2022-11-29 20:22:39 +00:00
|
|
|
package web_test
|
|
|
|
|
|
|
|
import (
|
|
|
|
main "h4kor/owl-blogs/cmd/owl/web"
|
|
|
|
"h4kor/owl-blogs/test/assertions"
|
2022-12-04 18:03:09 +00:00
|
|
|
"h4kor/owl-blogs/test/mocks"
|
|
|
|
"io"
|
2022-11-29 20:22:39 +00:00
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"net/url"
|
|
|
|
"strconv"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
)
|
|
|
|
|
2022-12-04 18:03:09 +00:00
|
|
|
type CountMockHttpClient struct {
|
|
|
|
InvokedGet int
|
|
|
|
InvokedPost int
|
|
|
|
InvokedPostForm int
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CountMockHttpClient) Get(url string) (resp *http.Response, err error) {
|
|
|
|
c.InvokedGet++
|
|
|
|
return &http.Response{}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CountMockHttpClient) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
|
|
|
|
c.InvokedPost++
|
|
|
|
return &http.Response{}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CountMockHttpClient) PostForm(url string, data url.Values) (resp *http.Response, err error) {
|
|
|
|
c.InvokedPostForm++
|
|
|
|
return &http.Response{}, nil
|
|
|
|
}
|
|
|
|
|
2022-11-29 20:22:39 +00:00
|
|
|
func TestLoginWrongPassword(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("password", "wrongpassword")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorLoginUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
// check redirect to login page
|
|
|
|
|
|
|
|
assertions.AssertNotEqual(t, rr.Header().Get("Location"), user.EditorUrl())
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestLoginCorrectPassword(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("password", "testpassword")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorLoginUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
// check redirect to login page
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorUrl())
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEditorWithoutSession(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
user.CreateNewSession()
|
|
|
|
|
|
|
|
req, err := http.NewRequest("GET", user.EditorUrl(), nil)
|
|
|
|
// req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl())
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEditorWithSession(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
sessionId := user.CreateNewSession()
|
|
|
|
|
|
|
|
req, err := http.NewRequest("GET", user.EditorUrl(), nil)
|
|
|
|
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusOK)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEditorPostWithoutSession(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
user.CreateNewSession()
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("type", "article")
|
|
|
|
form.Add("title", "testtitle")
|
|
|
|
form.Add("content", "testcontent")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl())
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEditorPostWithSession(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
sessionId := user.CreateNewSession()
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("type", "article")
|
|
|
|
form.Add("title", "testtitle")
|
|
|
|
form.Add("content", "testcontent")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
posts, _ := user.AllPosts()
|
|
|
|
assertions.AssertEqual(t, len(posts), 1)
|
|
|
|
post := posts[0]
|
|
|
|
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, rr.Header().Get("Location"), post.FullUrl())
|
|
|
|
}
|
2022-12-01 18:18:39 +00:00
|
|
|
|
|
|
|
func TestEditorPostWithSessionNote(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
sessionId := user.CreateNewSession()
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("type", "note")
|
|
|
|
form.Add("content", "testcontent")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
posts, _ := user.AllPosts()
|
|
|
|
assertions.AssertEqual(t, len(posts), 1)
|
|
|
|
post := posts[0]
|
|
|
|
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, rr.Header().Get("Location"), post.FullUrl())
|
|
|
|
}
|
2022-12-04 18:03:09 +00:00
|
|
|
|
|
|
|
func TestEditorSendsWebmentions(t *testing.T) {
|
|
|
|
repo, user := getSingleUserTestRepo()
|
|
|
|
repo.HttpClient = &CountMockHttpClient{}
|
|
|
|
repo.Parser = &mocks.MockHtmlParser{}
|
|
|
|
user.ResetPassword("testpassword")
|
|
|
|
|
|
|
|
mentioned_post, _ := user.CreateNewPost("test", false)
|
|
|
|
|
|
|
|
sessionId := user.CreateNewSession()
|
|
|
|
|
|
|
|
csrfToken := "test_csrf_token"
|
|
|
|
|
|
|
|
// Create Request and Response
|
|
|
|
form := url.Values{}
|
|
|
|
form.Add("type", "note")
|
|
|
|
form.Add("content", "[test]("+mentioned_post.FullUrl()+")")
|
|
|
|
form.Add("csrf_token", csrfToken)
|
|
|
|
|
|
|
|
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
|
|
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
|
|
|
|
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
|
|
|
|
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
|
|
|
|
assertions.AssertNoError(t, err, "Error creating request")
|
|
|
|
rr := httptest.NewRecorder()
|
|
|
|
router := main.SingleUserRouter(&repo)
|
|
|
|
router.ServeHTTP(rr, req)
|
|
|
|
|
|
|
|
posts, _ := user.AllPosts()
|
|
|
|
assertions.AssertEqual(t, len(posts), 2)
|
|
|
|
post := posts[0]
|
|
|
|
assertions.AssertLen(t, post.OutgoingWebmentions(), 1)
|
|
|
|
assertions.AssertStatus(t, rr, http.StatusFound)
|
|
|
|
assertions.AssertEqual(t, repo.HttpClient.(*CountMockHttpClient).InvokedPostForm, 1)
|
|
|
|
|
|
|
|
}
|