| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 | package auth_test
import (
	"context"
	"fmt"
	"net/http"
	"testing"
	"time"
	"github.com/gin-contrib/sessions"
	"github.com/stretchr/testify/suite"
	"github.com/superseriousbusiness/gotosocial/internal/api/client/auth"
	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
)
type AuthAuthorizeTestSuite struct {
	AuthStandardTestSuite
}
type authorizeHandlerTestCase struct {
	description            string
	mutateUserAccount      func(*gtsmodel.User, *gtsmodel.Account)
	expectedStatusCode     int
	expectedLocationHeader string
}
func (suite *AuthAuthorizeTestSuite) TestAccountAuthorizeHandler() {
	tests := []authorizeHandlerTestCase{
		{
			description: "user has their email unconfirmed",
			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
				// nothing to do, weed_lord420 already has their email unconfirmed
			},
			expectedStatusCode:     http.StatusSeeOther,
			expectedLocationHeader: auth.CheckYourEmailPath,
		},
		{
			description: "user has their email confirmed but is not approved",
			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
				user.ConfirmedAt = time.Now()
				user.Email = user.UnconfirmedEmail
			},
			expectedStatusCode:     http.StatusSeeOther,
			expectedLocationHeader: auth.WaitForApprovalPath,
		},
		{
			description: "user has their email confirmed and is approved, but User entity has been disabled",
			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
				user.ConfirmedAt = time.Now()
				user.Email = user.UnconfirmedEmail
				user.Approved = true
				user.Disabled = true
			},
			expectedStatusCode:     http.StatusSeeOther,
			expectedLocationHeader: auth.AccountDisabledPath,
		},
		{
			description: "user has their email confirmed and is approved, but Account entity has been suspended",
			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
				user.ConfirmedAt = time.Now()
				user.Email = user.UnconfirmedEmail
				user.Approved = true
				user.Disabled = false
				account.SuspendedAt = time.Now()
			},
			expectedStatusCode:     http.StatusSeeOther,
			expectedLocationHeader: auth.AccountDisabledPath,
		},
	}
	doTest := func(testCase authorizeHandlerTestCase) {
		ctx, recorder := suite.newContext(http.MethodGet, auth.OauthAuthorizePath, nil, "")
		user := suite.testUsers["unconfirmed_account"]
		account := suite.testAccounts["unconfirmed_account"]
		testSession := sessions.Default(ctx)
		testSession.Set(sessionUserID, user.ID)
		testSession.Set(sessionClientID, suite.testApplications["application_1"].ClientID)
		if err := testSession.Save(); err != nil {
			panic(fmt.Errorf("failed on case %s: %w", testCase.description, err))
		}
		testCase.mutateUserAccount(user, account)
		testCase.description = fmt.Sprintf("%s, %t, %s", user.Email, user.Disabled, account.SuspendedAt)
		user.UpdatedAt = time.Now()
		err := suite.db.UpdateByPrimaryKey(context.Background(), user)
		suite.NoError(err)
		_, err = suite.db.UpdateAccount(context.Background(), account)
		suite.NoError(err)
		// call the handler
		suite.authModule.AuthorizeGETHandler(ctx)
		// 1. we should have a redirect
		suite.Equal(testCase.expectedStatusCode, recorder.Code, fmt.Sprintf("failed on case: %s", testCase.description))
		// 2. we should have a redirect to the check your email path, as this user has not confirmed their email yet.
		suite.Equal(testCase.expectedLocationHeader, recorder.Header().Get("Location"), fmt.Sprintf("failed on case: %s", testCase.description))
	}
	for _, testCase := range tests {
		doTest(testCase)
	}
}
func TestAccountUpdateTestSuite(t *testing.T) {
	suite.Run(t, new(AuthAuthorizeTestSuite))
}
 |