mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-04 22:17:59 +08:00
530f925c4d
* remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add users endpoint for retrieving users from group Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from things and users Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move groups into auth Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * separate endpoints for users and things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix problems with retrieving members Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from users Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename constant Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add new errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove unnecessary constants Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix validation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * create groups db mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert changes to docker related files Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups endpoints from users openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups endpoints from users openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove testing group Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renam typ to groupType Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add error for max level Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove print Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups.Member interface Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix query building and add test cases Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * uncomment tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move groups package Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove group type, add bulk assign and unassign Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi, remove parentID from create request, reorder endpoints Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi for users and things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix groups test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename assignReq structure Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor mocks, response, remove type from endpoint Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * some refactor, renaming, errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * simplify check Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove package alias Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming and comment Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * additional comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add members grpc endpoint test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix retrieving members for different types Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix retrieving members for different types Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove unecessary structure Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix api grpc Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename const Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactore retrieve parents and children with common function Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * small changes for errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix compile error Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix sorting in mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove regexp for groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert as change is made by mistake Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert as change is made by mistake Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor groups and keys package Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix test for timestamp compare Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix error handling Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove errors not being used Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * var renaming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * minor changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add endpoints for groups into nginx Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * reorganize endpoints, remove some errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * reorganize endpoints, remove some errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * small fix Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * minor changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix group save path problem Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * description constant Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename variables Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix validation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * get back return Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix compile Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
312 lines
8.1 KiB
Go
312 lines
8.1 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package http_test
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/opentracing/opentracing-go/mocktracer"
|
|
|
|
"github.com/mainflux/mainflux/pkg/uuid"
|
|
"github.com/mainflux/mainflux/things"
|
|
httpapi "github.com/mainflux/mainflux/things/api/auth/http"
|
|
"github.com/mainflux/mainflux/things/mocks"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
const (
|
|
contentType = "application/json"
|
|
email = "user@example.com"
|
|
token = "token"
|
|
wrong = "wrong_value"
|
|
)
|
|
|
|
var (
|
|
thing = things.Thing{
|
|
Name: "test_app",
|
|
Metadata: map[string]interface{}{"test": "data"},
|
|
}
|
|
channel = things.Channel{
|
|
Name: "test_chan",
|
|
Metadata: map[string]interface{}{"test": "data"},
|
|
}
|
|
)
|
|
|
|
type testRequest struct {
|
|
client *http.Client
|
|
method string
|
|
url string
|
|
contentType string
|
|
body io.Reader
|
|
}
|
|
|
|
func (tr testRequest) make() (*http.Response, error) {
|
|
req, err := http.NewRequest(tr.method, tr.url, tr.body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if tr.contentType != "" {
|
|
req.Header.Set("Content-Type", tr.contentType)
|
|
}
|
|
return tr.client.Do(req)
|
|
}
|
|
|
|
func toJSON(data interface{}) string {
|
|
jsonData, _ := json.Marshal(data)
|
|
return string(jsonData)
|
|
}
|
|
|
|
func newService(tokens map[string]string) things.Service {
|
|
auth := mocks.NewAuthService(tokens)
|
|
conns := make(chan mocks.Connection)
|
|
thingsRepo := mocks.NewThingRepository(conns)
|
|
channelsRepo := mocks.NewChannelRepository(thingsRepo, conns)
|
|
chanCache := mocks.NewChannelCache()
|
|
thingCache := mocks.NewThingCache()
|
|
idProvider := uuid.NewMock()
|
|
|
|
return things.New(auth, thingsRepo, channelsRepo, chanCache, thingCache, idProvider)
|
|
}
|
|
|
|
func newServer(svc things.Service) *httptest.Server {
|
|
mux := httpapi.MakeHandler(mocktracer.New(), svc)
|
|
return httptest.NewServer(mux)
|
|
}
|
|
|
|
func TestIdentify(t *testing.T) {
|
|
svc := newService(map[string]string{token: email})
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
|
|
ths, err := svc.CreateThings(context.Background(), token, thing)
|
|
require.Nil(t, err, fmt.Sprintf("failed to create thing: %s", err))
|
|
th := ths[0]
|
|
|
|
ir := identifyReq{Token: th.Key}
|
|
data := toJSON(ir)
|
|
|
|
nonexistentData := toJSON(identifyReq{Token: wrong})
|
|
|
|
cases := map[string]struct {
|
|
contentType string
|
|
req string
|
|
status int
|
|
}{
|
|
"identify existing thing": {
|
|
contentType: contentType,
|
|
req: data,
|
|
status: http.StatusOK,
|
|
},
|
|
"identify non-existent thing": {
|
|
contentType: contentType,
|
|
req: nonexistentData,
|
|
status: http.StatusNotFound,
|
|
},
|
|
"identify with missing content type": {
|
|
contentType: wrong,
|
|
req: data,
|
|
status: http.StatusUnsupportedMediaType,
|
|
},
|
|
"identify with empty JSON request": {
|
|
contentType: contentType,
|
|
req: "{}",
|
|
status: http.StatusUnauthorized,
|
|
},
|
|
"identify with invalid JSON request": {
|
|
contentType: contentType,
|
|
req: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for desc, tc := range cases {
|
|
req := testRequest{
|
|
client: ts.Client(),
|
|
method: http.MethodPost,
|
|
url: fmt.Sprintf("%s/identify", ts.URL),
|
|
contentType: tc.contentType,
|
|
body: strings.NewReader(tc.req),
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|
|
|
|
func TestCanAccessByKey(t *testing.T) {
|
|
svc := newService(map[string]string{token: email})
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
|
|
ths, err := svc.CreateThings(context.Background(), token, thing)
|
|
require.Nil(t, err, fmt.Sprintf("failed to create thing: %s", err))
|
|
th := ths[0]
|
|
|
|
chs, err := svc.CreateChannels(context.Background(), token, channel)
|
|
require.Nil(t, err, fmt.Sprintf("failed to create channel: %s", err))
|
|
ch := chs[0]
|
|
|
|
err = svc.Connect(context.Background(), token, []string{ch.ID}, []string{th.ID})
|
|
require.Nil(t, err, fmt.Sprintf("failed to connect thing and channel: %s", err))
|
|
|
|
data := toJSON(canAccessByKeyReq{
|
|
Token: th.Key,
|
|
})
|
|
|
|
cases := map[string]struct {
|
|
contentType string
|
|
chanID string
|
|
req string
|
|
status int
|
|
}{
|
|
"check access for connected thing and channel": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: data,
|
|
status: http.StatusOK,
|
|
},
|
|
"check access for not connected thing and channel": {
|
|
contentType: contentType,
|
|
chanID: wrong,
|
|
req: data,
|
|
status: http.StatusForbidden,
|
|
},
|
|
"check access with invalid content type": {
|
|
contentType: wrong,
|
|
chanID: ch.ID,
|
|
req: data,
|
|
status: http.StatusUnsupportedMediaType,
|
|
},
|
|
"check access with empty JSON request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "{}",
|
|
status: http.StatusUnauthorized,
|
|
},
|
|
"check access with invalid JSON request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "}",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
"check access with empty request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for desc, tc := range cases {
|
|
req := testRequest{
|
|
client: ts.Client(),
|
|
method: http.MethodPost,
|
|
url: fmt.Sprintf("%s/channels/%s/access-by-key", ts.URL, tc.chanID),
|
|
contentType: tc.contentType,
|
|
body: strings.NewReader(tc.req),
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|
|
|
|
func TestCanAccessByID(t *testing.T) {
|
|
svc := newService(map[string]string{token: email})
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
|
|
ths, err := svc.CreateThings(context.Background(), token, thing)
|
|
require.Nil(t, err, fmt.Sprintf("failed to create thing: %s", err))
|
|
th := ths[0]
|
|
|
|
chs, err := svc.CreateChannels(context.Background(), token, channel)
|
|
require.Nil(t, err, fmt.Sprintf("failed to create channel: %s", err))
|
|
ch := chs[0]
|
|
|
|
err = svc.Connect(context.Background(), token, []string{ch.ID}, []string{th.ID})
|
|
require.Nil(t, err, fmt.Sprintf("failed to connect thing and channel: %s", err))
|
|
|
|
data := toJSON(canAccessByIDReq{
|
|
ThingID: th.ID,
|
|
})
|
|
|
|
cases := map[string]struct {
|
|
contentType string
|
|
chanID string
|
|
req string
|
|
status int
|
|
}{
|
|
"check access for connected thing and channel": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: data,
|
|
status: http.StatusOK,
|
|
},
|
|
"check access for not connected thing and channel": {
|
|
contentType: contentType,
|
|
chanID: wrong,
|
|
req: data,
|
|
status: http.StatusForbidden,
|
|
},
|
|
"check access with invalid content type": {
|
|
contentType: wrong,
|
|
chanID: ch.ID,
|
|
req: data,
|
|
status: http.StatusUnsupportedMediaType,
|
|
},
|
|
"check access with empty JSON request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "{}",
|
|
status: http.StatusUnauthorized,
|
|
},
|
|
"check access with invalid JSON request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "}",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
"check access with empty request": {
|
|
contentType: contentType,
|
|
chanID: ch.ID,
|
|
req: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for desc, tc := range cases {
|
|
req := testRequest{
|
|
client: ts.Client(),
|
|
method: http.MethodPost,
|
|
url: fmt.Sprintf("%s/channels/%s/access-by-id", ts.URL, tc.chanID),
|
|
contentType: tc.contentType,
|
|
body: strings.NewReader(tc.req),
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|
|
|
|
type identifyReq struct {
|
|
Token string `json:"token"`
|
|
}
|
|
|
|
type canAccessByKeyReq struct {
|
|
Token string `json:"token"`
|
|
}
|
|
|
|
type canAccessByIDReq struct {
|
|
ThingID string `json:"thing_id"`
|
|
}
|