diff options
author | Ruzette Tanyag <ruzette@users.noreply.github.com> | 2017-02-17 10:31:01 -0500 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2017-02-17 10:31:01 -0500 |
commit | 4e7dbc3bb0e93bafa684594b19c5648dc030ee17 (patch) | |
tree | 618d2b57861650c52ed4a74ddd7730b944991a11 /api4/user_test.go | |
parent | 2f96814a8bca991a2acba3b66c38c22cfddef769 (diff) | |
download | chat-4e7dbc3bb0e93bafa684594b19c5648dc030ee17.tar.gz chat-4e7dbc3bb0e93bafa684594b19c5648dc030ee17.tar.bz2 chat-4e7dbc3bb0e93bafa684594b19c5648dc030ee17.zip |
Implement user sessions endpoints for APIv4 (#5449)
* added get session and revoke session endpoints, unittests and drivers
* removed BasicUser2 and added teardown
* added badrequest unit test case for sessions
* added session loop to check if user id and session user id matches
* fixed indentation issues for user_test
* match indentation from spaces to tabs
Diffstat (limited to 'api4/user_test.go')
-rw-r--r-- | api4/user_test.go | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/api4/user_test.go b/api4/user_test.go index 771a53cbe..5fe497d90 100644 --- a/api4/user_test.go +++ b/api4/user_test.go @@ -802,3 +802,100 @@ func TestResetPassword(t *testing.T) { _, resp = Client.SendPasswordResetEmail(user.Email) CheckBadRequestStatus(t, resp) } + +func TestGetSessions(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + user := th.BasicUser + + Client.Login(user.Email, user.Password) + + sessions, resp := Client.GetSessions(user.Id, "") + for _, session := range sessions { + if session.UserId != user.Id { + t.Fatal("user id does not match session user id") + } + } + CheckNoError(t, resp) + + _, resp = Client.RevokeSession("junk", model.NewId()) + CheckBadRequestStatus(t, resp) + + _, resp = Client.GetSessions(th.BasicUser2.Id, "") + CheckForbiddenStatus(t, resp) + + _, resp = Client.GetSessions(model.NewId(), "") + CheckForbiddenStatus(t, resp) + + Client.Logout() + _, resp = Client.GetSessions(th.BasicUser2.Id, "") + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.GetSessions(user.Id, "") + CheckNoError(t, resp) + + _, resp = th.SystemAdminClient.GetSessions(th.BasicUser2.Id, "") + CheckNoError(t, resp) + + _, resp = th.SystemAdminClient.GetSessions(model.NewId(), "") + CheckNoError(t, resp) + +} + +func TestRevokeSessions(t *testing.T) { + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + Client := th.Client + + user := th.BasicUser + Client.Login(user.Email, user.Password) + sessions, _ := Client.GetSessions(user.Id, "") + if len(sessions) == 0 { + t.Fatal("sessions should exist") + } + for _, session := range sessions { + if session.UserId != user.Id { + t.Fatal("user id does not match session user id") + } + } + session := sessions[0] + + _, resp := Client.RevokeSession(user.Id, model.NewId()) + CheckBadRequestStatus(t, resp) + + _, resp = Client.RevokeSession(th.BasicUser2.Id, model.NewId()) + CheckForbiddenStatus(t, resp) + + _, resp = Client.RevokeSession("junk", model.NewId()) + CheckBadRequestStatus(t, resp) + + status, resp := Client.RevokeSession(user.Id, session.Id) + if status == false { + t.Fatal("user session revoke unsuccessful") + } + CheckNoError(t, resp) + + Client.Logout() + _, resp = Client.RevokeSession(user.Id, model.NewId()) + CheckUnauthorizedStatus(t, resp) + + _, resp = th.SystemAdminClient.RevokeSession(user.Id, model.NewId()) + CheckBadRequestStatus(t, resp) + + sessions, _ = th.SystemAdminClient.GetSessions(th.SystemAdminUser.Id, "") + if len(sessions) == 0 { + t.Fatal("sessions should exist") + } + for _, session := range sessions { + if session.UserId != th.SystemAdminUser.Id { + t.Fatal("user id does not match session user id") + } + } + session = sessions[0] + + _, resp = th.SystemAdminClient.RevokeSession(th.SystemAdminUser.Id, session.Id) + CheckNoError(t, resp) + +} |