1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-11-14 04:35:57 +01:00
galene/group/group_test.go
Juliusz Chroboczek c4e26b65b7 Tighten user check.
Don't allow a user with a wildcard password entry to use the same
username as a user with a specific entry even at the same privilege
level.
2021-02-06 23:32:42 +01:00

149 lines
2.8 KiB
Go

package group
import (
"encoding/json"
"reflect"
"testing"
"time"
)
func TestJSTime(t *testing.T) {
tm := time.Now()
js := ToJSTime(tm)
tm2 := FromJSTime(js)
js2 := ToJSTime(tm2)
if js != js2 {
t.Errorf("%v != %v", js, js2)
}
delta := tm.Sub(tm2)
if delta < -time.Millisecond/2 || delta > time.Millisecond/2 {
t.Errorf("Delta %v, %v, %v", delta, tm, tm2)
}
}
var descJSON = `
{
"op": [{"username": "jch","password": "topsecret"}],
"max-history-age": 10,
"allow-subgroups": true,
"presenter": [
{"username": "john", "password": "secret"},
{"username": "john", "password": "secret2"}
],
"other": [
{"username": "james", "password": "secret3"},
{"username": "peter", "password": "secret4"},
{}
]
}`
func TestDescriptionJSON(t *testing.T) {
var d description
err := json.Unmarshal([]byte(descJSON), &d)
if err != nil {
t.Fatalf("unmarshal: %v", err)
}
dd, err := json.Marshal(d)
if err != nil {
t.Fatalf("marshal: %v", err)
}
var ddd description
err = json.Unmarshal([]byte(dd), &ddd)
if err != nil {
t.Fatalf("unmarshal: %v", err)
}
if !reflect.DeepEqual(d, ddd) {
t.Errorf("Got %v, expected %v", ddd, d)
}
}
type testClient struct {
username string
password string
}
func (c testClient) Username() string {
return c.username
}
func (c testClient) Challenge(g string, creds ClientCredentials) bool {
if creds.Password == nil {
return true
}
m, err := creds.Password.Match(c.password)
if err != nil {
return false
}
return m
}
type testClientPerm struct {
c testClient
p ClientPermissions
}
var badClients = []testClient{
testClient{"jch", "foo"},
testClient{"john", "foo"},
testClient{"james", "foo"},
}
var goodClients = []testClientPerm{
{
testClient{"jch", "topsecret"},
ClientPermissions{true, true, false},
},
{
testClient{"john", "secret"},
ClientPermissions{false, true, false},
},
{
testClient{"john", "secret2"},
ClientPermissions{false, true, false},
},
{
testClient{"james", "secret3"},
ClientPermissions{false, false, false},
},
{
testClient{"paul", "secret3"},
ClientPermissions{false, false, false},
},
}
func TestPermissions(t *testing.T) {
var d description
err := json.Unmarshal([]byte(descJSON), &d)
if err != nil {
t.Fatalf("unmarshal: %v", err)
}
for _, c := range badClients {
t.Run("bad " + c.Username(), func(t *testing.T) {
p, err := d.GetPermission("test", c)
if err != ErrNotAuthorised {
t.Errorf("GetPermission %v: %v %v", c, err, p)
}
})
}
for _, cp := range goodClients {
t.Run("good " + cp.c.Username(), func(t *testing.T) {
p, err := d.GetPermission("test", cp.c)
if err != nil {
t.Errorf("GetPermission %v: %v", cp.c, err)
} else if !reflect.DeepEqual(p, cp.p) {
t.Errorf("%v: got %v, expected %v",
cp.c, p, cp.p)
}
})
}
}