diff options
author | Toby Vincent <tobyv@tobyvin.dev> | 2024-05-07 12:34:50 -0500 |
---|---|---|
committer | Toby Vincent <tobyv@tobyvin.dev> | 2024-05-07 12:34:50 -0500 |
commit | 1dbe3776c682f469d1497247fac22f0aa233a598 (patch) | |
tree | 6edbeae2f431b76066d9679525da15415042cbc2 /src/api/users.rs | |
parent | aac78e11339db945f3bb81ad40bc71d021bcd754 (diff) |
Diffstat (limited to 'src/api/users.rs')
-rw-r--r-- | src/api/users.rs | 53 |
1 files changed, 33 insertions, 20 deletions
diff --git a/src/api/users.rs b/src/api/users.rs index e73e229..e07bf7e 100644 --- a/src/api/users.rs +++ b/src/api/users.rs @@ -81,13 +81,9 @@ pub async fn create( pub async fn show( Path(uuid): Path<Uuid>, State(pool): State<PgPool>, - AccessClaims { sub, .. }: AccessClaims, + _: AccessClaims, ) -> Result<impl IntoResponse, Error> { - if uuid != sub { - return Err(Error::InvalidToken); - } - - sqlx::query_as!(User, "SELECT * FROM user_ WHERE id = $1 LIMIT 1", sub) + sqlx::query_as!(User, "SELECT * FROM user_ WHERE id = $1 LIMIT 1", uuid) .fetch_optional(&pool) .await? .ok_or_else(|| Error::UserNotFound) @@ -102,7 +98,7 @@ mod tests { body::Body, http::{ header::{CONTENT_TYPE, COOKIE}, - HeaderValue, Request, StatusCode, + Request, StatusCode, }, Router, }; @@ -121,14 +117,17 @@ mod tests { const USER_PASSWORD: &str = "solongandthanksforallthefish"; #[sqlx::test(fixtures(path = "../../fixtures", scripts("users")))] - async fn test_uuid_ok(pool: PgPool) -> TestResult { + async fn test_get_ok_self(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); let request = Request::builder() .uri(format!("/users/{}", USER_ID)) - .header(COOKIE, HeaderValue::try_from(AccessClaims::issue(USER_ID))?) + .header( + COOKIE, + AccessClaims::issue(USER_ID).as_cookie()?.to_string(), + ) .body(Body::empty())?; let response = router.oneshot(request).await?; @@ -147,26 +146,40 @@ mod tests { Ok(()) } - #[sqlx::test] - async fn test_uuid_not_found(pool: PgPool) -> TestResult { + #[sqlx::test(fixtures(path = "../../fixtures", scripts("users")))] + async fn test_get_ok_other(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); let request = Request::builder() .uri(format!("/users/{}", USER_ID)) - .header(COOKIE, HeaderValue::try_from(AccessClaims::issue(USER_ID))?) + .header( + COOKIE, + AccessClaims::issue(uuid::Uuid::new_v4()) + .as_cookie()? + .to_string(), + ) .body(Body::empty())?; let response = router.oneshot(request).await?; - assert_eq!(StatusCode::NOT_FOUND, response.status()); + assert_eq!(StatusCode::OK, response.status()); + + let body_bytes = response.into_body().collect().await?.to_bytes(); + let User { + id, name, email, .. + } = serde_json::from_slice(&body_bytes)?; + + assert_eq!(USER_ID, id); + assert_eq!(USER_NAME, name); + assert_eq!(USER_EMAIL, email); Ok(()) } #[sqlx::test] - async fn test_unauthorized_invalid_token_signature(pool: PgPool) -> TestResult { + async fn test_get_not_found(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); @@ -175,19 +188,19 @@ mod tests { .uri(format!("/users/{}", USER_ID)) .header( COOKIE, - HeaderValue::try_from(AccessClaims::issue(uuid::Uuid::new_v4()))?, + AccessClaims::issue(USER_ID).as_cookie()?.to_string(), ) .body(Body::empty())?; let response = router.oneshot(request).await?; - assert_eq!(StatusCode::UNAUTHORIZED, response.status()); + assert_eq!(StatusCode::NOT_FOUND, response.status()); Ok(()) } #[sqlx::test] - async fn test_unauthorized_invalid_token_format(pool: PgPool) -> TestResult { + async fn test_get_unauthorized_invalid_token_format(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); @@ -205,7 +218,7 @@ mod tests { } #[sqlx::test] - async fn test_unauthorized_missing_token(pool: PgPool) -> TestResult { + async fn test_get_unauthorized_missing_token(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); @@ -222,7 +235,7 @@ mod tests { } #[sqlx::test] - async fn test_create_created(pool: PgPool) -> TestResult { + async fn test_post_created(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); @@ -253,7 +266,7 @@ mod tests { } #[sqlx::test(fixtures(path = "../../fixtures", scripts("users")))] - async fn test_create_conflict(pool: PgPool) -> TestResult { + async fn test_post_conflict(pool: PgPool) -> TestResult { setup_test_env(); let router = Router::new().merge(router()).with_state(AppState { pool }); |