CreateUser(&User{Username: "noone", Password: "1234", Email: dummyuser.Email})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrUserEmailExists(err))
|
|
|
|
// Check if it fails to create a user without password and username
|
|
_, err = CreateUser(&User{})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrNoUsernamePassword(err))
|
|
|
|
// Check if he exists
|
|
theuser, err := GetUser(createdUser)
|
|
assert.NoError(t, err)
|
|
|
|
// Get by his ID
|
|
_, err = GetUserByID(theuser.ID)
|
|
assert.NoError(t, err)
|
|
|
|
// Passing 0 as ID should return an error
|
|
_, err = GetUserByID(0)
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
|
|
|
// Check the user credentials with an unverified email
|
|
_, err = CheckUserCredentials(&Login{"user5", "1234"})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrEmailNotConfirmed(err))
|
|
|
|
// Update everything and check again
|
|
_, err = x.Cols("is_active").Where("true").Update(User{IsActive: true})
|
|
assert.NoError(t, err)
|
|
user, err := CheckUserCredentials(&Login{"testuu", "1234"})
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, "testuu", user.Username)
|
|
|
|
// Check wrong password (should also fail)
|
|
_, err = CheckUserCredentials(&Login{"testuu", "12345"})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrWrongUsernameOrPassword(err))
|
|
|
|
// Check usercredentials for a nonexistent user (should fail)
|
|
_, err = CheckUserCredentials(&Login{"dfstestuu", "1234"})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrWrongUsernameOrPassword(err))
|
|
|
|
// Update the user
|
|
uuser, err := UpdateUser(&User{ID: theuser.ID, Password: "444444"})
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, theuser.Password, uuser.Password) // Password should not change
|
|
assert.Equal(t, theuser.Username, uuser.Username) // Username should not change either
|
|
|
|
// Try updating one which does not exist
|
|
_, err = UpdateUser(&User{ID: 99999, Username: "dg"})
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
|
|
|
// Update a users password
|
|
newpassword := "55555"
|
|
err = UpdateUserPassword(theuser, newpassword)
|
|
assert.NoError(t, err)
|
|
|
|
// Check if it was changed
|
|
_, err = CheckUserCredentials(&Login{theuser.Username, newpassword})
|
|
assert.NoError(t, err)
|
|
|
|
// Check if the searchterm works
|
|
all, err := ListUsers("test")
|
|
assert.NoError(t, err)
|
|
assert.True(t, len(all) > 0)
|
|
|
|
all, err = ListUsers("")
|
|
assert.NoError(t, err)
|
|
assert.True(t, len(all) > 0)
|
|
|
|
// Try updating the password of a nonexistent user (should fail)
|
|
err = UpdateUserPassword(&User{ID: 9999}, newpassword)
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrUserDoesNotExist(err))
|
|
}
|
|
|
|
func TestUserPasswordReset(t *testing.T) {
|
|
|
|
db.LoadAndAssertFixtures(t)
|
|
|
|
// Request a new token
|
|
tr := &PasswordTokenRequest{
|
|
Email: "user1@example.com",
|
|
}
|
|
err := RequestUserPasswordResetToken(tr)
|
|
assert.NoError(t, err)
|
|
|
|
// Get the token / inside the user object
|
|
userWithToken, err := GetUserByID(1)
|
|
assert.NoError(t, err)
|
|
|
|
// Try resetting it
|
|
reset := &PasswordReset{
|
|
Token: userWithToken.PasswordResetToken,
|
|
}
|
|
|
|
// Try resetting it without a password
|
|
reset.NewPassword = ""
|
|
err = ResetPassword(reset)
|
|
assert.True(t, IsErrNoUsernamePassword(err))
|
|
|
|
// Reset it
|
|
reset.NewPassword = "1234"
|
|
err = ResetPassword(reset)
|
|
assert.NoError(t, err)
|
|
|
|
// Try resetting it with a wrong token
|
|
reset.Token = utils.MakeRandomString(400)
|
|
err = ResetPassword(reset)
|
|
assert.Error(t, err)
|
|
assert.True(t, IsErrInvalidPasswordResetToken(err))
|
|
}
|