diff --git a/dao/dao_test.go b/dao/dao_test.go index 5dccc51ea..2a8f5e47a 100644 --- a/dao/dao_test.go +++ b/dao/dao_test.go @@ -112,6 +112,7 @@ func clearUp(username string) { } const username string = "Tester01" +const password string = "Abc12345" const projectName string = "test_project" const repoTag string = "test1.1" const repoTag2 string = "test1.2" @@ -157,7 +158,7 @@ func TestRegister(t *testing.T) { user := models.User{ Username: username, Email: "tester01@vmware.com", - Password: "Abc12345", + Password: password, Realname: "tester01", Comment: "register", } @@ -184,6 +185,41 @@ func TestRegister(t *testing.T) { } } +func TestCheckUserPassword(t *testing.T) { + nonExistUser := models.User{ + Username: "non-exist", + } + correctUser := models.User{ + Username: username, + Password: password, + } + wrongPwd := models.User{ + Username: username, + Password: "wrong", + } + u, err := CheckUserPassword(nonExistUser) + if err != nil { + t.Errorf("Failed in CheckUserPassword: %v", err) + } + if u != nil { + t.Errorf("Expected nil for Non exist user, but actual: %+v", u) + } + u, err = CheckUserPassword(wrongPwd) + if err != nil { + t.Errorf("Failed in CheckUserPassword: %v", err) + } + if u != nil { + t.Errorf("Expected nil for user with wrong password, but actual: %+v", u) + } + u, err = CheckUserPassword(correctUser) + if err != nil { + t.Errorf("Failed in CheckUserPassword: %v", err) + } + if u == nil { + t.Errorf("User should not be nil for correct user") + } +} + func TestUserExists(t *testing.T) { var exists bool var err error @@ -672,6 +708,21 @@ func TestAddProjectMember(t *testing.T) { } } +func TestUpdateProjectMember(t *testing.T) { + err := UpdateProjectMember(currentProject.ProjectID, 1, models.GUEST) + if err != nil { + t.Errorf("Error occurred in UpdateProjectMember: %v", err) + } + roles, err := GetUserProjectRoles(1, currentProject.ProjectID) + if err != nil { + t.Errorf("Error occurred in GetUserProjectRoles: %v", err) + } + if roles[0].Name != "guest" { + t.Errorf("The user with ID 1 is not guest role after update, the acutal role: %s", roles[0].Name) + } + +} + func TestDeleteProjectMember(t *testing.T) { err := DeleteProjectMember(currentProject.ProjectID, 1) if err != nil { @@ -688,6 +739,23 @@ func TestDeleteProjectMember(t *testing.T) { } } +func TestGetRoleByID(t *testing.T) { + r, err := GetRoleByID(models.PROJECTADMIN) + if err != nil { + t.Errorf("Failed to call GetRoleByID: %v", err) + } + if r == nil || r.Name != "projectAdmin" || r.RoleCode != "MDRWS" { + t.Errorf("Role does not match for role id: %d, actual: %+v", models.PROJECTADMIN, r) + } + r, err = GetRoleByID(9999) + if err != nil { + t.Errorf("Failed to call GetRoleByID: %v", err) + } + if r != nil { + t.Errorf("Role should nil for non-exist id 9999, actual: %+v", r) + } +} + func TestToggleAdminRole(t *testing.T) { err := ToggleUserAdminRole(currentUser.UserID, 1) if err != nil { diff --git a/dao/user.go b/dao/user.go index 673f684b0..3022b55a8 100644 --- a/dao/user.go +++ b/dao/user.go @@ -111,7 +111,7 @@ func ListUsers(query models.User) ([]models.User, error) { // ToggleUserAdminRole gives a user admin role. func ToggleUserAdminRole(userID, hasAdmin int) error { o := GetOrmer() - queryParams := make([]interface{}, 1) + queryParams := make([]interface{}, 1) sql := `update user set sysadmin_flag = ? where user_id = ?` queryParams = append(queryParams, hasAdmin) queryParams = append(queryParams, userID) @@ -185,37 +185,24 @@ func UpdateUserResetUUID(u models.User) error { func CheckUserPassword(query models.User) (*models.User, error) { currentUser, err := GetUser(query) - if err != nil { return nil, err } - if currentUser == nil { return nil, nil } - sql := `select user_id, username, salt from user where deleted = 0` - + sql := `select user_id, username, salt from user where deleted = 0 and username = ? and password = ?` queryParam := make([]interface{}, 1) - - if query.UserID != 0 { - sql += ` and password = ? and user_id = ?` - queryParam = append(queryParam, utils.Encrypt(query.Password, currentUser.Salt)) - queryParam = append(queryParam, query.UserID) - } else { - sql += ` and username = ? and password = ?` - queryParam = append(queryParam, currentUser.Username) - queryParam = append(queryParam, utils.Encrypt(query.Password, currentUser.Salt)) - } + queryParam = append(queryParam, currentUser.Username) + queryParam = append(queryParam, utils.Encrypt(query.Password, currentUser.Salt)) o := GetOrmer() var user []models.User n, err := o.Raw(sql, queryParam).QueryRows(&user) - if err != nil { return nil, err } - if n == 0 { log.Warning("User principal does not match password. Current:", currentUser) return nil, nil