Add test for userinfo and fix broken tests

2026-05-07 00:46:52 +00:00 · 2022-03-29 15:58:27 +05:30
parent 60199e3f4e
commit 49ce1ca5a1
2 changed files with 106 additions and 20 deletions
--- a/pkg/service/user.go
+++ b/pkg/service/user.go
@@ -394,6 +394,7 @@ func (s *userService) GetUserInfo(ctx context.Context, user *userv3.User) (*user
 		return &userv3.UserInfo{}, err
 	}

+	roleMap := map[string][]string{}
 	if usr, ok := entity.(*models.KratosIdentities); ok {
 		user, err := s.identitiesModelToUser(ctx, s.db, user, usr)
 		if err != nil {
@@ -410,30 +411,36 @@ func (s *userService) GetUserInfo(ctx context.Context, user *userv3.User) (*user
 		}
 		permissions := []*userv3.Permission{}
 		for _, p := range user.Spec.ProjectNamespaceRoles {
-			role, err := dao.GetIdByName(ctx, s.db, p.Role, &models.Role{})
-			if err != nil {
-				return &userv3.UserInfo{}, err
-			}
-			if rle, ok := role.(*models.Role); ok {
+			rps, ok := roleMap[p.Role]
+			if !ok {
+				role, err := dao.GetIdByName(ctx, s.db, p.Role, &models.Role{})
+				if err != nil {
+					return &userv3.UserInfo{}, err
+				}
+				rle, ok := role.(*models.Role)
+				if !ok {
+					_log.Warn("unable to lookup existing role '%v'", p.Role)
+					return &userv3.UserInfo{}, err
+				}
 				rpms, err := dao.GetRolePermissions(ctx, s.db, rle.ID)
 				if err != nil {
 					return &userv3.UserInfo{}, err
 				}
-				rps := []string{}
 				for _, r := range rpms {
 					rps = append(rps, r.Name)
 				}
-				permissions = append(
-					permissions,
-					// TODO: rename permissions to permission
-					&userv3.Permission{
-						Project:     p.Project,
-						Namespace:   p.Namespace,
-						Role:        p.Role,
-						Permissions: rps,
-					},
-				)
+				roleMap[p.Role] = rps
 			}
+			permissions = append(
+				permissions,
+				// TODO: rename permissions to permission
+				&userv3.Permission{
+					Project:     p.Project,
+					Namespace:   p.Namespace,
+					Role:        p.Role,
+					Permissions: rps,
+				},
+			)
 		}
 		userinfo.Spec.Permission = permissions
 		return userinfo, nil
--- a/pkg/service/user_test.go
+++ b/pkg/service/user_test.go
@@ -275,6 +275,73 @@ func TestUserGetByName(t *testing.T) {
 	performBasicAuthProviderChecks(t, *ap, 0, 0, 0, 0)
 }

+func TestUserGetInfo(t *testing.T) {
+	db, mock := getDB(t)
+	defer db.Close()
+
+	ap := &mockAuthProvider{}
+	mazc := mockAuthzClient{}
+	us := NewUserService(ap, db, &mazc, nil, common.CliConfigDownloadData{})
+
+	uuuid := uuid.New().String()
+	fakeuuuid := uuid.New().String()
+	puuid := uuid.New().String()
+	ouuid := uuid.New().String()
+	guuid := uuid.New().String()
+	ruuid := uuid.New().String()
+	pruuid := uuid.New().String()
+
+	mock.ExpectQuery(`SELECT "identities"."id", "identities"."schema_id", .*WHERE .traits ->> 'email' = 'user-` + uuuid + `'.`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id", "traits"}).AddRow(uuuid, []byte(`{"email":"johndoe@provider.com", "first_name": "John", "last_name": "Doe", "organization_id": "`+ouuid+`", "partner_id": "`+puuid+`", "description": "My awesome user"}`)))
+	mock.ExpectQuery(`SELECT "group"."id".* FROM "authsrv_group" AS "group" JOIN authsrv_groupaccount ON authsrv_groupaccount.group_id="group".id WHERE .authsrv_groupaccount.account_id = '` + uuuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"name"}).
+		AddRow("group-" + guuid).AddRow("group2-" + guuid))
+	mock.ExpectQuery(`SELECT authsrv_resourcerole.name as role FROM "authsrv_accountresourcerole" JOIN authsrv_resourcerole ON authsrv_resourcerole.id=authsrv_accountresourcerole.role_id WHERE .authsrv_accountresourcerole.account_id = '` + uuuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"role"}).AddRow("role-" + ruuid))
+	mock.ExpectQuery(`SELECT authsrv_resourcerole.name as role, authsrv_project.name as project FROM "authsrv_projectaccountresourcerole" JOIN authsrv_resourcerole ON authsrv_resourcerole.id=authsrv_projectaccountresourcerole.role_id JOIN authsrv_project ON authsrv_project.id=authsrv_projectaccountresourcerole.project_id WHERE .authsrv_projectaccountresourcerole.account_id = '` + uuuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"role", "project"}).AddRow("role-"+ruuid, "project-"+pruuid))
+	mock.ExpectQuery(`SELECT authsrv_resourcerole.name as role, authsrv_project.name as project, namespace_id as namespace FROM "authsrv_projectaccountnamespacerole" JOIN authsrv_resourcerole ON authsrv_resourcerole.id=authsrv_projectaccountnamespacerole.role_id JOIN authsrv_project ON authsrv_project.id=authsrv_projectaccountnamespacerole.project_id WHERE .authsrv_projectaccountnamespacerole.account_id = '` + uuuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"role", "project", "namespace"}).AddRow("role-"+ruuid, "project-"+pruuid, 9))
+	mock.ExpectQuery(`SELECT "resourcerole"."id" FROM "authsrv_resourcerole" AS "resourcerole" WHERE .name = 'role-` + ruuid + `'. AND .trash = FALSE.`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id", "name"}).AddRow(ruuid, "role-"+ruuid))
+	mock.ExpectQuery(`SELECT authsrv_resourcepermission.name as name FROM "authsrv_resourcepermission" JOIN authsrv_resourcerolepermission ON authsrv_resourcerolepermission.resource_permission_id=authsrv_resourcepermission.id WHERE .authsrv_resourcerolepermission.resource_role_id = '` + ruuid + `'. AND .authsrv_resourcepermission.trash = FALSE. AND .authsrv_resourcerolepermission.trash = FALSE.`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"name"}).AddRow("account.read").AddRow("account.write"))
+
+	user := &userv3.User{
+		Metadata: &v3.Metadata{Partner: "partner-" + puuid, Organization: "org-" + ouuid, Name: "user-" + fakeuuuid},
+	}
+	ctx := context.WithValue(context.Background(), common.SessionDataKey, &commonv3.SessionData{Username: "user-" + uuuid})
+	userinfo, err := us.GetUserInfo(ctx, user)
+
+	if err != nil {
+		t.Fatal("could not get user:", err)
+	}
+
+	fmt.Println("userinfo:", userinfo)
+	if userinfo.Metadata.Name != "johndoe@provider.com" {
+		t.Errorf("incorrect username; expected '%v', got '%v'", "johndoe@provider.com", userinfo.Metadata.Name)
+	}
+	if userinfo.Spec.FirstName != "John" {
+		t.Errorf("incorrect first name; expected '%v', got '%v'", "John", userinfo.Spec.FirstName)
+	}
+	if userinfo.Spec.LastName != "Doe" {
+		t.Errorf("incorrect last name; expected '%v', got '%v'", "Doe", userinfo.Spec.LastName)
+	}
+	if len(userinfo.Spec.Groups) != 2 {
+		t.Errorf("incorrect number of groups; expected '%v', got '%v'", 2, len(userinfo.Spec.Groups))
+	}
+	if userinfo.Spec.Groups[0] != "group-"+guuid {
+		t.Errorf("incorrect group name; expected '%v', got '%v'", "group-"+guuid, userinfo.Spec.Groups[0])
+	}
+	if len(userinfo.Spec.Permission) != 3 {
+		t.Errorf("incorrect number of permissions; expected '%v', got '%v'", 3, len(userinfo.Spec.Permission))
+	}
+	if len(userinfo.Spec.Permission[0].Permissions) != 2 {
+		t.Errorf("incorrect number of permissions; expected '%v', got '%v'", 2, len(userinfo.Spec.Permission[0].Permissions))
+	}
+
+}
+
 func TestUserGetById(t *testing.T) {
 	db, mock := getDB(t)
 	defer db.Close()
@@ -339,7 +406,13 @@ func TestUserList(t *testing.T) {
 	ruuid := uuid.New().String()
 	pruuid := uuid.New().String()

-	mock.ExpectQuery(`SELECT "identities"."id",.* FROM "identities"`).
+	mock.ExpectQuery(`SELECT "partner"."id" FROM "authsrv_partner" AS "partner"`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id"}).AddRow(puuid))
+	mock.ExpectQuery(`SELECT "organization"."id" FROM "authsrv_organization" AS "organization"`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id"}).AddRow(ouuid))
+	mock.ExpectQuery(`SELECT DISTINCT account_id FROM "sentry_account_permission" WHERE .partner_id = '` + puuid + `'. AND .organization_id = '` + ouuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"account_id"}).AddRow(uuuid1).AddRow(uuuid2))
+	mock.ExpectQuery(`SELECT "identities"."id", .*WHERE .id IN .'` + uuuid1 + `', '` + uuuid2 + `'.. LIMIT 10`).
 		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id", "traits"}).
 		AddRow(uuuid1, []byte(`{"email":"johndoe@provider.com", "first_name": "John", "last_name": "Doe", "organization_id": "`+ouuid+`", "partner_id": "`+puuid+`", "description": "My awesome user"}`)).
 		AddRow(uuuid2, []byte(`{"email":"johndoe@provider.com", "first_name": "John", "last_name": "Doe", "organization_id": "`+ouuid+`", "partner_id": "`+puuid+`", "description": "My awesome user"}`)))
@@ -364,7 +437,7 @@ func TestUserList(t *testing.T) {
 	mock.ExpectQuery(`SELECT authsrv_resourcerole.name as role, authsrv_project.name as project, namespace_id as namespace FROM "authsrv_projectaccountnamespacerole" JOIN authsrv_resourcerole ON authsrv_resourcerole.id=authsrv_projectaccountnamespacerole.role_id JOIN authsrv_project ON authsrv_project.id=authsrv_projectaccountnamespacerole.project_id WHERE .authsrv_projectaccountnamespacerole.account_id = '` + uuuid2 + `'`).
 		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"role", "project", "namespace"}).AddRow("role-"+ruuid, "project-"+pruuid, 9))

-	qo := &commonv3.QueryOptions{}
+	qo := &commonv3.QueryOptions{Organization: ouuid, Partner: puuid}
 	userlist, err := us.List(context.Background(), query.WithOptions(qo))
 	if err != nil {
 		t.Fatal("could not list users:", err)
@@ -404,7 +477,13 @@ func TestUserFiletered(t *testing.T) {
 	ruuid := uuid.New().String()
 	pruuid := uuid.New().String()

-	mock.ExpectQuery(`SELECT "identities"."id", .*WHERE .traits ->> 'email' ILIKE '%filter-query%'. OR .traits ->> 'first_name' ILIKE '%filter-query%'. OR .traits ->> 'last_name' ILIKE '%filter-query%'. ORDER BY "traits ->> 'email' asc" LIMIT 50 OFFSET 20`).
+	mock.ExpectQuery(`SELECT "partner"."id" FROM "authsrv_partner" AS "partner"`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id"}).AddRow(puuid))
+	mock.ExpectQuery(`SELECT "organization"."id" FROM "authsrv_organization" AS "organization"`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id"}).AddRow(ouuid))
+	mock.ExpectQuery(`SELECT DISTINCT account_id FROM "sentry_account_permission" WHERE .partner_id = '` + puuid + `'. AND .organization_id = '` + ouuid + `'`).
+		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"account_id"}).AddRow(uuuid1).AddRow(uuuid2))
+	mock.ExpectQuery(`SELECT "identities"."id", .*WHERE .id IN .'` + uuuid1 + `', '` + uuuid2 + `'.. AND .traits ->> 'email' ILIKE '%filter-query%'. OR .traits ->> 'first_name' ILIKE '%filter-query%'. OR .traits ->> 'last_name' ILIKE '%filter-query%'. ORDER BY "traits ->> 'email' asc" LIMIT 50 OFFSET 20`).
 		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"id", "traits"}).
 		AddRow(uuuid1, []byte(`{"email":"johndoe@provider.com", "first_name": "John", "last_name": "Doe", "organization_id": "`+ouuid+`", "partner_id": "`+puuid+`", "description": "My awesome user"}`)).
 		AddRow(uuuid2, []byte(`{"email":"johndoe@provider.com", "first_name": "John", "last_name": "Doe", "organization_id": "`+ouuid+`", "partner_id": "`+puuid+`", "description": "My awesome user"}`)))
@@ -429,7 +508,7 @@ func TestUserFiletered(t *testing.T) {
 	mock.ExpectQuery(`SELECT authsrv_resourcerole.name as role, authsrv_project.name as project, namespace_id as namespace FROM "authsrv_projectaccountnamespacerole" JOIN authsrv_resourcerole ON authsrv_resourcerole.id=authsrv_projectaccountnamespacerole.role_id JOIN authsrv_project ON authsrv_project.id=authsrv_projectaccountnamespacerole.project_id WHERE .authsrv_projectaccountnamespacerole.account_id = '` + uuuid2 + `'`).
 		WithArgs().WillReturnRows(sqlmock.NewRows([]string{"role", "project", "namespace"}).AddRow("role-"+ruuid, "project-"+pruuid, 9))

-	qo := &commonv3.QueryOptions{Q: "filter-query", Limit: 50, Offset: 20, OrderBy: "email", Order: "asc"}
+	qo := &commonv3.QueryOptions{Q: "filter-query", Limit: 50, Offset: 20, OrderBy: "email", Order: "asc", Organization: ouuid, Partner: puuid}
 	userlist, err := us.List(context.Background(), query.WithOptions(qo))
 	if err != nil {
 		t.Fatal("could not list users:", err)