(t *testing.T)
| 1000 | } |
| 1001 | |
| 1002 | func TestEnterpriseUserLogin(t *testing.T) { |
| 1003 | t.Parallel() |
| 1004 | |
| 1005 | // Login to a user with a custom organization role set. |
| 1006 | t.Run("CustomRole", func(t *testing.T) { |
| 1007 | t.Parallel() |
| 1008 | dv := coderdtest.DeploymentValues(t) |
| 1009 | ownerClient, owner := coderdenttest.New(t, &coderdenttest.Options{ |
| 1010 | Options: &coderdtest.Options{ |
| 1011 | DeploymentValues: dv, |
| 1012 | }, |
| 1013 | LicenseOptions: &coderdenttest.LicenseOptions{ |
| 1014 | Features: license.Features{ |
| 1015 | codersdk.FeatureCustomRoles: 1, |
| 1016 | }, |
| 1017 | }, |
| 1018 | }) |
| 1019 | |
| 1020 | ctx := testutil.Context(t, testutil.WaitShort) |
| 1021 | //nolint:gocritic // owner required |
| 1022 | customRole, err := ownerClient.CreateOrganizationRole(ctx, codersdk.Role{ |
| 1023 | Name: "custom-role", |
| 1024 | OrganizationID: owner.OrganizationID.String(), |
| 1025 | OrganizationPermissions: []codersdk.Permission{}, |
| 1026 | }) |
| 1027 | require.NoError(t, err, "create custom role") |
| 1028 | |
| 1029 | anotherClient, anotherUser := coderdtest.CreateAnotherUserMutators(t, ownerClient, owner.OrganizationID, []rbac.RoleIdentifier{ |
| 1030 | { |
| 1031 | Name: customRole.Name, |
| 1032 | OrganizationID: owner.OrganizationID, |
| 1033 | }, |
| 1034 | }, func(r *codersdk.CreateUserRequestWithOrgs) { |
| 1035 | r.Password = "SomeSecurePassword!" |
| 1036 | r.UserLoginType = codersdk.LoginTypePassword |
| 1037 | }) |
| 1038 | |
| 1039 | _, err = anotherClient.LoginWithPassword(ctx, codersdk.LoginWithPasswordRequest{ |
| 1040 | Email: anotherUser.Email, |
| 1041 | Password: "SomeSecurePassword!", |
| 1042 | }) |
| 1043 | require.NoError(t, err) |
| 1044 | }) |
| 1045 | |
| 1046 | // Login to a user with a custom organization role that no longer exists |
| 1047 | t.Run("DeletedRole", func(t *testing.T) { |
| 1048 | t.Parallel() |
| 1049 | |
| 1050 | // The dbauthz layer protects against deleted roles. So use the underlying |
| 1051 | // database directly to corrupt it. |
| 1052 | rawDB, pubsub := dbtestutil.NewDB(t) |
| 1053 | |
| 1054 | ownerClient, owner := coderdenttest.New(t, &coderdenttest.Options{ |
| 1055 | Options: &coderdtest.Options{ |
| 1056 | Database: rawDB, |
| 1057 | Pubsub: pubsub, |
| 1058 | }, |
| 1059 | LicenseOptions: &coderdenttest.LicenseOptions{ |
nothing calls this directly
no test coverage detected