2017-02-08 07:20:07 -06:00
package api
import (
2021-12-01 08:43:31 -06:00
"context"
2022-01-26 13:24:05 -06:00
"encoding/json"
2020-01-13 10:10:19 -06:00
"fmt"
2019-09-11 07:43:05 -05:00
"net/http"
2017-02-08 07:20:07 -06:00
"testing"
2019-09-11 07:43:05 -05:00
"time"
2017-02-08 07:20:07 -06:00
2022-02-18 04:27:00 -06:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"golang.org/x/oauth2"
2022-01-26 13:24:05 -06:00
"github.com/grafana/grafana/pkg/api/dtos"
2022-02-18 04:27:00 -06:00
"github.com/grafana/grafana/pkg/components/simplejson"
"github.com/grafana/grafana/pkg/models"
acmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
2022-01-26 13:24:05 -06:00
"github.com/grafana/grafana/pkg/services/login/authinfoservice"
2022-02-03 11:23:45 -06:00
authinfostore "github.com/grafana/grafana/pkg/services/login/authinfoservice/database"
2022-02-18 04:27:00 -06:00
"github.com/grafana/grafana/pkg/services/searchusers"
2021-10-07 09:06:16 -05:00
"github.com/grafana/grafana/pkg/services/searchusers/filters"
2022-01-26 13:24:05 -06:00
"github.com/grafana/grafana/pkg/services/secrets/database"
secretsManager "github.com/grafana/grafana/pkg/services/secrets/manager"
2022-01-05 02:59:17 -06:00
"github.com/grafana/grafana/pkg/services/sqlstore"
2022-02-03 02:20:20 -06:00
"github.com/grafana/grafana/pkg/services/sqlstore/mockstore"
2022-01-05 02:59:17 -06:00
"github.com/grafana/grafana/pkg/setting"
2017-02-08 07:20:07 -06:00
)
2020-11-13 02:52:38 -06:00
func TestUserAPIEndpoint_userLoggedIn ( t * testing . T ) {
2022-01-05 02:59:17 -06:00
settings := setting . NewCfg ( )
sqlStore := sqlstore . InitTestDB ( t )
2022-01-26 13:24:05 -06:00
hs := & HTTPServer {
2022-02-18 04:27:00 -06:00
Cfg : settings ,
SQLStore : sqlStore ,
2022-03-21 12:28:39 -05:00
AccessControl : acmock . New ( ) ,
2022-01-26 13:24:05 -06:00
}
2022-01-05 02:59:17 -06:00
2020-11-13 02:52:38 -06:00
mockResult := models . SearchUserQueryResult {
Users : [ ] * models . UserSearchHitDTO {
{ Name : "user1" } ,
{ Name : "user2" } ,
} ,
TotalCount : 2 ,
}
2022-02-03 02:20:20 -06:00
mock := mockstore . NewSQLStoreMock ( )
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET on" , "api/users/1" , "api/users/:id" , func ( sc * scenarioContext ) {
2020-11-13 02:52:38 -06:00
fakeNow := time . Date ( 2019 , 2 , 11 , 17 , 30 , 40 , 0 , time . UTC )
2022-01-26 13:24:05 -06:00
secretsService := secretsManager . SetupTestService ( t , database . ProvideSecretsStore ( sqlStore ) )
2022-04-13 08:24:13 -05:00
authInfoStore := authinfostore . ProvideAuthInfoStore ( sqlStore , secretsService )
2022-02-03 11:23:45 -06:00
srv := authinfoservice . ProvideAuthInfoService ( & authinfoservice . OSSUserProtectionImpl { } , authInfoStore )
2022-01-26 13:24:05 -06:00
hs . authInfoService = srv
createUserCmd := models . CreateUserCommand {
Email : fmt . Sprint ( "user" , "@test.com" ) ,
Name : "user" ,
Login : "loginuser" ,
IsAdmin : true ,
}
user , err := sqlStore . CreateUser ( context . Background ( ) , createUserCmd )
require . Nil ( t , err )
2020-11-13 02:52:38 -06:00
2022-01-05 02:59:17 -06:00
sc . handlerFunc = hs . GetUserByID
2019-09-11 07:43:05 -05:00
2022-01-26 13:24:05 -06:00
token := & oauth2 . Token {
AccessToken : "testaccess" ,
RefreshToken : "testrefresh" ,
Expiry : time . Now ( ) ,
TokenType : "Bearer" ,
}
idToken := "testidtoken"
token = token . WithExtra ( map [ string ] interface { } { "id_token" : idToken } )
query := & models . GetUserByAuthInfoQuery { Login : "loginuser" , AuthModule : "test" , AuthId : "test" }
cmd := & models . UpdateAuthInfoCommand {
UserId : user . Id ,
AuthId : query . AuthId ,
AuthModule : query . AuthModule ,
OAuthToken : token ,
}
err = srv . UpdateAuthInfo ( context . Background ( ) , cmd )
require . NoError ( t , err )
avatarUrl := dtos . GetGravatarUrl ( "@test.com" )
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { "id" : fmt . Sprintf ( "%v" , user . Id ) } ) . exec ( )
expected := models . UserProfileDTO {
Id : 1 ,
Email : "user@test.com" ,
Name : "user" ,
Login : "loginuser" ,
OrgId : 1 ,
IsGrafanaAdmin : true ,
AuthLabels : [ ] string { } ,
CreatedAt : fakeNow ,
UpdatedAt : fakeNow ,
AvatarUrl : avatarUrl ,
}
var resp models . UserProfileDTO
2020-11-13 02:52:38 -06:00
require . Equal ( t , http . StatusOK , sc . resp . Code )
2022-01-26 13:24:05 -06:00
err = json . Unmarshal ( sc . resp . Body . Bytes ( ) , & resp )
require . NoError ( t , err )
resp . CreatedAt = fakeNow
resp . UpdatedAt = fakeNow
resp . AvatarUrl = avatarUrl
require . EqualValues ( t , expected , resp )
2022-02-03 02:20:20 -06:00
} , mock )
2020-11-13 02:52:38 -06:00
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET on" , "/api/users/lookup" , "/api/users/lookup" , func ( sc * scenarioContext ) {
2022-01-26 13:24:05 -06:00
createUserCmd := models . CreateUserCommand {
Email : fmt . Sprint ( "admin" , "@test.com" ) ,
Name : "admin" ,
Login : "admin" ,
IsAdmin : true ,
}
_ , err := sqlStore . CreateUser ( context . Background ( ) , createUserCmd )
require . Nil ( t , err )
sc . handlerFunc = hs . GetUserByLoginOrEmail
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { "loginOrEmail" : "admin@test.com" } ) . exec ( )
var resp models . UserProfileDTO
2020-11-13 02:52:38 -06:00
require . Equal ( t , http . StatusOK , sc . resp . Code )
2022-01-26 13:24:05 -06:00
err = json . Unmarshal ( sc . resp . Body . Bytes ( ) , & resp )
require . NoError ( t , err )
require . Equal ( t , "admin" , resp . Login )
require . Equal ( t , "admin@test.com" , resp . Email )
require . True ( t , resp . IsGrafanaAdmin )
2022-02-03 02:20:20 -06:00
} , mock )
2020-11-13 02:52:38 -06:00
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET on" , "/api/users" , "/api/users" , func ( sc * scenarioContext ) {
2022-03-02 04:05:31 -06:00
mock . ExpectedSearchUsers = mockResult
2020-11-13 02:52:38 -06:00
2022-03-02 04:05:31 -06:00
searchUsersService := searchusers . ProvideUsersService ( mock , filters . ProvideOSSSearchUserFilter ( ) )
2021-09-29 05:51:49 -05:00
sc . handlerFunc = searchUsersService . SearchUsers
2020-11-13 02:52:38 -06:00
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { } ) . exec ( )
2017-02-08 07:20:07 -06:00
2020-11-13 02:52:38 -06:00
respJSON , err := simplejson . NewJson ( sc . resp . Body . Bytes ( ) )
require . NoError ( t , err )
2022-03-02 04:05:31 -06:00
2020-11-13 02:52:38 -06:00
assert . Equal ( t , 2 , len ( respJSON . MustArray ( ) ) )
2022-02-03 02:20:20 -06:00
} , mock )
2017-02-08 07:20:07 -06:00
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET with page and limit querystring parameters on" , "/api/users" , "/api/users" , func ( sc * scenarioContext ) {
2022-03-02 04:05:31 -06:00
mock . ExpectedSearchUsers = mockResult
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
searchUsersService := searchusers . ProvideUsersService ( mock , filters . ProvideOSSSearchUserFilter ( ) )
2021-09-29 05:51:49 -05:00
sc . handlerFunc = searchUsersService . SearchUsers
2020-11-13 02:52:38 -06:00
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { "perpage" : "10" , "page" : "2" } ) . exec ( )
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
respJSON , err := simplejson . NewJson ( sc . resp . Body . Bytes ( ) )
require . NoError ( t , err )
assert . Equal ( t , 2 , len ( respJSON . MustArray ( ) ) )
2022-02-03 02:20:20 -06:00
} , mock )
2017-02-08 07:20:07 -06:00
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET on" , "/api/users/search" , "/api/users/search" , func ( sc * scenarioContext ) {
2022-03-02 04:05:31 -06:00
mock . ExpectedSearchUsers = mockResult
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
searchUsersService := searchusers . ProvideUsersService ( mock , filters . ProvideOSSSearchUserFilter ( ) )
2021-09-29 05:51:49 -05:00
sc . handlerFunc = searchUsersService . SearchUsersWithPaging
2020-11-13 02:52:38 -06:00
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { } ) . exec ( )
2017-02-08 07:20:07 -06:00
2020-11-13 02:52:38 -06:00
respJSON , err := simplejson . NewJson ( sc . resp . Body . Bytes ( ) )
require . NoError ( t , err )
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
assert . Equal ( t , 1 , respJSON . Get ( "page" ) . MustInt ( ) )
assert . Equal ( t , 1000 , respJSON . Get ( "perPage" ) . MustInt ( ) )
2020-11-13 02:52:38 -06:00
assert . Equal ( t , 2 , respJSON . Get ( "totalCount" ) . MustInt ( ) )
assert . Equal ( t , 2 , len ( respJSON . Get ( "users" ) . MustArray ( ) ) )
2022-02-03 02:20:20 -06:00
} , mock )
2017-02-08 07:20:07 -06:00
2022-01-14 10:55:57 -06:00
loggedInUserScenario ( t , "When calling GET with page and perpage querystring parameters on" , "/api/users/search" , "/api/users/search" , func ( sc * scenarioContext ) {
2022-03-02 04:05:31 -06:00
mock . ExpectedSearchUsers = mockResult
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
searchUsersService := searchusers . ProvideUsersService ( mock , filters . ProvideOSSSearchUserFilter ( ) )
2021-09-29 05:51:49 -05:00
sc . handlerFunc = searchUsersService . SearchUsersWithPaging
2020-11-13 02:52:38 -06:00
sc . fakeReqWithParams ( "GET" , sc . url , map [ string ] string { "perpage" : "10" , "page" : "2" } ) . exec ( )
2017-02-08 07:20:07 -06:00
2022-03-02 04:05:31 -06:00
respJSON , err := simplejson . NewJson ( sc . resp . Body . Bytes ( ) )
require . NoError ( t , err )
assert . Equal ( t , 2 , respJSON . Get ( "page" ) . MustInt ( ) )
assert . Equal ( t , 10 , respJSON . Get ( "perPage" ) . MustInt ( ) )
2022-02-03 02:20:20 -06:00
} , mock )
2017-02-08 07:20:07 -06:00
}
