Tests: Add unit tests #808 #3943

internal/api/users_passcode_test.go

@@ -0,0 +1,106 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+	"testing"
+
+	"github.com/photoprism/photoprism/internal/config"
+	"github.com/photoprism/photoprism/internal/form"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCreateUserPasscode(t *testing.T) {
+	t.Run("PublicMode", func(t *testing.T) {
+		app, router, _ := NewApiTest()
+		CreateUserPasscode(router)
+		r := PerformRequest(app, "POST", "/api/v1/users/uqxc08w3d0ej2283/passcode")
+		assert.Equal(t, http.StatusForbidden, r.Code)
+	})
+	t.Run("Unauthorized", func(t *testing.T) {
+		app, router, conf := NewApiTest()
+		conf.SetAuthMode(config.AuthModePasswd)
+		defer conf.SetAuthMode(config.AuthModePublic)
+		CreateUserPasscode(router)
+
+		r := PerformRequest(app, "POST", "/api/v1/users/uqxc08w3d0ej2283/passcode")
+		assert.Equal(t, http.StatusUnauthorized, r.Code)
+	})
+	t.Run("UsersDontMatch", func(t *testing.T) {
+		app, router, conf := NewApiTest()
+		conf.SetAuthMode(config.AuthModePasswd)
+		defer conf.SetAuthMode(config.AuthModePublic)
+		CreateUserPasscode(router)
+		sessId := AuthenticateUser(app, router, "alice", "Alice123!")
+
+		f := form.UserPasscode{
+			Passcode: "",
+			Password: "Alice123!",
+			Type:     "totp",
+		}
+		if pcStr, err := json.Marshal(f); err != nil {
+			log.Fatal(err)
+		} else {
+			r := AuthenticatedRequestWithBody(app, "POST", "/api/v1/users/uqxc08w3d0ej2283/passcode", string(pcStr), sessId)
+			assert.Equal(t, http.StatusForbidden, r.Code)
+		}
+	})
+	t.Run("AliceUnsupportedType", func(t *testing.T) {
+		app, router, conf := NewApiTest()
+		conf.SetAuthMode(config.AuthModePasswd)
+		defer conf.SetAuthMode(config.AuthModePublic)
+		CreateUserPasscode(router)
+		sessId := AuthenticateUser(app, router, "alice", "Alice123!")
+
+		f := form.UserPasscode{
+			Passcode: "",
+			Password: "abcdef",
+			Type:     "xxx",
+		}
+		if pcStr, err := json.Marshal(f); err != nil {
+			log.Fatal(err)
+		} else {
+			r := AuthenticatedRequestWithBody(app, "POST", "/api/v1/users/uqxetse3cy5eo9z2/passcode", string(pcStr), sessId)
+			assert.Equal(t, http.StatusBadRequest, r.Code)
+		}
+	})
+	t.Run("AliceInvalidPassword", func(t *testing.T) {
+		app, router, conf := NewApiTest()
+		conf.SetAuthMode(config.AuthModePasswd)
+		defer conf.SetAuthMode(config.AuthModePublic)
+		CreateUserPasscode(router)
+		sessId := AuthenticateUser(app, router, "alice", "Alice123!")
+
+		f := form.UserPasscode{
+			Passcode: "",
+			Password: "wrong",
+			Type:     "totp",
+		}
+		if pcStr, err := json.Marshal(f); err != nil {
+			log.Fatal(err)
+		} else {
+			r := AuthenticatedRequestWithBody(app, "POST", "/api/v1/users/uqxetse3cy5eo9z2/passcode", string(pcStr), sessId)
+			assert.Equal(t, http.StatusForbidden, r.Code)
+		}
+	})
+	t.Run("AliceSuccess", func(t *testing.T) {
+		app, router, conf := NewApiTest()
+		conf.SetAuthMode(config.AuthModePasswd)
+		defer conf.SetAuthMode(config.AuthModePublic)
+		CreateUserPasscode(router)
+		sessId := AuthenticateUser(app, router, "alice", "Alice123!")
+
+		f := form.UserPasscode{
+			Passcode: "",
+			Password: "Alice123!",
+			Type:     "totp",
+		}
+		if pcStr, err := json.Marshal(f); err != nil {
+			log.Fatal(err)
+		} else {
+			r := AuthenticatedRequestWithBody(app, "POST", "/api/v1/users/uqxetse3cy5eo9z2/passcode", string(pcStr), sessId)
+			assert.Equal(t, http.StatusOK, r.Code)
+		}
+	})
+}

internal/entity/passcode_fixtures_test.go

@@ -0,0 +1,33 @@
+package entity
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestPasscodeMap_Get(t *testing.T) {
+	t.Run("get existing passcode", func(t *testing.T) {
+		r := PasscodeFixtures.Get("alice")
+		assert.Equal(t, "uqxetse3cy5eo9z2", r.UID)
+		assert.IsType(t, Passcode{}, r)
+	})
+	t.Run("get not existing passcode", func(t *testing.T) {
+		r := PasscodeFixtures.Get("monstera")
+		assert.Equal(t, "", r.UID)
+		assert.IsType(t, Passcode{}, r)
+	})
+}
+
+func TestPasscodeMap_Pointer(t *testing.T) {
+	t.Run("get existing passcode", func(t *testing.T) {
+		r := PasscodeFixtures.Pointer("alice")
+		assert.Equal(t, "uqxetse3cy5eo9z2", r.UID)
+		assert.IsType(t, &Passcode{}, r)
+	})
+	t.Run("get not existing passcode", func(t *testing.T) {
+		r := PasscodeFixtures.Pointer("monstera")
+		assert.Equal(t, "", r.UID)
+		assert.IsType(t, &Passcode{}, r)
+	})
+}

internal/entity/passcode_json_test.go

@@ -1,8 +1,9 @@
 package entity
 
 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestPasscode_MarshalJSON(t *testing.T) {

pkg/authn/keys_test.go

@@ -32,3 +32,10 @@ func TestKeyType_NotEqual(t *testing.T) {
 	assert.True(t, KeyUnknown.NotEqual("2fa"))
 	assert.True(t, KeyUnknown.NotEqual("totp"))
 }
+
+func TestKey(t *testing.T) {
+	assert.Equal(t, KeyTOTP, Key("totp"))
+	assert.Equal(t, KeyTOTP, Key("otp"))
+	assert.Equal(t, KeyUnknown, Key("false"))
+	assert.NotEqual(t, "xxx", Key("xxx"))
+}

pkg/authn/methods_test.go

@@ -72,6 +72,7 @@ func TestMethod(t *testing.T) {
 	assert.Equal(t, MethodUndefined, Method(""))
 	assert.Equal(t, MethodDefault, Method("default"))
 	assert.Equal(t, MethodDefault, Method("access_token"))
+	assert.Equal(t, MethodDefault, Method("false"))
 	assert.Equal(t, MethodOAuth2, Method("oauth2"))
 	assert.Equal(t, MethodOIDC, Method("oidc"))
 	assert.Equal(t, MethodOIDC, Method("sso"))

pkg/rnd/auth_key_test.go

@@ -25,6 +25,22 @@ func TestAuthKey(t *testing.T) {
 		assert.Equal(t, otp.Digits(6), result.Digits())
 		assert.Equal(t, uint64(30), result.Period())
 	})
+	t.Run("EmptyIssuer", func(t *testing.T) {
+		issuer := ""
+		accountName := "Bar Baz"
+		result, err := AuthKey(issuer, accountName)
+
+		assert.Error(t, err)
+		assert.Nil(t, result)
+	})
+	t.Run("EmptyAccountName", func(t *testing.T) {
+		issuer := "foo"
+		accountName := ""
+		result, err := AuthKey(issuer, accountName)
+
+		assert.Error(t, err)
+		assert.Nil(t, result)
+	})
 }
 
 func TestRecoveryCode(t *testing.T) {