(t *testing.T)
| 1336 | } |
| 1337 | |
| 1338 | func TestUpdateUserPassword(t *testing.T) { |
| 1339 | t.Parallel() |
| 1340 | |
| 1341 | t.Run("MemberCantUpdateAdminPassword", func(t *testing.T) { |
| 1342 | t.Parallel() |
| 1343 | client := coderdtest.New(t, nil) |
| 1344 | owner := coderdtest.CreateFirstUser(t, client) |
| 1345 | member, _ := coderdtest.CreateAnotherUser(t, client, owner.OrganizationID) |
| 1346 | |
| 1347 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) |
| 1348 | defer cancel() |
| 1349 | |
| 1350 | err := member.UpdateUserPassword(ctx, owner.UserID.String(), codersdk.UpdateUserPasswordRequest{ |
| 1351 | Password: "newpassword", |
| 1352 | }) |
| 1353 | require.Error(t, err, "member should not be able to update admin password") |
| 1354 | }) |
| 1355 | |
| 1356 | t.Run("AdminCanUpdateMemberPassword", func(t *testing.T) { |
| 1357 | t.Parallel() |
| 1358 | client := coderdtest.New(t, nil) |
| 1359 | owner := coderdtest.CreateFirstUser(t, client) |
| 1360 | |
| 1361 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) |
| 1362 | defer cancel() |
| 1363 | |
| 1364 | member, err := client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{ |
| 1365 | Email: "coder@coder.com", |
| 1366 | Username: "coder", |
| 1367 | Password: "SomeStrongPassword!", |
| 1368 | OrganizationIDs: []uuid.UUID{owner.OrganizationID}, |
| 1369 | }) |
| 1370 | require.NoError(t, err, "create member") |
| 1371 | err = client.UpdateUserPassword(ctx, member.ID.String(), codersdk.UpdateUserPasswordRequest{ |
| 1372 | Password: "SomeNewStrongPassword!", |
| 1373 | }) |
| 1374 | require.NoError(t, err, "admin should be able to update member password") |
| 1375 | // Check if the member can login using the new password |
| 1376 | _, err = client.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{ |
| 1377 | Email: "coder@coder.com", |
| 1378 | Password: "SomeNewStrongPassword!", |
| 1379 | }) |
| 1380 | require.NoError(t, err, "member should login successfully with the new password") |
| 1381 | }) |
| 1382 | |
| 1383 | t.Run("AuditorCantUpdateOtherUserPassword", func(t *testing.T) { |
| 1384 | t.Parallel() |
| 1385 | client := coderdtest.New(t, nil) |
| 1386 | owner := coderdtest.CreateFirstUser(t, client) |
| 1387 | |
| 1388 | auditor, _ := coderdtest.CreateAnotherUser(t, client, owner.OrganizationID, rbac.RoleAuditor()) |
| 1389 | |
| 1390 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) |
| 1391 | defer cancel() |
| 1392 | |
| 1393 | member, err := client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{ |
| 1394 | Email: "coder@coder.com", |
| 1395 | Username: "coder", |
nothing calls this directly
no test coverage detected