diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/plugs/authentication_plug_test.exs | 210 | ||||
| -rw-r--r-- | test/plugs/basic_auth_decoder_plug_test.exs | 31 | ||||
| -rw-r--r-- | test/plugs/ensure_authenticated_plug_test.exs | 27 | ||||
| -rw-r--r-- | test/plugs/ensure_user_key_plug_test.exs | 25 | ||||
| -rw-r--r-- | test/plugs/legacy_authentication_plug_test.exs | 82 | ||||
| -rw-r--r-- | test/plugs/session_authentication_plug_test.exs | 59 | ||||
| -rw-r--r-- | test/plugs/set_user_session_id_plug_test.exs | 39 | ||||
| -rw-r--r-- | test/plugs/user_enabled_plug_test.exs | 35 | ||||
| -rw-r--r-- | test/plugs/user_fetcher_plug_test.exs | 37 |
9 files changed, 367 insertions, 178 deletions
diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index 729ac8ae5..061fa0cac 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -4,196 +4,50 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do alias Pleroma.Plugs.AuthenticationPlug alias Pleroma.User - defp fetch_nil(_name) do - {:ok, nil} - end - - @user %User{ - id: 1, - name: "dude", - password_hash: Comeonin.Pbkdf2.hashpwsalt("guy") - } - - @deactivated %User{ - id: 1, - name: "dude", - password_hash: Comeonin.Pbkdf2.hashpwsalt("guy"), - info: %{"deactivated" => true} - } - - @session_opts [ - store: :cookie, - key: "_test", - signing_salt: "cooldude" - ] - - defp fetch_user(_name) do - {:ok, @user} - end - - defp basic_auth_enc(username, password) do - "Basic " <> Base.encode64("#{username}:#{password}") - end - - describe "without an authorization header" do - test "it halts the application" do - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> AuthenticationPlug.call(%{}) - - assert conn.status == 403 - assert conn.halted == true - end - - test "it assigns a nil user if the 'optional' option is used" do - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> AuthenticationPlug.call(%{optional: true}) - - assert %{user: nil} == conn.assigns - end - end - - describe "with an authorization header for a nonexisting user" do - test "it halts the application" do - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1}) - - assert conn.status == 403 - assert conn.halted == true - end - - test "it assigns a nil user if the 'optional' option is used" do - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1}) + setup %{conn: conn} do + user = %User{ + id: 1, + name: "dude", + password_hash: Comeonin.Pbkdf2.hashpwsalt("guy") + } - assert %{user: nil} == conn.assigns - end - end - - describe "with an incorrect authorization header for a enxisting user" do - test "it halts the application" do - opts = %{ - fetcher: &fetch_user/1 - } - - header = basic_auth_enc("dude", "man") - - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> put_req_header("authorization", header) - |> AuthenticationPlug.call(opts) - - assert conn.status == 403 - assert conn.halted == true - end - - test "it assigns a nil user if the 'optional' option is used" do - opts = %{ - optional: true, - fetcher: &fetch_user/1 - } - - header = basic_auth_enc("dude", "man") - - conn = - build_conn() - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> put_req_header("authorization", header) - |> AuthenticationPlug.call(opts) + conn = + conn + |> assign(:auth_user, user) - assert %{user: nil} == conn.assigns - end + %{user: user, conn: conn} end - describe "with a correct authorization header for an existing user" do - test "it assigns the user", %{conn: conn} do - opts = %{ - optional: true, - fetcher: &fetch_user/1 - } + test "it does nothing if a user is assigned", %{conn: conn} do + conn = + conn + |> assign(:user, %User{}) - header = basic_auth_enc("dude", "guy") + ret_conn = + conn + |> AuthenticationPlug.call(%{}) - conn = - conn - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> put_req_header("authorization", header) - |> AuthenticationPlug.call(opts) - - assert %{user: @user} == conn.assigns - assert get_session(conn, :user_id) == @user.id - assert conn.halted == false - end - end - - describe "with a correct authorization header for an deactiviated user" do - test "it halts the appication", %{conn: conn} do - opts = %{ - optional: false, - fetcher: fn _ -> @deactivated end - } - - header = basic_auth_enc("dude", "guy") - - conn = - conn - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> put_req_header("authorization", header) - |> AuthenticationPlug.call(opts) - - assert conn.status == 403 - assert conn.halted == true - end + assert ret_conn == conn end - describe "with a user_id in the session for an existing user" do - test "it assigns the user", %{conn: conn} do - opts = %{ - optional: true, - fetcher: &fetch_user/1 - } - - header = basic_auth_enc("dude", "THIS IS WRONG") - - conn = - conn - |> Plug.Session.call(Plug.Session.init(@session_opts)) - |> fetch_session - |> put_session(:user_id, @user.id) - |> put_req_header("authorization", header) - |> AuthenticationPlug.call(opts) + test "with a correct password in the credentials, it assigns the auth_user", %{conn: conn} do + conn = + conn + |> assign(:auth_credentials, %{password: "guy"}) + |> AuthenticationPlug.call(%{}) - assert %{user: @user} == conn.assigns - assert get_session(conn, :user_id) == @user.id - assert conn.halted == false - end + assert conn.assigns.user == conn.assigns.auth_user end - describe "with an assigned user" do - test "it does nothing, returning the incoming conn", %{conn: conn} do - conn = - conn - |> assign(:user, @user) + test "with a wrong password in the credentials, it does nothing", %{conn: conn} do + conn = + conn + |> assign(:auth_credentials, %{password: "wrong"}) - conn_result = AuthenticationPlug.call(conn, %{}) + ret_conn = + conn + |> AuthenticationPlug.call(%{}) - assert conn == conn_result - end + assert conn == ret_conn end end diff --git a/test/plugs/basic_auth_decoder_plug_test.exs b/test/plugs/basic_auth_decoder_plug_test.exs new file mode 100644 index 000000000..a4876fef7 --- /dev/null +++ b/test/plugs/basic_auth_decoder_plug_test.exs @@ -0,0 +1,31 @@ +defmodule Pleroma.Plugs.BasicAuthDecoderPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.BasicAuthDecoderPlug + + defp basic_auth_enc(username, password) do + "Basic " <> Base.encode64("#{username}:#{password}") + end + + test "it puts the decoded credentials into the assigns", %{conn: conn} do + header = basic_auth_enc("moonman", "iloverobek") + + conn = + conn + |> put_req_header("authorization", header) + |> BasicAuthDecoderPlug.call(%{}) + + assert conn.assigns[:auth_credentials] == %{ + username: "moonman", + password: "iloverobek" + } + end + + test "without a authorization header it doesn't do anything", %{conn: conn} do + ret_conn = + conn + |> BasicAuthDecoderPlug.call(%{}) + + assert conn == ret_conn + end +end diff --git a/test/plugs/ensure_authenticated_plug_test.exs b/test/plugs/ensure_authenticated_plug_test.exs new file mode 100644 index 000000000..b32817fef --- /dev/null +++ b/test/plugs/ensure_authenticated_plug_test.exs @@ -0,0 +1,27 @@ +defmodule Pleroma.Plugs.EnsureAuthenticatedPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.EnsureAuthenticatedPlug + alias Pleroma.User + + test "it halts if no user is assigned", %{conn: conn} do + conn = + conn + |> EnsureAuthenticatedPlug.call(%{}) + + assert conn.status == 403 + assert conn.halted == true + end + + test "it continues if a user is assigned", %{conn: conn} do + conn = + conn + |> assign(:user, %User{}) + + ret_conn = + conn + |> EnsureAuthenticatedPlug.call(%{}) + + assert ret_conn == conn + end +end diff --git a/test/plugs/ensure_user_key_plug_test.exs b/test/plugs/ensure_user_key_plug_test.exs new file mode 100644 index 000000000..9beda838e --- /dev/null +++ b/test/plugs/ensure_user_key_plug_test.exs @@ -0,0 +1,25 @@ +defmodule Pleroma.Plugs.EnsureUserKeyPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.EnsureUserKeyPlug + + test "if the conn has a user key set, it does nothing", %{conn: conn} do + conn = + conn + |> assign(:user, 1) + + ret_conn = + conn + |> EnsureUserKeyPlug.call(%{}) + + assert conn == ret_conn + end + + test "if the conn has no key set, it sets it to nil", %{conn: conn} do + conn = + conn + |> EnsureUserKeyPlug.call(%{}) + + assert Map.has_key?(conn.assigns, :user) + end +end diff --git a/test/plugs/legacy_authentication_plug_test.exs b/test/plugs/legacy_authentication_plug_test.exs new file mode 100644 index 000000000..383a22ff8 --- /dev/null +++ b/test/plugs/legacy_authentication_plug_test.exs @@ -0,0 +1,82 @@ +defmodule Pleroma.Plugs.LegacyAuthenticationPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.LegacyAuthenticationPlug + alias Pleroma.User + + import Mock + + setup do + # password is "password" + user = %User{ + id: 1, + name: "dude", + password_hash: + "$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1" + } + + %{user: user} + end + + test "it does nothing if a user is assigned", %{conn: conn, user: user} do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "password"}) + |> assign(:auth_user, user) + |> assign(:user, %User{}) + + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end + + test "it authenticates the auth_user if present and password is correct and resets the password", + %{ + conn: conn, + user: user + } do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "password"}) + |> assign(:auth_user, user) + + conn = + with_mock User, + reset_password: fn user, %{password: password, password_confirmation: password} -> + send(self(), :reset_password) + {:ok, user} + end do + conn + |> LegacyAuthenticationPlug.call(%{}) + end + + assert_received :reset_password + assert conn.assigns.user == user + end + + test "it does nothing if the password is wrong", %{ + conn: conn, + user: user + } do + conn = + conn + |> assign(:auth_credentials, %{username: "dude", password: "wrong_password"}) + |> assign(:auth_user, user) + + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert conn == ret_conn + end + + test "with no credentials or user it does nothing", %{conn: conn} do + ret_conn = + conn + |> LegacyAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end +end diff --git a/test/plugs/session_authentication_plug_test.exs b/test/plugs/session_authentication_plug_test.exs new file mode 100644 index 000000000..bb51bc0db --- /dev/null +++ b/test/plugs/session_authentication_plug_test.exs @@ -0,0 +1,59 @@ +defmodule Pleroma.Plugs.SessionAuthenticationPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.SessionAuthenticationPlug + alias Pleroma.User + + setup %{conn: conn} do + session_opts = [ + store: :cookie, + key: "_test", + signing_salt: "cooldude" + ] + + conn = + conn + |> Plug.Session.call(Plug.Session.init(session_opts)) + |> fetch_session + |> assign(:auth_user, %User{id: 1}) + + %{conn: conn} + end + + test "it does nothing if a user is assigned", %{conn: conn} do + conn = + conn + |> assign(:user, %User{}) + + ret_conn = + conn + |> SessionAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end + + test "if the auth_user has the same id as the user_id in the session, it assigns the user", %{ + conn: conn + } do + conn = + conn + |> put_session(:user_id, conn.assigns.auth_user.id) + |> SessionAuthenticationPlug.call(%{}) + + assert conn.assigns.user == conn.assigns.auth_user + end + + test "if the auth_user has a different id as the user_id in the session, it does nothing", %{ + conn: conn + } do + conn = + conn + |> put_session(:user_id, -1) + + ret_conn = + conn + |> SessionAuthenticationPlug.call(%{}) + + assert ret_conn == conn + end +end diff --git a/test/plugs/set_user_session_id_plug_test.exs b/test/plugs/set_user_session_id_plug_test.exs new file mode 100644 index 000000000..5edc0dab8 --- /dev/null +++ b/test/plugs/set_user_session_id_plug_test.exs @@ -0,0 +1,39 @@ +defmodule Pleroma.Plugs.SetUserSessionIdPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.SetUserSessionIdPlug + alias Pleroma.User + + setup %{conn: conn} do + session_opts = [ + store: :cookie, + key: "_test", + signing_salt: "cooldude" + ] + + conn = + conn + |> Plug.Session.call(Plug.Session.init(session_opts)) + |> fetch_session + + %{conn: conn} + end + + test "doesn't do anything if the user isn't set", %{conn: conn} do + ret_conn = + conn + |> SetUserSessionIdPlug.call(%{}) + + assert ret_conn == conn + end + + test "sets the user_id in the session to the user id of the user assign", %{conn: conn} do + conn = + conn + |> assign(:user, %User{id: 1}) + |> SetUserSessionIdPlug.call(%{}) + + id = get_session(conn, :user_id) + assert id == 1 + end +end diff --git a/test/plugs/user_enabled_plug_test.exs b/test/plugs/user_enabled_plug_test.exs new file mode 100644 index 000000000..af877db76 --- /dev/null +++ b/test/plugs/user_enabled_plug_test.exs @@ -0,0 +1,35 @@ +defmodule Pleroma.Plugs.UserEnabledPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.UserEnabledPlug + alias Pleroma.User + + test "doesn't do anything if the user isn't set", %{conn: conn} do + ret_conn = + conn + |> UserEnabledPlug.call(%{}) + + assert ret_conn == conn + end + + test "with a user that is deactivated, it removes that user", %{conn: conn} do + conn = + conn + |> assign(:user, %User{info: %{"deactivated" => true}}) + |> UserEnabledPlug.call(%{}) + + assert conn.assigns.user == nil + end + + test "with a user that is not deactivated, it does nothing", %{conn: conn} do + conn = + conn + |> assign(:user, %User{}) + + ret_conn = + conn + |> UserEnabledPlug.call(%{}) + + assert conn == ret_conn + end +end diff --git a/test/plugs/user_fetcher_plug_test.exs b/test/plugs/user_fetcher_plug_test.exs new file mode 100644 index 000000000..5195a0c4a --- /dev/null +++ b/test/plugs/user_fetcher_plug_test.exs @@ -0,0 +1,37 @@ +defmodule Pleroma.Plugs.UserFetcherPlugTest do + use Pleroma.Web.ConnCase, async: true + + alias Pleroma.Plugs.UserFetcherPlug + import Pleroma.Factory + + setup do + user = insert(:user) + %{user: user} + end + + test "if an auth_credentials assign is present, it tries to fetch the user and assigns it", %{ + conn: conn, + user: user + } do + conn = + conn + |> assign(:auth_credentials, %{ + username: user.nickname, + password: nil + }) + + conn = + conn + |> UserFetcherPlug.call(%{}) + + assert conn.assigns[:auth_user] == user + end + + test "without a credential assign it doesn't do anything", %{conn: conn} do + ret_conn = + conn + |> UserFetcherPlug.call(%{}) + + assert conn == ret_conn + end +end |