1 package services
2
3 import (
4 "context"
5 "fmt"
6 "strings"
7 "testing"
8
9 "github.com/DATA-DOG/go-sqlmock"
10 "github.com/stretchr/testify/assert"
11
12 "edge-infra.dev/pkg/edge/api/bsl/types"
13 "edge-infra.dev/pkg/edge/api/graph/model"
14 "edge-infra.dev/pkg/edge/api/middleware"
15 sqlquery "edge-infra.dev/pkg/edge/api/sql"
16 edgetypes "edge-infra.dev/pkg/edge/api/types"
17 "edge-infra.dev/pkg/edge/bsl"
18 )
19
20 func TestLogin(t *testing.T) {
21 bspMockServer := GetMockBspServer(testOrganization, testOrganization, testUsername, model.RoleEdgeBannerViewer.String(), "testEmail", "testResetURL")
22 appConfig := edgetypes.Config{
23 BSP: types.BSPConfig{
24 Endpoint: bspMockServer.URL,
25 },
26 Bff: edgetypes.BffConfig{TopLevelProjectID: testOrganization},
27 }
28 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
29 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
30
31 ctx := context.Background()
32 user, err := service.Login(ctx, "test", "testPassword", testOrganization)
33 assert.Nil(t, err)
34 assert.NotEmpty(t, user)
35 assert.Equal(t, 1, len(user.Roles))
36 assert.Empty(t, user.Banners)
37 }
38
39 func TestUpdatePasswordWToken(t *testing.T) {
40 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
41 appConfig := edgetypes.Config{
42 BSP: types.BSPConfig{
43 Endpoint: bspMockServer.URL,
44 },
45 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
46 }
47 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
48 ctx := context.Background()
49 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
50 err := service.UpdateUserPasswordWithToken(ctx, "good-token", "org", "good-password")
51 assert.Nil(t, err, "No error should be thrown for good token, org and password")
52 err = service.UpdateUserPasswordWithToken(ctx, "good-token", "org", "bad-password")
53 assert.Error(t, err, "Error should be thrown for bad password")
54 err = service.UpdateUserPasswordWithToken(ctx, "bad-token", "org", "bad-token")
55 assert.Error(t, err, "Error should be thrown for bad token")
56 }
57
58 func TestGetUser(t *testing.T) {
59 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
60 appConfig := edgetypes.Config{
61 BSP: types.BSPConfig{
62 Endpoint: bspMockServer.URL,
63 },
64 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
65 }
66 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
67 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
68 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
69 Username: testUsername,
70 Token: testBSLToken,
71 Organization: testOrganization,
72 })
73 user, err := service.GetUser(contextWithAuth, "test", "edge-dev0-edge-b413cb", "token", "bsl")
74 assert.Nil(t, err)
75 assert.NotEmpty(t, user)
76 }
77
78 func TestGetUsers(t *testing.T) {
79 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
80 appConfig := edgetypes.Config{
81 BSP: types.BSPConfig{
82 Endpoint: bspMockServer.URL,
83 },
84 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
85 }
86 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
87 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
88 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
89 Username: testUsername,
90 Token: testBSLToken,
91 Organization: testOrganization,
92 })
93 users, err := service.GetUsers(contextWithAuth)
94 assert.Nil(t, err)
95 assert.Equal(t, 1, len(users))
96 if len(users) > 0 {
97 for _, user := range users {
98 assert.True(t, !strings.HasSuffix(user.Username, fmt.Sprintf("-%s", edgetypes.BFFUsername)))
99 }
100 }
101 }
102
103 func TestUpdateUserProfile(t *testing.T) {
104 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
105 appConfig := edgetypes.Config{
106 BSP: types.BSPConfig{
107 Endpoint: bspMockServer.URL,
108 },
109 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
110 }
111 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
112 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
113 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
114 Username: testUsername,
115 Token: testBSLToken,
116 Organization: testOrganization,
117 })
118 familyName := "Josh"
119 updateRequest := &model.UpdateUser{
120 Username: "acct:edge-dev0-edge-b413cb@test",
121 FamilyName: &familyName,
122 }
123 user, err := service.UpdateUserProfile(contextWithAuth, updateRequest)
124 assert.Nil(t, err)
125 assert.NotEmpty(t, user)
126 }
127
128 func TestGetUsersFilteredServiceAcc(t *testing.T) {
129 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
130 appConfig := edgetypes.Config{
131 BSP: types.BSPConfig{
132 Endpoint: bspMockServer.URL,
133 },
134 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
135 }
136 bannerName := "dev1-engineering"
137
138 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
139 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
140 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
141 Username: "acct:Harry",
142 Token: testBSLToken,
143 Organization: testOrganization,
144 })
145
146 user, err := service.GetUsersForOrgBanner(contextWithAuth, bannerName)
147 assert.NoError(t, err)
148 assert.NotEmpty(t, user)
149 }
150
151 func TestVerifyOktaToken_Valid(t *testing.T) {
152 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
153 appConfig := edgetypes.Config{
154 Okta: *oktaConfig,
155 BSP: types.BSPConfig{
156 Endpoint: bspMockServer.URL,
157 },
158 }
159 service := NewUserManagementService(appConfig, nil, oktaClient, nil, nil)
160 resp, err := service.VerifyOktaToken(context.Background(), "good-okta-token")
161 assert.NoError(t, err)
162 assert.True(t, resp.Active)
163 }
164
165 func TestVerifyOktaToken_Invalid(t *testing.T) {
166 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
167 appConfig := edgetypes.Config{
168 Okta: *oktaConfig,
169 BSP: types.BSPConfig{
170 Endpoint: bspMockServer.URL,
171 },
172 }
173 service := NewUserManagementService(appConfig, nil, oktaClient, nil, nil)
174 resp, err := service.VerifyOktaToken(context.Background(), "bad-okta-token")
175 assert.Error(t, err)
176 assert.Empty(t, resp)
177 }
178
179 func TestLoginWithOktaToken_Valid(t *testing.T) {
180 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
181 appConfig := edgetypes.Config{
182 Okta: *oktaConfig,
183 BSP: types.BSPConfig{
184 Endpoint: bspMockServer.URL,
185 },
186 }
187 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
188 service := NewUserManagementService(appConfig, bslClient, oktaClient, nil, nil)
189 resp, err := service.LoginWithOktaToken(context.Background(), "good-okta-token", "test-refresh-token", "test-org")
190 assert.NoError(t, err)
191 assert.NotNil(t, resp)
192 }
193
194 func TestLoginWithOktaToken_BadToken(t *testing.T) {
195 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
196 appConfig := edgetypes.Config{
197 Okta: *oktaConfig,
198 BSP: types.BSPConfig{
199 Endpoint: bspMockServer.URL,
200 },
201 }
202 service := NewUserManagementService(appConfig, nil, oktaClient, nil, nil)
203 resp, err := service.LoginWithOktaToken(context.Background(), "bad-okta-token", "test-refresh-token", "test-org")
204 assert.Error(t, err)
205 assert.Nil(t, resp)
206 }
207
208 func TestLoginWithOktaToken_InValid(t *testing.T) {
209 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
210 appConfig := edgetypes.Config{
211 Okta: *oktaConfig,
212 BSP: types.BSPConfig{
213 Endpoint: bspMockServer.URL,
214 },
215 }
216 service := NewUserManagementService(appConfig, nil, oktaClient, nil, nil)
217 resp, err := service.LoginWithOktaToken(context.Background(), "invalid-okta-token", "test-refresh-token", "test-org")
218 assert.Error(t, err)
219 assert.Nil(t, resp)
220 }
221
222 func TestTokenExchangeOkta(t *testing.T) {
223 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
224 appConfig := edgetypes.Config{
225 Okta: *oktaConfig,
226 BSP: types.BSPConfig{
227 Endpoint: bspMockServer.URL,
228 },
229 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
230 }
231 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
232 service := NewUserManagementService(appConfig, bslClient, oktaClient, nil, nil)
233 resp, err := service.TokenExchange(context.Background(), "test-org", &types.AuthUser{
234 Email: "test@ncr.com",
235 Organization: "test-org",
236 Username: "testUser",
237 Token: "good-okta-token",
238 Roles: []string{"EDGE_ORG_ADMIN"},
239 }, "okta")
240 assert.NoError(t, err)
241 assert.NotNil(t, resp)
242 }
243
244 func TestTokenExchangeBSL(t *testing.T) {
245 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
246 appConfig := edgetypes.Config{
247 Okta: *oktaConfig,
248 BSP: types.BSPConfig{
249 Endpoint: bspMockServer.URL,
250 },
251 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
252 }
253 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
254 service := NewUserManagementService(appConfig, bslClient, oktaClient, nil, nil)
255 resp, err := service.TokenExchange(context.Background(), "test-org", &types.AuthUser{
256 Email: "test@ncr.com",
257 Organization: "test-org",
258 Username: "testUser",
259 Token: "good-bsl-token",
260 Roles: []string{"EDGE_ORG_ADMIN"},
261 }, "bsl")
262 assert.NoError(t, err)
263 assert.NotNil(t, resp)
264 }
265
266 func TestGetSessionUserEdgeRole(t *testing.T) {
267 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
268 appConfig := edgetypes.Config{
269 BSP: types.BSPConfig{
270 Endpoint: bspMockServer.URL,
271 },
272 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
273 }
274 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
275 service := NewUserManagementService(appConfig, bslClient, nil, nil, nil)
276
277 user, err := service.GetSessionUserEdgeRoles(context.Background(), "test-user", "test-token", "test-org", "bsl")
278 assert.NotNil(t, user)
279 assert.NoError(t, err)
280 }
281
282 func TestUserData(t *testing.T) {
283 db, mock, err := sqlmock.New(sqlmock.QueryMatcherOption(sqlmock.QueryMatcherEqual))
284 if err != nil {
285 t.Fatalf("an error '%s' was not expected when opening a stub database connection", err)
286 }
287 defer db.Close()
288 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
289 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "bsl_data_synced", "bsl_entity_types", "edge_sec_opt_in_compliance"}).
290 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", false, nil, true))
291 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
292 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "bsl_data_synced", "bsl_entity_types", "edge_sec_opt_in_compliance"}).
293 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", false, nil, true))
294 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("eu-banner-bsl-id").
295 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "bsl_data_synced", "bsl_entity_types", "edge_sec_opt_in_compliance"}).
296 AddRow("eu-banner-bsl-id", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", false, nil, true))
297
298 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
299 appConfig := edgetypes.Config{
300 BSP: types.BSPConfig{
301 Endpoint: bspMockServer.URL,
302 },
303 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
304 }
305 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
306 roleSvc := NewRoleService(appConfig.BSP, bslClient)
307 bannerSvc := NewBannerService(nil, nil, bslClient, "", db, defaultCfg)
308 service := NewUserManagementService(appConfig, bslClient, nil, roleSvc, bannerSvc)
309 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
310 Username: testUsername,
311 Token: testBSLToken,
312 Organization: testOrganization,
313 })
314 userData, err := service.UserData(contextWithAuth, "test")
315 assert.NotNil(t, userData)
316 assert.NoError(t, err)
317 }
318
319 func TestWhoAmI_BSL(t *testing.T) {
320 db, mock, err := sqlmock.New(sqlmock.QueryMatcherOption(sqlmock.QueryMatcherEqual))
321 if err != nil {
322 t.Fatalf("an error '%s' was not expected when opening a stub database connection", err)
323 }
324 defer db.Close()
325 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
326 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
327 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
328 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
329 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
330 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
331 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("eu-banner-bsl-id").
332 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
333 AddRow("eu-banner-bsl-id", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
334 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
335 appConfig := edgetypes.Config{
336 BSP: types.BSPConfig{
337 Endpoint: bspMockServer.URL,
338 },
339 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
340 }
341 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
342 roleSvc := NewRoleService(appConfig.BSP, bslClient)
343 bannerSvc := NewBannerService(nil, nil, bslClient, "", db, defaultCfg)
344 service := NewUserManagementService(appConfig, bslClient, nil, roleSvc, bannerSvc)
345 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
346 Username: testUsername,
347 Token: testBSLToken,
348 Organization: testOrganization,
349 })
350 userData, err := service.WhoAmI(contextWithAuth, "test", "test-org-banner", "testToken", "bsl")
351 assert.NotNil(t, userData)
352 assert.NoError(t, err)
353 }
354
355 func TestWhoAmI_OKTA(t *testing.T) {
356 db, mock, err := sqlmock.New(sqlmock.QueryMatcherOption(sqlmock.QueryMatcherEqual))
357 if err != nil {
358 t.Fatalf("an error '%s' was not expected when opening a stub database connection", err)
359 }
360 defer db.Close()
361 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
362 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
363 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
364 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("test-org-banner").
365 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
366 AddRow("test-org-banner", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
367 mock.ExpectQuery(sqlquery.GetBannerByBSLID).WithArgs("eu-banner-bsl-id").
368 WillReturnRows(sqlmock.NewRows([]string{"banner_edge_id", "banner_bsl_id", "banner_name", "banner_type", "project_id", "tenant_edge_id", "description", "edge_sec_opt_in_compliance"}).
369 AddRow("eu-banner-bsl-id", "test-org-banner", "eu-banner-bsl-id2", "EU", "eu-banner-bsl-id3", "eu-banner-bsl-id4", "eu-banner-bsl-id5", true))
370 bspMockServer := GetMockBspServer("testOrg", "testOrgID", "testUser", "EDGE_BANNER_VIEWER", "testEmail", "testResetURL")
371 appConfig := edgetypes.Config{
372 Okta: *oktaConfig,
373 BSP: types.BSPConfig{
374 Endpoint: bspMockServer.URL,
375 },
376 Bff: edgetypes.BffConfig{TopLevelProjectID: "test-org"},
377 }
378 bslClient := bsl.NewBSLClient(appConfig.BSP, nil)
379 roleSvc := NewRoleService(appConfig.BSP, bslClient)
380 bannerSvc := NewBannerService(nil, nil, bslClient, "", db, defaultCfg)
381 service := NewUserManagementService(appConfig, bslClient, oktaClient, roleSvc, bannerSvc)
382 contextWithAuth := middleware.NewContext(context.Background(), &types.AuthUser{
383 Username: testUsername,
384 Token: testBSLToken,
385 Organization: testOrganization,
386 })
387 userData, err := service.WhoAmI(contextWithAuth, "test", "test-org-banner", "testToken", "okta")
388 assert.NotNil(t, userData)
389 assert.NoError(t, err)
390 }
391
View as plain text