Skip to content

Commit 84a20d3

Browse files
hugodutkahugodutka
committed
backend tests
1 parent be13c84 commit 84a20d3

File tree

1 file changed

+55
-9
lines changed

1 file changed

+55
-9
lines changed

coderd/userauth_test.go

Lines changed: 55 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"github.com/prometheus/client_golang/prometheus"
2323
"github.com/stretchr/testify/assert"
2424
"github.com/stretchr/testify/require"
25+
"go.uber.org/atomic"
2526
"golang.org/x/oauth2"
2627
"golang.org/x/xerrors"
2728

@@ -254,37 +255,64 @@ func TestUserOAuth2Github(t *testing.T) {
254255
})
255256
t.Run("BlockSignups", func(t *testing.T) {
256257
t.Parallel()
258+
259+
db, ps := dbtestutil.NewDB(t)
260+
261+
id := atomic.NewInt64(100)
262+
login := atomic.NewString("testuser")
263+
email := atomic.NewString("testuser@coder.com")
264+
257265
client := coderdtest.New(t, &coderdtest.Options{
266+
Database: db,
267+
Pubsub: ps,
258268
GithubOAuth2Config: &coderd.GithubOAuth2Config{
259269
OAuth2Config: &testutil.OAuth2Config{},
260270
AllowOrganizations: []string{"coder"},
261-
ListOrganizationMemberships: func(ctx context.Context, client *http.Client) ([]*github.Membership, error) {
271+
ListOrganizationMemberships: func(_ context.Context, _ *http.Client) ([]*github.Membership, error) {
262272
return []*github.Membership{{
263273
State: &stateActive,
264274
Organization: &github.Organization{
265275
Login: github.String("coder"),
266276
},
267277
}}, nil
268278
},
269-
AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) {
279+
AuthenticatedUser: func(_ context.Context, _ *http.Client) (*github.User, error) {
280+
id := id.Load()
281+
login := login.Load()
270282
return &github.User{
271-
ID: github.Int64(100),
272-
Login: github.String("testuser"),
283+
ID: &id,
284+
Login: &login,
273285
Name: github.String("The Right Honorable Sir Test McUser"),
274286
}, nil
275287
},
276-
ListEmails: func(ctx context.Context, client *http.Client) ([]*github.UserEmail, error) {
288+
ListEmails: func(_ context.Context, _ *http.Client) ([]*github.UserEmail, error) {
289+
email := email.Load()
277290
return []*github.UserEmail{{
278-
Email: github.String("testuser@coder.com"),
291+
Email: &email,
279292
Verified: github.Bool(true),
280293
Primary: github.Bool(true),
281294
}}, nil
282295
},
283296
},
284297
})
285298

299+
// The first user in a deployment with signups disabled will be allowed to sign up,
300+
// but all the other users will not.
286301
resp := oauth2Callback(t, client)
302+
require.Equal(t, http.StatusTemporaryRedirect, resp.StatusCode)
303+
304+
ctx := testutil.Context(t, testutil.WaitLong)
305+
306+
// nolint:gocritic // Unit test
307+
count, err := db.GetUserCount(dbauthz.AsSystemRestricted(ctx))
308+
require.NoError(t, err)
309+
require.Equal(t, int64(1), count)
310+
311+
id.Store(101)
312+
email.Store("someotheruser@coder.com")
313+
login.Store("someotheruser")
287314

315+
resp = oauth2Callback(t, client)
288316
require.Equal(t, http.StatusForbidden, resp.StatusCode)
289317
})
290318
t.Run("MultiLoginNotAllowed", func(t *testing.T) {
@@ -988,6 +1016,7 @@ func TestUserOIDC(t *testing.T) {
9881016
IgnoreEmailVerified bool
9891017
IgnoreUserInfo bool
9901018
UseAccessToken bool
1019+
PrecreateFirstUser bool
9911020
}{
9921021
{
9931022
Name: "NoSub",
@@ -1150,7 +1179,17 @@ func TestUserOIDC(t *testing.T) {
11501179
"email_verified": true,
11511180
"sub": uuid.NewString(),
11521181
},
1153-
StatusCode: http.StatusForbidden,
1182+
StatusCode: http.StatusForbidden,
1183+
PrecreateFirstUser: true,
1184+
},
1185+
{
1186+
Name: "FirstSignup",
1187+
IDTokenClaims: jwt.MapClaims{
1188+
"email": "kyle@kwc.io",
1189+
"email_verified": true,
1190+
"sub": uuid.NewString(),
1191+
},
1192+
StatusCode: http.StatusOK,
11541193
},
11551194
{
11561195
Name: "UsernameFromEmail",
@@ -1443,15 +1482,22 @@ func TestUserOIDC(t *testing.T) {
14431482
})
14441483
numLogs := len(auditor.AuditLogs())
14451484

1485+
ctx := testutil.Context(t, testutil.WaitShort)
1486+
if tc.PrecreateFirstUser {
1487+
owner.CreateFirstUser(ctx, codersdk.CreateFirstUserRequest{
1488+
Email: "precreated@coder.com",
1489+
Username: "precreated",
1490+
Password: "SomeSecurePassword!",
1491+
})
1492+
}
1493+
14461494
client, resp := fake.AttemptLogin(t, owner, tc.IDTokenClaims)
14471495
numLogs++ // add an audit log for login
14481496
require.Equal(t, tc.StatusCode, resp.StatusCode)
14491497
if tc.AssertResponse != nil {
14501498
tc.AssertResponse(t, resp)
14511499
}
14521500

1453-
ctx := testutil.Context(t, testutil.WaitShort)
1454-
14551501
if tc.AssertUser != nil {
14561502
user, err := client.User(ctx, "me")
14571503
require.NoError(t, err)

0 commit comments

Comments
 (0)