feat: session related change-password tests (#126)

* feat: session related change-password tests

Signed-off-by: Meenal Trivedi <[email protected]>

* add optinally keep tests

Signed-off-by: Meenal Trivedi <[email protected]>

* fix

Signed-off-by: Meenal Trivedi <[email protected]>

* requested changes

Signed-off-by: Meenal Trivedi <[email protected]>

* update sytesT_coverage

Signed-off-by: Meenal Trivedi <[email protected]>

Author: meenal06

README.md

@@ -132,21 +132,26 @@ $ go run sytest_coverage.go -v
 10apidoc/01request-encoding 1/1 tests
     ✓ POST rejects invalid utf-8 in JSON
 
-10apidoc/02login 3/6 tests
+10apidoc/02login 6/6 tests
     ✓ GET /login yields a set of flows
     ✓ POST /login can log in as a user
     ✓ POST /login returns the same device_id as that in the request
-    × POST /login can log in as a user with just the local part of the id
-    × POST /login as non-existing user is rejected
-    × POST /login wrong password is rejected
+    ✓ POST /login can log in as a user with just the local part of the id
+    ✓ POST /login as non-existing user is rejected
+    ✓ POST /login wrong password is rejected
 
 10apidoc/03events-initial 0/2 tests
-10apidoc/04version 0/1 tests
+10apidoc/04version 1/1 tests
+    ✓ Version responds 200 OK with valid structure
+
 10apidoc/10profile-displayname 0/2 tests
 10apidoc/11profile-avatar_url 0/2 tests
 10apidoc/12device_management 0/8 tests
 10apidoc/13ui-auth 0/4 tests
-10apidoc/20presence 0/2 tests
+10apidoc/20presence 2/2 tests
+    ✓ GET /presence/:user_id/status fetches initial status
+    ✓ PUT /presence/:user_id/status updates my presence
+
 10apidoc/30room-create 0/10 tests
 10apidoc/31room-state 0/14 tests
 10apidoc/32room-alias 0/2 tests
@@ -162,8 +167,21 @@ $ go run sytest_coverage.go -v
 12login/01threepid-and-password 0/1 tests
 12login/02cas 0/3 tests
 13logout 0/4 tests
-14account/01change-password 0/7 tests
-14account/02deactivate 0/4 tests
+14account/01change-password 5/7 tests
+    ✓ After changing password, can't log in with old password
+    ✓ After changing password, can log in with new password
+    ✓ After changing password, existing session still works
+    ✓ After changing password, a different session no longer works by default
+    ✓ After changing password, different sessions can optionally be kept
+    × Pushers created with a different access token are deleted on password change
+    × Pushers created with a the same access token are not deleted on password change
+
+14account/02deactivate 3/4 tests
+    ✓ Can deactivate account
+    ✓ Can't deactivate account with wrong password
+    ✓ After deactivating account, can't log in with password
+    × After deactivating account, can't log in with an email
+
 21presence-events 0/3 tests
 30rooms/01state 2/9 tests
     ✓ Room creation reports m.room.create to myself
@@ -202,7 +220,10 @@ $ go run sytest_coverage.go -v
 30rooms/52members 0/3 tests
 30rooms/60version_upgrade 0/19 tests
 30rooms/70publicroomslist 0/5 tests
-31sync/01filter 0/2 tests
+31sync/01filter 2/2 tests
+    ✓ Can create filter
+    ✓ Can download filter
+
 31sync/02sync 0/1 tests
 31sync/03joined 0/6 tests
 31sync/04timeline 0/8 tests
@@ -329,5 +350,5 @@ $ go run sytest_coverage.go -v
 90jira/SYN-516 0/1 tests
 90jira/SYN-627 0/1 tests
 
-TOTAL: 15/690 tests converted
+TOTAL: 31/690 tests converted
 ```

tests/account_change_password_test.go

@@ -1,12 +1,16 @@
 package tests
 
 import (
+	"io/ioutil"
 	"testing"
 
 	"github.com/matrix-org/complement/internal/b"
 	"github.com/matrix-org/complement/internal/client"
+	"github.com/matrix-org/complement/internal/docker"
 	"github.com/matrix-org/complement/internal/match"
 	"github.com/matrix-org/complement/internal/must"
+
+	"github.com/tidwall/gjson"
 )
 
 func TestChangePassword(t *testing.T) {
@@ -16,6 +20,7 @@ func TestChangePassword(t *testing.T) {
 	newPassword := "my_new_password"
 	passwordClient := deployment.RegisterUser(t, "hs1", "test_change_password_user", oldPassword)
 	unauthedClient := deployment.Client(t, "hs1", "")
+	sessionTest := createSession(t, deployment, "test_change_password_user", "superuser")
 	// sytest: After changing password, can't log in with old password
 	t.Run("After changing password, can't log in with old password", func(t *testing.T) {
 
@@ -49,6 +54,48 @@ func TestChangePassword(t *testing.T) {
 			"password": newPassword,
 		})
 		res := unauthedClient.DoFunc(t, "POST", []string{"_matrix", "client", "r0", "login"}, reqBody)
+		must.MatchResponse(t, res, match.HTTPResponse{
+			StatusCode: 200,
+			JSON: []match.JSON{
+				match.JSONKeyEqual("user_id", passwordClient.UserID),
+			},
+		})
+	})
+	// sytest: After changing password, existing session still works
+	t.Run("After changing password, existing session still works", func(t *testing.T) {
+		res := passwordClient.DoFunc(t, "GET", []string{"_matrix", "client", "r0", "account", "whoami"})
+		must.MatchResponse(t, res, match.HTTPResponse{
+			StatusCode: 200,
+		})
+	})
+	// sytest: After changing password, a different session no longer works by default
+	t.Run("After changing password, a different session no longer works by default", func(t *testing.T) {
+		res := sessionTest.DoFunc(t, "GET", []string{"_matrix", "client", "r0", "account", "whoami"})
+		must.MatchResponse(t, res, match.HTTPResponse{
+			StatusCode: 401,
+		})
+	})
+
+	// sytest: After changing password, different sessions can optionally be kept
+	t.Run("After changing password, different sessions can optionally be kept", func(t *testing.T) {
+		sessionOptional := createSession(t, deployment, "test_change_password_user", newPassword)
+		reqBody := client.WithJSONBody(t, map[string]interface{}{
+			"auth": map[string]interface{}{
+				"type":     "m.login.password",
+				"user":     passwordClient.UserID,
+				"password": newPassword,
+			},
+			"new_password":   "new_optional_password",
+			"logout_devices": false,
+		})
+
+		res := passwordClient.DoFunc(t, "POST", []string{"_matrix", "client", "r0", "account", "password"}, reqBody)
+
+		must.MatchResponse(t, res, match.HTTPResponse{
+			StatusCode: 200,
+		})
+		res = sessionOptional.DoFunc(t, "GET", []string{"_matrix", "client", "r0", "account", "whoami"})
+
 		must.MatchResponse(t, res, match.HTTPResponse{
 			StatusCode: 200,
 		})
@@ -72,3 +119,24 @@ func changePassword(t *testing.T, passwordClient *client.CSAPI, oldPassword stri
 		StatusCode: 200,
 	})
 }
+
+func createSession(t *testing.T, deployment *docker.Deployment, userID, password string) *client.CSAPI {
+	authedClient := deployment.Client(t, "hs1", "")
+	reqBody := client.WithJSONBody(t, map[string]interface{}{
+		"identifier": map[string]interface{}{
+			"type": "m.id.user",
+			"user": userID,
+		},
+		"type":     "m.login.password",
+		"password": password,
+	})
+	res := authedClient.DoFunc(t, "POST", []string{"_matrix", "client", "r0", "login"}, reqBody)
+	body, err := ioutil.ReadAll(res.Body)
+	if err != nil {
+		t.Fatalf("unable to read response body: %v", err)
+	}
+
+	authedClient.UserID = gjson.GetBytes(body, "user_id").Str
+	authedClient.AccessToken = gjson.GetBytes(body, "access_token").Str
+	return authedClient
+}