RiskRancher/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

First release of open core

Browse Source
This commit is contained in:
t
2026-04-02 10:57:36 -04:00
parent 1c94f12d1c
commit 084c1321fc
101 changed files with 8812 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
pkg/datastore/auth_db_test.go Normal file
View File

@@ -0,0 +1,73 @@
package datastore
import (
"context"
"testing"
"time"
)
func TestUserAndSessionLifecycle(t *testing.T) {
store := setupTestDB(t)
defer store.DB.Close()
_, err := store.DB.Exec(`
CREATE TABLE users (id INTEGER PRIMARY KEY AUTOINCREMENT, email TEXT UNIQUE, full_name TEXT, password_hash TEXT, global_role TEXT, is_active BOOLEAN DEFAULT 1);
CREATE TABLE sessions (session_token TEXT PRIMARY KEY, user_id INTEGER, expires_at DATETIME);
`)
ctx := context.Background()
user, err := store.CreateUser(ctx, "admin@RiskRancher.com", "doc", "fake_bcrypt_hash", "Admin")
if err != nil {
t.Fatalf("Failed to create user: %v", err)
}
if user.ID == 0 {
t.Errorf("Expected database to return a valid auto-incremented ID, got 0")
}
_, err = store.CreateUser(ctx, "admin@RiskRancher.com", "doc", "another_hash", "Analyst")
if err == nil {
t.Fatalf("Security Failure: Database allowed a duplicate email address!")
}
fetchedUser, err := store.GetUserByEmail(ctx, "admin@RiskRancher.com")
if err != nil {
t.Fatalf("Failed to fetch user by email: %v", err)
}
if fetchedUser.GlobalRole != "Admin" {
t.Errorf("Expected role 'Admin', got '%s'", fetchedUser.GlobalRole)
}
expires := time.Now().Add(24 * time.Hour)
err = store.CreateSession(ctx, "fake_secure_token", user.ID, expires)
if err != nil {
t.Fatalf("Failed to create session: %v", err)
}
session, err := store.GetSession(ctx, "fake_secure_token")
if err != nil {
t.Fatalf("Failed to retrieve session: %v", err)
}
if session.UserID != user.ID {
t.Errorf("Session mapped to wrong user! Expected %d, got %d", user.ID, session.UserID)
}
userByID, err := store.GetUserByID(ctx, user.ID)
if err != nil {
t.Fatalf("Failed to fetch user by ID: %v", err)
}
if userByID.Email != user.Email {
t.Errorf("GetUserByID returned wrong user. Expected %s, got %s", user.Email, userByID.Email)
}
newHash := "new_secure_bcrypt_hash_999"
err = store.UpdateUserPassword(ctx, user.ID, newHash)
if err != nil {
t.Fatalf("Failed to update user password: %v", err)
}
updatedUser, _ := store.GetUserByID(ctx, user.ID)
if updatedUser.PasswordHash != newHash {
t.Errorf("Password hash did not update in the database")
}
}