grafana/pkg/api/short_url_test.go

package api

import (
	"context"
	"encoding/json"
	"fmt"
	"testing"

	"github.com/stretchr/testify/require"

	"github.com/grafana/grafana/pkg/api/dtos"
	"github.com/grafana/grafana/pkg/api/response"
	"github.com/grafana/grafana/pkg/api/routing"
	"github.com/grafana/grafana/pkg/infra/log"
	contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
	"github.com/grafana/grafana/pkg/services/shorturls"
	"github.com/grafana/grafana/pkg/services/user"
	"github.com/grafana/grafana/pkg/setting"
)

func TestShortURLAPIEndpoint(t *testing.T) {
	t.Run("Given a correct request for creating a shortUrl", func(t *testing.T) {
		cmd := dtos.CreateShortURLCmd{
			Path: "d/TxKARsmGz/new-dashboard?orgId=1&from=1599389322894&to=1599410922894",
		}

		createResp := &shorturls.ShortUrl{
			Id:    1,
			OrgId: testOrgID,
			Uid:   "N1u6L4eGz",
			Path:  cmd.Path,
		}
		service := &fakeShortURLService{
			createShortURLFunc: func(ctx context.Context, user *user.SignedInUser, path string) (*shorturls.ShortUrl, error) {
				return createResp, nil
			},
		}

		createShortURLScenario(t, "When calling POST on", "/api/short-urls", "/api/short-urls", cmd, service,
			func(sc *scenarioContext) {
				callCreateShortURL(sc)

				shortUrl := dtos.ShortURL{}
				err := json.NewDecoder(sc.resp.Body).Decode(&shortUrl)
				require.NoError(t, err)
				require.Equal(t, 200, sc.resp.Code)
				require.Equal(t, fmt.Sprintf("/goto/%s?orgId=%d", createResp.Uid, createResp.OrgId), shortUrl.URL)
			})
	})
}

func callCreateShortURL(sc *scenarioContext) {
	sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
}

func createShortURLScenario(t *testing.T, desc string, url string, routePattern string, cmd dtos.CreateShortURLCmd, shortURLService shorturls.Service, fn scenarioFunc) {
	t.Run(fmt.Sprintf("%s %s", desc, url), func(t *testing.T) {
		hs := HTTPServer{
			Cfg:             setting.NewCfg(),
			ShortURLService: shortURLService,
			log:             log.New("test"),
		}

		sc := setupScenarioContext(t, url)
		sc.defaultHandler = routing.Wrap(func(c *contextmodel.ReqContext) response.Response {
			c.Req.Body = mockRequestBody(cmd)
			c.Req.Header.Add("Content-Type", "application/json")
			sc.context = c
			sc.context.SignedInUser = &user.SignedInUser{OrgID: testOrgID, UserID: testUserID}

			return hs.createShortURL(c)
		})

		sc.m.Post(routePattern, sc.defaultHandler)

		fn(sc)
	})
}

type fakeShortURLService struct {
	createShortURLFunc func(ctx context.Context, user *user.SignedInUser, path string) (*shorturls.ShortUrl, error)
}

func (s *fakeShortURLService) GetShortURLByUID(ctx context.Context, user *user.SignedInUser, uid string) (*shorturls.ShortUrl, error) {
	return nil, nil
}

func (s *fakeShortURLService) CreateShortURL(ctx context.Context, user *user.SignedInUser, path string) (*shorturls.ShortUrl, error) {
	if s.createShortURLFunc != nil {
		return s.createShortURLFunc(ctx, user, path)
	}

	return nil, nil
}

func (s *fakeShortURLService) UpdateLastSeenAt(ctx context.Context, shortURL *shorturls.ShortUrl) error {
	return nil
}

func (s *fakeShortURLService) DeleteStaleShortURLs(ctx context.Context, cmd *shorturls.DeleteShortUrlCommand) error {
	return nil
}
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`package api`

			`import (`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`"context"`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`"encoding/json"`
			`"fmt"`
			`"testing"`

Chore: Fix goimports grouping in pkg/api (#62419) * fix goimports * fix goimports order 2023-01-30 02:18:26 -06:00			`"github.com/stretchr/testify/require"`

Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`"github.com/grafana/grafana/pkg/api/dtos"`
			`"github.com/grafana/grafana/pkg/api/response"`
			`"github.com/grafana/grafana/pkg/api/routing"`
			`"github.com/grafana/grafana/pkg/infra/log"`
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 01:50:36 -06:00			`contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`"github.com/grafana/grafana/pkg/services/shorturls"`
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2 2022-08-10 04:56:48 -05:00			`"github.com/grafana/grafana/pkg/services/user"`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`"github.com/grafana/grafana/pkg/setting"`
			`)`

			`func TestShortURLAPIEndpoint(t *testing.T) {`
			`t.Run("Given a correct request for creating a shortUrl", func(t *testing.T) {`
			`cmd := dtos.CreateShortURLCmd{`
			`Path: "d/TxKARsmGz/new-dashboard?orgId=1&from=1599389322894&to=1599410922894",`
			`}`

Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`createResp := &shorturls.ShortUrl{`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`Id: 1,`
			`OrgId: testOrgID,`
			`Uid: "N1u6L4eGz",`
			`Path: cmd.Path,`
			`}`
			`service := &fakeShortURLService{`
Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`createShortURLFunc: func(ctx context.Context, user user.SignedInUser, path string) (shorturls.ShortUrl, error) {`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`return createResp, nil`
			`},`
			`}`

			`createShortURLScenario(t, "When calling POST on", "/api/short-urls", "/api/short-urls", cmd, service,`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`func(sc *scenarioContext) {`
			`callCreateShortURL(sc)`

			`shortUrl := dtos.ShortURL{}`
			`err := json.NewDecoder(sc.resp.Body).Decode(&shortUrl)`
			`require.NoError(t, err)`
			`require.Equal(t, 200, sc.resp.Code)`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`require.Equal(t, fmt.Sprintf("/goto/%s?orgId=%d", createResp.Uid, createResp.OrgId), shortUrl.URL)`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`})`
			`})`
			`}`

			`func callCreateShortURL(sc *scenarioContext) {`
			`sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()`
			`}`

Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`func createShortURLScenario(t *testing.T, desc string, url string, routePattern string, cmd dtos.CreateShortURLCmd, shortURLService shorturls.Service, fn scenarioFunc) {`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`t.Run(fmt.Sprintf("%s %s", desc, url), func(t *testing.T) {`
			`hs := HTTPServer{`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`Cfg: setting.NewCfg(),`
			`ShortURLService: shortURLService,`
			`log: log.New("test"),`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`}`

			`sc := setupScenarioContext(t, url)`
Chore: Move ReqContext to contexthandler service (#62102) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports 2023-01-27 01:50:36 -06:00			`sc.defaultHandler = routing.Wrap(func(c *contextmodel.ReqContext) response.Response {`
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments 2021-11-29 03:18:01 -06:00			`c.Req.Body = mockRequestBody(cmd)`
Security: Sync security changes on main (#45083) * * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search * Teams: Ensure that users searching for teams are only able see teams they have access to * Teams: Require teamGuardian admin privileges to list team members * Teams: Prevent org viewers from administering teams * Teams: Add org_id condition to team count query * Teams: clarify permission requirements in teams api docs * Teams: expand scenarios for team search tests * Teams: mock teamGuardian in tests Co-authored-by: Dan Cech <dcech@grafana.com> * remove duplicate WHERE statement * Fix for CVE-2022-21702 (cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e) * Lint and test fixes (cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981) * check content type properly (cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98) * basic csrf origin check (cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1) * compare origin to host (cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42) * simplify url parsing (cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d) * check csrf for GET requests, only compare origin (cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709) * parse content type properly (cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0) * mentioned get in the comment (cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345) * add content-type: application/json to test HTTP requests * fix pluginproxy test * Fix linter when comparing errors Co-authored-by: Kevin Minehart <kmineh0151@gmail.com> Co-authored-by: Dan Cech <dcech@grafana.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com> Co-authored-by: Vardan Torosyan <vardants@gmail.com> 2022-02-09 06:44:38 -06:00			`c.Req.Header.Add("Content-Type", "application/json")`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`sc.context = c`
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields 2022-08-11 06:28:55 -05:00			`sc.context.SignedInUser = &user.SignedInUser{OrgID: testOrgID, UserID: testUserID}`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00
Chore: Refactor api handlers to use web.Bind (#42199) * Chore: Refactor api handlers to use web.Bind * fix comments * fix comment * trying to fix most of the tests and force routing.Wrap type check * fix library panels tests * fix frontend logging tests * allow passing nil as a response to skip writing * return nil instead of the response * rewrite login handler function types * remove handlerFuncCtx * make linter happy * remove old bindings from the libraryelements * restore comments 2021-11-29 03:18:01 -06:00			`return hs.createShortURL(c)`
Short URL: Fix so that orgId is included in generated short URL (#34696) Fixes #33813 Signed-off-by: Jan Jansen <jan.jansen@gdata.de> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> 2021-06-01 07:19:10 -05:00			`})`

			`sc.m.Post(routePattern, sc.defaultHandler)`

			`fn(sc)`
			`})`
			`}`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00
			`type fakeShortURLService struct {`
Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`createShortURLFunc func(ctx context.Context, user user.SignedInUser, path string) (shorturls.ShortUrl, error)`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`}`

Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`func (s fakeShortURLService) GetShortURLByUID(ctx context.Context, user user.SignedInUser, uid string) (*shorturls.ShortUrl, error) {`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`return nil, nil`
			`}`

Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`func (s fakeShortURLService) CreateShortURL(ctx context.Context, user user.SignedInUser, path string) (*shorturls.ShortUrl, error) {`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`if s.createShortURLFunc != nil {`
			`return s.createShortURLFunc(ctx, user, path)`
			`}`

			`return nil, nil`
			`}`

Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`func (s fakeShortURLService) UpdateLastSeenAt(ctx context.Context, shortURL shorturls.ShortUrl) error {`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`return nil`
			`}`

Chore: Refectory of shorturl service, move models into service (#61295) Chore: refectory of shorturl service, move models into service 2023-01-12 03:13:47 -06:00			`func (s fakeShortURLService) DeleteStaleShortURLs(ctx context.Context, cmd shorturls.DeleteShortUrlCommand) error {`
Chore: Refactor short url api test (#35051) Use a mock of the short URL service rather than real one which requires database access. Ref #34696 2021-06-01 13:34:59 -05:00			`return nil`
			`}`