(t *testing.T)
| 17 | ) |
| 18 | |
| 19 | func TestUserParam(t *testing.T) { |
| 20 | t.Parallel() |
| 21 | setup := func(t *testing.T) (database.Store, *httptest.ResponseRecorder, *http.Request) { |
| 22 | var ( |
| 23 | db, _ = dbtestutil.NewDB(t) |
| 24 | r = httptest.NewRequest("GET", "/", nil) |
| 25 | rw = httptest.NewRecorder() |
| 26 | ) |
| 27 | user := dbgen.User(t, db, database.User{}) |
| 28 | _, token := dbgen.APIKey(t, db, database.APIKey{ |
| 29 | UserID: user.ID, |
| 30 | }) |
| 31 | r.Header.Set(codersdk.SessionTokenHeader, token) |
| 32 | |
| 33 | return db, rw, r |
| 34 | } |
| 35 | |
| 36 | t.Run("None", func(t *testing.T) { |
| 37 | t.Parallel() |
| 38 | db, rw, r := setup(t) |
| 39 | |
| 40 | httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{ |
| 41 | DB: db, |
| 42 | RedirectToLogin: false, |
| 43 | })(http.HandlerFunc(func(rw http.ResponseWriter, returnedRequest *http.Request) { |
| 44 | r = returnedRequest |
| 45 | })).ServeHTTP(rw, r) |
| 46 | |
| 47 | httpmw.ExtractUserParam(db)(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { |
| 48 | rw.WriteHeader(http.StatusOK) |
| 49 | })).ServeHTTP(rw, r) |
| 50 | res := rw.Result() |
| 51 | defer res.Body.Close() |
| 52 | require.Equal(t, http.StatusBadRequest, res.StatusCode) |
| 53 | }) |
| 54 | |
| 55 | t.Run("NotMe", func(t *testing.T) { |
| 56 | t.Parallel() |
| 57 | db, rw, r := setup(t) |
| 58 | |
| 59 | httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{ |
| 60 | DB: db, |
| 61 | RedirectToLogin: false, |
| 62 | })(http.HandlerFunc(func(rw http.ResponseWriter, returnedRequest *http.Request) { |
| 63 | r = returnedRequest |
| 64 | })).ServeHTTP(rw, r) |
| 65 | |
| 66 | routeContext := chi.NewRouteContext() |
| 67 | routeContext.URLParams.Add("user", "ben") |
| 68 | r = r.WithContext(context.WithValue(r.Context(), chi.RouteCtxKey, routeContext)) |
| 69 | httpmw.ExtractUserParam(db)(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { |
| 70 | rw.WriteHeader(http.StatusOK) |
| 71 | })).ServeHTTP(rw, r) |
| 72 | res := rw.Result() |
| 73 | defer res.Body.Close() |
| 74 | // User "ben" doesn't exist, so expect 404. |
| 75 | require.Equal(t, http.StatusNotFound, res.StatusCode) |
| 76 | }) |
nothing calls this directly
no test coverage detected