extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-03-03 17:31:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

add different users

Browse Source
This commit is contained in:
Pascal Fischer 2024-11-25 15:07:58 +01:00
parent 426b38a2e0
commit 63b000c3b7
4 changed files with 431 additions and 153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
management/server/http/posture_checks_handler_test.go
View File

@ -70,7 +70,7 @@ func initPostureChecksTestData(postureChecks ...*posture.Checks) *PostureChecksH
return claims.AccountId, claims.UserId, nil
},
},
geolocationManager: &geolocation.geolocationImpl{},
geolocationManager: &geolocation.GeolocationMock{},
claimsExtractor: jwtclaims.NewClaimsExtractor(
jwtclaims.WithFromRequestContext(func(r *http.Request) jwtclaims.AuthorizationClaims {
return jwtclaims.AuthorizationClaims{

549
management/server/http/setupkeys_integration_test.go
View File

@ -25,12 +25,20 @@ import (
)
const (
testAccountId = "testUserId"
testUserId = "testAccountId"
testAccountId = "testAccountId"
testPeerId = "testPeerId"
testGroupId = "testGroupId"
testKeyId = "testKeyId"
testUserId = "testUserId"
testAdminId = "testAdminId"
testOwnerId = "testOwnerId"
testServiceUserId = "testServiceUserId"
testServiceAdminId = "testServiceAdminId"
blockedUserId = "blockedUserId"
otherUserId = "otherUserId"
invalidToken = "invalidToken"
newKeyName = "newKey"
newGroupId = "newGroupId"
expiresIn = 3600
@ -42,6 +50,54 @@ const (
func Test_SetupKeys_Create(t *testing.T) {
truePointer := true
users := []struct {
name string
userId string
expectResponse bool
}{
{
name: "Regular user",
userId: testUserId,
expectResponse: false,
},
{
name: "Admin user",
userId: testAdminId,
expectResponse: true,
},
{
name: "Owner user",
userId: testOwnerId,
expectResponse: true,
},
{
name: "Regular service user",
userId: testServiceUserId,
expectResponse: false,
},
{
name: "Admin service user",
userId: testServiceAdminId,
expectResponse: true,
},
{
name: "Blocked user",
userId: blockedUserId,
expectResponse: false,
},
{
name: "Other user",
userId: otherUserId,
expectResponse: false,
},
{
name: "Invalid token",
userId: invalidToken,
expectResponse: false,
},
}
tt := []struct {
name string
expectedStatus int
@ -49,6 +105,7 @@ func Test_SetupKeys_Create(t *testing.T) {
requestBody *api.CreateSetupKeyRequest
requestType string
requestPath string
userId string
}{
{
name: "Create Setup Key",
@ -256,47 +313,96 @@ func Test_SetupKeys_Create(t *testing.T) {
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
for _, user := range users {
t.Run(user.name+" - "+tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
body, err := json.Marshal(tc.requestBody)
if err != nil {
t.Fatalf("Failed to marshal request body: %v", err)
}
req := buildRequest(t, body, tc.requestType, tc.requestPath)
body, err := json.Marshal(tc.requestBody)
if err != nil {
t.Fatalf("Failed to marshal request body: %v", err)
}
req := buildRequest(t, body, tc.requestType, tc.requestPath, user.userId)
recorder := httptest.NewRecorder()
recorder := httptest.NewRecorder()
apiHandler.ServeHTTP(recorder, req)
apiHandler.ServeHTTP(recorder, req)
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus)
if noResponseExpected {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
content, expectResponse := readResponse(t, recorder, tc.expectedStatus, user.expectResponse)
if !expectResponse {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
validateCreatedKey(t, tc.expectedResponse, got)
validateCreatedKey(t, tc.expectedResponse, got)
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
}
}
}
func Test_SetupKeys_Update(t *testing.T) {
users := []struct {
name string
userId string
expectResponse bool
}{
{
name: "Regular user",
userId: testUserId,
expectResponse: false,
},
{
name: "Admin user",
userId: testAdminId,
expectResponse: true,
},
{
name: "Owner user",
userId: testOwnerId,
expectResponse: true,
},
{
name: "Regular service user",
userId: testServiceUserId,
expectResponse: false,
},
{
name: "Admin service user",
userId: testServiceAdminId,
expectResponse: true,
},
{
name: "Blocked user",
userId: blockedUserId,
expectResponse: false,
},
{
name: "Other user",
userId: otherUserId,
expectResponse: false,
},
{
name: "Invalid token",
userId: invalidToken,
expectResponse: false,
},
}
tt := []struct {
name string
expectedStatus int
@ -492,48 +598,97 @@ func Test_SetupKeys_Update(t *testing.T) {
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
for _, user := range users {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
body, err := json.Marshal(tc.requestBody)
if err != nil {
t.Fatalf("Failed to marshal request body: %v", err)
}
body, err := json.Marshal(tc.requestBody)
if err != nil {
t.Fatalf("Failed to marshal request body: %v", err)
}
req := buildRequest(t, body, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1))
req := buildRequest(t, body, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1), user.userId)
recorder := httptest.NewRecorder()
recorder := httptest.NewRecorder()
apiHandler.ServeHTTP(recorder, req)
apiHandler.ServeHTTP(recorder, req)
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus)
if noResponseExpected {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
content, expectResponse := readResponse(t, recorder, tc.expectedStatus, user.expectResponse)
if !expectResponse {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
validateCreatedKey(t, tc.expectedResponse, got)
validateCreatedKey(t, tc.expectedResponse, got)
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
}
}
}
func Test_SetupKeys_Get(t *testing.T) {
users := []struct {
name string
userId string
expectResponse bool
}{
{
name: "Regular user",
userId: testUserId,
expectResponse: false,
},
{
name: "Admin user",
userId: testAdminId,
expectResponse: true,
},
{
name: "Owner user",
userId: testOwnerId,
expectResponse: true,
},
{
name: "Regular service user",
userId: testServiceUserId,
expectResponse: false,
},
{
name: "Admin service user",
userId: testServiceAdminId,
expectResponse: true,
},
{
name: "Blocked user",
userId: blockedUserId,
expectResponse: false,
},
{
name: "Other user",
userId: otherUserId,
expectResponse: false,
},
{
name: "Invalid token",
userId: invalidToken,
expectResponse: false,
},
}
tt := []struct {
name string
expectedStatus int
@ -622,43 +777,92 @@ func Test_SetupKeys_Get(t *testing.T) {
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
for _, user := range users {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
req := buildRequest(t, []byte{}, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1))
req := buildRequest(t, []byte{}, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1), user.userId)
recorder := httptest.NewRecorder()
recorder := httptest.NewRecorder()
apiHandler.ServeHTTP(recorder, req)
apiHandler.ServeHTTP(recorder, req)
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus)
if noResponseExpected {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus, user.expectResponse)
if noResponseExpected {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
validateCreatedKey(t, tc.expectedResponse, got)
validateCreatedKey(t, tc.expectedResponse, got)
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
if err != nil {
return
}
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
validateCreatedKey(t, tc.expectedResponse, toResponseBody(key))
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
}
}
}
func Test_SetupKeys_GetAll(t *testing.T) {
users := []struct {
name string
userId string
expectResponse bool
}{
{
name: "Regular user",
userId: testUserId,
expectResponse: false,
},
{
name: "Admin user",
userId: testAdminId,
expectResponse: true,
},
{
name: "Owner user",
userId: testOwnerId,
expectResponse: true,
},
{
name: "Regular service user",
userId: testServiceUserId,
expectResponse: false,
},
{
name: "Admin service user",
userId: testServiceAdminId,
expectResponse: true,
},
{
name: "Blocked user",
userId: blockedUserId,
expectResponse: false,
},
{
name: "Other user",
userId: otherUserId,
expectResponse: false,
},
{
name: "Invalid token",
userId: invalidToken,
expectResponse: false,
},
}
tt := []struct {
name string
expectedStatus int
@ -725,53 +929,102 @@ func Test_SetupKeys_GetAll(t *testing.T) {
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
for _, user := range users {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
req := buildRequest(t, []byte{}, tc.requestType, tc.requestPath)
req := buildRequest(t, []byte{}, tc.requestType, tc.requestPath, user.userId)
recorder := httptest.NewRecorder()
recorder := httptest.NewRecorder()
apiHandler.ServeHTTP(recorder, req)
apiHandler.ServeHTTP(recorder, req)
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus)
if noResponseExpected {
return
}
got := []api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
sort.Slice(got, func(i, j int) bool {
return got[i].UsageLimit < got[j].UsageLimit
})
sort.Slice(tc.expectedResponse, func(i, j int) bool {
return tc.expectedResponse[i].UsageLimit < tc.expectedResponse[j].UsageLimit
})
for i, _ := range tc.expectedResponse {
validateCreatedKey(t, tc.expectedResponse[i], &got[i])
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got[i].Id)
if err != nil {
content, expectResponse := readResponse(t, recorder, tc.expectedStatus, user.expectResponse)
if !expectResponse {
return
}
got := []api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
validateCreatedKey(t, tc.expectedResponse[i], toResponseBody(key))
}
sort.Slice(got, func(i, j int) bool {
return got[i].UsageLimit < got[j].UsageLimit
})
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
sort.Slice(tc.expectedResponse, func(i, j int) bool {
return tc.expectedResponse[i].UsageLimit < tc.expectedResponse[j].UsageLimit
})
for i, _ := range tc.expectedResponse {
validateCreatedKey(t, tc.expectedResponse[i], &got[i])
key, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got[i].Id)
if err != nil {
return
}
validateCreatedKey(t, tc.expectedResponse[i], toResponseBody(key))
}
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
}
}
}
func Test_SetupKeys_Delete(t *testing.T) {
users := []struct {
name string
userId string
expectResponse bool
}{
{
name: "Regular user",
userId: testUserId,
expectResponse: false,
},
{
name: "Admin user",
userId: testAdminId,
expectResponse: true,
},
{
name: "Owner user",
userId: testOwnerId,
expectResponse: true,
},
{
name: "Regular service user",
userId: testServiceUserId,
expectResponse: false,
},
{
name: "Admin service user",
userId: testServiceAdminId,
expectResponse: true,
},
{
name: "Blocked user",
userId: blockedUserId,
expectResponse: false,
},
{
name: "Other user",
userId: otherUserId,
expectResponse: false,
},
{
name: "Invalid token",
userId: invalidToken,
expectResponse: false,
},
}
tt := []struct {
name string
expectedStatus int
@ -860,33 +1113,35 @@ func Test_SetupKeys_Delete(t *testing.T) {
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
for _, user := range users {
t.Run(tc.name, func(t *testing.T) {
apiHandler, am, done := buildApiBlackBoxWithDBState(t, "testdata/setup_keys.sql", nil)
req := buildRequest(t, []byte{}, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1))
req := buildRequest(t, []byte{}, tc.requestType, strings.Replace(tc.requestPath, "{id}", tc.requestId, 1), user.userId)
recorder := httptest.NewRecorder()
recorder := httptest.NewRecorder()
apiHandler.ServeHTTP(recorder, req)
apiHandler.ServeHTTP(recorder, req)
content, noResponseExpected := readResponse(t, recorder, tc.expectedStatus)
if noResponseExpected {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
content, expectResponse := readResponse(t, recorder, tc.expectedStatus, user.expectResponse)
if !expectResponse {
return
}
got := &api.SetupKey{}
if err := json.Unmarshal(content, &got); err != nil {
t.Fatalf("Sent content is not in correct json format; %v", err)
}
_, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
assert.Errorf(t, err, "Expected error when trying to get deleted key")
_, err := am.GetSetupKey(context.Background(), testAccountId, testUserId, got.Id)
assert.Errorf(t, err, "Expected error when trying to get deleted key")
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
select {
case <-done:
case <-time.After(time.Second):
t.Error("timeout waiting for peerShouldNotReceiveUpdate")
}
})
}
}
}
@ -926,16 +1181,16 @@ func buildApiBlackBoxWithDBState(t *testing.T, sqlFile string, expectedPeerUpdat
return apiHandler, am, done
}
func buildRequest(t *testing.T, requestBody []byte, requestType, requestPath string) *http.Request {
func buildRequest(t *testing.T, requestBody []byte, requestType, requestPath, user string) *http.Request {
t.Helper()
req := httptest.NewRequest(requestType, requestPath, bytes.NewBuffer(requestBody))
req.Header.Set("Authorization", "Bearer "+"my.dummy.token")
req.Header.Set("Authorization", "Bearer "+user)
return req
}
func readResponse(t *testing.T, recorder *httptest.ResponseRecorder, expectedStatus int) ([]byte, bool) {
func readResponse(t *testing.T, recorder *httptest.ResponseRecorder, expectedStatus int, expectResponse bool) ([]byte, bool) {
t.Helper()
res := recorder.Result()
@ -946,12 +1201,16 @@ func readResponse(t *testing.T, recorder *httptest.ResponseRecorder, expectedSta
t.Fatalf("Failed to read response body: %v", err)
}
if !expectResponse {
return nil, false
}
if status := recorder.Code; status != expectedStatus {
t.Fatalf("handler returned wrong status code: got %v want %v, content: %s",
status, expectedStatus, string(content))
}
return content, expectedStatus != http.StatusOK
return content, expectedStatus == http.StatusOK
}
func validateCreatedKey(t *testing.T, expectedKey *api.SetupKey, got *api.SetupKey) {

12
management/server/http/testdata/setup_keys.sql vendored
View File

@ -1,15 +1,23 @@
CREATE TABLE `accounts` (`id` text,`created_by` text,`created_at` datetime,`domain` text,`domain_category` text,`is_domain_primary_account` numeric,`network_identifier` text,`network_net` text,`network_dns` text,`network_serial` integer,`dns_settings_disabled_management_groups` text,`settings_peer_login_expiration_enabled` numeric,`settings_peer_login_expiration` integer,`settings_regular_users_view_blocked` numeric,`settings_groups_propagation_enabled` numeric,`settings_jwt_groups_enabled` numeric,`settings_jwt_groups_claim_name` text,`settings_jwt_allow_groups` text,`settings_extra_peer_approval_enabled` numeric,`settings_extra_integrated_validator_groups` text,PRIMARY KEY (`id`));
CREATE TABLE `setup_keys` (`id` text,`account_id` text,`key` text,`key_secret` text,`name` text,`type` text,`created_at` datetime,`expires_at` datetime,`updated_at` datetime,`revoked` numeric,`used_times` integer,`last_used` datetime,`auto_groups` text,`usage_limit` integer,`ephemeral` numeric,PRIMARY KEY (`id`),CONSTRAINT `fk_accounts_setup_keys_g` FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`));
CREATE TABLE `users` (`id` text,`account_id` text,`role` text,`is_service_user` numeric,`non_deletable` numeric,`service_user_name` text,`auto_groups` text,`blocked` numeric,`last_login` datetime,`created_at` datetime,`issued` text DEFAULT "api",`integration_ref_id` integer,`integration_ref_integration_type` text,PRIMARY KEY (`id`),CONSTRAINT `fk_accounts_users_g` FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`));
CREATE TABLE `peers` (`id` text,`account_id` text,`key` text,`setup_key` text,`ip` text,`meta_hostname` text,`meta_go_os` text,`meta_kernel` text,`meta_core` text,`meta_platform` text,`meta_os` text,`meta_os_version` text,`meta_wt_version` text,`meta_ui_version` text,`meta_kernel_version` text,`meta_network_addresses` text,`meta_system_serial_number` text,`meta_system_product_name` text,`meta_system_manufacturer` text,`meta_environment` text,`meta_files` text,`name` text,`dns_label` text,`peer_status_last_seen` datetime,`peer_status_connected` numeric,`peer_status_login_expired` numeric,`peer_status_requires_approval` numeric,`user_id` text,`ssh_key` text,`ssh_enabled` numeric,`login_expiration_enabled` numeric,`last_login` datetime,`created_at` datetime,`ephemeral` numeric,`location_connection_ip` text,`location_country_code` text,`location_city_name` text,`location_geo_name_id` integer,PRIMARY KEY (`id`),CONSTRAINT `fk_accounts_peers_g` FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`));
CREATE TABLE `groups` (`id` text,`account_id` text,`name` text,`issued` text,`peers` text,`integration_ref_id` integer,`integration_ref_integration_type` text,PRIMARY KEY (`id`),CONSTRAINT `fk_accounts_groups_g` FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`));
INSERT INTO accounts VALUES('testAccountId','','2024-10-02 16:01:38.210014+02:00','test.com','private',1,'testNetworkIdentifier','{"IP":"100.64.0.0","Mask":"//8AAA=="}','',0,'[]',0,86400000000000,0,0,0,'',NULL,NULL,NULL);
INSERT INTO users VALUES('testUserId','testAccountId','admin',0,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('testUserId','testAccountId','user',0,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('testAdminId','testAccountId','admin',0,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('testOwnerId','testAccountId','owner',0,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('testServiceUserId','testAccountId','user',1,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('testServiceAdminId','testAccountId','admin',1,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('blockedUserId','testAccountId','admin',0,0,'','[]',1,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO users VALUES('otherUserId','otherAccountId','admin',0,0,'','[]',0,'0001-01-01 00:00:00+00:00','2024-10-02 16:01:38.210678+02:00','api',0,'');
INSERT INTO peers VALUES('testPeerId','testAccountId','5rvhvriKJZ3S9oxYToVj5TzDM9u9y8cxg7htIMWlYAg=','72546A29-6BC8-4311-BCFC-9CDBF33F1A48','"100.64.114.31"','f2a34f6a4731','linux','Linux','11','unknown','Debian GNU/Linux','','0.12.0','','',NULL,'','','','{"Cloud":"","Platform":""}',NULL,'f2a34f6a4731','f2a34f6a4731','2023-03-02 09:21:02.189035775+01:00',0,0,0,'','ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzUUSYG/LGnV8zarb2SGN+tib/PZ+M7cL4WtTzUrTpk',0,1,'2023-03-01 19:48:19.817799698+01:00','2024-10-02 17:00:32.527947+02:00',0,'""','','',0);
INSERT INTO "groups" VALUES('testGroupId','testAccountId','testGroupName','api','[]',0,'');
INSERT INTO "groups" VALUES('newGroupId','testAccountId','newGroupName','api','[]',0,'');
CREATE TABLE `setup_keys` (`id` text,`account_id` text,`key` text,`key_secret` text,`name` text,`type` text,`created_at` datetime,`expires_at` datetime,`updated_at` datetime,`revoked` numeric,`used_times` integer,`last_used` datetime,`auto_groups` text,`usage_limit` integer,`ephemeral` numeric,PRIMARY KEY (`id`),CONSTRAINT `fk_accounts_setup_keys_g` FOREIGN KEY (`account_id`) REFERENCES `accounts`(`id`));
INSERT INTO setup_keys VALUES('testKeyId','testAccountId','testKey','testK****','existingKey','one-off','2021-08-19 20:46:20.005936822+02:00','2321-09-18 20:46:20.005936822+02:00','2021-08-19 20:46:20.005936822+02:00',0,0,'0001-01-01 00:00:00+00:00','["testGroupId"]',1,0);
INSERT INTO setup_keys VALUES('revokedKeyId','testAccountId','revokedKey','testK****','existingKey','reusable','2021-08-19 20:46:20.005936822+02:00','2321-09-18 20:46:20.005936822+02:00','2021-08-19 20:46:20.005936822+02:00',1,0,'0001-01-01 00:00:00+00:00','["testGroupId"]',3,0);
INSERT INTO setup_keys VALUES('expiredKeyId','testAccountId','expiredKey','testK****','existingKey','reusable','2021-08-19 20:46:20.005936822+02:00','1921-09-18 20:46:20.005936822+02:00','2021-08-19 20:46:20.005936822+02:00',0,1,'0001-01-01 00:00:00+00:00','["testGroupId"]',5,1);

21
management/server/jwtclaims/jwtValidator.go
View File

@ -319,11 +319,22 @@ type JwtValidatorMock struct{}
func (j *JwtValidatorMock) ValidateAndParse(ctx context.Context, token string) (*jwt.Token, error) {
claimMaps := jwt.MapClaims{}
claimMaps[UserIDClaim] = "testUserId"
claimMaps[AccountIDSuffix] = "testAccountId"
claimMaps[DomainIDSuffix] = "test.com"
claimMaps[DomainCategorySuffix] = "private"
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claimMaps)
switch token {
case "testUserId", "testAdminId", "testOwnerId", "testServiceUserId", "testServiceAdminId", "blockedUserId":
claimMaps[UserIDClaim] = token
claimMaps[AccountIDSuffix] = "testAccountId"
claimMaps[DomainIDSuffix] = "test.com"
claimMaps[DomainCategorySuffix] = "private"
case "otherUserId":
claimMaps[UserIDClaim] = "otherUserId"
claimMaps[AccountIDSuffix] = "otherAccountId"
claimMaps[DomainIDSuffix] = "other.com"
claimMaps[DomainCategorySuffix] = "private"
case "invalidToken":
return nil, errors.New("invalid token")
}
jwtToken := jwt.NewWithClaims(jwt.SigningMethodHS256, claimMaps)
return jwtToken, nil
}