chore: add some basic integration tests

explodingcamera · explodingcamera · commit 86ba7831eddf · 2024-08-26T22:00:27.000+02:00
Signed-off-by: Henry Gressmann &lt;mail@henrygressmann.de&gt;
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -70,6 +70,7 @@ maxminddb={version="0.24", optional=true}
 [dev-dependencies]
 figment={version="*", features=["test"]}
 poem={version="*", features=["test"]}
+cookie={version="*"}
 
 [features]
 default=["geoip"]
diff --git a/src/web/mod.rs b/src/web/mod.rs
@@ -1,6 +1,6 @@
-mod routes;
-mod session;
-mod webext;
+pub mod routes;
+pub mod session;
+pub mod webext;
 
 use crate::app::models::Event;
 use crate::app::Liwan;
diff --git a/src/web/routes/auth.rs b/src/web/routes/auth.rs
@@ -12,26 +12,26 @@ use poem::web::{cookie::CookieJar, Data};
 use poem::{Endpoint, EndpointExt};
 use poem_openapi::payload::{Json, Response};
 use poem_openapi::{Object, OpenApi};
-use serde::Deserialize;
+use serde::{Deserialize, Serialize};
 use tower::limit::RateLimitLayer;
 
-#[derive(Deserialize, Object)]
-struct LoginRequest {
-    username: String,
-    password: String,
+#[derive(Serialize, Object)]
+pub struct LoginRequest {
+    pub username: String,
+    pub password: String,
 }
 
-#[derive(Deserialize, Object)]
-struct SetupRequest {
-    token: String,
-    username: String,
-    password: String,
+#[derive(Deserialize, Serialize, Object)]
+pub struct SetupRequest {
+    pub token: String,
+    pub username: String,
+    pub password: String,
 }
 
-#[derive(Object)]
-struct MeResponse {
-    username: String,
-    role: UserRole,
+#[derive(Object, Serialize)]
+pub struct MeResponse {
+    pub username: String,
+    pub role: UserRole,
 }
 
 fn login_rate_limit(ep: impl Endpoint + 'static) -> impl Endpoint {
diff --git a/src/web/routes/mod.rs b/src/web/routes/mod.rs
@@ -1,7 +1,7 @@
-mod admin;
-mod auth;
-mod dashboard;
-mod event;
+pub mod admin;
+pub mod auth;
+pub mod dashboard;
+pub mod event;
 
 pub use admin::AdminAPI;
 pub use auth::AuthApi;
diff --git a/tests/admin.rs b/tests/admin.rs
@@ -0,0 +1 @@
+
diff --git a/tests/auth.rs b/tests/auth.rs
@@ -1,11 +1,76 @@
+use eyre::Result;
+use liwan::app::models::UserRole;
+use poem::http::{header, status::StatusCode};
+use serde_json::json;
+
 mod common;
 
 #[tokio::test]
-async fn it_adds_two() {
+async fn test_login() -> Result<()> {
+    let app = common::app();
+    let (tx, _rx) = common::events();
+    let router = common::router(app.clone(), tx);
+    let client = poem::test::TestClient::new(router);
+
+    app.users.create("test", "test", UserRole::User, &[])?;
+
+    // login
+    let login = &json!({ "username": "test", "password": "test" });
+    let res = client.post("/api/dashboard/auth/login").body_json(login).send().await;
+
+    res.assert_status_is_ok();
+    let cookies = common::cookies(&res);
+
+    // user info
+    let res = client.get("/api/dashboard/auth/me").header(header::COOKIE, common::cookie_header(&cookies)).send().await;
+    res.assert_status_is_ok();
+    res.assert_json(json!({ "username": "test", "role": "user" })).await;
+
+    // logout
+    let res =
+        client.post("/api/dashboard/auth/logout").header(header::COOKIE, common::cookie_header(&cookies)).send().await;
+    res.assert_status_is_ok();
+
+    // test that the user is logged out
+    let res = client.get("/api/dashboard/auth/me").header(header::COOKIE, common::cookie_header(&cookies)).send().await;
+
+    res.assert_status(StatusCode::UNAUTHORIZED);
+    Ok(())
+}
+
+#[tokio::test]
+async fn test_setup() -> Result<()> {
     let app = common::app();
     let (tx, _rx) = common::events();
-    let router = common::router(app, tx);
+    let router = common::router(app.clone(), tx);
     let client = poem::test::TestClient::new(router);
 
-    client.get("/").send().await;
+    let token = app.onboarding.token().unwrap().expect("onboarding should exist");
+
+    // Invalid token should return 401
+    let setup = &json!({ "token": "invalid_token", "username": "admin2", "password": "admin2" });
+    let res = client.post("/api/dashboard/auth/setup").body_json(setup).send().await;
+    res.assert_status(StatusCode::UNAUTHORIZED);
+
+    // Valid token should return 200
+    let setup = &json!({ "token": token, "username": "admin", "password": "admin" });
+    let res = client.post("/api/dashboard/auth/setup").body_json(setup).send().await;
+    res.assert_status_is_ok();
+
+    // Check that the user is created
+    let login = &json!({ "username": "admin", "password": "admin" });
+    let res = client.post("/api/dashboard/auth/login").body_json(login).send().await;
+    res.assert_status_is_ok();
+
+    // Check that the onboarding is cleared
+    assert_eq!(app.onboarding.token().unwrap(), None, "onboarding should be cleared");
+    let setup = &json!({ "token": token, "username": "admin", "password": "admin" });
+    let res = client.post("/api/dashboard/auth/setup").body_json(setup).send().await;
+    res.assert_status(StatusCode::UNAUTHORIZED);
+
+    let setup = &json!({ "token": token, "username": "admin2", "password": "admin2" });
+    let res = client.post("/api/dashboard/auth/setup").body_json(setup).send().await;
+    res.assert_status(StatusCode::UNAUTHORIZED);
+
+    Ok(())
 }
diff --git a/tests/common/mod.rs b/tests/common/mod.rs
@@ -1,3 +1,6 @@
+#![allow(unused)]
+
+use cookie::Cookie;
 use liwan::{
     app::{models::Event, Liwan},
     config::Config,
@@ -12,3 +15,17 @@ pub fn events() -> (crossbeam::channel::Sender<Event>, crossbeam::channel::Recei
 }
 
 pub use liwan::web::create_router as router;
+use poem::test::TestResponse;
+
+pub fn cookies(res: &TestResponse) -> Vec<cookie::Cookie<'static>> {
+    res.0
+        .headers()
+        .get_all("Set-Cookie")
+        .iter()
+        .map(|v| Cookie::parse(v.to_str().unwrap().to_owned()).unwrap())
+        .collect::<Vec<_>>()
+}
+
+pub fn cookie_header(cookies: &[Cookie]) -> String {
+    cookies.iter().map(|cookie| cookie.to_string()).collect::<Vec<_>>().join("; ")
+}
diff --git a/tests/dashboard.rs b/tests/dashboard.rs
@@ -0,0 +1 @@
+
diff --git a/tests/event.rs b/tests/event.rs
@@ -0,0 +1,31 @@
+mod common;
+use eyre::Result;
+use liwan::app::models::Entity;
+use poem::http::{header, status::StatusCode};
+use serde_json::json;
+
+#[tokio::test]
+async fn test_event() -> Result<()> {
+    let app = common::app();
+    let (tx, _rx) = common::events();
+    let router = common::router(app.clone(), tx);
+    let client = poem::test::TestClient::new(router);
+    app.entities.create(&Entity { display_name: "Entity 1".to_string(), id: "entity-1".to_string() }, &[])?;
+
+    let event = &json!({
+        "entity_id": "entity-1",
+        "name": "pageview",
+        "url": "https://example.com/"
+    });
+
+    // Require User-Agent
+    let res = client.post("/api/event").body_json(event).send().await;
+    res.assert_status(StatusCode::BAD_REQUEST);
+
+    // Create event
+    let res = client.post("/api/event").header(header::USER_AGENT, "test").body_json(event).send().await;
+    res.assert_status_is_ok();
+
+    // TODO: hook up the event handler and test that the event is processed
+    Ok(())
+}
