From 7d769eeee67def2bf4d9b151f5cbf25f2030bf23 Mon Sep 17 00:00:00 2001 From: AhsanFarooqDev Date: Tue, 2 Jul 2024 09:34:47 +0500 Subject: [PATCH 1/5] Write AddUserRoles UT --- handlers/workspaces.go | 10 +- handlers/workspaces_test.go | 207 ++++++++++++++++++++++++++++++++++++ routes/workspaces.go | 2 +- 3 files changed, 213 insertions(+), 6 deletions(-) diff --git a/handlers/workspaces.go b/handlers/workspaces.go index 0ebc142d0..0ad6316bb 100644 --- a/handlers/workspaces.go +++ b/handlers/workspaces.go @@ -338,7 +338,7 @@ func GetBountyRoles(w http.ResponseWriter, r *http.Request) { json.NewEncoder(w).Encode(roles) } -func AddUserRoles(w http.ResponseWriter, r *http.Request) { +func (oh *workspaceHandler) AddUserRoles(w http.ResponseWriter, r *http.Request) { ctx := r.Context() pubKeyFromAuth, _ := ctx.Value(auth.ContextKey).(string) uuid := chi.URLParam(r, "uuid") @@ -376,7 +376,7 @@ func AddUserRoles(w http.ResponseWriter, r *http.Request) { } // if not the orgnization admin - hasRole := db.UserHasAccess(pubKeyFromAuth, uuid, db.AddRoles) + hasRole := oh.userHasAccess(pubKeyFromAuth, uuid, db.AddRoles) isUser := db.CheckUser(roles, pubKeyFromAuth) if isUser { @@ -415,7 +415,7 @@ func AddUserRoles(w http.ResponseWriter, r *http.Request) { } // check if the user has the role he his trying to add to another user - okUser := db.UserHasAccess(pubKeyFromAuth, uuid, role.Role) + okUser := oh.userHasAccess(pubKeyFromAuth, uuid, role.Role) // if the user does not have any of the roles he wants to add return an error if !okUser { w.WriteHeader(http.StatusUnauthorized) @@ -429,7 +429,7 @@ func AddUserRoles(w http.ResponseWriter, r *http.Request) { } // check if user already exists - userExists := db.DB.GetWorkspaceUser(user, uuid) + userExists := oh.db.GetWorkspaceUser(user, uuid) // if not the workspace admin if userExists.OwnerPubKey != user || userExists.WorkspaceUuid != uuid { @@ -438,7 +438,7 @@ func AddUserRoles(w http.ResponseWriter, r *http.Request) { return } - db.DB.CreateUserRoles(insertRoles, uuid, user) + oh.db.CreateUserRoles(insertRoles, uuid, user) w.WriteHeader(http.StatusOK) json.NewEncoder(w).Encode(insertRoles) diff --git a/handlers/workspaces_test.go b/handlers/workspaces_test.go index e804de044..f39e35cbb 100644 --- a/handlers/workspaces_test.go +++ b/handlers/workspaces_test.go @@ -5,6 +5,7 @@ import ( "context" "encoding/json" "fmt" + "github.com/stretchr/testify/require" "math/rand" "net/http" "net/http/httptest" @@ -650,6 +651,212 @@ func TestGetWorkspaceBountiesCount(t *testing.T) { func TestAddUserRoles(t *testing.T) { + teardownSuite := SetupSuite(t) + defer teardownSuite(t) + + oHandler := NewWorkspaceHandler(db.TestDB) + + person := db.Person{ + Uuid: "uuid", + OwnerAlias: "alias", + UniqueName: "unique_name", + OwnerPubKey: "pubkey", + PriceToMeet: 0, + Description: "description", + } + + person2 := db.Person{ + Uuid: "uuid2", + OwnerAlias: "alias2", + UniqueName: "unique_name2", + OwnerPubKey: "pubkey2", + PriceToMeet: 0, + Description: "description2", + } + db.TestDB.CreateOrEditPerson(person) + db.TestDB.CreateOrEditPerson(person2) + + workspace := db.Workspace{ + Uuid: "workspace_uuid", + Name: "workspace_name", + OwnerPubKey: person2.OwnerPubKey, + Github: "gtihub", + Website: "website", + Description: "description", + } + db.TestDB.CreateOrEditWorkspace(workspace) + + userRoles := []db.WorkspaceUserRoles{ + { + WorkspaceUuid: workspace.Uuid, + OwnerPubKey: person2.OwnerPubKey, + Role: "ADD BOUNTY", + }, + } + + workspaceUser := db.WorkspaceUsers{ + OwnerPubKey: person2.OwnerPubKey, + OrgUuid: workspace.Uuid, + WorkspaceUuid: workspace.Uuid, + } + + db.TestDB.CreateWorkspaceUser(workspaceUser) + + t.Run("Should test that when an unauthorized user hits the endpoint it returns a 401 error", func(t *testing.T) { + workspaceUUID := workspace.Uuid + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspaceUUID) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(context.Background(), chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspaceUUID+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusUnauthorized, rr.Code) + }) + + t.Run("Should test that if a user or uuid parameters are not passed it returns a 401 error", func(t *testing.T) { + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", "") + rctx.URLParams.Add("user", "") + req, err := http.NewRequestWithContext(context.WithValue(context.Background(), chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+""+"/"+"", bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusUnauthorized, rr.Code) + }) + + t.Run("Should test that when a wrong body data is sent to the endpoint it returns a 406 error", func(t *testing.T) { + workspaceUUID := workspace.Uuid + + InvalidJson := []byte(`{"key": "value"`) + requestBody, _ := json.Marshal(InvalidJson) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspaceUUID) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(context.Background(), chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspaceUUID+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusNotAcceptable, rr.Code) + }) + + t.Run("Should test that if a user is not the creator of the workspace or does not have an ADD USER ROLE it returns a 401 error", func(t *testing.T) { + workspaceUUID := workspace.Uuid + + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return false + } + oHandler.userHasAccess = handlerUserHasAccess + userRoles[0].OwnerPubKey = person.OwnerPubKey + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspaceUUID) + rctx.URLParams.Add("user", person.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(context.Background(), chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspaceUUID+"/"+person.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusUnauthorized, rr.Code) + }) + + t.Run("Should test that when the pubkey from URL param does not match the pubkey from JWT AUTH claims it returns a 401 error", func(t *testing.T) { + workspaceUUID := workspace.Uuid + + ctx := context.WithValue(context.Background(), auth.ContextKey, "mismatching_pubkey") + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspaceUUID) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspaceUUID+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusUnauthorized, rr.Code) + }) + + t.Run("Should test that if user doesn't exists in workspace it returns a 401 error", func(t *testing.T) { + workspaceUUID := workspace.Uuid + + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return true + } + oHandler.userHasAccess = handlerUserHasAccess + ctx := context.WithValue(context.Background(), auth.ContextKey, workspace.OwnerPubKey) + + userRoles[0].OwnerPubKey = person.OwnerPubKey + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspaceUUID) + rctx.URLParams.Add("user", person.OwnerPubKey) + + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspaceUUID+"/"+person.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + assert.Equal(t, http.StatusUnauthorized, rr.Code) + }) + + t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return true + } + oHandler.userHasAccess = handlerUserHasAccess + + ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspace.Uuid) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) + fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + t.Log("Response code:", rr.Code, "Response body:", rr.Body.String()) + assert.Equal(t, http.StatusOK, rr.Code) + assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) + + require.NotEmpty(t, fetchedUserRole, "No roles fetched for user %s in workspace %s", person2.OwnerPubKey, workspace.Uuid) + + assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) + + }) + } func TestGetUserRoles(t *testing.T) { diff --git a/routes/workspaces.go b/routes/workspaces.go index 0ef5f511c..345337788 100644 --- a/routes/workspaces.go +++ b/routes/workspaces.go @@ -27,7 +27,7 @@ func WorkspaceRoutes() chi.Router { r.Post("/", workspaceHandlers.CreateOrEditWorkspace) r.Post("/users/{uuid}", handlers.CreateWorkspaceUser) r.Delete("/users/{uuid}", handlers.DeleteWorkspaceUser) - r.Post("/users/role/{uuid}/{user}", handlers.AddUserRoles) + r.Post("/users/role/{uuid}/{user}", workspaceHandlers.AddUserRoles) r.Get("/foruser/{uuid}", handlers.GetWorkspaceUser) r.Get("/bounty/roles", handlers.GetBountyRoles) From ca4771bc70a71d7a49a08376702779795fd877b2 Mon Sep 17 00:00:00 2001 From: AhsanFarooqDev Date: Tue, 2 Jul 2024 09:45:06 +0500 Subject: [PATCH 2/5] Write AddUserRoles UT resolved --- handlers/workspaces_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/handlers/workspaces_test.go b/handlers/workspaces_test.go index f39e35cbb..f5b726d1e 100644 --- a/handlers/workspaces_test.go +++ b/handlers/workspaces_test.go @@ -687,7 +687,7 @@ func TestAddUserRoles(t *testing.T) { db.TestDB.CreateOrEditWorkspace(workspace) userRoles := []db.WorkspaceUserRoles{ - { + db.WorkspaceUserRoles{ WorkspaceUuid: workspace.Uuid, OwnerPubKey: person2.OwnerPubKey, Role: "ADD BOUNTY", From ce2dcaa49ecd1e011b8f020eba585d4e3386731b Mon Sep 17 00:00:00 2001 From: AhsanFarooqDev Date: Tue, 2 Jul 2024 09:50:43 +0500 Subject: [PATCH 3/5] Write AddUserRoles UT resolved --- handlers/workspaces_test.go | 64 ++++++++++++++++++------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/handlers/workspaces_test.go b/handlers/workspaces_test.go index f5b726d1e..f511d3093 100644 --- a/handlers/workspaces_test.go +++ b/handlers/workspaces_test.go @@ -702,6 +702,38 @@ func TestAddUserRoles(t *testing.T) { db.TestDB.CreateWorkspaceUser(workspaceUser) + t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return true + } + oHandler.userHasAccess = handlerUserHasAccess + + ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspace.Uuid) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) + fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + t.Log("Response code:", rr.Code, "Response body:", rr.Body.String()) + assert.Equal(t, http.StatusOK, rr.Code) + assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) + + require.NotEmpty(t, fetchedUserRole, "No roles fetched for user %s in workspace %s", person2.OwnerPubKey, workspace.Uuid) + + assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) + + }) + t.Run("Should test that when an unauthorized user hits the endpoint it returns a 401 error", func(t *testing.T) { workspaceUUID := workspace.Uuid @@ -825,38 +857,6 @@ func TestAddUserRoles(t *testing.T) { assert.Equal(t, http.StatusUnauthorized, rr.Code) }) - t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { - handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { - return true - } - oHandler.userHasAccess = handlerUserHasAccess - - ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") - - requestBody, _ := json.Marshal(userRoles) - rctx := chi.NewRouteContext() - rctx.URLParams.Add("uuid", workspace.Uuid) - rctx.URLParams.Add("user", person2.OwnerPubKey) - req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) - if err != nil { - t.Fatal(err) - } - - fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) - fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) - - rr := httptest.NewRecorder() - http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) - t.Log("Response code:", rr.Code, "Response body:", rr.Body.String()) - assert.Equal(t, http.StatusOK, rr.Code) - assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) - - require.NotEmpty(t, fetchedUserRole, "No roles fetched for user %s in workspace %s", person2.OwnerPubKey, workspace.Uuid) - - assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) - - }) - } func TestGetUserRoles(t *testing.T) { From c4f64995465cbe61099c3d451915b085ff9ea94e Mon Sep 17 00:00:00 2001 From: AhsanFarooqDev Date: Tue, 2 Jul 2024 10:07:31 +0500 Subject: [PATCH 4/5] Write AddUserRoles UT fixed --- handlers/workspaces_test.go | 68 +++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 36 deletions(-) diff --git a/handlers/workspaces_test.go b/handlers/workspaces_test.go index f511d3093..7e1180940 100644 --- a/handlers/workspaces_test.go +++ b/handlers/workspaces_test.go @@ -5,7 +5,6 @@ import ( "context" "encoding/json" "fmt" - "github.com/stretchr/testify/require" "math/rand" "net/http" "net/http/httptest" @@ -657,7 +656,7 @@ func TestAddUserRoles(t *testing.T) { oHandler := NewWorkspaceHandler(db.TestDB) person := db.Person{ - Uuid: "uuid", + Uuid: uuid.New().String(), OwnerAlias: "alias", UniqueName: "unique_name", OwnerPubKey: "pubkey", @@ -666,7 +665,7 @@ func TestAddUserRoles(t *testing.T) { } person2 := db.Person{ - Uuid: "uuid2", + Uuid: uuid.New().String(), OwnerAlias: "alias2", UniqueName: "unique_name2", OwnerPubKey: "pubkey2", @@ -677,7 +676,7 @@ func TestAddUserRoles(t *testing.T) { db.TestDB.CreateOrEditPerson(person2) workspace := db.Workspace{ - Uuid: "workspace_uuid", + Uuid: uuid.New().String(), Name: "workspace_name", OwnerPubKey: person2.OwnerPubKey, Github: "gtihub", @@ -702,38 +701,6 @@ func TestAddUserRoles(t *testing.T) { db.TestDB.CreateWorkspaceUser(workspaceUser) - t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { - handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { - return true - } - oHandler.userHasAccess = handlerUserHasAccess - - ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") - - requestBody, _ := json.Marshal(userRoles) - rctx := chi.NewRouteContext() - rctx.URLParams.Add("uuid", workspace.Uuid) - rctx.URLParams.Add("user", person2.OwnerPubKey) - req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) - if err != nil { - t.Fatal(err) - } - - fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) - fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) - - rr := httptest.NewRecorder() - http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) - t.Log("Response code:", rr.Code, "Response body:", rr.Body.String()) - assert.Equal(t, http.StatusOK, rr.Code) - assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) - - require.NotEmpty(t, fetchedUserRole, "No roles fetched for user %s in workspace %s", person2.OwnerPubKey, workspace.Uuid) - - assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) - - }) - t.Run("Should test that when an unauthorized user hits the endpoint it returns a 401 error", func(t *testing.T) { workspaceUUID := workspace.Uuid @@ -857,6 +824,35 @@ func TestAddUserRoles(t *testing.T) { assert.Equal(t, http.StatusUnauthorized, rr.Code) }) + t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return true + } + oHandler.userHasAccess = handlerUserHasAccess + + ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspace.Uuid) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) + assert.Equal(t, http.StatusOK, rr.Code) + assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) + assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) + + }) + } func TestGetUserRoles(t *testing.T) { From 9ade66905f4bb31e3a82443ef3d2112c3fea7e95 Mon Sep 17 00:00:00 2001 From: AhsanFarooqDev Date: Tue, 2 Jul 2024 10:11:48 +0500 Subject: [PATCH 5/5] Write AddUserRoles UT fixed --- handlers/workspaces_test.go | 58 ++++++++++++++++++------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/handlers/workspaces_test.go b/handlers/workspaces_test.go index 7e1180940..9ddcd1fbb 100644 --- a/handlers/workspaces_test.go +++ b/handlers/workspaces_test.go @@ -701,6 +701,35 @@ func TestAddUserRoles(t *testing.T) { db.TestDB.CreateWorkspaceUser(workspaceUser) + t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { + handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { + return true + } + oHandler.userHasAccess = handlerUserHasAccess + + ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") + + requestBody, _ := json.Marshal(userRoles) + rctx := chi.NewRouteContext() + rctx.URLParams.Add("uuid", workspace.Uuid) + rctx.URLParams.Add("user", person2.OwnerPubKey) + req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) + if err != nil { + t.Fatal(err) + } + + fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) + + rr := httptest.NewRecorder() + http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) + + fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) + assert.Equal(t, http.StatusOK, rr.Code) + assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) + assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) + + }) + t.Run("Should test that when an unauthorized user hits the endpoint it returns a 401 error", func(t *testing.T) { workspaceUUID := workspace.Uuid @@ -824,35 +853,6 @@ func TestAddUserRoles(t *testing.T) { assert.Equal(t, http.StatusUnauthorized, rr.Code) }) - t.Run("Should test that when the right conditions are met a user can be added to a workspace", func(t *testing.T) { - handlerUserHasAccess := func(pubKeyFromAuth string, uuid string, role string) bool { - return true - } - oHandler.userHasAccess = handlerUserHasAccess - - ctx := context.WithValue(context.Background(), auth.ContextKey, "pub-key") - - requestBody, _ := json.Marshal(userRoles) - rctx := chi.NewRouteContext() - rctx.URLParams.Add("uuid", workspace.Uuid) - rctx.URLParams.Add("user", person2.OwnerPubKey) - req, err := http.NewRequestWithContext(context.WithValue(ctx, chi.RouteCtxKey, rctx), http.MethodPost, "/users/role/"+workspace.Uuid+"/"+person2.OwnerPubKey, bytes.NewReader(requestBody)) - if err != nil { - t.Fatal(err) - } - - fetchedWorkspaceUser := db.TestDB.GetWorkspaceUser(person2.OwnerPubKey, workspace.Uuid) - - rr := httptest.NewRecorder() - http.HandlerFunc(oHandler.AddUserRoles).ServeHTTP(rr, req) - - fetchedUserRole := db.TestDB.GetUserRoles(workspace.Uuid, person2.OwnerPubKey) - assert.Equal(t, http.StatusOK, rr.Code) - assert.Equal(t, person2.OwnerPubKey, fetchedWorkspaceUser.OwnerPubKey) - assert.Equal(t, userRoles[0].Role, fetchedUserRole[0].Role) - - }) - } func TestGetUserRoles(t *testing.T) {