owl-blogs/cmd/owl/web/editor_test.go

185 lines
6.0 KiB
Go

package web_test
import (
main "h4kor/owl-blogs/cmd/owl/web"
"h4kor/owl-blogs/test/assertions"
"net/http"
"net/http/httptest"
"net/url"
"strconv"
"strings"
"testing"
)
func TestLoginWrongPassword(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
csrfToken := "test_csrf_token"
// Create Request and Response
form := url.Values{}
form.Add("password", "wrongpassword")
form.Add("csrf_token", csrfToken)
req, err := http.NewRequest("POST", user.EditorLoginUrl(), strings.NewReader(form.Encode()))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
// check redirect to login page
assertions.AssertNotEqual(t, rr.Header().Get("Location"), user.EditorUrl())
}
func TestLoginCorrectPassword(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
csrfToken := "test_csrf_token"
// Create Request and Response
form := url.Values{}
form.Add("password", "testpassword")
form.Add("csrf_token", csrfToken)
req, err := http.NewRequest("POST", user.EditorLoginUrl(), strings.NewReader(form.Encode()))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
// check redirect to login page
assertions.AssertStatus(t, rr, http.StatusFound)
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorUrl())
}
func TestEditorWithoutSession(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
user.CreateNewSession()
req, err := http.NewRequest("GET", user.EditorUrl(), nil)
// req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
assertions.AssertStatus(t, rr, http.StatusFound)
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl())
}
func TestEditorWithSession(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
sessionId := user.CreateNewSession()
req, err := http.NewRequest("GET", user.EditorUrl(), nil)
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
assertions.AssertStatus(t, rr, http.StatusOK)
}
func TestEditorPostWithoutSession(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
user.CreateNewSession()
csrfToken := "test_csrf_token"
// Create Request and Response
form := url.Values{}
form.Add("type", "article")
form.Add("title", "testtitle")
form.Add("content", "testcontent")
form.Add("csrf_token", csrfToken)
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
assertions.AssertStatus(t, rr, http.StatusFound)
assertions.AssertEqual(t, rr.Header().Get("Location"), user.EditorLoginUrl())
}
func TestEditorPostWithSession(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
sessionId := user.CreateNewSession()
csrfToken := "test_csrf_token"
// Create Request and Response
form := url.Values{}
form.Add("type", "article")
form.Add("title", "testtitle")
form.Add("content", "testcontent")
form.Add("csrf_token", csrfToken)
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
posts, _ := user.AllPosts()
assertions.AssertEqual(t, len(posts), 1)
post := posts[0]
assertions.AssertStatus(t, rr, http.StatusFound)
assertions.AssertEqual(t, rr.Header().Get("Location"), post.FullUrl())
}
func TestEditorPostWithSessionNote(t *testing.T) {
repo, user := getSingleUserTestRepo()
user.ResetPassword("testpassword")
sessionId := user.CreateNewSession()
csrfToken := "test_csrf_token"
// Create Request and Response
form := url.Values{}
form.Add("type", "note")
form.Add("content", "testcontent")
form.Add("csrf_token", csrfToken)
req, err := http.NewRequest("POST", user.EditorUrl(), strings.NewReader(form.Encode()))
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
req.Header.Add("Content-Length", strconv.Itoa(len(form.Encode())))
req.AddCookie(&http.Cookie{Name: "csrf_token", Value: csrfToken})
req.AddCookie(&http.Cookie{Name: "session", Value: sessionId})
assertions.AssertNoError(t, err, "Error creating request")
rr := httptest.NewRecorder()
router := main.SingleUserRouter(&repo)
router.ServeHTTP(rr, req)
posts, _ := user.AllPosts()
assertions.AssertEqual(t, len(posts), 1)
post := posts[0]
assertions.AssertStatus(t, rr, http.StatusFound)
assertions.AssertEqual(t, rr.Header().Get("Location"), post.FullUrl())
}