X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=test%2Fplugs%2Fauthentication_plug_test.exs;h=9d6c2cd70dcb05241937beaf7fed6d13af960b74;hb=3ca853fb6165b82c39f23e24783e813015db48d5;hp=3f2f769e73e1125ce13d5d425c004db252894306;hpb=e32dbfc9a5477830dba7bf3e99621161e4454a29;p=akkoma diff --git a/test/plugs/authentication_plug_test.exs b/test/plugs/authentication_plug_test.exs index 3f2f769e7..9d6c2cd70 100644 --- a/test/plugs/authentication_plug_test.exs +++ b/test/plugs/authentication_plug_test.exs @@ -2,17 +2,24 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do use Pleroma.Web.ConnCase, async: true alias Pleroma.Plugs.AuthenticationPlug + alias Pleroma.User defp fetch_nil(_name) do {:ok, nil} end - @user %{ + @user %User{ id: 1, name: "dude", password_hash: Comeonin.Pbkdf2.hashpwsalt("guy") } + @session_opts [ + store: :cookie, + key: "_test", + signing_salt: "cooldude" + ] + defp fetch_user(_name) do {:ok, @user} end @@ -23,14 +30,20 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do describe "without an authorization header" do test "it halts the application" do - conn = build_conn() |> AuthenticationPlug.call(%{}) + conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session + |> AuthenticationPlug.call(%{}) assert conn.status == 403 assert conn.halted == true end test "it assigns a nil user if the 'optional' option is used" do - conn = build_conn() |> AuthenticationPlug.call(%{optional: true}) + conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session + |> AuthenticationPlug.call(%{optional: true}) assert %{ user: nil } == conn.assigns end @@ -40,6 +53,8 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do test "it halts the application" do conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1}) assert conn.status == 403 @@ -49,6 +64,8 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do test "it assigns a nil user if the 'optional' option is used" do conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 }) assert %{ user: nil } == conn.assigns @@ -65,6 +82,8 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) @@ -82,6 +101,8 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do conn = build_conn() + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) @@ -90,7 +111,7 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do end describe "with a correct authorization header for an existing user" do - test "it assigns the user" do + test "it assigns the user", %{conn: conn} do opts = %{ optional: true, fetcher: &fetch_user/1 @@ -98,13 +119,48 @@ defmodule Pleroma.Plugs.AuthenticationPlugTest do header = basic_auth_enc("dude", "guy") - conn = - build_conn() + conn = conn + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session + |> put_req_header("authorization", header) + |> AuthenticationPlug.call(opts) + + assert %{ user: @user } == conn.assigns + assert get_session(conn, :user_id) == @user.id + assert conn.halted == false + end + end + + describe "with a user_id in the session for an existing user" do + test "it assigns the user", %{conn: conn} do + opts = %{ + optional: true, + fetcher: &fetch_user/1 + } + + header = basic_auth_enc("dude", "THIS IS WRONG") + + conn = conn + |> Plug.Session.call(Plug.Session.init(@session_opts)) + |> fetch_session + |> put_session(:user_id, @user.id) |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) assert %{ user: @user } == conn.assigns + assert get_session(conn, :user_id) == @user.id assert conn.halted == false end end + + describe "with an assigned user" do + test "it does nothing, returning the incoming conn", %{conn: conn} do + conn = conn + |> assign(:user, @user) + + conn_result = AuthenticationPlug.call(conn, %{}) + + assert conn == conn_result + end + end end