From 0a3f3f7a9a5184355b9f8bc045098e621214a2e2 Mon Sep 17 00:00:00 2001 From: Michael Vlach Date: Thu, 14 Dec 2023 18:11:41 +0100 Subject: [PATCH] [server] Scope db names per user #865 (#866) * update tests * fix tests --- agdb_server/src/config.rs | 3 + agdb_server/src/db.rs | 35 +++-- agdb_server/src/routes/db.rs | 14 +- agdb_server/tests/integration.rs | 37 ++++- .../tests/routes/admin_db_list_test.rs | 4 +- .../tests/routes/admin_db_remove_test.rs | 41 +++-- .../routes/admin_user_change_password_test.rs | 8 +- .../tests/routes/admin_user_create_test.rs | 4 +- .../tests/routes/admin_user_list_test.rs | 8 +- agdb_server/tests/routes/db_add_test.rs | 57 +++++-- agdb_server/tests/routes/db_delete_test.rs | 103 ++++++------ agdb_server/tests/routes/db_list_test.rs | 12 +- agdb_server/tests/routes/db_remove_test.rs | 97 ++++++------ agdb_server/tests/routes/db_user_add_test.rs | 131 ++++++++++------ agdb_server/tests/routes/db_user_list.rs | 27 ++-- .../tests/routes/db_user_remove_test.rs | 147 +++++++++++------- .../tests/routes/user_change_password_test.rs | 18 +-- agdb_server/tests/routes/user_login_test.rs | 10 +- 18 files changed, 469 insertions(+), 287 deletions(-) diff --git a/agdb_server/src/config.rs b/agdb_server/src/config.rs index fc2562257..72dc698eb 100644 --- a/agdb_server/src/config.rs +++ b/agdb_server/src/config.rs @@ -12,6 +12,7 @@ pub(crate) struct ConfigImpl { pub(crate) host: String, pub(crate) port: u16, pub(crate) admin: String, + pub(crate) data_dir: String, } pub(crate) fn new() -> ServerResult { @@ -23,7 +24,9 @@ pub(crate) fn new() -> ServerResult { host: "127.0.0.1".to_string(), port: 3000, admin: "admin".to_string(), + data_dir: "agdb_server_data".to_string(), }; + std::fs::write(CONFIG_FILE, serde_yaml::to_string(&config)?)?; Ok(Config::new(config)) diff --git a/agdb_server/src/db.rs b/agdb_server/src/db.rs index 10f9e6a80..3b36263b9 100644 --- a/agdb_server/src/db.rs +++ b/agdb_server/src/db.rs @@ -94,14 +94,17 @@ impl DbPool { Ok(db_pool) } - pub(crate) fn add_db(&self, user: DbId, database: Database) -> ServerResult { - let db = ServerDb::new(&format!("{}:{}", database.db_type, database.name)).map_err( - |mut e| { - e.status = ErrorCode::DbInvalid.into(); - e.description = format!("{}: {}", ErrorCode::DbInvalid.as_str(), e.description); - e - }, - )?; + pub(crate) fn add_db(&self, user: DbId, database: Database, config: &Config) -> ServerResult { + let db_path = Path::new(&config.data_dir).join(&database.name); + let user_dir = db_path.parent().ok_or(ErrorCode::DbInvalid)?; + std::fs::create_dir_all(user_dir)?; + let path = db_path.to_str().ok_or(ErrorCode::DbInvalid)?.to_string(); + + let db = ServerDb::new(&format!("{}:{}", database.db_type, path)).map_err(|mut e| { + e.status = ErrorCode::DbInvalid.into(); + e.description = format!("{}: {}", ErrorCode::DbInvalid.as_str(), e.description); + e + })?; self.get_pool_mut()?.insert(database.name.clone(), db); self.db_mut()?.transaction_mut(|t| { @@ -168,16 +171,20 @@ impl DbPool { Ok(()) } - pub(crate) fn delete_db(&self, db: Database) -> ServerResult { - let filename = self.remove_db(db)?.get()?.filename().to_string(); - let path = Path::new(&filename); + pub(crate) fn delete_db(&self, db: Database, config: &Config) -> ServerResult { + let path = Path::new(&config.data_dir).join(&db.name); + self.remove_db(db)?; if path.exists() { - std::fs::remove_file(&filename)?; + let main_file_name = path + .file_name() + .ok_or(ErrorCode::DbInvalid)? + .to_string_lossy(); + std::fs::remove_file(&path)?; let dot_file = path .parent() - .unwrap_or(Path::new("./")) - .join(format!(".{filename}")); + .ok_or(ErrorCode::DbInvalid)? + .join(format!(".{main_file_name}")); std::fs::remove_file(dot_file)?; } diff --git a/agdb_server/src/routes/db.rs b/agdb_server/src/routes/db.rs index 17c4c3a2a..71e4f490f 100644 --- a/agdb_server/src/routes/db.rs +++ b/agdb_server/src/routes/db.rs @@ -1,5 +1,6 @@ pub(crate) mod user; +use crate::config::Config; use crate::db::Database; use crate::db::DbPool; use crate::error_code::ErrorCode; @@ -70,8 +71,16 @@ impl From for ServerDatabase { pub(crate) async fn add( user: UserId, State(db_pool): State, + State(config): State, Json(request): Json, ) -> ServerResponse { + let (db_user, _db) = request.name.split_once('/').ok_or(ErrorCode::DbInvalid)?; + let db_user_id = db_pool.find_user_id(db_user)?; + + if db_user_id != user.0 { + return Err(ErrorCode::DbInvalid.into()); + } + if db_pool.find_db_id(&request.name).is_ok() { return Err(ErrorCode::DbExists.into()); } @@ -82,7 +91,7 @@ pub(crate) async fn add( db_type: request.db_type.to_string(), }; - db_pool.add_db(user.0, db)?; + db_pool.add_db(user.0, db, &config)?; Ok(StatusCode::CREATED) } @@ -101,6 +110,7 @@ pub(crate) async fn add( pub(crate) async fn delete( user: UserId, State(db_pool): State, + State(config): State, Json(request): Json, ) -> ServerResponse { let db = db_pool.find_user_db(user.0, &request.name)?; @@ -109,7 +119,7 @@ pub(crate) async fn delete( return Ok(StatusCode::FORBIDDEN); } - db_pool.delete_db(db)?; + db_pool.delete_db(db, &config)?; Ok(StatusCode::NO_CONTENT) } diff --git a/agdb_server/tests/integration.rs b/agdb_server/tests/integration.rs index d710651c2..e9641d104 100644 --- a/agdb_server/tests/integration.rs +++ b/agdb_server/tests/integration.rs @@ -38,6 +38,7 @@ pub const NO_TOKEN: &Option = &None; const BINARY: &str = "agdb_server"; const CONFIG_FILE: &str = "agdb_server.yaml"; +const SERVER_DATA_DIR: &str = "agdb_server_data"; const PROTOCOL: &str = "http"; const HOST: &str = "127.0.0.1"; const DEFAULT_PORT: u16 = 3000; @@ -84,6 +85,7 @@ pub struct ChangePassword<'a> { pub struct TestServerImpl { pub dir: String, + pub data_dir: String, pub port: u16, pub process: Child, pub admin: String, @@ -91,6 +93,11 @@ pub struct TestServerImpl { pub admin_token: Option, } +pub struct ServerUser { + pub name: String, + pub token: Option, +} + pub struct TestServer { server: &'static TestServerImpl, client: Client, @@ -122,12 +129,14 @@ impl TestServer { self.server.post(&self.client, uri, json, token).await } - pub async fn init_user(&self) -> anyhow::Result<(String, Option)> { + pub async fn init_user(&self) -> anyhow::Result { self.server.init_user(&self.client).await } - pub async fn init_db(&self, db_type: &str, token: &Option) -> anyhow::Result { - self.server.init_db(&self.client, db_type, token).await + pub async fn init_db(&self, db_type: &str, server_user: &ServerUser) -> anyhow::Result { + self.server + .init_db(&self.client, db_type, server_user) + .await } } @@ -175,6 +184,7 @@ impl TestServerImpl { pub async fn init() -> anyhow::Result { let port = PORT.fetch_add(1, Ordering::Relaxed); let dir = format!("{BINARY}.{port}.test"); + let data_dir = format!("{dir}/{SERVER_DATA_DIR}"); Self::remove_dir_if_exists(&dir)?; std::fs::create_dir(&dir)?; @@ -184,6 +194,7 @@ impl TestServerImpl { config.insert("host", HOST.into()); config.insert("port", port.into()); config.insert("admin", ADMIN.into()); + config.insert("data_dir", SERVER_DATA_DIR.into()); let file = std::fs::File::options() .create_new(true) @@ -220,6 +231,7 @@ impl TestServerImpl { let admin_token = Some(response.text().await?); let server = Self { dir, + data_dir, port, process, admin: ADMIN.to_string(), @@ -256,7 +268,7 @@ impl TestServerImpl { Ok((status, response.json().await.map_err(|e| anyhow!(e)))) } - pub async fn init_user(&self, client: &Client) -> anyhow::Result<(String, Option)> { + pub async fn init_user(&self, client: &Client) -> anyhow::Result { let name = format!("db_user{}", COUNTER.fetch_add(1, Ordering::Relaxed)); let user = User { name: &name, @@ -270,21 +282,30 @@ impl TestServerImpl { ); let response = self.post(client, USER_LOGIN_URI, &user, &None).await?; assert_eq!(response.0, 200); - Ok((name, Some(response.1))) + Ok(ServerUser { + name, + token: Some(response.1), + }) } pub async fn init_db( &self, client: &Client, db_type: &str, - user_token: &Option, + server_user: &ServerUser, ) -> anyhow::Result { - let name = format!("db{}", COUNTER.fetch_add(1, Ordering::Relaxed)); + let name = format!( + "{}/db{}", + server_user.name, + COUNTER.fetch_add(1, Ordering::Relaxed) + ); let db = Db { name: name.clone(), db_type: db_type.to_string(), }; - let (status, _) = self.post(client, DB_ADD_URI, &db, user_token).await?; + let (status, _) = self + .post(client, DB_ADD_URI, &db, &server_user.token) + .await?; assert_eq!(status, 201); Ok(name) } diff --git a/agdb_server/tests/routes/admin_db_list_test.rs b/agdb_server/tests/routes/admin_db_list_test.rs index 73ff3f197..19d755dc0 100644 --- a/agdb_server/tests/routes/admin_db_list_test.rs +++ b/agdb_server/tests/routes/admin_db_list_test.rs @@ -11,8 +11,8 @@ async fn db_list() -> anyhow::Result<()> { .await?; assert_eq!(status, 200); assert!(list?.is_empty()); - let (_, user1) = server.init_user().await?; - let (_, user2) = server.init_user().await?; + let user1 = server.init_user().await?; + let user2 = server.init_user().await?; let db1 = server.init_db("memory", &user1).await?; let db2 = server.init_db("memory", &user2).await?; let (status, list) = server diff --git a/agdb_server/tests/routes/admin_db_remove_test.rs b/agdb_server/tests/routes/admin_db_remove_test.rs index e74bb53af..6a2f9d2ff 100644 --- a/agdb_server/tests/routes/admin_db_remove_test.rs +++ b/agdb_server/tests/routes/admin_db_remove_test.rs @@ -8,22 +8,22 @@ use crate::NO_TOKEN; use serde::Serialize; #[derive(Serialize)] -struct DbName<'a> { - name: &'a str, +struct DbName { + name: String, } #[tokio::test] async fn remove() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (status, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let (status, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(status, 200); assert!(list?.contains(&Db { name: db.clone(), db_type: "mapped".to_string(), })); - let rem = DbName { name: &db }; + let rem = DbName { name: db.clone() }; assert_eq!( server .post(ADMIN_DB_REMOVE_URI, &rem, &server.admin_token) @@ -31,17 +31,36 @@ async fn remove() -> anyhow::Result<()> { .0, 204 ); - let (status, list) = server.get::>(DB_LIST_URI, &token).await?; + let (status, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(status, 200); assert!(list?.is_empty()); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn db_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let db = DbName { name: "some_db" }; + let user = server.init_user().await?; + let db = DbName { + name: format!("{}/some_db", user.name), + }; + assert_eq!( + server + .post(ADMIN_DB_REMOVE_URI, &db, &server.admin_token) + .await? + .0, + 466 + ); + Ok(()) +} + +#[tokio::test] +async fn user_not_found() -> anyhow::Result<()> { + let server = TestServer::new().await?; + let db = DbName { + name: "missing_user/some_db".to_string(), + }; assert_eq!( server .post(ADMIN_DB_REMOVE_URI, &db, &server.admin_token) @@ -55,7 +74,9 @@ async fn db_not_found() -> anyhow::Result<()> { #[tokio::test] async fn no_admin_token() -> anyhow::Result<()> { let server = TestServer::new().await?; - let db = DbName { name: "some_db" }; + let db = DbName { + name: "user/some_db".to_string(), + }; assert_eq!( server.post(ADMIN_DB_REMOVE_URI, &db, NO_TOKEN).await?.0, 401 diff --git a/agdb_server/tests/routes/admin_user_change_password_test.rs b/agdb_server/tests/routes/admin_user_change_password_test.rs index 99f85079f..ea0c9a4e7 100644 --- a/agdb_server/tests/routes/admin_user_change_password_test.rs +++ b/agdb_server/tests/routes/admin_user_change_password_test.rs @@ -7,9 +7,9 @@ use crate::USER_LOGIN_URI; #[tokio::test] async fn change_password() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let user = User { - name: &name, + name: &user.name, password: "password456", }; let admin = &server.admin_token; @@ -27,9 +27,9 @@ async fn change_password() -> anyhow::Result<()> { #[tokio::test] async fn password_too_short() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let user = User { - name: &name, + name: &user.name, password: "pswd", }; let admin = &server.admin_token; diff --git a/agdb_server/tests/routes/admin_user_create_test.rs b/agdb_server/tests/routes/admin_user_create_test.rs index 999a003a0..5a32bbcbb 100644 --- a/agdb_server/tests/routes/admin_user_create_test.rs +++ b/agdb_server/tests/routes/admin_user_create_test.rs @@ -57,9 +57,9 @@ async fn password_too_short() -> anyhow::Result<()> { #[tokio::test] async fn user_already_exists() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let user = User { - name: &name, + name: &user.name, password: "password123", }; assert_eq!( diff --git a/agdb_server/tests/routes/admin_user_list_test.rs b/agdb_server/tests/routes/admin_user_list_test.rs index 4c77860c0..284e344af 100644 --- a/agdb_server/tests/routes/admin_user_list_test.rs +++ b/agdb_server/tests/routes/admin_user_list_test.rs @@ -13,8 +13,8 @@ async fn user_list() -> anyhow::Result<()> { assert!(list?.contains(&UserStatus { name: "admin".to_string() })); - let (name1, _) = server.init_user().await?; - let (name2, _) = server.init_user().await?; + let user1 = server.init_user().await?; + let user2 = server.init_user().await?; let (status, list) = server .get::>(ADMIN_USER_LIST_URI, &server.admin_token) .await?; @@ -23,8 +23,8 @@ async fn user_list() -> anyhow::Result<()> { assert!(list.contains(&UserStatus { name: "admin".to_string(), })); - assert!(list.contains(&UserStatus { name: name1 })); - assert!(list.contains(&UserStatus { name: name2 })); + assert!(list.contains(&UserStatus { name: user1.name })); + assert!(list.contains(&UserStatus { name: user2.name })); Ok(()) } diff --git a/agdb_server/tests/routes/db_add_test.rs b/agdb_server/tests/routes/db_add_test.rs index 64b9790d8..3570f4113 100644 --- a/agdb_server/tests/routes/db_add_test.rs +++ b/agdb_server/tests/routes/db_add_test.rs @@ -7,38 +7,71 @@ use std::path::Path; #[tokio::test] async fn add() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let db = Db { - name: "db_add_test".to_string(), + name: format!("{}/db_add_test", user.name), db_type: "file".to_string(), }; - assert_eq!(server.post(DB_ADD_URI, &db, &token).await?.0, 201); - assert!(Path::new(&server.dir).join(db.name).exists()); + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 201); + assert!(Path::new(&server.data_dir).join(db.name).exists()); + Ok(()) +} + +#[tokio::test] +async fn add_same_name_different_user() -> anyhow::Result<()> { + let server = TestServer::new().await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = Db { + name: format!("{}/add_same_name_different_user", user.name), + db_type: "file".to_string(), + }; + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 201); + assert!(Path::new(&server.data_dir).join(db.name).exists()); + let db = Db { + name: format!("{}/add_same_name_different_user", other.name), + db_type: "file".to_string(), + }; + assert_eq!(server.post(DB_ADD_URI, &db, &other.token).await?.0, 201); + assert!(Path::new(&server.data_dir).join(db.name).exists()); Ok(()) } #[tokio::test] async fn db_already_exists() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let db = Db { - name: "mydb".to_string(), + name: format!("{}/mydb", user.name), db_type: "memory".to_string(), }; - assert_eq!(server.post(DB_ADD_URI, &db, &token).await?.0, 201); - assert_eq!(server.post(DB_ADD_URI, &db, &token).await?.0, 465); + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 201); + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 465); + Ok(()) +} + +#[tokio::test] +async fn db_user_mismatch() -> anyhow::Result<()> { + let server = TestServer::new().await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = Db { + name: format!("{}/", other.name), + db_type: "mapped".to_string(), + }; + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 467); Ok(()) } #[tokio::test] async fn db_invalid() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let db = Db { - name: "".to_string(), + name: format!("{}/", user.name), db_type: "mapped".to_string(), }; - assert_eq!(server.post(DB_ADD_URI, &db, &token).await?.0, 467); + assert_eq!(server.post(DB_ADD_URI, &db, &user.token).await?.0, 467); Ok(()) } @@ -46,7 +79,7 @@ async fn db_invalid() -> anyhow::Result<()> { async fn no_token() -> anyhow::Result<()> { let server = TestServer::new().await?; let db = Db { - name: "mydb".to_string(), + name: "user/mydb".to_string(), db_type: "mapped".to_string(), }; assert_eq!(server.post(DB_ADD_URI, &db, NO_TOKEN).await?.0, 401); diff --git a/agdb_server/tests/routes/db_delete_test.rs b/agdb_server/tests/routes/db_delete_test.rs index 13bf49b29..aafc2469f 100644 --- a/agdb_server/tests/routes/db_delete_test.rs +++ b/agdb_server/tests/routes/db_delete_test.rs @@ -10,124 +10,133 @@ use serde::Serialize; use std::path::Path; #[derive(Serialize, Deserialize)] -struct DeleteDb<'a> { - name: &'a str, +struct DeleteDb { + name: String, } #[tokio::test] async fn delete() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - assert!(Path::new(&server.dir).join(&db).exists()); - let del = DeleteDb { name: &db }; - assert_eq!(server.post(DB_DELETE_URI, &del, &token).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + assert!(Path::new(&server.data_dir).join(&db).exists()); + let del = DeleteDb { name: db.clone() }; + assert_eq!(server.post(DB_DELETE_URI, &del, &user.token).await?.0, 204); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(list?, vec![]); - assert!(!Path::new(&server.dir).join(db).exists()); + assert!(!Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn db_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let del = DeleteDb { - name: "delete_db_not_found", + name: format!("{}/delete_db_not_found", user.name), }; - assert_eq!(server.post(DB_DELETE_URI, &del, &token).await?.0, 466); + assert_eq!(server.post(DB_DELETE_URI, &del, &user.token).await?.0, 466); Ok(()) } #[tokio::test] async fn other_user() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (_, other) = server.init_user().await?; - let del = DeleteDb { name: &db }; - assert_eq!(server.post(DB_DELETE_URI, &del, &other).await?.0, 466); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let other = server.init_user().await?; + let del = DeleteDb { name: db.clone() }; + assert_eq!(server.post(DB_DELETE_URI, &del, &other.token).await?.0, 466); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db.clone(), db_type: "mapped".to_string(), }]; assert_eq!(list?, expected); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn with_read_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (reader_name, reader_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let reader = server.init_user().await?; let role = AddUser { database: &db, - user: &reader_name, + user: &reader.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = DeleteDb { name: &db }; assert_eq!( - server.post(DB_DELETE_URI, &del, &reader_token).await?.0, + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = DeleteDb { name: db.clone() }; + assert_eq!( + server.post(DB_DELETE_URI, &del, &reader.token).await?.0, 403 ); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db.clone(), db_type: "mapped".to_string(), }]; assert_eq!(list?, expected); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn with_write_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (writer_name, writer_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let writer = server.init_user().await?; let role = AddUser { database: &db, - user: &writer_name, + user: &writer.name, role: "write", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = DeleteDb { name: &db }; assert_eq!( - server.post(DB_DELETE_URI, &del, &writer_token).await?.0, + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = DeleteDb { name: db.clone() }; + assert_eq!( + server.post(DB_DELETE_URI, &del, &writer.token).await?.0, 403 ); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db.clone(), db_type: "mapped".to_string(), }]; assert_eq!(list?, expected); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn with_admin_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; - let (admin_name, admin_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; + let admin = server.init_user().await?; let role = AddUser { database: &db, - user: &admin_name, + user: &admin.name, role: "admin", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = DeleteDb { name: &db }; - assert_eq!(server.post(DB_DELETE_URI, &del, &admin_token).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = DeleteDb { name: db.clone() }; + assert_eq!(server.post(DB_DELETE_URI, &del, &admin.token).await?.0, 204); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(list?, vec![]); - assert!(!Path::new(&server.dir).join(db).exists()); + assert!(!Path::new(&server.data_dir).join(db).exists()); Ok(()) } @@ -135,7 +144,7 @@ async fn with_admin_role() -> anyhow::Result<()> { async fn no_token() -> anyhow::Result<()> { let server = TestServer::new().await?; let del = DeleteDb { - name: "no_token_db", + name: String::new(), }; assert_eq!(server.post(DB_DELETE_URI, &del, NO_TOKEN).await?.0, 401); Ok(()) diff --git a/agdb_server/tests/routes/db_list_test.rs b/agdb_server/tests/routes/db_list_test.rs index f2a4af518..1366f43c1 100644 --- a/agdb_server/tests/routes/db_list_test.rs +++ b/agdb_server/tests/routes/db_list_test.rs @@ -6,9 +6,9 @@ use crate::NO_TOKEN; #[tokio::test] async fn list() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db1 = server.init_db("memory", &token).await?; - let db2 = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db1 = server.init_db("memory", &user).await?; + let db2 = server.init_db("memory", &user).await?; let expected = vec![ Db { name: db1.clone(), @@ -19,7 +19,7 @@ async fn list() -> anyhow::Result<()> { db_type: "memory".to_string(), }, ]; - let (status, list) = server.get::>(DB_LIST_URI, &token).await?; + let (status, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(status, 200); let mut list = list?; list.sort(); @@ -30,8 +30,8 @@ async fn list() -> anyhow::Result<()> { #[tokio::test] async fn list_empty() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (status, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let (status, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(status, 200); assert_eq!(list?, vec![]); Ok(()) diff --git a/agdb_server/tests/routes/db_remove_test.rs b/agdb_server/tests/routes/db_remove_test.rs index 7ec734b03..ff12d78bc 100644 --- a/agdb_server/tests/routes/db_remove_test.rs +++ b/agdb_server/tests/routes/db_remove_test.rs @@ -10,44 +10,44 @@ use serde::Serialize; use std::path::Path; #[derive(Serialize, Deserialize)] -struct RemoveDb<'a> { - name: &'a str, +struct RemoveDb { + name: String, } #[tokio::test] async fn remove() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - assert!(Path::new(&server.dir).join(&db).exists()); - let del = RemoveDb { name: &db }; - assert_eq!(server.post(DB_REMOVE_URI, &del, &token).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + assert!(Path::new(&server.data_dir).join(&db).exists()); + let del = RemoveDb { name: db.clone() }; + assert_eq!(server.post(DB_REMOVE_URI, &del, &user.token).await?.0, 204); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(list?, vec![]); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } #[tokio::test] async fn db_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let del = RemoveDb { - name: "db_not_found", + name: format!("{}/db_not_found", user.name), }; - assert_eq!(server.post(DB_REMOVE_URI, &del, &token).await?.0, 466); + assert_eq!(server.post(DB_REMOVE_URI, &del, &user.token).await?.0, 466); Ok(()) } #[tokio::test] async fn other_user() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (_, other) = server.init_user().await?; - let del = RemoveDb { name: &db }; - assert_eq!(server.post(DB_REMOVE_URI, &del, &other).await?.0, 466); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let other = server.init_user().await?; + let del = RemoveDb { name: db.clone() }; + assert_eq!(server.post(DB_REMOVE_URI, &del, &other.token).await?.0, 466); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db, db_type: "mapped".to_string(), @@ -59,21 +59,24 @@ async fn other_user() -> anyhow::Result<()> { #[tokio::test] async fn with_read_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (reader_name, reader_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let reader = server.init_user().await?; let role = AddUser { database: &db, - user: &reader_name, + user: &reader.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = RemoveDb { name: &db }; assert_eq!( - server.post(DB_REMOVE_URI, &del, &reader_token).await?.0, + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = RemoveDb { name: db.clone() }; + assert_eq!( + server.post(DB_REMOVE_URI, &del, &reader.token).await?.0, 403 ); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db, db_type: "mapped".to_string(), @@ -85,21 +88,24 @@ async fn with_read_role() -> anyhow::Result<()> { #[tokio::test] async fn with_write_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (writer_name, writer_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let writer = server.init_user().await?; let role = AddUser { database: &db, - user: &writer_name, + user: &writer.name, role: "write", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = RemoveDb { name: &db }; assert_eq!( - server.post(DB_REMOVE_URI, &del, &writer_token).await?.0, + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = RemoveDb { name: db.clone() }; + assert_eq!( + server.post(DB_REMOVE_URI, &del, &writer.token).await?.0, 403 ); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db, db_type: "mapped".to_string(), @@ -111,20 +117,23 @@ async fn with_write_role() -> anyhow::Result<()> { #[tokio::test] async fn with_admin_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("mapped", &token).await?; - let (admin_name, admin_token) = server.init_user().await?; + let user = server.init_user().await?; + let db = server.init_db("mapped", &user).await?; + let admin = server.init_user().await?; let role = AddUser { database: &db, - user: &admin_name, + user: &admin.name, role: "admin", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let del = RemoveDb { name: &db }; - assert_eq!(server.post(DB_REMOVE_URI, &del, &admin_token).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let del = RemoveDb { name: db.clone() }; + assert_eq!(server.post(DB_REMOVE_URI, &del, &admin.token).await?.0, 204); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; assert_eq!(list?, vec![]); - assert!(Path::new(&server.dir).join(db).exists()); + assert!(Path::new(&server.data_dir).join(db).exists()); Ok(()) } @@ -132,7 +141,7 @@ async fn with_admin_role() -> anyhow::Result<()> { async fn no_token() -> anyhow::Result<()> { let server = TestServer::new().await?; let del = RemoveDb { - name: "no_token_db", + name: String::new(), }; assert_eq!(server.post(DB_REMOVE_URI, &del, NO_TOKEN).await?.0, 401); Ok(()) diff --git a/agdb_server/tests/routes/db_user_add_test.rs b/agdb_server/tests/routes/db_user_add_test.rs index 2f17fc182..f245934bb 100644 --- a/agdb_server/tests/routes/db_user_add_test.rs +++ b/agdb_server/tests/routes/db_user_add_test.rs @@ -8,18 +8,21 @@ use crate::NO_TOKEN; #[tokio::test] async fn add_reader() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (reader_name, reader_token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let reader = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &reader_name, + user: &reader.name, role: "read", }; - let (_, list) = server.get::>(DB_LIST_URI, &reader_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &reader.token).await?; assert_eq!(list?, vec![]); - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let (_, list) = server.get::>(DB_LIST_URI, &reader_token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let (_, list) = server.get::>(DB_LIST_URI, &reader.token).await?; let expected = vec![Db { name: db, db_type: "memory".to_string(), @@ -31,18 +34,21 @@ async fn add_reader() -> anyhow::Result<()> { #[tokio::test] async fn add_writer() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (writer_name, writer_token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let writer = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &writer_name, + user: &writer.name, role: "write", }; - let (_, list) = server.get::>(DB_LIST_URI, &writer_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &writer.token).await?; assert_eq!(list?, vec![]); - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let (_, list) = server.get::>(DB_LIST_URI, &writer_token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let (_, list) = server.get::>(DB_LIST_URI, &writer.token).await?; let expected = vec![Db { name: db, db_type: "memory".to_string(), @@ -54,18 +60,21 @@ async fn add_writer() -> anyhow::Result<()> { #[tokio::test] async fn add_admin() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (admin_name, admin_token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let admin = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &admin_name, + user: &admin.name, role: "admin", }; - let (_, list) = server.get::>(DB_LIST_URI, &admin_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &admin.token).await?; assert_eq!(list?, vec![]); - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let (_, list) = server.get::>(DB_LIST_URI, &admin_token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let (_, list) = server.get::>(DB_LIST_URI, &admin.token).await?; let expected = vec![Db { name: db, db_type: "memory".to_string(), @@ -77,36 +86,39 @@ async fn add_admin() -> anyhow::Result<()> { #[tokio::test] async fn add_self() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &name, + user: &user.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 403); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 403 + ); Ok(()) } #[tokio::test] async fn add_admin_as_non_admin() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (_, writer_token) = server.init_user().await?; - let (other_name, other_token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let writer = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "write", }; - let (_, list) = server.get::>(DB_LIST_URI, &other_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &other.token).await?; assert_eq!(list?, vec![]); assert_eq!( - server.post(DB_USER_ADD_URI, &role, &writer_token).await?.0, + server.post(DB_USER_ADD_URI, &role, &writer.token).await?.0, 403 ); - let (_, list) = server.get::>(DB_LIST_URI, &other_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &other.token).await?; assert_eq!(list?, vec![]); Ok(()) } @@ -114,23 +126,38 @@ async fn add_admin_as_non_admin() -> anyhow::Result<()> { #[tokio::test] async fn change_user_role() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let (other_name, other) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let mut role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "write", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - assert_eq!(server.post(DB_USER_ADD_URI, &role, &other).await?.0, 403); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &other.token).await?.0, + 403 + ); role.role = "admin"; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); role.role = "write"; - role.user = &name; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &other).await?.0, 201); - role.user = &other_name; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 403); + role.user = &user.name; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &other.token).await?.0, + 201 + ); + role.user = &other.name; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 403 + ); Ok(()) } @@ -138,27 +165,33 @@ async fn change_user_role() -> anyhow::Result<()> { #[tokio::test] async fn db_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let role = AddUser { database: "db_not_found", user: "some_user", role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 466); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 466 + ); Ok(()) } #[tokio::test] async fn user_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, user: "user_not_found", role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 464); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 464 + ); Ok(()) } diff --git a/agdb_server/tests/routes/db_user_list.rs b/agdb_server/tests/routes/db_user_list.rs index 64e11d7a3..3d6f8760f 100644 --- a/agdb_server/tests/routes/db_user_list.rs +++ b/agdb_server/tests/routes/db_user_list.rs @@ -15,14 +15,14 @@ struct DbUser { #[tokio::test] async fn list_user() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let (_, list) = server - .get::>(&format!("{DB_USER_LIST_URI}?name={}", &db), &token) + .get::>(&format!("{DB_USER_LIST_URI}?name={}", &db), &user.token) .await?; let expected = vec![DbUser { database: db, - user: name, + user: user.name, role: "admin".to_string(), }]; assert_eq!(list?, expected); @@ -32,29 +32,32 @@ async fn list_user() -> anyhow::Result<()> { #[tokio::test] async fn list_users() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let (other_name, other) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); let (_, list) = server - .get::>(&format!("{DB_USER_LIST_URI}?name={}", &db), &other) + .get::>(&format!("{DB_USER_LIST_URI}?name={}", &db), &other.token) .await?; let mut list = list?; list.sort(); let expected = vec![ DbUser { database: db.clone(), - user: name, + user: user.name, role: "admin".to_string(), }, DbUser { database: db, - user: other_name, + user: other.name, role: "read".to_string(), }, ]; diff --git a/agdb_server/tests/routes/db_user_remove_test.rs b/agdb_server/tests/routes/db_user_remove_test.rs index 8e9780aec..da8007a2b 100644 --- a/agdb_server/tests/routes/db_user_remove_test.rs +++ b/agdb_server/tests/routes/db_user_remove_test.rs @@ -8,37 +8,43 @@ use crate::NO_TOKEN; use serde::Serialize; #[derive(Serialize)] -struct RemoveUser<'a> { - database: &'a str, - user: &'a str, +struct RemoveUser { + database: String, + user: String, } #[tokio::test] async fn remove() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (reader_name, reader_token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let reader = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &reader_name, + user: &reader.name, role: "read", }; - let (_, list) = server.get::>(DB_LIST_URI, &reader_token).await?; + let (_, list) = server.get::>(DB_LIST_URI, &reader.token).await?; assert_eq!(list?, vec![]); - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); - let (_, list) = server.get::>(DB_LIST_URI, &reader_token).await?; + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); + let (_, list) = server.get::>(DB_LIST_URI, &reader.token).await?; let expected = vec![Db { name: db.clone(), db_type: "memory".to_string(), }]; assert_eq!(list?, expected); let rem = RemoveUser { - database: &db, - user: &reader_name, + database: db, + user: reader.name, }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &token).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &reader_token).await?; + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &user.token).await?.0, + 204 + ); + let (_, list) = server.get::>(DB_LIST_URI, &reader.token).await?; assert_eq!(list?, vec![]); Ok(()) } @@ -46,41 +52,53 @@ async fn remove() -> anyhow::Result<()> { #[tokio::test] async fn remove_user_non_admin() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let (other_name, other) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); let rem = RemoveUser { - database: &db, - user: &name, + database: db, + user: user.name, }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &other).await?.0, 403); + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &other.token).await?.0, + 403 + ); Ok(()) } #[tokio::test] async fn remove_self() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (other_name, other) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "read", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); let rem = RemoveUser { - database: &db, - user: &other_name, + database: db, + user: other.name, }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &other).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &other).await?; + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &other.token).await?.0, + 204 + ); + let (_, list) = server.get::>(DB_LIST_URI, &other.token).await?; assert_eq!(list?, vec![]); Ok(()) } @@ -88,21 +106,27 @@ async fn remove_self() -> anyhow::Result<()> { #[tokio::test] async fn remove_self_admin() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let (other_name, other) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let other = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let role = AddUser { database: &db, - user: &other_name, + user: &other.name, role: "admin", }; - assert_eq!(server.post(DB_USER_ADD_URI, &role, &token).await?.0, 201); + assert_eq!( + server.post(DB_USER_ADD_URI, &role, &user.token).await?.0, + 201 + ); let rem = RemoveUser { - database: &db, - user: &other_name, + database: db, + user: other.name, }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &other).await?.0, 204); - let (_, list) = server.get::>(DB_LIST_URI, &other).await?; + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &other.token).await?.0, + 204 + ); + let (_, list) = server.get::>(DB_LIST_URI, &other.token).await?; assert_eq!(list?, vec![]); Ok(()) } @@ -110,14 +134,17 @@ async fn remove_self_admin() -> anyhow::Result<()> { #[tokio::test] async fn remove_self_admin_last() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let rem = RemoveUser { - database: &db, - user: &name, + database: db.clone(), + user: user.name, }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &token).await?.0, 403); - let (_, list) = server.get::>(DB_LIST_URI, &token).await?; + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &user.token).await?.0, + 403 + ); + let (_, list) = server.get::>(DB_LIST_URI, &user.token).await?; let expected = vec![Db { name: db, db_type: "memory".to_string(), @@ -129,25 +156,31 @@ async fn remove_self_admin_last() -> anyhow::Result<()> { #[tokio::test] async fn db_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; + let user = server.init_user().await?; let rem = RemoveUser { - database: "db_not_found", - user: "some_user", + database: format!("{}/db_not_found", user.name), + user: String::new(), }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &token).await?.0, 466); + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &user.token).await?.0, + 466 + ); Ok(()) } #[tokio::test] async fn user_not_found() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (_, token) = server.init_user().await?; - let db = server.init_db("memory", &token).await?; + let user = server.init_user().await?; + let db = server.init_db("memory", &user).await?; let rem = RemoveUser { - database: &db, - user: "user_not_found", + database: db, + user: "user_not_found".to_string(), }; - assert_eq!(server.post(DB_USER_REMOVE_URI, &rem, &token).await?.0, 464); + assert_eq!( + server.post(DB_USER_REMOVE_URI, &rem, &user.token).await?.0, + 464 + ); Ok(()) } @@ -155,8 +188,8 @@ async fn user_not_found() -> anyhow::Result<()> { async fn no_token() -> anyhow::Result<()> { let server = TestServer::new().await?; let rem = RemoveUser { - database: "my_db", - user: "bob", + database: String::new(), + user: String::new(), }; assert_eq!( server.post(DB_USER_REMOVE_URI, &rem, NO_TOKEN).await?.0, diff --git a/agdb_server/tests/routes/user_change_password_test.rs b/agdb_server/tests/routes/user_change_password_test.rs index d55399789..0c2533db4 100644 --- a/agdb_server/tests/routes/user_change_password_test.rs +++ b/agdb_server/tests/routes/user_change_password_test.rs @@ -8,14 +8,14 @@ use crate::USER_LOGIN_URI; #[tokio::test] async fn change_password() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let change = ChangePassword { - name: &name, - password: &name, + name: &user.name, + password: &user.name, new_password: "password456", }; let user = User { - name: &name, + name: &user.name, password: "password456", }; assert_eq!( @@ -33,9 +33,9 @@ async fn change_password() -> anyhow::Result<()> { #[tokio::test] async fn invalid_credentials() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let change = ChangePassword { - name: &name, + name: &user.name, password: "bad_password", new_password: "password456", }; @@ -53,10 +53,10 @@ async fn invalid_credentials() -> anyhow::Result<()> { #[tokio::test] async fn password_too_short() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (name, _) = server.init_user().await?; + let user = server.init_user().await?; let change = ChangePassword { - name: &name, - password: &name, + name: &user.name, + password: &user.name, new_password: "pswd", }; assert_eq!( diff --git a/agdb_server/tests/routes/user_login_test.rs b/agdb_server/tests/routes/user_login_test.rs index 59af78c14..b8a63bcbf 100644 --- a/agdb_server/tests/routes/user_login_test.rs +++ b/agdb_server/tests/routes/user_login_test.rs @@ -6,10 +6,10 @@ use crate::USER_LOGIN_URI; #[tokio::test] async fn login() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (user, _) = server.init_user().await?; + let user = server.init_user().await?; let user = User { - name: &user, - password: &user, + name: &user.name, + password: &user.name, }; let (status, token) = server.post(USER_LOGIN_URI, &user, NO_TOKEN).await?; assert_eq!(status, 200); @@ -21,9 +21,9 @@ async fn login() -> anyhow::Result<()> { #[tokio::test] async fn invalid_credentials() -> anyhow::Result<()> { let server = TestServer::new().await?; - let (user, _) = server.init_user().await?; + let user = server.init_user().await?; let user = User { - name: &user, + name: &user.name, password: "password456", }; let (status, token) = server.post(USER_LOGIN_URI, &user, NO_TOKEN).await?;