From c487ac7b3f6b18c26164dcbeaa4f6c92abdfeba0 Mon Sep 17 00:00:00 2001 From: Felipe Ripoll Date: Thu, 6 Sep 2018 10:08:59 -0600 Subject: [PATCH] [#70] splitting the api test file in multiple files --- test/ancillary/common_api_tests.ex | 97 +++ test/auth/api_test.exs | 954 -------------------------- test/auth/blacklist_token_test.exs | 152 ++++ test/auth/blacklist_user_api_test.exs | 144 ++++ test/auth/session_api_test.exs | 116 ++++ test/auth/user_api_test.exs | 416 +++++++++++ 6 files changed, 925 insertions(+), 954 deletions(-) create mode 100644 test/ancillary/common_api_tests.ex delete mode 100644 test/auth/api_test.exs create mode 100644 test/auth/blacklist_token_test.exs create mode 100644 test/auth/blacklist_user_api_test.exs create mode 100644 test/auth/session_api_test.exs create mode 100644 test/auth/user_api_test.exs diff --git a/test/ancillary/common_api_tests.ex b/test/ancillary/common_api_tests.ex new file mode 100644 index 0000000..f8a393b --- /dev/null +++ b/test/ancillary/common_api_tests.ex @@ -0,0 +1,97 @@ +defmodule POABackend.Ancillary.CommonAPITest do + @moduledoc false + + defmacro __using__(_) do + quote do + use ExUnit.Case + alias POABackend.Auth + alias POABackend.Ancillary.Utils + + @base_url "https://localhost:4003" + @user "ferigis" + @password "1234567890" + @admin "admin1" + @admin_pwd "password12345678" + + setup do + Utils.clear_db() + :ok = create_user() + + on_exit fn -> + Utils.clear_db() + end + + [] + end + + # ---------------------------------------- + # Internal functions + # ---------------------------------------- + + defp create_user(user \\ @user, password \\ @password) do + {:ok, _user} = Auth.create_user(user, password) + :ok + end + + defp post(data, url, headers) do + options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] + {:ok, response} = HTTPoison.post(url, data, headers, options) + + body = case response.body do + "" -> + :nobody + _ -> + {:ok, body} = Poison.decode(response.body) + body + end + + {response.status_code, body} + end + + defp get(url, headers) do + options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] + {:ok, response} = HTTPoison.get(url, headers, options) + + body = case response.body do + "" -> + :nobody + _ -> + {:ok, body} = Poison.decode(response.body) + body + end + + {response.status_code, body} + end + + defp delete(url, headers) do + options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] + {:ok, response} = HTTPoison.delete(url, headers, options) + + body = case response.body do + "" -> + :nobody + _ -> + {:ok, body} = Poison.decode(response.body) + body + end + + {response.status_code, body} + end + + defp patch(data, url, headers) do + options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] + {:ok, response} = HTTPoison.patch(url, data, headers, options) + + body = case response.body do + "" -> + :nobody + _ -> + {:ok, body} = Poison.decode(response.body) + body + end + + {response.status_code, body} + end + end + end +end diff --git a/test/auth/api_test.exs b/test/auth/api_test.exs deleted file mode 100644 index 6d4e68f..0000000 --- a/test/auth/api_test.exs +++ /dev/null @@ -1,954 +0,0 @@ -defmodule Auth.APITest do - use ExUnit.Case - alias POABackend.Auth - alias POABackend.Ancillary.Utils - - @base_url "https://localhost:4003" - @user "ferigis" - @password "1234567890" - @admin "admin1" - @admin_pwd "password12345678" - - setup do - Utils.clear_db() - :ok = create_user() - - on_exit fn -> - Utils.clear_db() - end - - [] - end - - # ---------------------------------------- - # /session Endpoint Tests - # ---------------------------------------- - - test "get a valid JWT Token with [JSON]" do - url = @base_url <> "/session" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - user = Auth.get_user(@user) - {:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token) - - assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token) - end - - test "get a valid JWT Token with [MSGPACK]" do - url = @base_url <> "/session" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(url, headers) - - user = Auth.get_user(@user) - {:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token) - - assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token) - end - - test "try with wrong user/password [JSON]" do - url = @base_url <> "/session" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "try with wrong user/password [MSGPACK]" do - url = @base_url <> "/session" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "try with a user who doesn't exist [JSON]" do - url = @base_url <> "/session" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "try with a user who doesn't exist [MSGPACK]" do - url = @base_url <> "/session" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "testing an unnexisting endpoint" do - url = @base_url <> "/thisdoesntexist" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type} - ] - - result = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - assert {404, :nobody} == result - end - - # ---------------------------------------- - # /user Endpoint Tests - # ---------------------------------------- - - test "trying to create a user with wrong Admin Credentials [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "trying to create a user with wrong Admin Credentials [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "create a user without credentials [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, %{"user-name" => user_name, "password" => password}} = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create a user without credentials [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, %{"user-name" => user_name, "password" => password}} = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create a user with user_name [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - user_name = "newUserName" - - {200, %{"user-name" => ^user_name, "password" => password}} = - %{:'agent-id' => "agentID", :'user-name' => user_name} - |> Poison.encode!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create a user with user_name [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - user_name = "newUserName" - - {200, %{"user-name" => ^user_name, "password" => password}} = - %{:'agent-id' => "agentID", :'user-name' => user_name} - |> Msgpax.pack!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create a user with user_name and password [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - user_name = "newUserName2" - password = "mypasswordfornewuser" - - {200, %{"user-name" => ^user_name, "password" => ^password}} = - %{:'agent-id' => "agentID", - :'user-name' => user_name, - :password => password} - |> Poison.encode!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create a user with user_name and password [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - user_name = "newUserName2" - password = "mypasswordfornewuser" - - {200, %{"user-name" => ^user_name, "password" => ^password}} = - %{:'agent-id' => "agentID", - :'user-name' => user_name, - :password => password} - |> Msgpax.pack!() - |> post(url, headers) - - assert Auth.authenticate_user(user_name, password) - end - - test "create user which already exists [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:'agent-id' => "agentID", - :'user-name' => @user} - |> Poison.encode!() - |> post(url, headers) - - assert {409, :nobody} == result - end - - test "create user which already exists [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:'agent-id' => "agentID", - :'user-name' => @user} - |> Msgpax.pack!() - |> post(url, headers) - - assert {409, :nobody} == result - end - - test "listing all the users stored" do - url = @base_url <> "/user" - headers = [ - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user] = users} = get(url, headers) - - assert length(users) == 1 # ferigis user is created at the begining of each test - assert initial_user["user"] == "ferigis" - - :ok = create_user("user2", "password2") - - {200, users} = get(url, headers) - - assert length(users) == 2 - end - - test "listing all the users stored with wrong Admin Credentials" do - url = @base_url <> "/user" - headers = [ - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = get(url, headers) - - assert {401, :nobody} == result - end - - test "deleting a user which exists in the system" do - url = @base_url <> "/user" - headers = [ - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user] = users} = get(url, headers) - - assert length(users) == 1 # ferigis user is created at the begining of each test - assert initial_user["user"] == "ferigis" - - assert {204, :nobody} == delete(url <> "/ferigis", headers) - - assert {200, []} == get(url, headers) - end - - test "deleting a user which doern't exist in the system" do - url = @base_url <> "/user" - headers = [ - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user] = users} = get(url, headers) - - assert length(users) == 1 # ferigis user is created at the begining of each test - assert initial_user["user"] == "ferigis" - - assert {404, :nobody} == delete(url <> "/noexist", headers) - - {200, ^users} = get(url, headers) - end - - test "deleting a user with wrong admin credentials" do - url = @base_url <> "/user" - headers = [ - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - assert {401, :nobody} == delete(url <> "/ferigis", headers) - end - - test "updating user [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - - result = - %{} - |> Map.put(:active, false) - |> Poison.encode! - |> patch(url <> "/ferigis", headers) - - assert {204, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - refute initial_user["active"] - - result = - %{} - |> Map.put(:active, true) - |> Poison.encode! - |> patch(url <> "/ferigis", headers) - - assert {204, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - end - - test "updating user [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - - result = - %{} - |> Map.put(:active, false) - |> Msgpax.pack! - |> patch(url <> "/ferigis", headers) - - assert {204, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - refute initial_user["active"] - - result = - %{} - |> Map.put(:active, true) - |> Msgpax.pack! - |> patch(url <> "/ferigis", headers) - - assert {204, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - end - - test "updating user with wrong active value (not boolean) [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - - result = - %{} - |> Map.put(:active, "wrong value") - |> Poison.encode! - |> patch(url <> "/ferigis", headers) - - assert {422, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - end - - test "updating user with wrong active value (not boolean) [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - - result = - %{} - |> Map.put(:active, "wrong value") - |> Msgpax.pack! - |> patch(url <> "/ferigis", headers) - - assert {422, :nobody} == result - - {200, [initial_user]} = get(url, headers) - - assert initial_user["active"] - end - - test "updating user with wrong admin credentials [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{} - |> Map.put(:active, false) - |> Poison.encode! - |> patch(url <> "/ferigis", headers) - - assert {401, :nobody} == result - end - - test "updating user with wrong admin credentials [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{} - |> Map.put(:active, false) - |> Msgpax.pack! - |> patch(url <> "/ferigis", headers) - - assert {401, :nobody} == result - end - - test "updating user who doesn't exist [JSON]" do - url = @base_url <> "/user" - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{} - |> Map.put(:active, true) - |> Poison.encode! - |> patch(url <> "/unnexistinguser", headers) - - assert {404, :nobody} == result - end - - test "updating user who doesn't exist [MSGPACK]" do - url = @base_url <> "/user" - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{} - |> Map.put(:active, true) - |> Msgpax.pack! - |> patch(url <> "/unnexistinguser", headers) - - assert {404, :nobody} == result - end - - # ---------------------------------------- - # /blacklist/user Endpoint Tests - # ---------------------------------------- - - test "Ban a user correctly [JSON]" do - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(@base_url <> "/session", headers) - - user = Auth.get_user(@user) - - assert Auth.valid_token?(jwt_token) - assert Auth.user_active?(user) - - blacklist_url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, :nobody} = - %{:user => @user} - |> Poison.encode!() - |> post(blacklist_url, headers) - - user = Auth.get_user(@user) - - refute Auth.valid_token?(jwt_token) - refute Auth.user_active?(user) - end - - test "Ban a user correctly [MSGPACK]" do - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(@base_url <> "/session", headers) - - user = Auth.get_user(@user) - - assert Auth.valid_token?(jwt_token) - assert Auth.user_active?(user) - - blacklist_url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, :nobody} = - %{:user => @user} - |> Msgpax.pack!() - |> post(blacklist_url, headers) - - user = Auth.get_user(@user) - - refute Auth.valid_token?(jwt_token) - refute Auth.user_active?(user) - end - - test "Ban a user who doesn't exist [JSON]" do - mime_type = "application/json" - url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:user => "thiUserDoesntexist"} - |> Poison.encode!() - |> post(url, headers) - - assert result == {404, :nobody} - end - - test "Ban a user who doesn't exist [MSGPACK]" do - mime_type = "application/msgpack" - url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:user => "thiUserDoesntexist"} - |> Msgpax.pack!() - |> post(url, headers) - - assert result == {404, :nobody} - end - - test "Ban user with wrong Admin credentials [JSON]" do - mime_type = "application/json" - url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:user => @user} - |> Poison.encode!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "Ban user with wrong Admin credentials [MSGPACK]" do - mime_type = "application/msgpack" - url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:user => @user} - |> Msgpax.pack!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "Ban user without user field [JSON]" do - mime_type = "application/json" - url = @base_url <> "/blacklist/user" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = post("", url, headers) - - assert {404, :nobody} == result - end - - # ---------------------------------------- - # /blacklist/token Endpoint Tests - # ---------------------------------------- - - test "Ban a token correctly [JSON]" do - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(@base_url <> "/session", headers) - - assert Auth.valid_token?(jwt_token) - - blacklist_url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, :nobody} = - %{:token => jwt_token} - |> Poison.encode!() - |> post(blacklist_url, headers) - - refute Auth.valid_token?(jwt_token) - end - - test "Ban a token correctly [MSGPACK]" do - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(@base_url <> "/session", headers) - - assert Auth.valid_token?(jwt_token) - - blacklist_url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - {200, :nobody} = - %{:token => jwt_token} - |> Msgpax.pack!() - |> post(blacklist_url, headers) - - refute Auth.valid_token?(jwt_token) - end - - test "Ban an invalid token [JSON]" do - mime_type = "application/json" - url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:token => "badtoken"} - |> Poison.encode!() - |> post(url, headers) - - assert result == {404, :nobody} - end - - test "Ban an invalid token [MSGPACK]" do - mime_type = "application/msgpack" - url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = - %{:token => "badtoken"} - |> Msgpax.pack!() - |> post(url, headers) - - assert result == {404, :nobody} - end - - test "Ban token with wrong Admin credentials [JSON]" do - mime_type = "application/json" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Poison.encode!() - |> post(@base_url <> "/session", headers) - url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:token => jwt_token} - |> Poison.encode!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "Ban token with wrong Admin credentials [MSGPACK]" do - mime_type = "application/msgpack" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} - ] - - {200, %{"token" => jwt_token}} = - %{:'agent-id' => "agentID"} - |> Msgpax.pack!() - |> post(@base_url <> "/session", headers) - url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} - ] - - result = - %{:token => jwt_token} - |> Msgpax.pack!() - |> post(url, headers) - - assert {401, :nobody} == result - end - - test "Ban token without token field [JSON]" do - mime_type = "application/json" - url = @base_url <> "/blacklist/token" - headers = [ - {"Content-Type", mime_type}, - {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} - ] - - result = post("", url, headers) - - assert {404, :nobody} == result - end - - # ---------------------------------------- - # Internal functions - # ---------------------------------------- - - defp create_user(user \\ @user, password \\ @password) do - {:ok, _user} = Auth.create_user(user, password) - :ok - end - - defp post(data, url, headers) do - options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] - {:ok, response} = HTTPoison.post(url, data, headers, options) - - body = case response.body do - "" -> - :nobody - _ -> - {:ok, body} = Poison.decode(response.body) - body - end - - {response.status_code, body} - end - - defp get(url, headers) do - options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] - {:ok, response} = HTTPoison.get(url, headers, options) - - body = case response.body do - "" -> - :nobody - _ -> - {:ok, body} = Poison.decode(response.body) - body - end - - {response.status_code, body} - end - - defp delete(url, headers) do - options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] - {:ok, response} = HTTPoison.delete(url, headers, options) - - body = case response.body do - "" -> - :nobody - _ -> - {:ok, body} = Poison.decode(response.body) - body - end - - {response.status_code, body} - end - - defp patch(data, url, headers) do - options = [ssl: [{:versions, [:'tlsv1.2']}], recv_timeout: 500] - {:ok, response} = HTTPoison.patch(url, data, headers, options) - - body = case response.body do - "" -> - :nobody - _ -> - {:ok, body} = Poison.decode(response.body) - body - end - - {response.status_code, body} - end -end diff --git a/test/auth/blacklist_token_test.exs b/test/auth/blacklist_token_test.exs new file mode 100644 index 0000000..9983926 --- /dev/null +++ b/test/auth/blacklist_token_test.exs @@ -0,0 +1,152 @@ +defmodule Auth.BlacklistTokenAPITest do + use POABackend.Ancillary.CommonAPITest + + @url @base_url <> "/blacklist/token" + @session_url @base_url <> "/session" + + test "Ban a token correctly [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@session_url, headers) + + assert Auth.valid_token?(jwt_token) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, :nobody} = + %{:token => jwt_token} + |> Poison.encode!() + |> post(@url, headers) + + refute Auth.valid_token?(jwt_token) + end + + test "Ban a token correctly [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@session_url, headers) + + assert Auth.valid_token?(jwt_token) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, :nobody} = + %{:token => jwt_token} + |> Msgpax.pack!() + |> post(@url, headers) + + refute Auth.valid_token?(jwt_token) + end + + test "Ban an invalid token [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:token => "badtoken"} + |> Poison.encode!() + |> post(@url, headers) + + assert result == {404, :nobody} + end + + test "Ban an invalid token [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:token => "badtoken"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert result == {404, :nobody} + end + + test "Ban token with wrong Admin credentials [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@session_url, headers) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:token => jwt_token} + |> Poison.encode!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "Ban token with wrong Admin credentials [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@session_url, headers) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:token => jwt_token} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "Ban token without token field [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = post("", @url, headers) + + assert {404, :nobody} == result + end +end \ No newline at end of file diff --git a/test/auth/blacklist_user_api_test.exs b/test/auth/blacklist_user_api_test.exs new file mode 100644 index 0000000..01d12a2 --- /dev/null +++ b/test/auth/blacklist_user_api_test.exs @@ -0,0 +1,144 @@ +defmodule Auth.BlacklistUserAPITest do + use POABackend.Ancillary.CommonAPITest + + @url @base_url <> "/blacklist/user" + @session_url @base_url <> "/session" + + test "Ban a user correctly [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@session_url, headers) + + user = Auth.get_user(@user) + + assert Auth.valid_token?(jwt_token) + assert Auth.user_active?(user) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, :nobody} = + %{:user => @user} + |> Poison.encode!() + |> post(@url, headers) + + user = Auth.get_user(@user) + + refute Auth.valid_token?(jwt_token) + refute Auth.user_active?(user) + end + + test "Ban a user correctly [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@session_url, headers) + + user = Auth.get_user(@user) + + assert Auth.valid_token?(jwt_token) + assert Auth.user_active?(user) + + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, :nobody} = + %{:user => @user} + |> Msgpax.pack!() + |> post(@url, headers) + + user = Auth.get_user(@user) + + refute Auth.valid_token?(jwt_token) + refute Auth.user_active?(user) + end + + test "Ban a user who doesn't exist [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:user => "thiUserDoesntexist"} + |> Poison.encode!() + |> post(@url, headers) + + assert result == {404, :nobody} + end + + test "Ban a user who doesn't exist [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:user => "thiUserDoesntexist"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert result == {404, :nobody} + end + + test "Ban user with wrong Admin credentials [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:user => @user} + |> Poison.encode!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "Ban user with wrong Admin credentials [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:user => @user} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "Ban user without user field [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = post("", @url, headers) + + assert {404, :nobody} == result + end +end \ No newline at end of file diff --git a/test/auth/session_api_test.exs b/test/auth/session_api_test.exs new file mode 100644 index 0000000..d931394 --- /dev/null +++ b/test/auth/session_api_test.exs @@ -0,0 +1,116 @@ +defmodule Auth.SessionAPITest do + use POABackend.Ancillary.CommonAPITest + + @url @base_url <> "/session" + + test "get a valid JWT Token with [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@url, headers) + + user = Auth.get_user(@user) + {:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token) + + assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token) + end + + test "get a valid JWT Token with [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> @password)} + ] + + {200, %{"token" => jwt_token}} = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@url, headers) + + user = Auth.get_user(@user) + {:ok, claims} = Auth.Guardian.decode_and_verify(jwt_token) + + assert {:ok, user, claims} == Auth.Guardian.resource_from_token(jwt_token) + end + + test "try with wrong user/password [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "try with wrong user/password [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@user <> ":" <> "wrongpassword")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "try with a user who doesn't exist [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "try with a user who doesn't exist [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64("nonexistinguser" <> ":" <> "password")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "testing an unnexisting endpoint" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type} + ] + + result = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@base_url <> "/thisdoesntexist", headers) + + assert {404, :nobody} == result + end + +end \ No newline at end of file diff --git a/test/auth/user_api_test.exs b/test/auth/user_api_test.exs new file mode 100644 index 0000000..effb01c --- /dev/null +++ b/test/auth/user_api_test.exs @@ -0,0 +1,416 @@ +defmodule Auth.UserAPITest do + use POABackend.Ancillary.CommonAPITest + + @url @base_url <> "/user" + + test "trying to create a user with wrong Admin Credentials [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "trying to create a user with wrong Admin Credentials [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {401, :nobody} == result + end + + test "create a user without credentials [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, %{"user-name" => user_name, "password" => password}} = + %{:'agent-id' => "agentID"} + |> Poison.encode!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create a user without credentials [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, %{"user-name" => user_name, "password" => password}} = + %{:'agent-id' => "agentID"} + |> Msgpax.pack!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create a user with user_name [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + user_name = "newUserName" + + {200, %{"user-name" => ^user_name, "password" => password}} = + %{:'agent-id' => "agentID", :'user-name' => user_name} + |> Poison.encode!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create a user with user_name [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + user_name = "newUserName" + + {200, %{"user-name" => ^user_name, "password" => password}} = + %{:'agent-id' => "agentID", :'user-name' => user_name} + |> Msgpax.pack!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create a user with user_name and password [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + user_name = "newUserName2" + password = "mypasswordfornewuser" + + {200, %{"user-name" => ^user_name, "password" => ^password}} = + %{:'agent-id' => "agentID", + :'user-name' => user_name, + :password => password} + |> Poison.encode!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create a user with user_name and password [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + user_name = "newUserName2" + password = "mypasswordfornewuser" + + {200, %{"user-name" => ^user_name, "password" => ^password}} = + %{:'agent-id' => "agentID", + :'user-name' => user_name, + :password => password} + |> Msgpax.pack!() + |> post(@url, headers) + + assert Auth.authenticate_user(user_name, password) + end + + test "create user which already exists [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:'agent-id' => "agentID", + :'user-name' => @user} + |> Poison.encode!() + |> post(@url, headers) + + assert {409, :nobody} == result + end + + test "create user which already exists [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{:'agent-id' => "agentID", + :'user-name' => @user} + |> Msgpax.pack!() + |> post(@url, headers) + + assert {409, :nobody} == result + end + + test "listing all the users stored" do + headers = [ + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user] = users} = get(@url, headers) + + assert length(users) == 1 # ferigis user is created at the begining of each test + assert initial_user["user"] == "ferigis" + + :ok = create_user("user2", "password2") + + {200, users} = get(@url, headers) + + assert length(users) == 2 + end + + test "listing all the users stored with wrong Admin Credentials" do + headers = [ + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = get(@url, headers) + + assert {401, :nobody} == result + end + + test "deleting a user which exists in the system" do + headers = [ + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user] = users} = get(@url, headers) + + assert length(users) == 1 # ferigis user is created at the begining of each test + assert initial_user["user"] == "ferigis" + + assert {204, :nobody} == delete(@url <> "/ferigis", headers) + + assert {200, []} == get(@url, headers) + end + + test "deleting a user which doern't exist in the system" do + headers = [ + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user] = users} = get(@url, headers) + + assert length(users) == 1 # ferigis user is created at the begining of each test + assert initial_user["user"] == "ferigis" + + assert {404, :nobody} == delete(@url <> "/noexist", headers) + + {200, ^users} = get(@url, headers) + end + + test "deleting a user with wrong admin credentials" do + headers = [ + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + assert {401, :nobody} == delete(@url <> "/ferigis", headers) + end + + test "updating user [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + + result = + %{} + |> Map.put(:active, false) + |> Poison.encode! + |> patch(@url <> "/ferigis", headers) + + assert {204, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + refute initial_user["active"] + + result = + %{} + |> Map.put(:active, true) + |> Poison.encode! + |> patch(@url <> "/ferigis", headers) + + assert {204, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + end + + test "updating user [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + + result = + %{} + |> Map.put(:active, false) + |> Msgpax.pack! + |> patch(@url <> "/ferigis", headers) + + assert {204, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + refute initial_user["active"] + + result = + %{} + |> Map.put(:active, true) + |> Msgpax.pack! + |> patch(@url <> "/ferigis", headers) + + assert {204, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + end + + test "updating user with wrong active value (not boolean) [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + + result = + %{} + |> Map.put(:active, "wrong value") + |> Poison.encode! + |> patch(@url <> "/ferigis", headers) + + assert {422, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + end + + test "updating user with wrong active value (not boolean) [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + + result = + %{} + |> Map.put(:active, "wrong value") + |> Msgpax.pack! + |> patch(@url <> "/ferigis", headers) + + assert {422, :nobody} == result + + {200, [initial_user]} = get(@url, headers) + + assert initial_user["active"] + end + + test "updating user with wrong admin credentials [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{} + |> Map.put(:active, false) + |> Poison.encode! + |> patch(@url <> "/ferigis", headers) + + assert {401, :nobody} == result + end + + test "updating user with wrong admin credentials [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> "wrongpassword")} + ] + + result = + %{} + |> Map.put(:active, false) + |> Msgpax.pack! + |> patch(@url <> "/ferigis", headers) + + assert {401, :nobody} == result + end + + test "updating user who doesn't exist [JSON]" do + mime_type = "application/json" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{} + |> Map.put(:active, true) + |> Poison.encode! + |> patch(@url <> "/unnexistinguser", headers) + + assert {404, :nobody} == result + end + + test "updating user who doesn't exist [MSGPACK]" do + mime_type = "application/msgpack" + headers = [ + {"Content-Type", mime_type}, + {"authorization", "Basic " <> Base.encode64(@admin <> ":" <> @admin_pwd)} + ] + + result = + %{} + |> Map.put(:active, true) + |> Msgpax.pack! + |> patch(@url <> "/unnexistinguser", headers) + + assert {404, :nobody} == result + end +end \ No newline at end of file