a simple go tool vanity url server.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

api_test.go 23KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807
  1. package vain
  2. import (
  3. "bytes"
  4. "encoding/json"
  5. "fmt"
  6. "io"
  7. "io/ioutil"
  8. "net/http"
  9. "net/http/httptest"
  10. "net/url"
  11. "strings"
  12. "testing"
  13. "time"
  14. )
  15. const window = 5 * time.Minute
  16. func TestAdd(t *testing.T) {
  17. db, done := TestDB(t)
  18. if db == nil {
  19. t.Fatalf("could not create temp db")
  20. }
  21. defer done()
  22. sm := http.NewServeMux()
  23. NewServer(sm, db, nil, "", window, false)
  24. ts := httptest.NewServer(sm)
  25. tok, err := db.addUser("sm@example.org")
  26. if err != nil {
  27. t.Errorf("failure to add user: %v", err)
  28. }
  29. resp, err := http.Get(ts.URL)
  30. if err != nil {
  31. t.Fatalf("couldn't GET: %v", err)
  32. }
  33. resp.Body.Close()
  34. if got, want := len(db.Pkgs()), 0; got != want {
  35. t.Fatalf("started with something in it; got %d, want %d", got, want)
  36. }
  37. {
  38. bad := ts.URL
  39. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  40. req, err := http.NewRequest("POST", bad, body)
  41. req.Header.Add("Content-Type", "application/json")
  42. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  43. resp, err := http.DefaultClient.Do(req)
  44. if err != nil {
  45. t.Fatalf("couldn't POST: %v", err)
  46. }
  47. if got, want := resp.StatusCode, http.StatusBadRequest; got != want {
  48. buf := &bytes.Buffer{}
  49. io.Copy(buf, resp.Body)
  50. t.Logf("%s", buf.Bytes())
  51. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  52. }
  53. resp.Body.Close()
  54. if got, want := len(db.Pkgs()), 0; got != want {
  55. t.Fatalf("started with something in it; got %d, want %d", got, want)
  56. }
  57. }
  58. {
  59. u := fmt.Sprintf("%s/%s", ts.URL, prefix["pkgs"])
  60. resp, err := http.Get(u)
  61. if err != nil {
  62. t.Error(err)
  63. }
  64. buf := &bytes.Buffer{}
  65. io.Copy(buf, resp.Body)
  66. pkgs := []Package{}
  67. if err := json.NewDecoder(buf).Decode(&pkgs); err != nil {
  68. t.Fatalf("problem parsing json: %v, \n%q", err, buf)
  69. }
  70. if got, want := len(pkgs), 0; got != want {
  71. t.Fatalf("should have empty pkg list; got %d, want %d", got, want)
  72. }
  73. }
  74. {
  75. u := fmt.Sprintf("%s/foo", ts.URL)
  76. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  77. req, err := http.NewRequest("POST", u, body)
  78. req.Header.Add("Content-Type", "application/json")
  79. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  80. resp, err := http.DefaultClient.Do(req)
  81. if err != nil {
  82. t.Fatalf("problem performing request: %v", err)
  83. }
  84. buf := &bytes.Buffer{}
  85. io.Copy(buf, resp.Body)
  86. t.Logf("%v", buf)
  87. resp.Body.Close()
  88. if got, want := len(db.Pkgs()), 1; got != want {
  89. t.Fatalf("pkgs should have something in it; got %d, want %d", got, want)
  90. }
  91. t.Logf("packages: %v", db.Pkgs())
  92. ur, err := url.Parse(ts.URL)
  93. if err != nil {
  94. t.Error(err)
  95. }
  96. good := fmt.Sprintf("%s/foo", ur.Host)
  97. if !db.PackageExists(path(good)) {
  98. t.Fatalf("did not find package for %s; should have posted a valid package", good)
  99. }
  100. p, err := db.Package(good)
  101. t.Logf("%+v", p)
  102. if err != nil {
  103. t.Fatalf("problem getting package: %v", err)
  104. }
  105. if got, want := p.Path, good; got != want {
  106. t.Fatalf("package name did not go through as expected; got %q, want %q", got, want)
  107. }
  108. if got, want := p.Repo, "https://s.mcquay.me/sm/vain"; got != want {
  109. t.Fatalf("repo did not go through as expected; got %q, want %q", got, want)
  110. }
  111. if got, want := p.Vcs, "git"; got != want {
  112. t.Fatalf("Vcs did not go through as expected; got %q, want %q", got, want)
  113. }
  114. }
  115. resp, err = http.Get(ts.URL + "?go-get=1")
  116. if err != nil {
  117. t.Fatalf("couldn't GET: %v", err)
  118. }
  119. defer resp.Body.Close()
  120. if want := http.StatusOK; resp.StatusCode != want {
  121. t.Fatalf("Should have succeeded to fetch /; got %s, want %s", resp.Status, http.StatusText(want))
  122. }
  123. buf := &bytes.Buffer{}
  124. if _, err := io.Copy(buf, resp.Body); err != nil {
  125. t.Fatalf("couldn't read content from server: %v", err)
  126. }
  127. if got, want := strings.Count(buf.String(), "<meta"), 1; got != want {
  128. t.Fatalf("did not find all the tags I need; got %d, want %d", got, want)
  129. }
  130. {
  131. u := fmt.Sprintf("%s/%s", ts.URL, prefix["pkgs"])
  132. resp, err := http.Get(u)
  133. if err != nil {
  134. t.Error(err)
  135. }
  136. buf := &bytes.Buffer{}
  137. io.Copy(buf, resp.Body)
  138. pkgs := []Package{}
  139. if err := json.NewDecoder(buf).Decode(&pkgs); err != nil {
  140. t.Fatalf("problem parsing json: %v, \n%q", err, buf)
  141. }
  142. if got, want := len(pkgs), 1; got != want {
  143. t.Fatalf("should (mildly) populated pkg list; got %d, want %d", got, want)
  144. }
  145. }
  146. }
  147. func TestInvalidPath(t *testing.T) {
  148. db, done := TestDB(t)
  149. if db == nil {
  150. t.Fatalf("could not create temp db")
  151. }
  152. defer done()
  153. sm := http.NewServeMux()
  154. NewServer(sm, db, nil, "", window, false)
  155. ts := httptest.NewServer(sm)
  156. tok, err := db.addUser("sm@example.org")
  157. if err != nil {
  158. t.Errorf("failure to add user: %v", err)
  159. }
  160. bad := ts.URL
  161. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  162. req, err := http.NewRequest("POST", bad, body)
  163. req.Header.Add("Content-Type", "application/json")
  164. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  165. resp, err := http.DefaultClient.Do(req)
  166. if err != nil {
  167. t.Fatalf("couldn't POST: %v", err)
  168. }
  169. if len(db.Pkgs()) != 0 {
  170. t.Fatalf("should have failed to insert; got %d, want %d", len(db.Pkgs()), 0)
  171. }
  172. if got, want := resp.StatusCode, http.StatusBadRequest; got != want {
  173. t.Fatalf("should have failed to post at bad route; got %s, want %s", http.StatusText(got), http.StatusText(want))
  174. }
  175. }
  176. func TestCannotDuplicateExistingPath(t *testing.T) {
  177. db, done := TestDB(t)
  178. if db == nil {
  179. t.Fatalf("could not create temp db")
  180. }
  181. defer done()
  182. sm := http.NewServeMux()
  183. NewServer(sm, db, nil, "", window, false)
  184. ts := httptest.NewServer(sm)
  185. tok, err := db.addUser("sm@example.org")
  186. if err != nil {
  187. t.Errorf("failure to add user: %v", err)
  188. }
  189. u := fmt.Sprintf("%s/foo", ts.URL)
  190. {
  191. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  192. req, err := http.NewRequest("POST", u, body)
  193. req.Header.Add("Content-Type", "application/json")
  194. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  195. resp, err := http.DefaultClient.Do(req)
  196. if err != nil {
  197. t.Fatalf("couldn't POST: %v", err)
  198. }
  199. if want := http.StatusOK; resp.StatusCode != want {
  200. t.Fatalf("initial post should have worked; got %s, want %s", resp.Status, http.StatusText(want))
  201. }
  202. }
  203. {
  204. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  205. req, err := http.NewRequest("POST", u, body)
  206. req.Header.Add("Content-Type", "application/json")
  207. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  208. resp, err := http.DefaultClient.Do(req)
  209. if err != nil {
  210. t.Fatalf("couldn't POST: %v", err)
  211. }
  212. if want := http.StatusConflict; resp.StatusCode != want {
  213. t.Fatalf("initial post should have worked; got %s, want %s", resp.Status, http.StatusText(want))
  214. }
  215. }
  216. }
  217. func TestCannotAddExistingSubPath(t *testing.T) {
  218. db, done := TestDB(t)
  219. if db == nil {
  220. t.Fatalf("could not create temp db")
  221. }
  222. defer done()
  223. sm := http.NewServeMux()
  224. NewServer(sm, db, nil, "", window, false)
  225. ts := httptest.NewServer(sm)
  226. tok, err := db.addUser("sm@example.org")
  227. if err != nil {
  228. t.Errorf("failure to add user: %v", err)
  229. }
  230. {
  231. u := fmt.Sprintf("%s/foo/bar", ts.URL)
  232. t.Logf("url: %v", u)
  233. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  234. req, err := http.NewRequest("POST", u, body)
  235. req.Header.Add("Content-Type", "application/json")
  236. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  237. resp, err := http.DefaultClient.Do(req)
  238. if err != nil {
  239. t.Fatalf("couldn't POST: %v", err)
  240. }
  241. if want := http.StatusOK; resp.StatusCode != want {
  242. t.Fatalf("initial post should have worked; got %s, want %s", resp.Status, http.StatusText(want))
  243. }
  244. }
  245. {
  246. u := fmt.Sprintf("%s/foo", ts.URL)
  247. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  248. req, err := http.NewRequest("POST", u, body)
  249. req.Header.Add("Content-Type", "application/json")
  250. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  251. resp, err := http.DefaultClient.Do(req)
  252. if err != nil {
  253. t.Fatalf("couldn't POST: %v", err)
  254. }
  255. if want := http.StatusConflict; resp.StatusCode != want {
  256. t.Fatalf("initial post should have worked; got %s, want %s", resp.Status, http.StatusText(want))
  257. }
  258. }
  259. }
  260. func TestMissingRepo(t *testing.T) {
  261. db, done := TestDB(t)
  262. if db == nil {
  263. t.Fatalf("could not create temp db")
  264. }
  265. defer done()
  266. sm := http.NewServeMux()
  267. NewServer(sm, db, nil, "", window, false)
  268. ts := httptest.NewServer(sm)
  269. tok, err := db.addUser("sm@example.org")
  270. if err != nil {
  271. t.Errorf("failure to add user: %v", err)
  272. }
  273. u := fmt.Sprintf("%s/foo", ts.URL)
  274. body := strings.NewReader(`{}`)
  275. req, err := http.NewRequest("POST", u, body)
  276. req.Header.Add("Content-Type", "application/json")
  277. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  278. resp, err := http.DefaultClient.Do(req)
  279. if err != nil {
  280. t.Fatalf("couldn't POST: %v", err)
  281. }
  282. if len(db.Pkgs()) != 0 {
  283. t.Fatalf("should have failed to insert; got %d, want %d", len(db.Pkgs()), 0)
  284. }
  285. if want := http.StatusBadRequest; resp.StatusCode != want {
  286. t.Fatalf("should have failed to post with bad payload; got %s, want %s", resp.Status, http.StatusText(want))
  287. }
  288. }
  289. func TestBadJson(t *testing.T) {
  290. db, done := TestDB(t)
  291. if db == nil {
  292. t.Fatalf("could not create temp db")
  293. }
  294. defer done()
  295. sm := http.NewServeMux()
  296. NewServer(sm, db, nil, "", window, false)
  297. ts := httptest.NewServer(sm)
  298. tok, err := db.addUser("sm@example.org")
  299. if err != nil {
  300. t.Errorf("failure to add user: %v", err)
  301. }
  302. u := fmt.Sprintf("%s/foo", ts.URL)
  303. body := strings.NewReader(`{`)
  304. req, err := http.NewRequest("POST", u, body)
  305. req.Header.Add("Content-Type", "application/json")
  306. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  307. resp, err := http.DefaultClient.Do(req)
  308. if err != nil {
  309. t.Fatalf("couldn't POST: %v", err)
  310. }
  311. if len(db.Pkgs()) != 0 {
  312. t.Fatalf("should have failed to insert; got %d, want %d", len(db.Pkgs()), 0)
  313. }
  314. if want := http.StatusBadRequest; resp.StatusCode != want {
  315. t.Fatalf("should have failed to post at bad route; got %s, want %s", resp.Status, http.StatusText(want))
  316. }
  317. }
  318. func TestNoAuth(t *testing.T) {
  319. db, done := TestDB(t)
  320. if db == nil {
  321. t.Fatalf("could not create temp db")
  322. }
  323. defer done()
  324. sm := http.NewServeMux()
  325. NewServer(sm, db, nil, "", window, false)
  326. ts := httptest.NewServer(sm)
  327. u := fmt.Sprintf("%s/foo", ts.URL)
  328. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  329. req, err := http.NewRequest("POST", u, body)
  330. req.Header.Add("Content-Type", "application/json")
  331. // here we don't set the Authorization header
  332. // req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  333. resp, err := http.DefaultClient.Do(req)
  334. if err != nil {
  335. t.Fatalf("couldn't POST: %v", err)
  336. }
  337. resp.Body.Close()
  338. if got, want := resp.StatusCode, http.StatusUnauthorized; got != want {
  339. t.Fatalf("posted with missing auth; got %v, want %v", http.StatusText(got), http.StatusText(want))
  340. }
  341. }
  342. func TestBadVcs(t *testing.T) {
  343. db, done := TestDB(t)
  344. if db == nil {
  345. t.Fatalf("could not create temp db")
  346. }
  347. defer done()
  348. sm := http.NewServeMux()
  349. NewServer(sm, db, nil, "", window, false)
  350. ts := httptest.NewServer(sm)
  351. tok, err := db.addUser("sm@example.org")
  352. if err != nil {
  353. t.Errorf("failure to add user: %v", err)
  354. }
  355. u := fmt.Sprintf("%s/foo", ts.URL)
  356. body := strings.NewReader(`{"vcs": "bitbucket", "repo": "https://s.mcquay.me/sm/vain"}`)
  357. req, err := http.NewRequest("POST", u, body)
  358. req.Header.Add("Content-Type", "application/json")
  359. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  360. resp, err := http.DefaultClient.Do(req)
  361. if err != nil {
  362. t.Fatalf("couldn't POST: %v", err)
  363. }
  364. resp.Body.Close()
  365. if got, want := resp.StatusCode, http.StatusBadRequest; got != want {
  366. t.Fatalf("should have reported bad vcs specified; got %v, want %v", http.StatusText(got), http.StatusText(want))
  367. }
  368. }
  369. func TestUnsupportedMethod(t *testing.T) {
  370. db, done := TestDB(t)
  371. if db == nil {
  372. t.Fatalf("could not create temp db")
  373. }
  374. defer done()
  375. sm := http.NewServeMux()
  376. NewServer(sm, db, nil, "", window, false)
  377. ts := httptest.NewServer(sm)
  378. tok, err := db.addUser("sm@example.org")
  379. if err != nil {
  380. t.Errorf("failure to add user: %v", err)
  381. }
  382. url := fmt.Sprintf("%s/foo", ts.URL)
  383. client := &http.Client{}
  384. req, err := http.NewRequest("PUT", url, nil)
  385. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  386. resp, err := client.Do(req)
  387. if err != nil {
  388. t.Fatalf("couldn't POST: %v", err)
  389. }
  390. if len(db.Pkgs()) != 0 {
  391. t.Fatalf("should have failed to insert; got %d, want %d", len(db.Pkgs()), 0)
  392. }
  393. if want := http.StatusMethodNotAllowed; resp.StatusCode != want {
  394. t.Fatalf("should have failed to post at bad route; got %s, want %s", resp.Status, http.StatusText(want))
  395. }
  396. }
  397. func TestDelete(t *testing.T) {
  398. db, done := TestDB(t)
  399. if db == nil {
  400. t.Fatalf("could not create temp db")
  401. }
  402. defer done()
  403. sm := http.NewServeMux()
  404. NewServer(sm, db, nil, "", window, false)
  405. ts := httptest.NewServer(sm)
  406. tok, err := db.addUser("sm@example.org")
  407. if err != nil {
  408. t.Errorf("failure to add user: %v", err)
  409. }
  410. t.Logf("%v", tok)
  411. if len(db.Pkgs()) != 0 {
  412. t.Fatalf("started with something in it; got %d, want %d", len(db.Pkgs()), 0)
  413. }
  414. u := fmt.Sprintf("%s/foo", ts.URL)
  415. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  416. req, err := http.NewRequest("POST", u, body)
  417. req.Header.Add("Content-Type", "application/json")
  418. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  419. resp, err := http.DefaultClient.Do(req)
  420. if err != nil {
  421. t.Fatalf("couldn't POST: %v", err)
  422. }
  423. if got, want := len(db.Pkgs()), 1; got != want {
  424. t.Fatalf("pkgs should have something in it; got %d, want %d", got, want)
  425. }
  426. {
  427. // test not found
  428. u := fmt.Sprintf("%s/bar", ts.URL)
  429. client := &http.Client{}
  430. req, err := http.NewRequest("DELETE", u, nil)
  431. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  432. resp, err = client.Do(req)
  433. if err != nil {
  434. t.Fatalf("couldn't POST: %v", err)
  435. }
  436. if got, want := resp.StatusCode, http.StatusNotFound; got != want {
  437. t.Fatalf("should have not been able to delete unknown package; got %v, want %v", http.StatusText(got), http.StatusText(want))
  438. }
  439. }
  440. {
  441. client := &http.Client{}
  442. req, err := http.NewRequest("DELETE", u, nil)
  443. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  444. resp, err = client.Do(req)
  445. if err != nil {
  446. t.Fatalf("couldn't POST: %v", err)
  447. }
  448. if got, want := len(db.Pkgs()), 0; got != want {
  449. t.Fatalf("pkgs should be empty; got %d, want %d", got, want)
  450. }
  451. }
  452. }
  453. func TestSingleGet(t *testing.T) {
  454. db, done := TestDB(t)
  455. if db == nil {
  456. t.Fatalf("could not create temp db")
  457. }
  458. defer done()
  459. sm := http.NewServeMux()
  460. NewServer(sm, db, nil, "", window, true)
  461. ts := httptest.NewServer(sm)
  462. tok, err := db.addUser("sm@example.org")
  463. if err != nil {
  464. t.Errorf("failure to add user: %v", err)
  465. }
  466. ns := namespace("foo")
  467. if err := db.NSForToken(ns, tok); err != nil {
  468. t.Fatalf("could not initialize namespace %q for user %q: %v", ns, tok, err)
  469. }
  470. p := Package{
  471. Vcs: "git",
  472. Repo: "https://example.org/foo",
  473. Path: fmt.Sprintf("%s/foo/bar", strings.TrimPrefix(ts.URL, "http://")),
  474. Ns: ns,
  475. }
  476. if err := db.AddPackage(p); err != nil {
  477. t.Fatalf("couldn't add package %v: %v", p, err)
  478. }
  479. {
  480. // expected failure
  481. resp, err := http.Get(ts.URL + "/bleh/blah?go-get=1")
  482. if err != nil {
  483. t.Fatalf("problem getting route: %v", err)
  484. }
  485. if got, want := resp.StatusCode, http.StatusNotFound; got != want {
  486. t.Fatalf("should have failed to GET unknown route; got %s, want %s", http.StatusText(got), http.StatusText(want))
  487. }
  488. }
  489. {
  490. url := ts.URL + "/foo/bar?go-get=1"
  491. resp, err := http.Get(url)
  492. if err != nil {
  493. t.Fatalf("problem getting route: %v", err)
  494. }
  495. if got, want := resp.StatusCode, http.StatusOK; got != want {
  496. t.Fatalf("should have failed to GET unknown route; got %s, want %s", http.StatusText(got), http.StatusText(want))
  497. }
  498. }
  499. }
  500. func TestRegister(t *testing.T) {
  501. db, done := TestDB(t)
  502. if db == nil {
  503. t.Fatalf("could not create temp db")
  504. }
  505. defer done()
  506. sm := http.NewServeMux()
  507. mm := &mockMail{}
  508. NewServer(sm, db, mm, "", window, true)
  509. ts := httptest.NewServer(sm)
  510. u := fmt.Sprintf("%s%s", ts.URL, prefix["register"])
  511. req, err := http.NewRequest("POST", u, nil)
  512. resp, err := http.DefaultClient.Do(req)
  513. if err != nil {
  514. t.Fatalf("couldn't POST: %v", err)
  515. }
  516. if status := resp.StatusCode; status != http.StatusBadRequest {
  517. t.Fatalf("handler returned wrong status code: got %v want %v",
  518. status, http.StatusBadRequest)
  519. }
  520. u = fmt.Sprintf("%s%s?email=notARealEmail", ts.URL, prefix["register"])
  521. req, err = http.NewRequest("POST", u, nil)
  522. resp, err = http.DefaultClient.Do(req)
  523. if err != nil {
  524. t.Fatalf("couldn't POST: %v", err)
  525. }
  526. if status := resp.StatusCode; status != http.StatusBadRequest {
  527. t.Fatalf("handler returned wrong status code: got %v want %v",
  528. status, http.StatusBadRequest)
  529. }
  530. u = fmt.Sprintf("%s%s?email=fake@example.com", ts.URL, prefix["register"])
  531. req, err = http.NewRequest("POST", u, nil)
  532. _, err = http.DefaultClient.Do(req)
  533. if err != nil {
  534. t.Fatalf("couldn't POST: %v", err)
  535. }
  536. req, err = http.NewRequest("GET", mm.msg, nil)
  537. _, err = http.DefaultClient.Do(req)
  538. if err != nil {
  539. t.Fatalf("couldn't POST: %v", err)
  540. }
  541. _, err = db.user("fake@example.com")
  542. if err != nil {
  543. t.Fatalf("user was no correctly added to database: %v", err)
  544. }
  545. }
  546. func TestRoundTrip(t *testing.T) {
  547. db, done := TestDB(t)
  548. if db == nil {
  549. t.Fatalf("could not create temp db")
  550. }
  551. defer done()
  552. sm := http.NewServeMux()
  553. mm := &mockMail{}
  554. NewServer(sm, db, mm, "", window, true)
  555. ts := httptest.NewServer(sm)
  556. u := fmt.Sprintf("%s%s?email=fake@example.com", ts.URL, prefix["register"])
  557. req, err := http.NewRequest("POST", u, nil)
  558. resp, err := http.DefaultClient.Do(req)
  559. if err != nil {
  560. t.Fatalf("couldn't POST: %v", err)
  561. }
  562. if got, want := resp.StatusCode, http.StatusOK; got != want {
  563. buf := &bytes.Buffer{}
  564. io.Copy(buf, resp.Body)
  565. t.Logf("%s", buf.Bytes())
  566. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  567. }
  568. req, err = http.NewRequest("GET", mm.msg, nil)
  569. resp, err = http.DefaultClient.Do(req)
  570. if err != nil {
  571. t.Fatalf("couldn't POST: %v", err)
  572. }
  573. if got, want := resp.StatusCode, http.StatusOK; got != want {
  574. buf := &bytes.Buffer{}
  575. io.Copy(buf, resp.Body)
  576. t.Logf("%s", buf.Bytes())
  577. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  578. }
  579. _, err = db.user("fake@example.com")
  580. if err != nil {
  581. t.Fatalf("user was no correctly added to database: %v", err)
  582. }
  583. bs, err := ioutil.ReadAll(resp.Body)
  584. if err != nil {
  585. t.Fatalf("Failed to parse response body: %v", err)
  586. }
  587. tok := strings.TrimSpace(strings.TrimPrefix(string(bs), "new token: "))
  588. u = fmt.Sprintf("%s/foo", ts.URL)
  589. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  590. req, err = http.NewRequest("POST", u, body)
  591. req.Header.Add("Content-Type", "application/json")
  592. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", tok))
  593. resp, err = http.DefaultClient.Do(req)
  594. if err != nil {
  595. t.Fatalf("couldn't POST: %v", err)
  596. }
  597. if got, want := resp.StatusCode, http.StatusOK; got != want {
  598. buf := &bytes.Buffer{}
  599. io.Copy(buf, resp.Body)
  600. t.Logf("%s", buf.Bytes())
  601. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  602. }
  603. if got, want := len(db.Pkgs()), 1; got != want {
  604. t.Fatalf("pkgs should have something in it; got %d, want %d", got, want)
  605. }
  606. }
  607. func TestForgot(t *testing.T) {
  608. db, done := TestDB(t)
  609. if db == nil {
  610. t.Fatalf("could not create temp db")
  611. }
  612. defer done()
  613. sm := http.NewServeMux()
  614. mm := &mockMail{}
  615. NewServer(sm, db, mm, "", window, true)
  616. ts := httptest.NewServer(sm)
  617. //try to do forget before user is added
  618. u := fmt.Sprintf("%s%s?email=fake@example.com", ts.URL, prefix["forgot"])
  619. req, err := http.NewRequest("POST", u, nil)
  620. resp, err := http.DefaultClient.Do(req)
  621. if err != nil {
  622. t.Fatalf("couldn't POST: %v", err)
  623. }
  624. if status := resp.StatusCode; status != http.StatusNotFound {
  625. buf := &bytes.Buffer{}
  626. io.Copy(buf, resp.Body)
  627. t.Logf("%s", buf.Bytes())
  628. t.Fatalf("handler returned wrong status code: got %v want %v",
  629. status, http.StatusBadRequest)
  630. }
  631. u = fmt.Sprintf("%s%s?email=notARealEmail", ts.URL, prefix["forgot"])
  632. req, err = http.NewRequest("POST", u, nil)
  633. resp, err = http.DefaultClient.Do(req)
  634. if err != nil {
  635. t.Fatalf("couldn't POST: %v", err)
  636. }
  637. if status := resp.StatusCode; status != http.StatusBadRequest {
  638. buf := &bytes.Buffer{}
  639. io.Copy(buf, resp.Body)
  640. t.Logf("%s", buf.Bytes())
  641. t.Fatalf("handler returned wrong status code: got %v want %v",
  642. status, http.StatusBadRequest)
  643. }
  644. //register a new user
  645. u = fmt.Sprintf("%s%s?email=fake@example.com", ts.URL, prefix["register"])
  646. req, err = http.NewRequest("POST", u, nil)
  647. _, err = http.DefaultClient.Do(req)
  648. if err != nil {
  649. t.Fatalf("couldn't POST: %v", err)
  650. }
  651. req, err = http.NewRequest("GET", mm.msg, nil)
  652. resp, err = http.DefaultClient.Do(req)
  653. if err != nil {
  654. t.Fatalf("couldn't POST: %v", err)
  655. }
  656. if got, want := resp.StatusCode, http.StatusOK; got != want {
  657. buf := &bytes.Buffer{}
  658. io.Copy(buf, resp.Body)
  659. t.Logf("%s", buf.Bytes())
  660. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  661. }
  662. //check database for new user
  663. _, err = db.user("fake@example.com")
  664. if err != nil {
  665. t.Fatalf("user was no correctly added to database: %v", err)
  666. }
  667. bs, err := ioutil.ReadAll(resp.Body)
  668. if err != nil {
  669. t.Fatalf("Failed to parse response body: %v", err)
  670. }
  671. iniTok := strings.TrimPrefix(string(bs), "new token: ")
  672. //get new token for user (using forgot)
  673. u = fmt.Sprintf("%s%s?email=fake@example.com", ts.URL, prefix["forgot"])
  674. req, err = http.NewRequest("POST", u, nil)
  675. _, err = http.DefaultClient.Do(req)
  676. if err != nil {
  677. t.Fatalf("couldn't POST: %v", err)
  678. }
  679. req, err = http.NewRequest("GET", mm.msg, nil)
  680. resp, err = http.DefaultClient.Do(req)
  681. if err != nil {
  682. t.Fatalf("couldn't POST: %v", err)
  683. }
  684. if got, want := resp.StatusCode, http.StatusOK; got != want {
  685. buf := &bytes.Buffer{}
  686. io.Copy(buf, resp.Body)
  687. t.Logf("%s", buf.Bytes())
  688. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  689. }
  690. ft, err := ioutil.ReadAll(resp.Body)
  691. if err != nil {
  692. t.Fatalf("Failed to parse response body: %v", err)
  693. }
  694. recTok := strings.TrimSpace(strings.TrimPrefix(string(ft), "new token: "))
  695. if iniTok == recTok {
  696. t.Fatalf("tokens should not be the same; old token %s, new token %s", iniTok, recTok)
  697. }
  698. //add new pkg using new token
  699. u = fmt.Sprintf("%s/bar", ts.URL)
  700. body := strings.NewReader(`{"repo": "https://s.mcquay.me/sm/vain"}`)
  701. req, err = http.NewRequest("POST", u, body)
  702. req.Header.Add("Content-Type", "application/json")
  703. req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", recTok))
  704. resp, err = http.DefaultClient.Do(req)
  705. if err != nil {
  706. t.Fatalf("couldn't POST: %v", err)
  707. }
  708. if got, want := resp.StatusCode, http.StatusOK; got != want {
  709. buf := &bytes.Buffer{}
  710. io.Copy(buf, resp.Body)
  711. t.Logf("%s", buf.Bytes())
  712. t.Fatalf("bad request got incorrect status: got %d, want %d", got, want)
  713. }
  714. if got, want := len(db.Pkgs()), 1; got != want {
  715. t.Fatalf("pkgs should have something in it; got %d, want %d", got, want)
  716. }
  717. }