Test for existing superadmin user in Principal auth0 group

2018-03-23 16:58:09 -07:00 · 2018-03-23 16:58:09 -07:00 · 1f8cffd23a
parent 326298b35e
commit 1f8cffd23a
1 changed files with 84 additions and 6 deletions
--- a/server/me_test.go
+++ b/server/me_test.go
@ -946,7 +946,7 @@ func TestService_Me(t *testing.T) {
 			wantBody:        `{"name":"secret","roles":[{"name":"member","organization":"0"}],"provider":"auth0","scheme":"oauth2","links":{"self":"/chronograf/v1/organizations/0/users/0"},"organizations":[{"id":"0","name":"The Bad Place","defaultRole":"member"}],"currentOrganization":{"id":"0","name":"The Bad Place","defaultRole":"member"}}`,
 		},
 		{
-			name: "Existing user - Chronograf is not private, user is not SuperAdmin, user is in auth0 superadmin group",
+			name: "Existing user - Chronograf is not private, user doesn't have SuperAdmin status, user is in auth0 superadmin group",
 			args: args{
 				w: httptest.NewRecorder(),
 				r: httptest.NewRequest("GET", "http://example.com/foo", nil),
@ -958,11 +958,7 @@ func TestService_Me(t *testing.T) {
 				},
 				Logger: log.New(log.DebugLevel),
 				ConfigStore: mocks.ConfigStore{
-					Config: &chronograf.Config{
-						Auth: chronograf.AuthConfig{
-							SuperAdminNewUsers: false,
-						},
-					},
+					Config: &chronograf.Config{},
 				},
 				MappingsStore: &mocks.MappingsStore{
 					AllF: func(ctx context.Context) ([]chronograf.Mapping, error) {
@ -1030,6 +1026,88 @@ func TestService_Me(t *testing.T) {
 			wantContentType: "application/json",
 			wantBody:        `{"name":"secret","roles":[{"name":"member","organization":"0"}],"provider":"auth0","scheme":"oauth2","superAdmin":true,"links":{"self":"/chronograf/v1/organizations/0/users/0"},"organizations":[{"id":"0","name":"The Bad Place","defaultRole":"member"}],"currentOrganization":{"id":"0","name":"The Bad Place","defaultRole":"member"}}`,
 		},
+		{
+			name: "Existing user - Chronograf is not private, user has SuperAdmin status, user is in auth0 superadmin group",
+			args: args{
+				w: httptest.NewRecorder(),
+				r: httptest.NewRequest("GET", "http://example.com/foo", nil),
+			},
+			fields: fields{
+				UseAuth: true,
+				SuperAdminProviderGroups: superAdminProviderGroups{
+					auth0: "example",
+				},
+				Logger: log.New(log.DebugLevel),
+				ConfigStore: mocks.ConfigStore{
+					Config: &chronograf.Config{},
+				},
+				MappingsStore: &mocks.MappingsStore{
+					AllF: func(ctx context.Context) ([]chronograf.Mapping, error) {
+						return []chronograf.Mapping{
+							{
+								Organization:         "0",
+								Provider:             chronograf.MappingWildcard,
+								Scheme:               chronograf.MappingWildcard,
+								ProviderOrganization: chronograf.MappingWildcard,
+							},
+						}, nil
+					},
+				},
+				OrganizationsStore: &mocks.OrganizationsStore{
+					GetF: func(ctx context.Context, q chronograf.OrganizationQuery) (*chronograf.Organization, error) {
+						return &chronograf.Organization{
+							ID:          "0",
+							Name:        "The Bad Place",
+							DefaultRole: roles.MemberRoleName,
+						}, nil
+					},
+					DefaultOrganizationF: func(ctx context.Context) (*chronograf.Organization, error) {
+						return &chronograf.Organization{
+							ID:          "0",
+							Name:        "The Bad Place",
+							DefaultRole: roles.MemberRoleName,
+						}, nil
+					},
+				},
+				UsersStore: &mocks.UsersStore{
+					NumF: func(ctx context.Context) (int, error) {
+						// This function gets to verify that there is at least one first user
+						return 1, nil
+					},
+					GetF: func(ctx context.Context, q chronograf.UserQuery) (*chronograf.User, error) {
+						if q.Name == nil || q.Provider == nil || q.Scheme == nil {
+							return nil, fmt.Errorf("Invalid user query: missing Name, Provider, and/or Scheme")
+						}
+						return &chronograf.User{
+							Name:     "secret",
+							Provider: "auth0",
+							Scheme:   "oauth2",
+							Roles: []chronograf.Role{
+								{
+									Name:         roles.MemberRoleName,
+									Organization: "0",
+								},
+							},
+							SuperAdmin: true,
+						}, nil
+					},
+					AddF: func(ctx context.Context, u *chronograf.User) (*chronograf.User, error) {
+						return u, nil
+					},
+					UpdateF: func(ctx context.Context, u *chronograf.User) error {
+						return nil
+					},
+				},
+			},
+			principal: oauth2.Principal{
+				Subject: "secret",
+				Issuer:  "auth0",
+				Group:   "example",
+			},
+			wantStatus:      http.StatusOK,
+			wantContentType: "application/json",
+			wantBody:        `{"name":"secret","roles":[{"name":"member","organization":"0"}],"provider":"auth0","scheme":"oauth2","superAdmin":true,"links":{"self":"/chronograf/v1/organizations/0/users/0"},"organizations":[{"id":"0","name":"The Bad Place","defaultRole":"member"}],"currentOrganization":{"id":"0","name":"The Bad Place","defaultRole":"member"}}`,
+		},
 	}
 	for _, tt := range tests {
 		tt.args.r = tt.args.r.WithContext(context.WithValue(context.Background(), oauth2.PrincipalKey, tt.principal))