CLI tests for 'ntfy user'
This commit is contained in:
Philipp Heckel
parent
1c9766b8fd
commit
29c2fc5472
4 changed files with 160 additions and 20 deletions
60
cmd/user.go
60
cmd/user.go
|
|
@ -23,8 +23,9 @@ var cmdUser = &cli.Command{
|
|||
{
|
||||
Name: "add",
|
||||
Aliases: []string{"a"},
|
||||
Usage: "add user",
|
||||
Usage: "Adds a new user",
|
||||
UsageText: "ntfy user add [--role=admin|user] USERNAME",
|
||||
Before: inheritRootReaderFunc,
|
||||
Action: execUserAdd,
|
||||
Flags: []cli.Flag{
|
||||
&cli.StringFlag{Name: "role", Aliases: []string{"r"}, Value: string(auth.RoleUser), Usage: "user role"},
|
||||
|
|
@ -43,8 +44,9 @@ Examples:
|
|||
{
|
||||
Name: "remove",
|
||||
Aliases: []string{"del", "rm"},
|
||||
Usage: "remove user",
|
||||
Usage: "Removes a user",
|
||||
UsageText: "ntfy user remove USERNAME",
|
||||
Before: inheritRootReaderFunc,
|
||||
Action: execUserDel,
|
||||
Description: `Remove a user from the ntfy user database.
|
||||
|
||||
|
|
@ -55,8 +57,9 @@ Example:
|
|||
{
|
||||
Name: "change-pass",
|
||||
Aliases: []string{"chp"},
|
||||
Usage: "change user password",
|
||||
Usage: "Changes a user's password",
|
||||
UsageText: "ntfy user change-pass USERNAME",
|
||||
Before: inheritRootReaderFunc,
|
||||
Action: execUserChangePass,
|
||||
Description: `Change the password for the given user.
|
||||
|
||||
|
|
@ -70,8 +73,9 @@ Example:
|
|||
{
|
||||
Name: "change-role",
|
||||
Aliases: []string{"chr"},
|
||||
Usage: "change user role",
|
||||
Usage: "Changes the role of a user",
|
||||
UsageText: "ntfy user change-role USERNAME ROLE",
|
||||
Before: inheritRootReaderFunc,
|
||||
Action: execUserChangeRole,
|
||||
Description: `Change the role for the given user to admin or user.
|
||||
|
||||
|
|
@ -92,7 +96,8 @@ Example:
|
|||
{
|
||||
Name: "list",
|
||||
Aliases: []string{"l"},
|
||||
Usage: "list users",
|
||||
Usage: "Shows a list of users",
|
||||
Before: inheritRootReaderFunc,
|
||||
Action: execUserList,
|
||||
},
|
||||
},
|
||||
|
|
@ -125,18 +130,21 @@ func execUserAdd(c *cli.Context) error {
|
|||
} else if !auth.AllowedRole(role) {
|
||||
return errors.New("role must be either 'user' or 'admin'")
|
||||
}
|
||||
password, err := readPassword(c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
manager, err := createAuthManager(c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := manager.AddUser(username, password, auth.Role(role)); err != nil {
|
||||
if user, _ := manager.User(username); user != nil {
|
||||
return fmt.Errorf("user %s already exists", username)
|
||||
}
|
||||
password, err := readPassword(c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
fmt.Fprintf(c.App.ErrWriter, "User %s added with role %s\n", username, role)
|
||||
if err := manager.AddUser(username, password, role); err != nil {
|
||||
return err
|
||||
}
|
||||
fmt.Fprintf(c.App.ErrWriter, "user %s added with role %s\n", username, role)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -151,10 +159,13 @@ func execUserDel(c *cli.Context) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if _, err := manager.User(username); err == auth.ErrNotFound {
|
||||
return fmt.Errorf("user %s does not exist", username)
|
||||
}
|
||||
if err := manager.RemoveUser(username); err != nil {
|
||||
return err
|
||||
}
|
||||
fmt.Fprintf(c.App.ErrWriter, "User %s removed\n", username)
|
||||
fmt.Fprintf(c.App.ErrWriter, "user %s removed\n", username)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -165,18 +176,21 @@ func execUserChangePass(c *cli.Context) error {
|
|||
} else if username == userEveryone {
|
||||
return errors.New("username not allowed")
|
||||
}
|
||||
password, err := readPassword(c)
|
||||
manager, err := createAuthManager(c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
manager, err := createAuthManager(c)
|
||||
if _, err := manager.User(username); err == auth.ErrNotFound {
|
||||
return fmt.Errorf("user %s does not exist", username)
|
||||
}
|
||||
password, err := readPassword(c)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := manager.ChangePassword(username, password); err != nil {
|
||||
return err
|
||||
}
|
||||
fmt.Fprintf(c.App.ErrWriter, "Changed password for user %s\n", username)
|
||||
fmt.Fprintf(c.App.ErrWriter, "changed password for user %s\n", username)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -192,10 +206,13 @@ func execUserChangeRole(c *cli.Context) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if _, err := manager.User(username); err == auth.ErrNotFound {
|
||||
return fmt.Errorf("user %s does not exist", username)
|
||||
}
|
||||
if err := manager.ChangeRole(username, role); err != nil {
|
||||
return err
|
||||
}
|
||||
fmt.Fprintf(c.App.ErrWriter, "Changed role for user %s to %s\n", username, role)
|
||||
fmt.Fprintf(c.App.ErrWriter, "changed role for user %s to %s\n", username, role)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -251,3 +268,14 @@ func userCommandFlags() []cli.Flag {
|
|||
altsrc.NewStringFlag(&cli.StringFlag{Name: "auth-default-access", Aliases: []string{"p"}, EnvVars: []string{"NTFY_AUTH_DEFAULT_ACCESS"}, Value: "read-write", Usage: "default permissions if no matching entries in the auth database are found"}),
|
||||
}
|
||||
}
|
||||
|
||||
// inheritRootReaderFunc is a workaround for a urfave/cli bug that makes subcommands not inherit the App.Reader.
|
||||
// This bug was fixed in master, but not in v2.3.0.
|
||||
func inheritRootReaderFunc(ctx *cli.Context) error {
|
||||
for _, c := range ctx.Lineage() {
|
||||
if c.App != nil && c.App.Reader != nil {
|
||||
ctx.App.Reader = c.App.Reader
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
103
cmd/user_test.go
Normal file
103
cmd/user_test.go
Normal file
|
|
@ -0,0 +1,103 @@
|
|||
package cmd
|
||||
|
||||
import (
|
||||
"github.com/stretchr/testify/require"
|
||||
"github.com/urfave/cli/v2"
|
||||
"heckel.io/ntfy/server"
|
||||
"heckel.io/ntfy/test"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestCLI_User_Add(t *testing.T) {
|
||||
s, conf, port := newTestServerWithAuth(t)
|
||||
defer test.StopServer(t, s, port)
|
||||
|
||||
app, stdin, _, stderr := newTestApp()
|
||||
stdin.WriteString("mypass\nmypass")
|
||||
require.Nil(t, runUserCommand(app, conf, "add", "phil"))
|
||||
require.Contains(t, stderr.String(), "user phil added with role user")
|
||||
}
|
||||
|
||||
func TestCLI_User_Add_Exists(t *testing.T) {
|
||||
s, conf, port := newTestServerWithAuth(t)
|
||||
defer test.StopServer(t, s, port)
|
||||
|
||||
app, stdin, _, stderr := newTestApp()
|
||||
stdin.WriteString("mypass\nmypass")
|
||||
require.Nil(t, runUserCommand(app, conf, "add", "phil"))
|
||||
require.Contains(t, stderr.String(), "user phil added with role user")
|
||||
|
||||
app, stdin, _, stderr = newTestApp()
|
||||
stdin.WriteString("mypass\nmypass")
|
||||
err := runUserCommand(app, conf, "add", "phil")
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "user phil already exists")
|
||||
}
|
||||
|
||||
func TestCLI_User_Add_Admin(t *testing.T) {
|
||||
s, conf, port := newTestServerWithAuth(t)
|
||||
defer test.StopServer(t, s, port)
|
||||
|
||||
app, stdin, _, stderr := newTestApp()
|
||||
stdin.WriteString("mypass\nmypass")
|
||||
require.Nil(t, runUserCommand(app, conf, "add", "--role=admin", "phil"))
|
||||
require.Contains(t, stderr.String(), "user phil added with role admin")
|
||||
}
|
||||
|
||||
func TestCLI_User_Add_Password_Mismatch(t *testing.T) {
|
||||
s, conf, port := newTestServerWithAuth(t)
|
||||
defer test.StopServer(t, s, port)
|
||||
|
||||
app, stdin, _, _ := newTestApp()
|
||||
stdin.WriteString("mypass\nNOTMATCH")
|
||||
err := runUserCommand(app, conf, "add", "phil")
|
||||
require.Error(t, err)
|
||||
require.Contains(t, err.Error(), "passwords do not match: try it again, but this time type slooowwwlly")
|
||||
}
|
||||
|
||||
func TestCLI_User_ChangePass(t *testing.T) {
|
||||
s, conf, port := newTestServerWithAuth(t)
|
||||
defer test.StopServer(t, s, port)
|
||||
|
||||
// Add user
|
||||
app, stdin, _, stderr := newTestApp()
|
||||
stdin.WriteString("mypass\nmypass")
|
||||
require.Nil(t, runUserCommand(app, conf, "add", "phil"))
|
||||
require.Contains(t, stderr.String(), "user phil added with role user")
|
||||
|
||||
// Change pass
|
||||
app, stdin, _, stderr = newTestApp()
|
||||
stdin.WriteString("newpass\nnewpass")
|
||||
require.Nil(t, runUserCommand(app, conf, "change-pass", "phil"))
|
||||
require.Contains(t, stderr.String(), "changed password for user phil")
|
||||
}
|
||||
|
||||
func newTestServerWithAuth(t *testing.T) (s *server.Server, conf *server.Config, port int) {
|
||||
conf = server.NewConfig()
|
||||
conf.AuthFile = filepath.Join(t.TempDir(), "user.db")
|
||||
conf.AuthDefaultRead = false
|
||||
conf.AuthDefaultWrite = false
|
||||
s, port = test.StartServerWithConfig(t, conf)
|
||||
return
|
||||
}
|
||||
|
||||
func runUserCommand(app *cli.App, conf *server.Config, args ...string) error {
|
||||
var defaultAccess string
|
||||
if conf.AuthDefaultRead && conf.AuthDefaultWrite {
|
||||
defaultAccess = "read-write"
|
||||
} else if conf.AuthDefaultRead && !conf.AuthDefaultWrite {
|
||||
defaultAccess = "read-only"
|
||||
} else if !conf.AuthDefaultRead && conf.AuthDefaultWrite {
|
||||
defaultAccess = "write-only"
|
||||
} else if !conf.AuthDefaultRead && !conf.AuthDefaultWrite {
|
||||
defaultAccess = "deny-all"
|
||||
}
|
||||
userArgs := []string{
|
||||
"ntfy",
|
||||
"user",
|
||||
"--auth-file=" + conf.AuthFile,
|
||||
"--auth-default-access=" + defaultAccess,
|
||||
}
|
||||
return app.Run(append(userArgs, args...))
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue