IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-01-16 11:42:35 -06:00
Code Issues Packages Projects Releases Wiki Activity
40e6ac8fc0
grafana/pkg/middleware/middleware_basic_auth_test.go

102 lines
3.5 KiB
Go
Raw Normal View History

Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
package middleware
import (
"encoding/json"
"testing"
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
"github.com/grafana/grafana/pkg/login"
Chore: Move api key models into apikey service package (#53241) * Chore: move api key models into apikey service package * force table name for api key
2022-08-04 07:19:09 -05:00
"github.com/grafana/grafana/pkg/services/apikey"
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
"github.com/grafana/grafana/pkg/services/contexthandler"
Chore: Remove bus.Dispatch from some login packages (#47248) * Chore: Remove bus.Dispatch from some login packages * remove debug log Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * remove login.Init() * remove unused reset function * remove AuthenticateUserFunc global * swap conditional branches Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * fix formatting Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2022-04-04 13:36:15 -05:00
"github.com/grafana/grafana/pkg/services/login/logintest"
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2022-08-10 04:56:48 -05:00
"github.com/grafana/grafana/pkg/services/org"
Split Create User (#50502) * Split Create User * Use new create user and User from package user * Add service to wire * Making create user work * Replace user from user pkg * One more * Move Insert to orguser Service/Store * Remove unnecessary conversion * Cleaunp * Fix Get User and add fakes * Fixing get org id for user logic, adding fakes and other adjustments * Add some tests for ourguser service and store * Fix insert org logic * Add comment about deprecation * Fix after merge with main * Move orguser service/store to org service/store * Remove orguser from wire * Unimplement new Create user and use User from pkg user * Fix wire generation * Fix lint * Fix lint - use only User and CrateUserCommand from user pkg * Remove User and CreateUserCommand from models * Fix lint 2
2022-06-28 07:32:25 -05:00
"github.com/grafana/grafana/pkg/services/user"
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
"github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/util"
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
)
func TestMiddlewareBasicAuth(t *testing.T) {
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
const id int64 = 12
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
configure := func(cfg *setting.Cfg) {
cfg.BasicAuthEnabled = true
cfg.DisableBruteForceLoginProtection = true
}
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
middlewareScenario(t, "Valid API key", func(t *testing.T, sc *scenarioContext) {
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
const orgID int64 = 2
keyhash, err := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")
require.NoError(t, err)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2022-08-10 04:56:48 -05:00
sc.apiKeyService.ExpectedAPIKey = &apikey.APIKey{OrgId: orgID, Role: org.RoleEditor, Key: keyhash}
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
authHeader := util.GetBasicAuthHeader("api_key", "eyJrIjoidjVuQXdwTWFmRlA2em5hUzR1cmhkV0RMUzU1MTFNNDIiLCJuIjoiYXNkIiwiaWQiOjF9")
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
assert.Equal(t, 200, sc.resp.Code)
assert.True(t, sc.context.IsSignedIn)
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 06:28:55 -05:00
assert.Equal(t, orgID, sc.context.OrgID)
Move SignedInUser to user service and RoleType and Roles to org (#53445) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2
2022-08-10 04:56:48 -05:00
assert.Equal(t, org.RoleEditor, sc.context.OrgRole)
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
}, configure)
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
middlewareScenario(t, "Handle auth", func(t *testing.T, sc *scenarioContext) {
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
const password = "MyPass"
const orgID int64 = 2
Chore: Remove GetSignedInUserWithCacheCtx from store interface (#53734) * Remove delete suer from store interface * Remove get signed in user with cache ctx from store interface * Support options when setting up access control tests * Fix broken tests * Fix lint * Add user fake to middleware * Fix middleware tests, remove usertest being initialised twice Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-08-16 09:08:59 -05:00
sc.userService.ExpectedSignedInUser = &user.SignedInUser{OrgID: orgID, UserID: id}
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
authHeader := util.GetBasicAuthHeader("myUser", password)
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
assert.True(t, sc.context.IsSignedIn)
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 06:28:55 -05:00
assert.Equal(t, orgID, sc.context.OrgID)
assert.Equal(t, id, sc.context.UserID)
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
}, configure)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
middlewareScenario(t, "Auth sequence", func(t *testing.T, sc *scenarioContext) {
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
const password = "MyPass"
const salt = "Salt"
Chore: Remove last bus parts from login package (#47313) * Chore: Remove last bus parts from login package * fix middleware tests
2022-04-06 01:45:01 -05:00
encoded, err := util.EncodePassword(password, salt)
require.NoError(t, err)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Chore: Remove GetSignedInUserWithCacheCtx from store interface (#53734) * Remove delete suer from store interface * Remove get signed in user with cache ctx from store interface * Support options when setting up access control tests * Fix broken tests * Fix lint * Add user fake to middleware * Fix middleware tests, remove usertest being initialised twice Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-08-16 09:08:59 -05:00
sc.userService.ExpectedUser = &user.User{Password: encoded, ID: id, Salt: salt}
sc.userService.ExpectedSignedInUser = &user.SignedInUser{UserID: id}
Chore: Move login attempt methods to separate service (#54479) * Chore: Move login attempt methods to separate service * attempt to fix tests * fix syntax * better time mocking * initialise now func
2022-09-01 11:08:42 -05:00
login.ProvideService(sc.mockSQLStore, &logintest.LoginServiceFake{}, nil, sc.userService)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
authHeader := util.GetBasicAuthHeader("myUser", password)
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
require.NotNil(t, sc.context)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
assert.True(t, sc.context.IsSignedIn)
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields
2022-08-11 06:28:55 -05:00
assert.Equal(t, id, sc.context.UserID)
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
}, configure)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
middlewareScenario(t, "Should return error if user is not found", func(t *testing.T, sc *scenarioContext) {
Chore: Remove GetSignedInUserWithCacheCtx from store interface (#53734) * Remove delete suer from store interface * Remove get signed in user with cache ctx from store interface * Support options when setting up access control tests * Fix broken tests * Fix lint * Add user fake to middleware * Fix middleware tests, remove usertest being initialised twice Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-08-16 09:08:59 -05:00
sc.userService.ExpectedError = user.ErrUserNotFound
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
sc.fakeReq("GET", "/")
sc.req.SetBasicAuth("user", "password")
sc.exec()
err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
require.Error(t, err)
assert.Equal(t, 401, sc.resp.Code)
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
assert.Equal(t, contexthandler.InvalidUsernamePassword, sc.respJson["message"])
}, configure)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
middleware: Make scenario test functions take a testing.T argument (#29564) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-04 04:09:32 -06:00
middlewareScenario(t, "Should return error if user & password do not match", func(t *testing.T, sc *scenarioContext) {
Chore: Remove GetSignedInUserWithCacheCtx from store interface (#53734) * Remove delete suer from store interface * Remove get signed in user with cache ctx from store interface * Support options when setting up access control tests * Fix broken tests * Fix lint * Add user fake to middleware * Fix middleware tests, remove usertest being initialised twice Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-08-16 09:08:59 -05:00
sc.userService.ExpectedError = user.ErrUserNotFound
Middleware: Rewrite tests to use standard library (#29535) * middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 01:28:54 -06:00
sc.fakeReq("GET", "/")
sc.req.SetBasicAuth("killa", "gorilla")
sc.exec()
err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
require.Error(t, err)
assert.Equal(t, 401, sc.resp.Code)
Move middleware context handler logic to service (#29605) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 04:44:44 -06:00
assert.Equal(t, contexthandler.InvalidUsernamePassword, sc.respJson["message"])
}, configure)
Auth: Do not search for the user twice (#18366) * Auth: Do not search for the user twice Previously `initContextWithBasicAuth` did not use `LoginUserQuery`, doing `GetUserByLoginQuery` only i.e. looking user in DB only, things changed when this function started to check LDAP provider via `LoginUserQuery` (#6940), however, this request was placed after `GetUserByLoginQuery`, so we first looking in DB then in the LDAP - if LDAP user hasn't logged in we will not find it in DB, so `LoginUserQuery` will never be reached. `LoginUserQuery` request already performs `GetUserByLoginQuery` request in correct sequence. So we can just remove redundant request. * Correct sequence execution during authentification & introduce tests for it * Move basic auth tests to separate test file, since main test file already pretty large * Introduce `testing.go` for the middleware module * Remove redundant test helper function * Make handler names more explicit Ref 5777f65d05a8dc141c34e470ef1d5fe956f8173c Fixes #18329 * Auth: address review comment
2019-08-03 14:50:05 -05:00
}
Reference in New Issue Copy Permalink