107 lines
2.9 KiB
Go
107 lines
2.9 KiB
Go
|
package admin
|
||
|
|
|
||
|
|
import (
|
||
|
|
"bytes"
|
||
|
|
"context"
|
||
|
|
"encoding/json"
|
||
|
|
"fmt"
|
||
|
|
"net/http"
|
||
|
|
"net/http/httptest"
|
||
|
|
"testing"
|
||
|
|
)
|
||
|
|
|
||
|
|
func TestHandleAdminResetPassword(t *testing.T) {
|
||
|
|
a, db := setupTestAdmin(t)
|
||
|
|
defer db.Close()
|
||
|
|
|
||
|
|
targetUser, _ := a.Store.CreateUser(context.Background(), "forgetful@ranch.com", "Forgetful Fred", "old_hash", "RangeHand")
|
||
|
|
|
||
|
|
payload := map[string]string{
|
||
|
|
"new_password": "BrandNewSecurePassword123!",
|
||
|
|
}
|
||
|
|
body, _ := json.Marshal(payload)
|
||
|
|
|
||
|
|
targetURL := fmt.Sprintf("/api/admin/users/%d/reset-password", targetUser.ID)
|
||
|
|
req := httptest.NewRequest(http.MethodPatch, targetURL, bytes.NewBuffer(body))
|
||
|
|
|
||
|
|
req.SetPathValue("id", fmt.Sprintf("%d", targetUser.ID))
|
||
|
|
req.Header.Set("Content-Type", "application/json")
|
||
|
|
|
||
|
|
rr := httptest.NewRecorder()
|
||
|
|
a.HandleAdminResetPassword(rr, req)
|
||
|
|
|
||
|
|
if rr.Code != http.StatusOK {
|
||
|
|
t.Fatalf("Expected 200 OK, got %d. Body: %s", rr.Code, rr.Body.String())
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestHandleUpdateUserRole(t *testing.T) {
|
||
|
|
a, db := setupTestAdmin(t)
|
||
|
|
defer db.Close()
|
||
|
|
|
||
|
|
_, _ = a.Store.CreateUser(context.Background(), "boss@ranch.com", "The Boss", "hash", "Sheriff")
|
||
|
|
targetUser, _ := a.Store.CreateUser(context.Background(), "rookie@ranch.com", "Rookie Ray", "hash", "RangeHand")
|
||
|
|
|
||
|
|
payload := map[string]string{
|
||
|
|
"global_role": "Wrangler",
|
||
|
|
}
|
||
|
|
body, _ := json.Marshal(payload)
|
||
|
|
|
||
|
|
targetURL := fmt.Sprintf("/api/admin/users/%d/role", targetUser.ID)
|
||
|
|
req := httptest.NewRequest(http.MethodPatch, targetURL, bytes.NewBuffer(body))
|
||
|
|
|
||
|
|
req.AddCookie(GetVIPCookie(a.Store))
|
||
|
|
req.SetPathValue("id", fmt.Sprintf("%d", targetUser.ID))
|
||
|
|
req.Header.Set("Content-Type", "application/json")
|
||
|
|
|
||
|
|
rr := httptest.NewRecorder()
|
||
|
|
a.HandleUpdateUserRole(rr, req)
|
||
|
|
|
||
|
|
if rr.Code != http.StatusOK {
|
||
|
|
t.Fatalf("Expected 200 OK, got %d. Body: %s", rr.Code, rr.Body.String())
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestHandleCreateUser_SheriffInvite(t *testing.T) {
|
||
|
|
a, db := setupTestAdmin(t)
|
||
|
|
defer db.Close()
|
||
|
|
|
||
|
|
payload := map[string]string{
|
||
|
|
"email": "magistrate@ranch.com",
|
||
|
|
"full_name": "Mighty Magistrate",
|
||
|
|
"password": "TempPassword123!",
|
||
|
|
"global_role": "Magistrate",
|
||
|
|
}
|
||
|
|
body, _ := json.Marshal(payload)
|
||
|
|
req := httptest.NewRequest(http.MethodPost, "/api/admin/users", bytes.NewBuffer(body))
|
||
|
|
|
||
|
|
req.AddCookie(GetVIPCookie(a.Store))
|
||
|
|
req.Header.Set("Content-Type", "application/json")
|
||
|
|
rr := httptest.NewRecorder()
|
||
|
|
a.HandleCreateUser(rr, req)
|
||
|
|
if rr.Code != http.StatusCreated {
|
||
|
|
t.Fatalf("Expected 201 Created, got %d. Body: %s", rr.Code, rr.Body.String())
|
||
|
|
}
|
||
|
|
|
||
|
|
var count int
|
||
|
|
db.QueryRow(`SELECT COUNT(*) FROM users WHERE email = 'magistrate@ranch.com'`).Scan(&count)
|
||
|
|
if count != 1 {
|
||
|
|
t.Errorf("Expected user to be created in the database")
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestHandleGetUsers(t *testing.T) {
|
||
|
|
a, db := setupTestAdmin(t)
|
||
|
|
defer db.Close()
|
||
|
|
|
||
|
|
req := httptest.NewRequest(http.MethodGet, "/api/admin/users", nil)
|
||
|
|
|
||
|
|
req.AddCookie(GetVIPCookie(a.Store))
|
||
|
|
|
||
|
|
rr := httptest.NewRecorder()
|
||
|
|
a.HandleGetUsers(rr, req)
|
||
|
|
if rr.Code != http.StatusOK {
|
||
|
|
t.Fatalf("Expected 200 OK, got %d. Body: %s", rr.Code, rr.Body.String())
|
||
|
|
}
|
||
|
|
}
|