X-Git-Url: https://git.r.bdr.sh/rbdr/mobius/blobdiff_plain/481631f6b541a0f00c7c3ba789c13ac934bdefbc..fca1ebde1d6a552ce6e4e995fc12c73450af218b:/hotline/transaction_handlers_test.go diff --git a/hotline/transaction_handlers_test.go b/hotline/transaction_handlers_test.go index 48e0f0e..d7ec098 100644 --- a/hotline/transaction_handlers_test.go +++ b/hotline/transaction_handlers_test.go @@ -649,7 +649,7 @@ func TestHandleGetFileInfo(t *testing.T) { ErrorCode: []byte{0, 0, 0, 0}, Fields: []Field{ NewField(fieldFileName, []byte("testfile.txt")), - NewField(fieldFileTypeString, []byte("TEXT")), + NewField(fieldFileTypeString, []byte("Text File")), NewField(fieldFileCreatorString, []byte("ttxt")), NewField(fieldFileComment, []byte{}), NewField(fieldFileType, []byte("TEXT")), @@ -695,10 +695,50 @@ func TestHandleNewFolder(t *testing.T) { wantRes []Transaction wantErr bool }{ + { + name: "without required permission", + setup: func() {}, + args: args{ + cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + accessCreateFolder, + &[]byte{0, 0}, + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to create folders.")), + }, + }, + }, + wantErr: false, + }, { name: "when path is nested", args: args{ cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCreateFolder) + access := bits[:] + return &access + }(), + }, ID: &[]byte{0, 1}, Server: &Server{ Config: &Config{ @@ -739,6 +779,14 @@ func TestHandleNewFolder(t *testing.T) { name: "when path is not nested", args: args{ cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCreateFolder) + access := bits[:] + return &access + }(), + }, ID: &[]byte{0, 1}, Server: &Server{ Config: &Config{ @@ -773,6 +821,14 @@ func TestHandleNewFolder(t *testing.T) { name: "when UnmarshalBinary returns an err", args: args{ cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCreateFolder) + access := bits[:] + return &access + }(), + }, ID: &[]byte{0, 1}, Server: &Server{ Config: &Config{ @@ -801,6 +857,14 @@ func TestHandleNewFolder(t *testing.T) { name: "fieldFileName does not allow directory traversal", args: args{ cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCreateFolder) + access := bits[:] + return &access + }(), + }, ID: &[]byte{0, 1}, Server: &Server{ Config: &Config{ @@ -834,6 +898,14 @@ func TestHandleNewFolder(t *testing.T) { name: "fieldFilePath does not allow directory traversal", args: args{ cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCreateFolder) + access := bits[:] + return &access + }(), + }, ID: &[]byte{0, 1}, Server: &Server{ Config: &Config{ @@ -882,6 +954,7 @@ func TestHandleNewFolder(t *testing.T) { t.Errorf("HandleNewFolder() error = %v, wantErr %v", err, tt.wantErr) return } + if !tranAssertEqual(t, tt.wantRes, gotRes) { t.Errorf("HandleNewFolder() gotRes = %v, want %v", gotRes, tt.wantRes) } @@ -1731,3 +1804,335 @@ func TestHandleDownloadFile(t *testing.T) { }) } } + +func TestHandleUpdateUser(t *testing.T) { + type args struct { + cc *ClientConn + t *Transaction + } + tests := []struct { + name string + args args + wantRes []Transaction + wantErr assert.ErrorAssertionFunc + }{ + { + name: "when action is create user without required permission", + args: args{ + cc: &ClientConn{ + Server: &Server{ + Logger: NewTestLogger(), + }, + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranUpdateUser, + &[]byte{0, 0}, + NewField(fieldData, []byte{ + 0x00, 0x04, // field count + + 0x00, 0x69, // fieldUserLogin = 105 + 0x00, 0x03, + 0x9d, 0x9d, 0x9d, + + 0x00, 0x6a, // fieldUserPassword = 106 + 0x00, 0x03, + 0x9c, 0x9c, 0x9c, + + 0x00, 0x66, // fieldUserName = 102 + 0x00, 0x03, + 0x61, 0x61, 0x61, + + 0x00, 0x6e, // fieldUserAccess = 110 + 0x00, 0x08, + 0x60, 0x70, 0x0c, 0x20, 0x03, 0x80, 0x00, 0x00, + }), + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to create new accounts.")), + }, + }, + }, + wantErr: assert.NoError, + }, + { + name: "when action is modify user without required permission", + args: args{ + cc: &ClientConn{ + Server: &Server{ + Logger: NewTestLogger(), + Accounts: map[string]*Account{ + "bbb": {}, + }, + }, + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranUpdateUser, + &[]byte{0, 0}, + NewField(fieldData, []byte{ + 0x00, 0x04, // field count + + 0x00, 0x69, // fieldUserLogin = 105 + 0x00, 0x03, + 0x9d, 0x9d, 0x9d, + + 0x00, 0x6a, // fieldUserPassword = 106 + 0x00, 0x03, + 0x9c, 0x9c, 0x9c, + + 0x00, 0x66, // fieldUserName = 102 + 0x00, 0x03, + 0x61, 0x61, 0x61, + + 0x00, 0x6e, // fieldUserAccess = 110 + 0x00, 0x08, + 0x60, 0x70, 0x0c, 0x20, 0x03, 0x80, 0x00, 0x00, + }), + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to modify accounts.")), + }, + }, + }, + wantErr: assert.NoError, + }, + { + name: "when action is delete user without required permission", + args: args{ + cc: &ClientConn{ + Server: &Server{ + Logger: NewTestLogger(), + Accounts: map[string]*Account{ + "bbb": {}, + }, + }, + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranUpdateUser, + &[]byte{0, 0}, + NewField(fieldData, []byte{ + 0x00, 0x01, + 0x00, 0x65, + 0x00, 0x03, + 0x88, 0x9e, 0x8b, + }), + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to delete accounts.")), + }, + }, + }, + wantErr: assert.NoError, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotRes, err := HandleUpdateUser(tt.args.cc, tt.args.t) + if !tt.wantErr(t, err, fmt.Sprintf("HandleUpdateUser(%v, %v)", tt.args.cc, tt.args.t)) { + return + } + + tranAssertEqual(t, tt.wantRes, gotRes) + }) + } +} + +func TestHandleDelNewsArt(t *testing.T) { + type args struct { + cc *ClientConn + t *Transaction + } + tests := []struct { + name string + args args + wantRes []Transaction + wantErr assert.ErrorAssertionFunc + }{ + { + name: "without required permission", + args: args{ + cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranDelNewsArt, + &[]byte{0, 0}, + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to delete news articles.")), + }, + }, + }, + wantErr: assert.NoError, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotRes, err := HandleDelNewsArt(tt.args.cc, tt.args.t) + if !tt.wantErr(t, err, fmt.Sprintf("HandleDelNewsArt(%v, %v)", tt.args.cc, tt.args.t)) { + return + } + tranAssertEqual(t, tt.wantRes, gotRes) + }) + } +} + +func TestHandleDisconnectUser(t *testing.T) { + type args struct { + cc *ClientConn + t *Transaction + } + tests := []struct { + name string + args args + wantRes []Transaction + wantErr assert.ErrorAssertionFunc + }{ + { + name: "without required permission", + args: args{ + cc: &ClientConn{ + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranDelNewsArt, + &[]byte{0, 0}, + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("You are not allowed to disconnect users.")), + }, + }, + }, + wantErr: assert.NoError, + }, + { + name: "when target user has 'cannot be disconnected' priv", + args: args{ + cc: &ClientConn{ + Server: &Server{ + Clients: map[uint16]*ClientConn{ + uint16(1): { + Account: &Account{ + Login: "unnamed", + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessCannotBeDiscon) + access := bits[:] + return &access + }(), + }, + }, + }, + }, + Account: &Account{ + Access: func() *[]byte { + var bits accessBitmap + bits.Set(accessDisconUser) + access := bits[:] + return &access + }(), + }, + }, + t: NewTransaction( + tranDelNewsArt, + &[]byte{0, 0}, + NewField(fieldUserID, []byte{0, 1}), + ), + }, + wantRes: []Transaction{ + { + Flags: 0x00, + IsReply: 0x01, + Type: []byte{0, 0x00}, + ID: []byte{0x9a, 0xcb, 0x04, 0x42}, + ErrorCode: []byte{0, 0, 0, 1}, + Fields: []Field{ + NewField(fieldError, []byte("unnamed is not allowed to be disconnected.")), + }, + }, + }, + wantErr: assert.NoError, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotRes, err := HandleDisconnectUser(tt.args.cc, tt.args.t) + if !tt.wantErr(t, err, fmt.Sprintf("HandleDisconnectUser(%v, %v)", tt.args.cc, tt.args.t)) { + return + } + tranAssertEqual(t, tt.wantRes, gotRes) + }) + } +}