Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/server/auth_test.go

1526 lines
43 KiB
Go
Raw Normal View History

Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
package server_test
import (
"context"
"errors"
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
"fmt"
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
"net/http"
"net/http/httptest"
"testing"
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
"github.com/influxdata/chronograf"
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
clog "github.com/influxdata/chronograf/log"
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
"github.com/influxdata/chronograf/mocks"
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
"github.com/influxdata/chronograf/oauth2"
"github.com/influxdata/chronograf/server"
)
func TestAuthorizedToken(t *testing.T) {
var tests = []struct {
Desc string
Code int
Principal oauth2.Principal
ValidateErr error
Expected string
}{
{
Desc: "Error in validate",
Code: http.StatusForbidden,
ValidateErr: errors.New("error"),
},
{
Desc: "Authorized ok",
Code: http.StatusOK,
Principal: oauth2.Principal{
Subject: "Principal Strickland",
},
Expected: "Principal Strickland",
},
}
for _, test := range tests {
// next is a sentinel StatusOK and
// principal recorder.
var principal oauth2.Principal
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
principal = r.Context().Value(oauth2.PrincipalKey).(oauth2.Principal)
})
req, _ := http.NewRequest("GET", "", nil)
w := httptest.NewRecorder()
Move Mock Authenticator into mocks package Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-26 22:46:06 +00:00
a := &mocks.Authenticator{
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
Principal: test.Principal,
ValidateErr: test.ValidateErr,
}
logger := clog.New(clog.DebugLevel)
handler := server.AuthorizedToken(a, logger, next)
handler.ServeHTTP(w, req)
if w.Code != test.Code {
t.Errorf("Status code expected: %d actual %d", test.Code, w.Code)
} else if principal != test.Principal {
t.Errorf("Principal mismatch expected: %s actual %s", test.Principal, principal)
}
}
}
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
func TestAuthorizedUser(t *testing.T) {
type fields struct {
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
UsersStore chronograf.UsersStore
OrganizationsStore chronograf.OrganizationsStore
Logger chronograf.Logger
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}
type args struct {
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal *oauth2.Principal
scheme string
useAuth bool
role string
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}
tests := []struct {
name string
fields fields
args args
authorized bool
}{
{
name: "Not using auth",
fields: fields{
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
UsersStore: &mocks.UsersStore{},
OrganizationsStore: &mocks.OrganizationsStore{},
Logger: clog.New(clog.DebugLevel),
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
args: args{
useAuth: false,
},
authorized: true,
},
{
name: "User with viewer role is viewer authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.ViewerRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "viewer",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with editor role is viewer authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.EditorRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "viewer",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with admin role is viewer authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "viewer",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with viewer role is editor unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.ViewerRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with editor role is editor authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.EditorRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with admin role is editor authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with viewer role is admin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.ViewerRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with editor role is admin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.EditorRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with admin role is admin authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: true,
},
{
name: "User with no role is viewer unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "view",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with no role is editor unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with no role is admin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with unknown role is viewer unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
{
Name: "sweet_role",
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "viewer",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with unknown role is editor unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
{
Name: "sweet_role",
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
{
name: "User with unknown role is admin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Lowercase Provider & Scheme & Role values for consistency The client was being sent lowercase values for Role & Provider, but not Scheme. This change makes all the above lowercase.
2017-10-24 23:17:59 +00:00
Provider: "google",
Scheme: "oauth2",
Use new chonograf.UserStore Get method when needed Refactor tests that were dependent of old implementation of UsersStore
2017-10-18 18:45:33 +00:00
Roles: []chronograf.Role{
{
Name: "sweet_role",
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
},
}, nil
},
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
Logger: clog.New(clog.DebugLevel),
},
args: args{
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: false,
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
{
name: "User with viewer role is SuperAdmin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
{
Name: server.ViewerRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "superadmin",
useAuth: true,
},
authorized: false,
},
{
name: "User with editor role is SuperAdmin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
{
Name: server.EditorRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "superadmin",
useAuth: true,
},
authorized: false,
},
{
name: "User with admin role is SuperAdmin unauthorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
{
Name: server.AdminRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "superadmin",
useAuth: true,
},
authorized: false,
},
{
name: "SuperAdmin is Viewer authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
SuperAdmin: true,
Roles: []chronograf.Role{
{
Name: server.MemberRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "viewer",
useAuth: true,
},
authorized: true,
},
{
name: "SuperAdmin is Editor authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
SuperAdmin: true,
Roles: []chronograf.Role{
{
Name: server.MemberRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "editor",
useAuth: true,
},
authorized: true,
},
{
name: "SuperAdmin is Admin authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
SuperAdmin: true,
Roles: []chronograf.Role{
{
Name: server.MemberRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: true,
},
{
name: "SuperAdmin is SuperAdmin authorized",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
SuperAdmin: true,
Roles: []chronograf.Role{
{
Name: server.MemberRoleName,
Organization: "1337",
},
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Add exhaustive test for AuthorizedUser
2017-11-01 20:38:17 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "superadmin",
useAuth: true,
},
authorized: true,
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
{
name: "Invalid principal principal is nil",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: nil,
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: false,
},
{
name: "Invalid principal - missing organization",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: false,
},
{
name: "Invalid principal - organization id not uint64",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1ee7",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: false,
},
{
name: "Failed to retrieve organization",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
},
}, nil
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
switch *q.ID {
case 1338:
return &chronograf.Organization{
ID: 1338,
Name: "The ShillBillThrilliettas",
}, nil
default:
return nil, chronograf.ErrOrganizationNotFound
}
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billysteve",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
},
authorized: false,
},
{
name: "Failed to retrieve user",
fields: fields{
UsersStore: &mocks.UsersStore{
GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
if q.Name == nil || q.Provider == nil || q.Scheme == nil {
return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
}
switch *q.Name {
case "billysteve":
return &chronograf.User{
ID: 1337,
Name: "billysteve",
Provider: "google",
Scheme: "oauth2",
Roles: []chronograf.Role{
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
{
Name: server.AdminRoleName,
Organization: "1337",
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
},
}, nil
default:
return nil, chronograf.ErrUserNotFound
}
},
},
OrganizationsStore: &mocks.OrganizationsStore{
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
return &chronograf.Organization{
Remove DefaultOrganization Name in tests mock store
2017-11-02 23:41:57 +00:00
ID: 0,
Add default org logic to OrganizationsStore Update resource handlers to appropriate consume default organization IDs
2017-11-02 20:47:45 +00:00
}, nil
},
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
if q.ID == nil {
return nil, fmt.Errorf("Invalid organization query: missing ID")
}
return &chronograf.Organization{
ID: 1337,
Name: "The ShillBillThrilliettas",
}, nil
},
},
Logger: clog.New(clog.DebugLevel),
},
args: args{
principal: &oauth2.Principal{
Subject: "billietta",
Issuer: "google",
Organization: "1337",
},
scheme: "oauth2",
role: "admin",
useAuth: true,
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
},
authorized: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var authorized bool
next := func(w http.ResponseWriter, r *http.Request) {
authorized = true
}
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
fn := server.AuthorizedUser(
Refactor data stores into a common interface
2017-10-31 20:41:17 +00:00
&server.Store{
UsersStore: tt.fields.UsersStore,
OrganizationsStore: tt.fields.OrganizationsStore,
},
Add organization field to principal in auth tests Signed-off-by: Jared Scheib <jared.scheib@gmail.com>
2017-10-27 20:19:43 +00:00
tt.args.useAuth,
tt.args.role,
tt.fields.Logger,
next,
)
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
w := httptest.NewRecorder()
r := httptest.NewRequest(
"GET",
"http://any.url", // can be any valid URL as we are bypassing mux
nil,
)
Test authorized User in the context of Organization Make principal explicit arg in auth tests. Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-27 20:53:16 +00:00
if tt.args.principal == nil {
r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, nil))
} else {
r = r.WithContext(context.WithValue(r.Context(), oauth2.PrincipalKey, *tt.args.principal))
}
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
fn(w, r)
if authorized != tt.authorized {
Set Scheme to be OAuth2 explicitly for all users Add Provider to Users authenticated via /me Signed-off-by: Michael de Sa <mjdesa@gmail.com>
2017-10-19 18:17:40 +00:00
t.Errorf("%q. AuthorizedUser() = %v, expected %v", tt.name, authorized, tt.authorized)
Add AuthorizedUser middleware
2017-10-18 16:35:40 +00:00
}
})
}
}