IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-26 02:40:26 -06:00
Code Issues Packages Projects Releases Wiki Activity
e94b37c656
grafana/pkg/api/admin_users_test.go

449 lines
14 KiB
Go
Raw Normal View History

feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
package api
import (
"testing"
"github.com/grafana/grafana/pkg/api/dtos"
"github.com/grafana/grafana/pkg/bus"
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
"github.com/grafana/grafana/pkg/components/simplejson"
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
"github.com/grafana/grafana/pkg/models"
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
"github.com/grafana/grafana/pkg/services/auth"
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
. "github.com/smartystreets/goconvey/convey"
)
Allow API to assign new user to a specific organization (#21775) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements
2020-04-15 04:11:45 -05:00
const (
TestLogin = "test@example.com"
TestPassword = "password"
nonExistingOrgID = 1000
)
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
func TestAdminApiEndpoint(t *testing.T) {
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
role := models.ROLE_ADMIN
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
Convey("Given a server admin attempts to remove themself as an admin", t, func() {
updateCmd := dtos.AdminUpdateUserPermissionsForm{
IsGrafanaAdmin: false,
}
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.UpdateUserPermissionsCommand) error {
return models.ErrLastGrafanaAdmin
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
})
putAdminScenario("When calling PUT on", "/api/admin/users/1/permissions", "/api/admin/users/:id/permissions", role, updateCmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("PUT", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 400)
})
})
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
Convey("When a server admin attempts to logout himself from all devices", t, func() {
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetUserByIdQuery) error {
cmd.Result = &models.User{Id: TestUserID}
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
return nil
})
adminLogoutUserScenario("Should not be allowed when calling POST on", "/api/admin/users/1/logout", "/api/admin/users/:id/logout", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 400)
})
})
Convey("When a server admin attempts to logout a non-existing user from all devices", t, func() {
userId := int64(0)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetUserByIdQuery) error {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
userId = cmd.Id
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
return models.ErrUserNotFound
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
})
adminLogoutUserScenario("Should return not found when calling POST on", "/api/admin/users/200/logout", "/api/admin/users/:id/logout", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
So(userId, ShouldEqual, 200)
})
})
Convey("When a server admin attempts to revoke an auth token for a non-existing user", t, func() {
userId := int64(0)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetUserByIdQuery) error {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
userId = cmd.Id
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
return models.ErrUserNotFound
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
})
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
cmd := models.RevokeAuthTokenCmd{AuthTokenId: 2}
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
adminRevokeUserAuthTokenScenario("Should return not found when calling POST on", "/api/admin/users/200/revoke-auth-token", "/api/admin/users/:id/revoke-auth-token", cmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
So(userId, ShouldEqual, 200)
})
})
Convey("When a server admin gets auth tokens for a non-existing user", t, func() {
userId := int64(0)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetUserByIdQuery) error {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
userId = cmd.Id
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
return models.ErrUserNotFound
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
})
adminGetUserAuthTokensScenario("Should return not found when calling GET on", "/api/admin/users/200/auth-tokens", "/api/admin/users/:id/auth-tokens", func(sc *scenarioContext) {
sc.fakeReqWithParams("GET", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
So(userId, ShouldEqual, 200)
})
})
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
Convey("When a server admin attempts to enable/disable a nonexistent user", t, func() {
var userId int64
isDisabled := false
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetAuthInfoQuery) error {
return models.ErrUserNotFound
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
})
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.DisableUserCommand) error {
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
userId = cmd.UserId
isDisabled = cmd.IsDisabled
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
return models.ErrUserNotFound
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
})
adminDisableUserScenario("Should return user not found on a POST request", "enable", "/api/admin/users/42/enable", "/api/admin/users/:id/enable", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "User not found")
So(userId, ShouldEqual, 42)
So(isDisabled, ShouldEqual, false)
})
adminDisableUserScenario("Should return user not found on a POST request", "disable", "/api/admin/users/42/disable", "/api/admin/users/:id/disable", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "User not found")
So(userId, ShouldEqual, 42)
So(isDisabled, ShouldEqual, true)
})
})
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
Convey("When a server admin attempts to disable/enable external user", t, func() {
userId := int64(0)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.GetAuthInfoQuery) error {
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
userId = cmd.UserId
return nil
})
adminDisableUserScenario("Should return Could not disable external user error", "disable", "/api/admin/users/42/disable", "/api/admin/users/:id/disable", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 500)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "Could not disable external user")
So(userId, ShouldEqual, 42)
})
adminDisableUserScenario("Should return Could not enable external user error", "enable", "/api/admin/users/42/enable", "/api/admin/users/:id/enable", func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 500)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "Could not enable external user")
So(userId, ShouldEqual, 42)
})
})
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
Convey("When a server admin attempts to delete a nonexistent user", t, func() {
var userId int64
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
bus.AddHandler("test", func(cmd *models.DeleteUserCommand) error {
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
userId = cmd.UserId
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
return models.ErrUserNotFound
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
})
adminDeleteUserScenario("Should return user not found error", "/api/admin/users/42", "/api/admin/users/:id", func(sc *scenarioContext) {
sc.fakeReqWithParams("DELETE", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 404)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "User not found")
So(userId, ShouldEqual, 42)
})
})
Allow API to assign new user to a specific organization (#21775) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements
2020-04-15 04:11:45 -05:00
Convey("When a server admin attempts to create a user", t, func() {
var userLogin string
var orgId int64
bus.AddHandler("test", func(cmd *models.CreateUserCommand) error {
userLogin = cmd.Login
orgId = cmd.OrgId
if orgId == nonExistingOrgID {
return models.ErrOrgNotFound
}
cmd.Result = models.User{Id: TestUserID}
return nil
})
Convey("Without an organization", func() {
createCmd := dtos.AdminCreateUserForm{
Login: TestLogin,
Password: TestPassword,
}
adminCreateUserScenario("Should create the user", "/api/admin/users", "/api/admin/users", createCmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 200)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("id").MustInt64(), ShouldEqual, TestUserID)
So(respJSON.Get("message").MustString(), ShouldEqual, "User created")
// test that userLogin and orgId were transmitted correctly to the handler
So(userLogin, ShouldEqual, TestLogin)
So(orgId, ShouldEqual, 0)
})
})
Convey("With an organization", func() {
createCmd := dtos.AdminCreateUserForm{
Login: TestLogin,
Password: TestPassword,
OrgId: TestOrgID,
}
adminCreateUserScenario("Should create the user", "/api/admin/users", "/api/admin/users", createCmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 200)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("id").MustInt64(), ShouldEqual, TestUserID)
So(respJSON.Get("message").MustString(), ShouldEqual, "User created")
So(userLogin, ShouldEqual, TestLogin)
So(orgId, ShouldEqual, TestOrgID)
})
})
Convey("With a nonexistent organization", func() {
createCmd := dtos.AdminCreateUserForm{
Login: TestLogin,
Password: TestPassword,
OrgId: nonExistingOrgID,
}
adminCreateUserScenario("Should create the user", "/api/admin/users", "/api/admin/users", createCmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 400)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("message").MustString(), ShouldEqual, "Organization not found")
So(userLogin, ShouldEqual, TestLogin)
So(orgId, ShouldEqual, 1000)
})
})
})
Users: Improve conflict error handling (#26958) * API: Improve error handling (#26934) * New ErrUserAlreadyExists error has been introduced * Create user endpoint returns 412 Precondition Failed on ErrUserAlreadyExists errors * Make ErrUserAlreadyExists error message clearer Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Use errors.Is instead of equality comparator on AdminCreateUser handler * Improve sqlstore/user test definition Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Improve sqlstore/user tests for ErrUserAlreadyExists cases * Remove no needed string fmt and err declaration on sqlstore/user tests * Code improvements for sqlstore/user tests Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Use err.Error() instead of sentinel error value on AdminCreateUser Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Add ErrUserAlreadyExists handling for signup & org invite use cases Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-13 07:38:54 -05:00
Convey("When a server admin attempts to create a user with an already existing email/login", t, func() {
bus.AddHandler("test", func(cmd *models.CreateUserCommand) error {
return models.ErrUserAlreadyExists
})
createCmd := dtos.AdminCreateUserForm{
Login: TestLogin,
Password: TestPassword,
}
adminCreateUserScenario("Should return an error", "/api/admin/users", "/api/admin/users", createCmd, func(sc *scenarioContext) {
sc.fakeReqWithParams("POST", sc.url, map[string]string{}).exec()
So(sc.resp.Code, ShouldEqual, 412)
respJSON, err := simplejson.NewJson(sc.resp.Body.Bytes())
So(err, ShouldBeNil)
So(respJSON.Get("error").MustString(), ShouldEqual, "User already exists")
})
})
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
}
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
func putAdminScenario(desc string, url string, routePattern string, role models.RoleType, cmd dtos.AdminUpdateUserPermissionsForm, fn scenarioFunc) {
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
sc := setupScenarioContext(url)
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
sc.context = c
sc.context.UserId = TestUserID
sc.context.OrgId = TestOrgID
sc.context.OrgRole = role
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
return AdminUpdateUserPermissions(c, cmd)
feat: #11067 prevent removing last grafana admin permissions
2018-12-01 11:28:10 -06:00
})
sc.m.Put(routePattern, sc.defaultHandler)
fn(sc)
})
}
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
func adminLogoutUserScenario(desc string, url string, routePattern string, fn scenarioFunc) {
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
hs := HTTPServer{
Bus: bus.GetBus(),
AuthTokenService: auth.NewFakeUserAuthTokenService(),
}
sc := setupScenarioContext(url)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
sc.context = c
sc.context.UserId = TestUserID
sc.context.OrgId = TestOrgID
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.context.OrgRole = models.ROLE_ADMIN
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
return hs.AdminLogoutUser(c)
})
sc.m.Post(routePattern, sc.defaultHandler)
fn(sc)
})
}
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
func adminRevokeUserAuthTokenScenario(desc string, url string, routePattern string, cmd models.RevokeAuthTokenCmd, fn scenarioFunc) {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
fakeAuthTokenService := auth.NewFakeUserAuthTokenService()
hs := HTTPServer{
Bus: bus.GetBus(),
AuthTokenService: fakeAuthTokenService,
}
sc := setupScenarioContext(url)
sc.userAuthTokenService = fakeAuthTokenService
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
sc.context = c
sc.context.UserId = TestUserID
sc.context.OrgId = TestOrgID
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.context.OrgRole = models.ROLE_ADMIN
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
return hs.AdminRevokeUserAuthToken(c, cmd)
})
sc.m.Post(routePattern, sc.defaultHandler)
fn(sc)
})
}
func adminGetUserAuthTokensScenario(desc string, url string, routePattern string, fn scenarioFunc) {
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
fakeAuthTokenService := auth.NewFakeUserAuthTokenService()
hs := HTTPServer{
Bus: bus.GetBus(),
AuthTokenService: fakeAuthTokenService,
}
sc := setupScenarioContext(url)
sc.userAuthTokenService = fakeAuthTokenService
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
sc.context = c
sc.context.UserId = TestUserID
sc.context.OrgId = TestOrgID
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.context.OrgRole = models.ROLE_ADMIN
feat(api): support list/revoke auth token in admin/current user api
2019-03-08 08:15:38 -06:00
return hs.AdminGetUserAuthTokens(c)
})
sc.m.Get(routePattern, sc.defaultHandler)
fn(sc)
})
}
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
func adminDisableUserScenario(desc string, action string, url string, routePattern string, fn scenarioFunc) {
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
Auth: Logout disabled user (#17166) * Feature: revoke user token when disabled * Chore: fix linter error
2019-05-23 07:54:47 -05:00
fakeAuthTokenService := auth.NewFakeUserAuthTokenService()
hs := HTTPServer{
Bus: bus.GetBus(),
AuthTokenService: fakeAuthTokenService,
}
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
sc := setupScenarioContext(url)
Chore: Avoid aliasing importing models in api package (#22492)
2020-03-04 05:57:20 -06:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
sc.context = c
sc.context.UserId = TestUserID
if action == "enable" {
Auth: Logout disabled user (#17166) * Feature: revoke user token when disabled * Chore: fix linter error
2019-05-23 07:54:47 -05:00
return AdminEnableUser(c)
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
}
Auth: Logout disabled user (#17166) * Feature: revoke user token when disabled * Chore: fix linter error
2019-05-23 07:54:47 -05:00
return hs.AdminDisableUser(c)
Users: Disable users removed from LDAP (#16820) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring
2019-05-21 06:52:49 -05:00
})
sc.m.Post(routePattern, sc.defaultHandler)
fn(sc)
})
}
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
func adminDeleteUserScenario(desc string, url string, routePattern string, fn scenarioFunc) {
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
sc := setupScenarioContext(url)
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
sc.context = c
sc.context.UserId = TestUserID
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
return AdminDeleteUser(c)
ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391) * ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 04:43:44 -06:00
})
sc.m.Delete(routePattern, sc.defaultHandler)
fn(sc)
})
}
Allow API to assign new user to a specific organization (#21775) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements
2020-04-15 04:11:45 -05:00
func adminCreateUserScenario(desc string, url string, routePattern string, cmd dtos.AdminCreateUserForm, fn scenarioFunc) {
Convey(desc+" "+url, func() {
defer bus.ClearBusHandlers()
sc := setupScenarioContext(url)
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
sc.defaultHandler = Wrap(func(c *models.ReqContext) Response {
Allow API to assign new user to a specific organization (#21775) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements
2020-04-15 04:11:45 -05:00
sc.context = c
sc.context.UserId = TestUserID
Chore: use Wrap for all admin API (#26673) * Chore: use Wrap for all admin API * API: fix admin tests
2020-07-29 11:00:14 -05:00
return AdminCreateUser(c, cmd)
Allow API to assign new user to a specific organization (#21775) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements
2020-04-15 04:11:45 -05:00
})
sc.m.Post(routePattern, sc.defaultHandler)
fn(sc)
})
}
Reference in New Issue Copy Permalink