Merge pull request #6 from fiji-flo/reviewed

reviewed (WIP)

Author: fiji-flo

db-tests/Cargo.toml

@@ -3,7 +3,6 @@ name = "dino-park-packs_db-tests"
 version = "0.4.0"
 authors = ["Florian Merz <flomerz@gmail.com>"]
 edition = "2018"
-build = "build.rs"
 autotests = false
 
 [[test]]
@@ -15,10 +14,6 @@ harness = true
 default = []
 localuserscope = ["dino_park_gate/localuserscope"]
 
-[build-dependencies]
-diesel = { version = "1.4", features = ["postgres", "uuidv07", "r2d2", "chrono", "serde_json"] }
-diesel_migrations = "1.4"
-
 [dev-dependencies]
 dino-park-packs = { path = "../" }
 cis_client = { git = "https://github.com/mozilla-iam/cis_client-rust", tag = "0.5.1", version = "0.5.1" }
@@ -30,10 +25,12 @@ diesel = { version = "1.4", features = ["postgres", "uuidv07", "r2d2", "chrono",
 diesel_migrations = "1.4"
 actix-web = "2.0"
 actix-rt = "1.0"
+actix-http = "1.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 failure = "0.1"
 futures = "0.3"
-uuid = "0.7"
+uuid = { version = "0.7", features = ["v5"] }
 tokio = "0.2"
 url = "2.1"
+base64 = "0.12"

db-tests/build.rs

@@ -0,0 +1,35 @@
+use crate::helpers::Soa;
+use actix_http::Request;
+use actix_web::dev::*;
+use actix_web::test;
+use serde::Serialize;
+
+pub async fn get<S, B, E>(mut app: &mut S, endpoint: &str, scope: &Soa) -> S::Response
+where
+    S: Service<Request = Request, Response = ServiceResponse<B>, Error = E>,
+    E: std::fmt::Debug,
+{
+    let req = test::TestRequest::get()
+        .header("sau", scope.encode())
+        .uri(endpoint)
+        .to_request();
+    test::call_service(&mut app, req).await
+}
+
+pub async fn post<S, B, E>(
+    mut app: &mut S,
+    endpoint: &str,
+    json: impl Serialize,
+    scope: &Soa,
+) -> S::Response
+where
+    S: Service<Request = Request, Response = ServiceResponse<B>, Error = E>,
+    E: std::fmt::Debug,
+{
+    let req = test::TestRequest::post()
+        .header("sau", scope.encode())
+        .uri(endpoint)
+        .set_json(&json)
+        .to_request();
+    test::call_service(&mut app, req).await
+}

db-tests/tests/api.rs

@@ -1,38 +1,54 @@
-use crate::cis::CisFakeClient;
-use crate::helpers::get_pool;
-use actix_web::middleware::Logger;
+use crate::api::*;
+use crate::db::reset;
+use crate::helpers::read_json;
+use crate::helpers::test_app;
+use crate::helpers::Soa;
+use crate::users::basic_user;
 use actix_web::test;
-use actix_web::web;
 use actix_web::App;
+use dino_park_trust::GroupsTrust;
+use dino_park_trust::Trust;
 use failure::Error;
-use std::sync::Arc;
-
-use dino_park_packs::*;
+use serde_json::json;
 
 #[actix_rt::test]
 async fn basic() -> Result<(), Error> {
-    let cis_client = Arc::new(CisFakeClient::new());
-    let pool = get_pool();
-    let app = App::new()
-        .data(Arc::clone(&cis_client))
-        .data(pool.clone())
-        .wrap(Logger::default().exclude("/healthz"))
-        .service(healthz::healthz_app())
-        .service(api::internal::internal_app::<CisFakeClient>())
-        .service(
-            web::scope("/groups/api/v1/")
-                .service(api::groups::groups_app::<CisFakeClient>())
-                .service(api::members::members_app::<CisFakeClient>())
-                .service(api::current::current_app::<CisFakeClient>())
-                .service(api::invitations::invitations_app())
-                .service(api::terms::terms_app())
-                .service(api::users::users_app())
-                .service(api::admins::admins_app::<CisFakeClient>())
-                .service(api::sudo::sudo_app::<CisFakeClient>()),
-        );
+    reset()?;
+    let app = App::new().service(test_app().await);
     let mut app = test::init_service(app).await;
     let req = test::TestRequest::get().uri("/healthz").to_request();
     let res = test::call_service(&mut app, req).await;
     assert!(res.status().is_success());
     Ok(())
 }
+
+#[actix_rt::test]
+async fn create() -> Result<(), Error> {
+    reset()?;
+    let app = App::new().service(test_app().await);
+    let mut app = test::init_service(app).await;
+    let scope = Soa::from(&basic_user(1, true)).creator();
+    let res = get(&mut app, "/groups/api/v1/groups", &scope).await;
+    assert!(res.status().is_success());
+    assert_eq!(read_json(res).await, json!({ "groups": [], "next": null }));
+
+    let scope = Soa::new("nobody", Trust::Public, GroupsTrust::None);
+    let res = get(&mut app, "/groups/api/v1/groups", &scope).await;
+    assert_eq!(res.status().as_u16(), 403);
+
+    let scope = Soa::from(&basic_user(1, true)).creator();
+    let res = post(
+        &mut app,
+        "/groups/api/v1/groups",
+        json!({ "name": "nda", "description": "the nda group" }),
+        &scope,
+    )
+    .await;
+    assert!(res.status().is_success());
+
+    let res = get(&mut app, "/groups/api/v1/groups", &scope).await;
+    assert!(res.status().is_success());
+    assert_eq!(read_json(res).await["groups"][0]["name"], "nda");
+
+    Ok(())
+}

db-tests/tests/basics.rs

@@ -3,19 +3,37 @@ use cis_client::AsyncCisClientTrait;
 use cis_client::CisFut;
 use cis_profile::crypto::SecretStore;
 use cis_profile::schema::Profile;
+use dino_park_packs::db::operations::users::update_user_cache;
+use dino_park_packs::db::Pool;
+use futures::future::err;
+use futures::future::ok;
+use serde_json::json;
 use serde_json::Value;
 use std::collections::HashMap;
 use std::sync::Arc;
 use std::sync::RwLock;
 
+#[derive(Clone)]
 pub struct CisFakeClient {
     pub store: Arc<RwLock<HashMap<String, Profile>>>,
+    pub pool: Pool,
+    pub secret_store: Arc<SecretStore>,
 }
 
 impl CisFakeClient {
-    pub fn new() -> Self {
+    pub fn new(pool: Pool) -> Self {
+        let secret_store = Arc::new(
+            SecretStore::default()
+                .with_sign_keys_from_inline_iter(vec![(
+                    String::from("mozilliansorg"),
+                    include_str!("data/fake_key.json").to_owned(),
+                )])
+                .unwrap(),
+        );
         CisFakeClient {
             store: Arc::new(RwLock::new(HashMap::new())),
+            pool,
+            secret_store,
         }
     }
 }
@@ -29,7 +47,18 @@ impl AsyncCisClientTrait for CisFakeClient {
         unimplemented!()
     }
     fn update_user(&self, id: &str, profile: Profile) -> CisFut<Value> {
-        unimplemented!()
+        let mut store = self.store.write().unwrap();
+        let p = if let Some(mut p) = store.get_mut(id) {
+            p.access_information.mozilliansorg = profile.access_information.mozilliansorg;
+            p.clone()
+        } else {
+            store.insert(id.to_owned(), profile.clone());
+            profile
+        };
+        match update_user_cache(&self.pool, &p) {
+            Ok(_) => Box::pin(ok(json!({}))),
+            Err(e) => Box::pin(err(e.into())),
+        }
     }
     fn update_users(&self, profiles: &[Profile]) -> CisFut<Value> {
         unimplemented!()
@@ -38,6 +67,6 @@ impl AsyncCisClientTrait for CisFakeClient {
         unimplemented!()
     }
     fn get_secret_store(&self) -> &SecretStore {
-        unimplemented!()
+        &*self.secret_store
     }
 }

db-tests/tests/cis.rs

@@ -0,0 +1,13 @@
+{
+  "p": "2MdEFfk9h4zJNZoa49NTHlGBmJdX0qSQyf1KF2zpmDFxCzCGHWcQGtOvC6fPxwh64lL4SQ44_NmKLXao2U03zUn0OjsbahsfIBzDNoLrKSSe6JqQmCQ6SPXKuHCmuPWTpjGIoWea2DxEfwr9Q9F8PZxhxNO9EO5Bk20LdlJ6Ppc",
+  "kty": "RSA",
+  "q": "rMI4FcplQT3y0r37c6hfGakGvjeUZye-7mmcUMFUkjBDdCPrAC0YeAhUuoFS6rvyldGrRhobTPMpuvhB7i8uRKy86kQSWrTlXNZSU77eS-qpJCpFk-_o1c3uriEi8EY3_NMtwPWArFRtdtm86z1QjEp7TPBeFGLh1ehS7iS-Hpc",
+  "d": "hvEnJyCTkppL6gAA2hCQ5WEDLDA3CYZ53lJ7nOC86DueG-r5wKy30RWR053l-P4MbhoA5crX7LZkfklRO0g3dYhXwm-elUM-0SJ9ANizj3iL0-YGBie13-jiPFsH3_pxuzwzc7Hd41x1Gcu2k6rlDDpIoKSRn-OhkLXBI98XTH2iY-oTLwiFA3w1sw2LdX8AGa8MMpFk3yxyg2W0YRuspc5v4YH5PzNXxlRMYgT8JLoDze6umc6sfDYHuGkrSuOaxjO55omPuqT89Ofeu0wohDxYp2b3LT8xs1cc3tQnRbXqzTvwKGkcoD8Td2F0OLNUxlfhka2UquSqVnHZS6xr9Q",
+  "e": "AQAB",
+  "use": "sig",
+  "kid": "ac3b3e65-4f00-4d65-b665-a497329c5a04",
+  "qi": "twcz8Vf-XPo2CvIu8wdCo6N_WfCe-3J0er0-jqcEWLym6EE_hIE3rXuIKPLmQEZueVV1ELsF-PmOSxTgb-JJAH_38vr9M3gmrSjbGZ3xSKs0FtKTp2k1bAvl8xj2FPA5j-n6RXfpqLgyPOJNj4w-bxoUsIqzD5SiemJGMpyxSsI",
+  "dp": "UqqqrDZ_4FEv6eD6oCbWa5lpcmdEdm-LR3vv5T8DVaaFFV9Lxaqn2ZMgDbHQ6nWxZt19EV77HHFY4D1_5l4sCX1KRWqE6dGt7PELAJ6sTuRINSu8OEiYcXpJ9EwBSEdeJuJ82BBKXGufM1NdgZ9BYb1hC04zq2EwYKgU1upc88E",
+  "dq": "a4hE0sN1fUOrFqQslRQzhcxhJxt_YyopPUs9gkKkeo5SHkORLj3joitFWgXPb87nM3wbyPnNDnu4-Ok4WKLDgPmoaYVPi2hX8A5zli8TPVvmRl2Ni4Tkf9i7_WUg00BR7ywfqaDmo921eSoU3rP-pCRkVUK0vKnD-pqurA7wzCc",
+  "n": "kkpYPma8lZx4TOssUyiRdibeTRghV8dnrEXqHvCupJZ-eK9XIsXoA4vLnQaKdhsQ0zhN846v1MPeQsWY55fWjuc2Gf1r0JiaD09JagGANMPGgvyok1LrcF7vGsXauNZZvYPXdw44-pF_YopiB9LPdDfmzrerFnzAdbi86HxYFHR6-mE2mwCyhqMnkDkyCB7e6cffKNuDZ1p4i9yCcG5sUEvtwfv8sV4gIbbBpu7UHATKNywHW3BeqdljkT46FMz69Kpo6vmStWJkCDtBx-hg0uGkTEPH_y1RLTbC33TVA_hkJpjs1Ms3KSbAjzYmCd-EOhypVABozH8TnpZeqYKdEQ"
+}

db-tests/tests/data/fake_key.json

@@ -0,0 +1,20 @@
+use diesel_migrations::revert_latest_migration;
+use dino_park_packs::db::establish_connection;
+use dino_park_packs::db::Pool;
+use failure::Error;
+use std::env;
+
+embed_migrations!();
+
+pub fn get_pool() -> Pool {
+    let pg_url = env::var("DPP_PG_URL").expect("no DPP_PG_URL set");
+    establish_connection(&pg_url)
+}
+
+pub fn reset() -> Result<(), Error> {
+    let connection = get_pool().get()?;
+    while revert_latest_migration(&connection).is_ok() {}
+
+    embedded_migrations::run(&connection).expect("error running migrations");
+    Ok(())
+}