diff --git a/api/harborapi_test.go b/api/harborapi_test.go index a07254930..44d5be69c 100644 --- a/api/harborapi_test.go +++ b/api/harborapi_test.go @@ -12,8 +12,6 @@ import ( "net/http/httptest" "path/filepath" "runtime" - // "strconv" - // "strings" "github.com/astaxie/beego" "github.com/dghubble/sling" @@ -63,7 +61,9 @@ func init() { beego.Router("/api/search/", &SearchAPI{}) beego.Router("/api/projects/", &ProjectAPI{}, "get:List;post:Post;head:Head") beego.Router("/api/projects/:id", &ProjectAPI{}, "delete:Delete;get:Get") + beego.Router("/api/users/?:id", &UserAPI{}) beego.Router("/api/users/:id([0-9]+)/password", &UserAPI{}, "put:ChangePassword") + beego.Router("/api/users/:id/sysadmin", &UserAPI{}, "put:ToggleUserAdminRole") beego.Router("/api/projects/:id/publicity", &ProjectAPI{}, "put:ToggleProjectPublic") beego.Router("/api/projects/:id([0-9]+)/logs/filter", &ProjectAPI{}, "post:FilterAccessLog") beego.Router("/api/projects/:pid([0-9]+)/members/?:mid", &ProjectMemberAPI{}, "get:Get;post:Post;delete:Delete;put:Put") @@ -157,30 +157,6 @@ func (a api) ProjectsPost(prjUsr usrInfo, project apilib.ProjectReq) (int, error return httpStatusCode, err } -//Change password -//Implementation Notes -//Change the password on a user that already exists. -//@param userID user ID -//@param password user old and new password -//@return error -//func (a api) UsersUserIDPasswordPut (user usrInfo, userID int32, password apilib.Password) int { -func (a api) UsersUserIDPasswordPut(user usrInfo, userID int32, password apilib.Password) int { - - _sling := sling.New().Put(a.basePath) - - // create path and map variables - path := "/api/users/" + fmt.Sprintf("%d", userID) + "/password" - fmt.Printf("change passwd path: %s\n", path) - fmt.Printf("password %+v\n", password) - _sling = _sling.Path(path) - - // body params - _sling = _sling.BodyJSON(password) - - httpStatusCode, _, _ := request(_sling, jsonAcceptHeader, user) - return httpStatusCode -} - func (a api) StatisticGet(user usrInfo) (apilib.StatisticMap, error) { _sling := sling.New().Get(a.basePath) @@ -741,21 +717,114 @@ func (a api) DeletePolicyByID(authInfo usrInfo, policyID string) (int, error) { //} //Get registered users of Harbor. -//func (a HarborApi) UsersGet (userName string) ([]User, error) { -//} +func (a api) UsersGet(userName string, authInfo usrInfo) (int, []apilib.User, error) { + _sling := sling.New().Get(a.basePath) + // create path and map variables + path := "/api/users/" + _sling = _sling.Path(path) + // body params + type QueryParams struct { + UserName string `url:"username, omitempty"` + } + _sling = _sling.QueryStruct(&QueryParams{UserName: userName}) + httpStatusCode, body, err := request(_sling, jsonAcceptHeader, authInfo) + var successPayLoad []apilib.User + if 200 == httpStatusCode && nil == err { + err = json.Unmarshal(body, &successPayLoad) + } + return httpStatusCode, successPayLoad, err +} + +//Get registered users by userid. +func (a api) UsersGetByID(userName string, authInfo usrInfo, userID int) (int, apilib.User, error) { + _sling := sling.New().Get(a.basePath) + // create path and map variables + path := "/api/users/" + fmt.Sprintf("%d", userID) + _sling = _sling.Path(path) + // body params + type QueryParams struct { + UserName string `url:"username, omitempty"` + } + _sling = _sling.QueryStruct(&QueryParams{UserName: userName}) + httpStatusCode, body, err := request(_sling, jsonAcceptHeader, authInfo) + var successPayLoad apilib.User + if 200 == httpStatusCode && nil == err { + err = json.Unmarshal(body, &successPayLoad) + } + return httpStatusCode, successPayLoad, err +} //Creates a new user account. -//func (a HarborApi) UsersPost (user User) (error) { -//} +func (a api) UsersPost(user apilib.User, authInfo ...usrInfo) (int, error) { + _sling := sling.New().Post(a.basePath) + + // create path and map variables + path := "/api/users/" + + _sling = _sling.Path(path) + + // body params + _sling = _sling.BodyJSON(user) + var httpStatusCode int + var err error + if len(authInfo) > 0 { + httpStatusCode, _, err = request(_sling, jsonAcceptHeader, authInfo[0]) + } else { + httpStatusCode, _, err = request(_sling, jsonAcceptHeader) + } + return httpStatusCode, err + +} + +//Update a registered user to change profile. +func (a api) UsersPut(userID int, profile apilib.UserProfile, authInfo usrInfo) (int, error) { + _sling := sling.New().Put(a.basePath) + // create path and map variables + path := "/api/users/" + fmt.Sprintf("%d", userID) + _sling = _sling.Path(path) + + // body params + _sling = _sling.BodyJSON(profile) + httpStatusCode, _, err := request(_sling, jsonAcceptHeader, authInfo) + return httpStatusCode, err +} + +//Update a registered user to be an administrator of Harbor. +func (a api) UsersToggleAdminRole(userID int, authInfo usrInfo, hasAdminRole int32) (int, error) { + _sling := sling.New().Put(a.basePath) + // create path and map variables + path := "/api/users/" + fmt.Sprintf("%d", userID) + "/sysadmin" + _sling = _sling.Path(path) + type QueryParams struct { + HasAdminRole int32 `json:"has_admin_role,omitempty"` + } + + _sling = _sling.BodyJSON(&QueryParams{HasAdminRole: hasAdminRole}) + httpStatusCode, _, err := request(_sling, jsonAcceptHeader, authInfo) + return httpStatusCode, err +} + +//Update password of a registered user. +func (a api) UsersUpdatePassword(userID int, password apilib.Password, authInfo usrInfo) (int, error) { + _sling := sling.New().Put(a.basePath) + // create path and map variables + path := "/api/users/" + fmt.Sprintf("%d", userID) + "/password" + _sling = _sling.Path(path) + // body params + _sling = _sling.BodyJSON(password) + httpStatusCode, _, err := request(_sling, jsonAcceptHeader, authInfo) + return httpStatusCode, err +} //Mark a registered user as be removed. -//func (a HarborApi) UsersUserIdDelete (userId int32) (error) { -//} - -//Update a registered user to change to be an administrator of Harbor. -//func (a HarborApi) UsersUserIdPut (userId int32) (error) { -//} - +func (a api) UsersDelete(userID int, authInfo usrInfo) (int, error) { + _sling := sling.New().Delete(a.basePath) + // create path and map variables + path := "/api/users/" + fmt.Sprintf("%d", userID) + _sling = _sling.Path(path) + httpStatusCode, _, err := request(_sling, jsonAcceptHeader, authInfo) + return httpStatusCode, err +} func updateInitPassword(userID int, password string) error { queryUser := models.User{UserID: userID} user, err := dao.GetUser(queryUser) diff --git a/api/log_test.go b/api/log_test.go index 549fd1a25..bb19a2731 100644 --- a/api/log_test.go +++ b/api/log_test.go @@ -17,7 +17,6 @@ func TestLogGet(t *testing.T) { //prepare for test - admin := &usrInfo{"admin", "Harbor12345"} var project apilib.ProjectReq project.ProjectName = "my_project" project.Public = 1 diff --git a/api/statistic_test.go b/api/statistic_test.go index 94c54b5ac..17e2b9f5a 100644 --- a/api/statistic_test.go +++ b/api/statistic_test.go @@ -21,8 +21,6 @@ func TestStatisticGet(t *testing.T) { //prepare for test - admin := &usrInfo{"admin", "Harbor12345"} - var myProCount, pubProCount, totalProCount int32 result, err := apiTest.StatisticGet(*admin) if err != nil { diff --git a/api/user_test.go b/api/user_test.go new file mode 100644 index 000000000..4943b9949 --- /dev/null +++ b/api/user_test.go @@ -0,0 +1,395 @@ +package api + +import ( + "fmt" + "github.com/stretchr/testify/assert" + "github.com/vmware/harbor/tests/apitests/apilib" + "testing" +) + +var testUser0002ID, testUser0003ID int +var testUser0002, testUser0003 apilib.User +var testUser0002Auth, testUser0003Auth *usrInfo + +func TestUsersPost(t *testing.T) { + + fmt.Println("Testing User Add") + + assert := assert.New(t) + apiTest := newHarborAPI() + + //case 1: register a new user without admin auth, expect 400, because self registration is on + fmt.Println("Register user without admin auth") + code, err := apiTest.UsersPost(testUser0002) + if err != nil { + t.Error("Error occured while add a test User", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 2: register a new user with admin auth, but username is empty, expect 400 + fmt.Println("Register user with admin auth, but username is empty") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 3: register a new user with admin auth, but bad username format, expect 400 + testUser0002.Username = "test@$" + fmt.Println("Register user with admin auth, but bad username format") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 4: register a new user with admin auth, but bad userpassword format, expect 400 + testUser0002.Username = "testUser0002" + fmt.Println("Register user with admin auth, but bad userpassword format") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 5: register a new user with admin auth, but email is empty, expect 400 + testUser0002.Password = "testUser0002" + fmt.Println("Register user with admin auth, but email is empty") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 6: register a new user with admin auth, but bad email format, expect 400 + testUser0002.Email = "test..." + fmt.Println("Register user with admin auth, but bad email format") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 7: register a new user with admin auth, but userrealname is empty, expect 400 + testUser0002.Email = "testUser0002@mydomain.com" + fmt.Println("Register user with admin auth, but user realname is empty") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 8: register a new user with admin auth, but bad userrealname format, expect 400 + testUser0002.Realname = "test$com" + fmt.Println("Register user with admin auth, but bad user realname format") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 9: register a new user with admin auth, but bad user comment, expect 400 + testUser0002.Realname = "testUser0002" + testUser0002.Comment = "vmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm" + fmt.Println("Register user with admin auth, but bad user comment format") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Add user status should be 400") + } + + //case 10: register a new user with admin auth, expect 201 + fmt.Println("Register user with admin auth, right parameters") + testUser0002.Comment = "test user" + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(201, code, "Add user status should be 201") + } + + //case 11: register duplicate user with admin auth, expect 409 + fmt.Println("Register duplicate user with admin auth") + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(409, code, "Add user status should be 409") + } + + //case 12: register a new user with admin auth, but duplicate email, expect 409 + fmt.Println("Register user with admin auth, but duplicate email") + testUser0002.Username = "testUsertest" + testUser0002.Email = "testUser0002@mydomain.com" + code, err = apiTest.UsersPost(testUser0002, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(409, code, "Add user status should be 409") + } +} + +func TestUsersGet(t *testing.T) { + + fmt.Println("Testing User Get") + assert := assert.New(t) + apiTest := newHarborAPI() + + testUser0002.Username = "testUser0002" + //case 1: Get user2 with common auth, but no userid in path, expect 403 + + testUser0002Auth = &usrInfo{"testUser0002", "testUser0002"} + code, users, err := apiTest.UsersGet(testUser0002.Username, *testUser0002Auth) + if err != nil { + t.Error("Error occured while get users", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Get users status should be 403") + } + //case 2: Get user2 with admin auth, expect 200 + code, users, err = apiTest.UsersGet(testUser0002.Username, *admin) + if err != nil { + t.Error("Error occured while get users", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + assert.Equal(1, len(users), "Get users record should be 1 ") + testUser0002ID = users[0].UserId + } +} + +func TestUsersGetByID(t *testing.T) { + + fmt.Println("Testing User GetByID") + assert := assert.New(t) + apiTest := newHarborAPI() + + //case 1: Get user2 with userID and his own auth, expect 200 + code, user, err := apiTest.UsersGetByID(testUser0002.Username, *testUser0002Auth, testUser0002ID) + if err != nil { + t.Error("Error occured while get users", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + assert.Equal(testUser0002.Username, user.Username, "Get users username should be equal") + assert.Equal(testUser0002.Email, user.Email, "Get users email should be equal") + } + //case 2: Get user2 with user3 auth, expect 403 + testUser0003.Username = "testUser0003" + testUser0003.Email = "testUser0003@mydomain.com" + testUser0003.Password = "testUser0003" + testUser0003.Realname = "testUser0003" + code, err = apiTest.UsersPost(testUser0003, *admin) + if err != nil { + t.Error("Error occured while add a user", err.Error()) + t.Log(err) + } else { + assert.Equal(201, code, "Add user status should be 201") + } + + testUser0003Auth = &usrInfo{"testUser0003", "testUser0003"} + code, user, err = apiTest.UsersGetByID(testUser0002.Username, *testUser0003Auth, testUser0002ID) + if err != nil { + t.Error("Error occured while get users", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Get users status should be 403") + } + //case 3: Get user that does not exist with user2 auth, expect 404 not found. + code, user, err = apiTest.UsersGetByID(testUser0002.Username, *testUser0002Auth, 1000) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(404, code, "Get users status should be 404") + } + // Get user3ID in order to delete at the last of the test + code, users, err := apiTest.UsersGet(testUser0003.Username, *admin) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + assert.Equal(1, len(users), "Get users record should be 1") + testUser0003ID = users[0].UserId + } +} + +func TestUsersPut(t *testing.T) { + fmt.Println("Testing User Put") + assert := assert.New(t) + apiTest := newHarborAPI() + var profile apilib.UserProfile + //case 1: change user2 profile with user3 auth + code, err := apiTest.UsersPut(testUser0002ID, profile, *testUser0003Auth) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Get users status should be 403") + } + //case 2: change user2 profile with user2 auth, but bad parameters format. + code, err = apiTest.UsersPut(testUser0002ID, profile, *testUser0002Auth) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Get users status should be 400") + } + //case 3: change user2 profile with user2 auth, but duplicate email. + profile.Realname = "test user" + profile.Email = "testUser0003@mydomain.com" + profile.Comment = "change profile" + code, err = apiTest.UsersPut(testUser0002ID, profile, *testUser0002Auth) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(409, code, "Get users status should be 409") + } + //case 4: change user2 profile with user2 auth, right parameters format. + profile.Realname = "test user" + profile.Email = "testUser0002@vmware.com" + profile.Comment = "change profile" + code, err = apiTest.UsersPut(testUser0002ID, profile, *testUser0002Auth) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + } +} + +func TestUsersToggleAdminRole(t *testing.T) { + fmt.Println("Testing Toggle User Admin Role") + assert := assert.New(t) + apiTest := newHarborAPI() + //case 1: toggle user2 admin role without admin auth + code, err := apiTest.UsersToggleAdminRole(testUser0002ID, *testUser0002Auth, int32(1)) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Get users status should be 403") + } + //case 2: toggle user2 admin role with admin auth + code, err = apiTest.UsersToggleAdminRole(testUser0002ID, *admin, int32(1)) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + } +} +func TestUsersUpdatePassword(t *testing.T) { + fmt.Println("Testing Update User Password") + assert := assert.New(t) + apiTest := newHarborAPI() + password := apilib.Password{OldPassword: "", NewPassword: ""} + //case 1: update user2 password with user3 auth + code, err := apiTest.UsersUpdatePassword(testUser0002ID, password, *testUser0003Auth) + if err != nil { + t.Error("Error occured while update user password", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Update user password status should be 403") + } + //case 2: update user2 password with admin auth, but oldpassword is empty + code, err = apiTest.UsersUpdatePassword(testUser0002ID, password, *admin) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Get users status should be 400") + } + //case 3: update user2 password with admin auth, but oldpassword is wrong + password.OldPassword = "000" + code, err = apiTest.UsersUpdatePassword(testUser0002ID, password, *admin) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Get users status should be 403") + } + //case 4: update user2 password with admin auth, but newpassword is empty + password.OldPassword = "testUser0002" + code, err = apiTest.UsersUpdatePassword(testUser0002ID, password, *admin) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(400, code, "Get users status should be 400") + } + //case 5: update user2 password with admin auth, right parameters + password.NewPassword = "TestUser0002" + code, err = apiTest.UsersUpdatePassword(testUser0002ID, password, *admin) + if err != nil { + t.Error("Error occured while change user profile", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Get users status should be 200") + testUser0002.Password = password.NewPassword + testUser0002Auth.Passwd = password.NewPassword + } +} + +func TestUsersDelete(t *testing.T) { + + fmt.Println("Testing User Delete") + assert := assert.New(t) + apiTest := newHarborAPI() + + //case 1:delete user without admin auth + code, err := apiTest.UsersDelete(testUser0002ID, *testUser0003Auth) + if err != nil { + t.Error("Error occured while delete a testUser", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Delete testUser status should be 403") + } + //case 2: delete user with admin auth, user2 has already been toggled to admin, but can not delete himself + code, err = apiTest.UsersDelete(testUser0002ID, *testUser0002Auth) + if err != nil { + t.Error("Error occured while delete a testUser", err.Error()) + t.Log(err) + } else { + assert.Equal(403, code, "Delete testUser status should be 403") + } + //case 3: delete user with admin auth + code, err = apiTest.UsersDelete(testUser0002ID, *admin) + if err != nil { + t.Error("Error occured while delete a testUser", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Delete testUser status should be 200") + } + //delete user3 with admin auth + code, err = apiTest.UsersDelete(testUser0003ID, *admin) + if err != nil { + t.Error("Error occured while delete a testUser", err.Error()) + t.Log(err) + } else { + assert.Equal(200, code, "Delete testUser status should be 200") + } +} diff --git a/tests/apitests/apilib/user_profile.go b/tests/apitests/apilib/user_profile.go new file mode 100644 index 000000000..73fb82a0c --- /dev/null +++ b/tests/apitests/apilib/user_profile.go @@ -0,0 +1,31 @@ +/* + * Harbor API + * + * These APIs provide services for manipulating Harbor project. + * + * OpenAPI spec version: 0.3.0 + * + * Generated by: https://github.com/swagger-api/swagger-codegen.git + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package apilib + +type UserProfile struct { + Email string `json:"email,omitempty"` + + Realname string `json:"realname,omitempty"` + + Comment string `json:"comment,omitempty"` +}