summaryrefslogtreecommitdiff
path: root/internal/api/auth/authorize_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/api/auth/authorize_test.go')
-rw-r--r--internal/api/auth/authorize_test.go118
1 files changed, 118 insertions, 0 deletions
diff --git a/internal/api/auth/authorize_test.go b/internal/api/auth/authorize_test.go
new file mode 100644
index 000000000..ff65d041b
--- /dev/null
+++ b/internal/api/auth/authorize_test.go
@@ -0,0 +1,118 @@
+package auth_test
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+ "testing"
+ "time"
+
+ "github.com/gin-contrib/sessions"
+ "github.com/stretchr/testify/suite"
+ "github.com/superseriousbusiness/gotosocial/internal/api/auth"
+ "github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+ "github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+type AuthAuthorizeTestSuite struct {
+ AuthStandardTestSuite
+}
+
+type authorizeHandlerTestCase struct {
+ description string
+ mutateUserAccount func(*gtsmodel.User, *gtsmodel.Account) []string
+ expectedStatusCode int
+ expectedLocationHeader string
+}
+
+func (suite *AuthAuthorizeTestSuite) TestAccountAuthorizeHandler() {
+ tests := []authorizeHandlerTestCase{
+ {
+ description: "user has their email unconfirmed",
+ mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+ user.ConfirmedAt = time.Time{}
+ return []string{"confirmed_at"}
+ },
+ expectedStatusCode: http.StatusSeeOther,
+ expectedLocationHeader: "/auth" + auth.AuthCheckYourEmailPath,
+ },
+ {
+ description: "user has their email confirmed but is not approved",
+ mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+ user.ConfirmedAt = time.Now()
+ user.Email = user.UnconfirmedEmail
+ return []string{"confirmed_at", "email"}
+ },
+ expectedStatusCode: http.StatusSeeOther,
+ expectedLocationHeader: "/auth" + auth.AuthWaitForApprovalPath,
+ },
+ {
+ description: "user has their email confirmed and is approved, but User entity has been disabled",
+ mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+ user.ConfirmedAt = time.Now()
+ user.Email = user.UnconfirmedEmail
+ user.Approved = testrig.TrueBool()
+ user.Disabled = testrig.TrueBool()
+ return []string{"confirmed_at", "email", "approved", "disabled"}
+ },
+ expectedStatusCode: http.StatusSeeOther,
+ expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
+ },
+ {
+ description: "user has their email confirmed and is approved, but Account entity has been suspended",
+ mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+ user.ConfirmedAt = time.Now()
+ user.Email = user.UnconfirmedEmail
+ user.Approved = testrig.TrueBool()
+ user.Disabled = testrig.FalseBool()
+ account.SuspendedAt = time.Now()
+ return []string{"confirmed_at", "email", "approved", "disabled"}
+ },
+ expectedStatusCode: http.StatusSeeOther,
+ expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
+ },
+ }
+
+ doTest := func(testCase authorizeHandlerTestCase) {
+ ctx, recorder := suite.newContext(http.MethodGet, auth.OauthAuthorizePath, nil, "")
+
+ user := &gtsmodel.User{}
+ account := &gtsmodel.Account{}
+
+ *user = *suite.testUsers["unconfirmed_account"]
+ *account = *suite.testAccounts["unconfirmed_account"]
+
+ testSession := sessions.Default(ctx)
+ testSession.Set(sessionUserID, user.ID)
+ testSession.Set(sessionClientID, suite.testApplications["application_1"].ClientID)
+ if err := testSession.Save(); err != nil {
+ panic(fmt.Errorf("failed on case %s: %w", testCase.description, err))
+ }
+
+ columns := testCase.mutateUserAccount(user, account)
+
+ testCase.description = fmt.Sprintf("%s, %t, %s", user.Email, *user.Disabled, account.SuspendedAt)
+
+ err := suite.db.UpdateUser(context.Background(), user, columns...)
+ suite.NoError(err)
+ err = suite.db.UpdateAccount(context.Background(), account)
+ suite.NoError(err)
+
+ // call the handler
+ suite.authModule.AuthorizeGETHandler(ctx)
+
+ // 1. we should have a redirect
+ suite.Equal(testCase.expectedStatusCode, recorder.Code, fmt.Sprintf("failed on case: %s", testCase.description))
+
+ // 2. we should have a redirect to the check your email path, as this user has not confirmed their email yet.
+ suite.Equal(testCase.expectedLocationHeader, recorder.Header().Get("Location"), fmt.Sprintf("failed on case: %s", testCase.description))
+ }
+
+ for _, testCase := range tests {
+ doTest(testCase)
+ }
+}
+
+func TestAccountUpdateTestSuite(t *testing.T) {
+ suite.Run(t, new(AuthAuthorizeTestSuite))
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-12 23:40:11 +0000