poanetwork
/
poa-netstats-warehouse
mirror of https://github.com/poanetwork/poa-netstats-warehouse.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[#70] splitting the api test file in multiple files

This commit is contained in:
Felipe Ripoll 2018-09-06 10:08:59 -06:00
parent e76a6d65b4
commit c487ac7b3f
6 changed files with 925 additions and 954 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
test/ancillary/common_api_tests.ex Normal file
View File

@ -0,0 +1,97 @@
defmodule POABackend.Ancillary.CommonAPITest do
@moduledoc false
defmacro __using__(_) do
quote do
use ExUnit.Case
alias POABackend.Auth
alias POABackend.Ancillary.Utils
@base_url "https://localhost:4003"
@user "ferigis"
@password "1234567890"
@admin "admin1"
@admin_pwd "password12345678"
setup do
Utils.clear_db()
:ok = create_user()
on_exit fn ->
Utils.clear_db()
end
[]
end
# ----------------------------------------
# Internal functions
# ----------------------------------------
defp create_user(user \\ @user, password \\ @password) do
{:ok, _user} = Auth.create_user(user, password)
:ok
end
defp post(data, url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.post(url, data, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp get(url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.get(url, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp delete(url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.delete(url, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp patch(data, url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.patch(url, data, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
end
end
end

954
test/auth/api_test.exs
View File

@ -1,954 +0,0 @@
defmodule Auth.APITest do
use ExUnit.Case
alias POABackend.Auth
alias POABackend.Ancillary.Utils
@base_url "https://localhost:4003"
@user "ferigis"
@password "1234567890"
@admin "admin1"
@admin_pwd "password12345678"
setup do
Utils.clear_db()
:ok = create_user()
on_exit fn ->
Utils.clear_db()
end
[]
end
# ----------------------------------------
# /session Endpoint Tests
# ----------------------------------------
test "get a valid JWT Token with [JSON]" do
url = @base_url <> "/session"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
user = Auth.get_user(@user)
{:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token)
assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token)
end
test "get a valid JWT Token with [MSGPACK]" do
url = @base_url <> "/session"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(url, headers)
user = Auth.get_user(@user)
{:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token)
assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token)
end
test "try with wrong user/password [JSON]" do
url = @base_url <> "/session"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "try with wrong user/password [MSGPACK]" do
url = @base_url <> "/session"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "try with a user who doesn't exist [JSON]" do
url = @base_url <> "/session"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "try with a user who doesn't exist [MSGPACK]" do
url = @base_url <> "/session"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "testing an unnexisting endpoint" do
url = @base_url <> "/thisdoesntexist"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
assert {404, :nobody} == result
end
# ----------------------------------------
# /user Endpoint Tests
# ----------------------------------------
test "trying to create a user with wrong Admin Credentials [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "trying to create a user with wrong Admin Credentials [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "create a user without credentials [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, %{"user-name" => user_name, "password" => password}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user without credentials [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, %{"user-name" => user_name, "password" => password}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName"
{200, %{"user-name" => ^user_name, "password" => password}} =
%{:'agent-id' => "agentID", :'user-name' => user_name}
|> Poison.encode!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName"
{200, %{"user-name" => ^user_name, "password" => password}} =
%{:'agent-id' => "agentID", :'user-name' => user_name}
|> Msgpax.pack!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name and password [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName2"
password = "mypasswordfornewuser"
{200, %{"user-name" => ^user_name, "password" => ^password}} =
%{:'agent-id' => "agentID",
:'user-name' => user_name,
:password => password}
|> Poison.encode!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name and password [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName2"
password = "mypasswordfornewuser"
{200, %{"user-name" => ^user_name, "password" => ^password}} =
%{:'agent-id' => "agentID",
:'user-name' => user_name,
:password => password}
|> Msgpax.pack!()
|> post(url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create user which already exists [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:'agent-id' => "agentID",
:'user-name' => @user}
|> Poison.encode!()
|> post(url, headers)
assert {409, :nobody} == result
end
test "create user which already exists [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:'agent-id' => "agentID",
:'user-name' => @user}
|> Msgpax.pack!()
|> post(url, headers)
assert {409, :nobody} == result
end
test "listing all the users stored" do
url = @base_url <> "/user"
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
:ok = create_user("user2", "password2")
{200, users} = get(url, headers)
assert length(users) == 2
end
test "listing all the users stored with wrong Admin Credentials" do
url = @base_url <> "/user"
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result = get(url, headers)
assert {401, :nobody} == result
end
test "deleting a user which exists in the system" do
url = @base_url <> "/user"
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
assert {204, :nobody} == delete(url <> "/ferigis", headers)
assert {200, []} == get(url, headers)
end
test "deleting a user which doern't exist in the system" do
url = @base_url <> "/user"
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
assert {404, :nobody} == delete(url <> "/noexist", headers)
{200, ^users} = get(url, headers)
end
test "deleting a user with wrong admin credentials" do
url = @base_url <> "/user"
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
assert {401, :nobody} == delete(url <> "/ferigis", headers)
end
test "updating user [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, false)
|> Poison.encode!
|> patch(url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(url, headers)
refute initial_user["active"]
result =
%{}
|> Map.put(:active, true)
|> Poison.encode!
|> patch(url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
end
test "updating user [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, false)
|> Msgpax.pack!
|> patch(url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(url, headers)
refute initial_user["active"]
result =
%{}
|> Map.put(:active, true)
|> Msgpax.pack!
|> patch(url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
end
test "updating user with wrong active value (not boolean) [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, "wrong value")
|> Poison.encode!
|> patch(url <> "/ferigis", headers)
assert {422, :nobody} == result
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
end
test "updating user with wrong active value (not boolean) [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, "wrong value")
|> Msgpax.pack!
|> patch(url <> "/ferigis", headers)
assert {422, :nobody} == result
{200, [initial_user]} = get(url, headers)
assert initial_user["active"]
end
test "updating user with wrong admin credentials [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{}
|> Map.put(:active, false)
|> Poison.encode!
|> patch(url <> "/ferigis", headers)
assert {401, :nobody} == result
end
test "updating user with wrong admin credentials [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{}
|> Map.put(:active, false)
|> Msgpax.pack!
|> patch(url <> "/ferigis", headers)
assert {401, :nobody} == result
end
test "updating user who doesn't exist [JSON]" do
url = @base_url <> "/user"
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{}
|> Map.put(:active, true)
|> Poison.encode!
|> patch(url <> "/unnexistinguser", headers)
assert {404, :nobody} == result
end
test "updating user who doesn't exist [MSGPACK]" do
url = @base_url <> "/user"
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{}
|> Map.put(:active, true)
|> Msgpax.pack!
|> patch(url <> "/unnexistinguser", headers)
assert {404, :nobody} == result
end
# ----------------------------------------
# /blacklist/user Endpoint Tests
# ----------------------------------------
test "Ban a user correctly [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@base_url <> "/session", headers)
user = Auth.get_user(@user)
assert Auth.valid_token?(jwt_token)
assert Auth.user_active?(user)
blacklist_url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:user => @user}
|> Poison.encode!()
|> post(blacklist_url, headers)
user = Auth.get_user(@user)
refute Auth.valid_token?(jwt_token)
refute Auth.user_active?(user)
end
test "Ban a user correctly [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@base_url <> "/session", headers)
user = Auth.get_user(@user)
assert Auth.valid_token?(jwt_token)
assert Auth.user_active?(user)
blacklist_url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:user => @user}
|> Msgpax.pack!()
|> post(blacklist_url, headers)
user = Auth.get_user(@user)
refute Auth.valid_token?(jwt_token)
refute Auth.user_active?(user)
end
test "Ban a user who doesn't exist [JSON]" do
mime_type = "application/json"
url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:user => "thiUserDoesntexist"}
|> Poison.encode!()
|> post(url, headers)
assert result == {404, :nobody}
end
test "Ban a user who doesn't exist [MSGPACK]" do
mime_type = "application/msgpack"
url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:user => "thiUserDoesntexist"}
|> Msgpax.pack!()
|> post(url, headers)
assert result == {404, :nobody}
end
test "Ban user with wrong Admin credentials [JSON]" do
mime_type = "application/json"
url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:user => @user}
|> Poison.encode!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "Ban user with wrong Admin credentials [MSGPACK]" do
mime_type = "application/msgpack"
url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:user => @user}
|> Msgpax.pack!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "Ban user without user field [JSON]" do
mime_type = "application/json"
url = @base_url <> "/blacklist/user"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result = post("", url, headers)
assert {404, :nobody} == result
end
# ----------------------------------------
# /blacklist/token Endpoint Tests
# ----------------------------------------
test "Ban a token correctly [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@base_url <> "/session", headers)
assert Auth.valid_token?(jwt_token)
blacklist_url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:token => jwt_token}
|> Poison.encode!()
|> post(blacklist_url, headers)
refute Auth.valid_token?(jwt_token)
end
test "Ban a token correctly [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@base_url <> "/session", headers)
assert Auth.valid_token?(jwt_token)
blacklist_url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:token => jwt_token}
|> Msgpax.pack!()
|> post(blacklist_url, headers)
refute Auth.valid_token?(jwt_token)
end
test "Ban an invalid token [JSON]" do
mime_type = "application/json"
url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:token => "badtoken"}
|> Poison.encode!()
|> post(url, headers)
assert result == {404, :nobody}
end
test "Ban an invalid token [MSGPACK]" do
mime_type = "application/msgpack"
url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:token => "badtoken"}
|> Msgpax.pack!()
|> post(url, headers)
assert result == {404, :nobody}
end
test "Ban token with wrong Admin credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@base_url <> "/session", headers)
url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:token => jwt_token}
|> Poison.encode!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "Ban token with wrong Admin credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@base_url <> "/session", headers)
url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:token => jwt_token}
|> Msgpax.pack!()
|> post(url, headers)
assert {401, :nobody} == result
end
test "Ban token without token field [JSON]" do
mime_type = "application/json"
url = @base_url <> "/blacklist/token"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result = post("", url, headers)
assert {404, :nobody} == result
end
# ----------------------------------------
# Internal functions
# ----------------------------------------
defp create_user(user \\ @user, password \\ @password) do
{:ok, _user} = Auth.create_user(user, password)
:ok
end
defp post(data, url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.post(url, data, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp get(url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.get(url, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp delete(url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.delete(url, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
defp patch(data, url, headers) do
options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500]
{:ok, response} = HTTPoison.patch(url, data, headers, options)
body = case response.body do
"" ->
:nobody
_ ->
{:ok, body} = Poison.decode(response.body)
body
end
{response.status_code, body}
end
end

152
test/auth/blacklist_token_test.exs Normal file
View File

@ -0,0 +1,152 @@
defmodule Auth.BlacklistTokenAPITest do
use POABackend.Ancillary.CommonAPITest
@url @base_url <> "/blacklist/token"
@session_url @base_url <> "/session"
test "Ban a token correctly [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@session_url, headers)
assert Auth.valid_token?(jwt_token)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:token => jwt_token}
|> Poison.encode!()
|> post(@url, headers)
refute Auth.valid_token?(jwt_token)
end
test "Ban a token correctly [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@session_url, headers)
assert Auth.valid_token?(jwt_token)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:token => jwt_token}
|> Msgpax.pack!()
|> post(@url, headers)
refute Auth.valid_token?(jwt_token)
end
test "Ban an invalid token [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:token => "badtoken"}
|> Poison.encode!()
|> post(@url, headers)
assert result == {404, :nobody}
end
test "Ban an invalid token [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:token => "badtoken"}
|> Msgpax.pack!()
|> post(@url, headers)
assert result == {404, :nobody}
end
test "Ban token with wrong Admin credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@session_url, headers)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:token => jwt_token}
|> Poison.encode!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "Ban token with wrong Admin credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@session_url, headers)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:token => jwt_token}
|> Msgpax.pack!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "Ban token without token field [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result = post("", @url, headers)
assert {404, :nobody} == result
end
end

144
test/auth/blacklist_user_api_test.exs Normal file
View File

@ -0,0 +1,144 @@
defmodule Auth.BlacklistUserAPITest do
use POABackend.Ancillary.CommonAPITest
@url @base_url <> "/blacklist/user"
@session_url @base_url <> "/session"
test "Ban a user correctly [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@session_url, headers)
user = Auth.get_user(@user)
assert Auth.valid_token?(jwt_token)
assert Auth.user_active?(user)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:user => @user}
|> Poison.encode!()
|> post(@url, headers)
user = Auth.get_user(@user)
refute Auth.valid_token?(jwt_token)
refute Auth.user_active?(user)
end
test "Ban a user correctly [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@session_url, headers)
user = Auth.get_user(@user)
assert Auth.valid_token?(jwt_token)
assert Auth.user_active?(user)
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, :nobody} =
%{:user => @user}
|> Msgpax.pack!()
|> post(@url, headers)
user = Auth.get_user(@user)
refute Auth.valid_token?(jwt_token)
refute Auth.user_active?(user)
end
test "Ban a user who doesn't exist [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:user => "thiUserDoesntexist"}
|> Poison.encode!()
|> post(@url, headers)
assert result == {404, :nobody}
end
test "Ban a user who doesn't exist [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:user => "thiUserDoesntexist"}
|> Msgpax.pack!()
|> post(@url, headers)
assert result == {404, :nobody}
end
test "Ban user with wrong Admin credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:user => @user}
|> Poison.encode!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "Ban user with wrong Admin credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:user => @user}
|> Msgpax.pack!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "Ban user without user field [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result = post("", @url, headers)
assert {404, :nobody} == result
end
end

116
test/auth/session_api_test.exs Normal file
View File

@ -0,0 +1,116 @@
defmodule Auth.SessionAPITest do
use POABackend.Ancillary.CommonAPITest
@url @base_url <> "/session"
test "get a valid JWT Token with [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@url, headers)
user = Auth.get_user(@user)
{:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token)
assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token)
end
test "get a valid JWT Token with [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)}
]
{200, %{"token" => jwt_token}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@url, headers)
user = Auth.get_user(@user)
{:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token)
assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token)
end
test "try with wrong user/password [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "try with wrong user/password [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "try with a user who doesn't exist [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "try with a user who doesn't exist [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "testing an unnexisting endpoint" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@base_url <> "/thisdoesntexist", headers)
assert {404, :nobody} == result
end
end

416
test/auth/user_api_test.exs Normal file
View File

@ -0,0 +1,416 @@
defmodule Auth.UserAPITest do
use POABackend.Ancillary.CommonAPITest
@url @base_url <> "/user"
test "trying to create a user with wrong Admin Credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "trying to create a user with wrong Admin Credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@url, headers)
assert {401, :nobody} == result
end
test "create a user without credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, %{"user-name" => user_name, "password" => password}} =
%{:'agent-id' => "agentID"}
|> Poison.encode!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user without credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, %{"user-name" => user_name, "password" => password}} =
%{:'agent-id' => "agentID"}
|> Msgpax.pack!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName"
{200, %{"user-name" => ^user_name, "password" => password}} =
%{:'agent-id' => "agentID", :'user-name' => user_name}
|> Poison.encode!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName"
{200, %{"user-name" => ^user_name, "password" => password}} =
%{:'agent-id' => "agentID", :'user-name' => user_name}
|> Msgpax.pack!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name and password [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName2"
password = "mypasswordfornewuser"
{200, %{"user-name" => ^user_name, "password" => ^password}} =
%{:'agent-id' => "agentID",
:'user-name' => user_name,
:password => password}
|> Poison.encode!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create a user with user_name and password [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
user_name = "newUserName2"
password = "mypasswordfornewuser"
{200, %{"user-name" => ^user_name, "password" => ^password}} =
%{:'agent-id' => "agentID",
:'user-name' => user_name,
:password => password}
|> Msgpax.pack!()
|> post(@url, headers)
assert Auth.authenticate_user(user_name, password)
end
test "create user which already exists [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:'agent-id' => "agentID",
:'user-name' => @user}
|> Poison.encode!()
|> post(@url, headers)
assert {409, :nobody} == result
end
test "create user which already exists [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{:'agent-id' => "agentID",
:'user-name' => @user}
|> Msgpax.pack!()
|> post(@url, headers)
assert {409, :nobody} == result
end
test "listing all the users stored" do
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(@url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
:ok = create_user("user2", "password2")
{200, users} = get(@url, headers)
assert length(users) == 2
end
test "listing all the users stored with wrong Admin Credentials" do
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result = get(@url, headers)
assert {401, :nobody} == result
end
test "deleting a user which exists in the system" do
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(@url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
assert {204, :nobody} == delete(@url <> "/ferigis", headers)
assert {200, []} == get(@url, headers)
end
test "deleting a user which doern't exist in the system" do
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user] = users} = get(@url, headers)
assert length(users) == 1 # ferigis user is created at the begining of each test
assert initial_user["user"] == "ferigis"
assert {404, :nobody} == delete(@url <> "/noexist", headers)
{200, ^users} = get(@url, headers)
end
test "deleting a user with wrong admin credentials" do
headers = [
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
assert {401, :nobody} == delete(@url <> "/ferigis", headers)
end
test "updating user [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, false)
|> Poison.encode!
|> patch(@url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(@url, headers)
refute initial_user["active"]
result =
%{}
|> Map.put(:active, true)
|> Poison.encode!
|> patch(@url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
end
test "updating user [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, false)
|> Msgpax.pack!
|> patch(@url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(@url, headers)
refute initial_user["active"]
result =
%{}
|> Map.put(:active, true)
|> Msgpax.pack!
|> patch(@url <> "/ferigis", headers)
assert {204, :nobody} == result
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
end
test "updating user with wrong active value (not boolean) [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, "wrong value")
|> Poison.encode!
|> patch(@url <> "/ferigis", headers)
assert {422, :nobody} == result
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
end
test "updating user with wrong active value (not boolean) [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
result =
%{}
|> Map.put(:active, "wrong value")
|> Msgpax.pack!
|> patch(@url <> "/ferigis", headers)
assert {422, :nobody} == result
{200, [initial_user]} = get(@url, headers)
assert initial_user["active"]
end
test "updating user with wrong admin credentials [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{}
|> Map.put(:active, false)
|> Poison.encode!
|> patch(@url <> "/ferigis", headers)
assert {401, :nobody} == result
end
test "updating user with wrong admin credentials [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")}
]
result =
%{}
|> Map.put(:active, false)
|> Msgpax.pack!
|> patch(@url <> "/ferigis", headers)
assert {401, :nobody} == result
end
test "updating user who doesn't exist [JSON]" do
mime_type = "application/json"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{}
|> Map.put(:active, true)
|> Poison.encode!
|> patch(@url <> "/unnexistinguser", headers)
assert {404, :nobody} == result
end
test "updating user who doesn't exist [MSGPACK]" do
mime_type = "application/msgpack"
headers = [
{"Content-Type", mime_type},
{"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)}
]
result =
%{}
|> Map.put(:active, true)
|> Msgpax.pack!
|> patch(@url <> "/unnexistinguser", headers)
assert {404, :nobody} == result
end
end