From 90f966bed94ee1af23c70618a097dcf581053167 Mon Sep 17 00:00:00 2001 From: Gert-Jan Timmer Date: Fri, 1 Jun 2018 11:28:29 +0200 Subject: [PATCH] Add additional tests Reference: #580 --- sqlite3_opt_userauth_test.go | 157 +++++++++++++++++++++++++++++++---- 1 file changed, 141 insertions(+), 16 deletions(-) diff --git a/sqlite3_opt_userauth_test.go b/sqlite3_opt_userauth_test.go index fcbcd56..4755550 100644 --- a/sqlite3_opt_userauth_test.go +++ b/sqlite3_opt_userauth_test.go @@ -9,7 +9,6 @@ package sqlite3 import ( "database/sql" - "fmt" "os" "testing" ) @@ -37,14 +36,19 @@ func TestAuthCreateDatabase(t *testing.T) { func TestAuthorization(t *testing.T) { tempFilename := TempFilename(t) - fmt.Println(tempFilename) - //defer os.Remove(tempFilename) + defer os.Remove(tempFilename) db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin") if err != nil { t.Fatal("Failed to open database:", err) } + // Dummy Query to force connection + if _, err := db.Exec("SELECT 1;"); err != nil { + t.Fatalf("Failed to connect: %s", err) + } + + // Add normal user to database if _, err := db.Exec("select auth_user_add('user', 'user', false);"); err != nil { t.Fatal(err) } @@ -53,32 +57,153 @@ func TestAuthorization(t *testing.T) { if err := db.QueryRow("select uname from sqlite_user where uname = 'user';").Scan(&uname); err != nil { t.Fatal(err) } - if uname != "user" { t.Fatal("Failed to create normal user") } db.Close() // Re-Open Database as User - // Add User should now fail because we are not admin db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth_user=user&_auth_pass=user") if err != nil { t.Fatal("Failed to open database:", err) } defer db.Close() - // Try to create normal user - var rv string - if err := db.QueryRow("select auth_user_add('user2', 'user2', false);").Scan(&rv); err != nil { + // Add User should now fail because we are not admin + var rv int + if err := db.QueryRow("select auth_user_add('user2', 'user2', false);").Scan(&rv); err != nil || rv == 0 { + if err != nil { + t.Fatal(err) + } + t.Fatal("Succeeded creating user, while not being admin, this is not supposed to work") + } + + // Try to create admin user + // Should also fail because we are not admin + if err := db.QueryRow("select auth_user_add('admin2', 'admin2', true);").Scan(&rv); err != nil || rv == 0 { + if err != nil { + t.Fatal(err) + } + t.Fatal("Succeeded creating admin, while not being admin, this is not supposed to work") + } +} + +func TestAuthorizationFailed(t *testing.T) { + tempFilename := TempFilename(t) + defer os.Remove(tempFilename) + + db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin") + if err != nil { + t.Fatal("Failed to open database:", err) + } + + // Dummy Query to force connection + if _, err := db.Exec("SELECT 1;"); err != nil { + t.Fatalf("Failed to connect: %s", err) + } + db.Close() + + db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=invalid") + if err != nil { + t.Fatal("Failed to open database:", err) + } + defer db.Close() + + // Dummy Query to issue connection + if _, err := db.Exec("SELECT 1;"); err != nil && err != ErrUnauthorized { + t.Fatalf("Failed to connect: %s", err) + } +} + +func TestAuthUserModify(t *testing.T) { + tempFilename := TempFilename(t) + defer os.Remove(tempFilename) + + var rv int + + db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin") + if err != nil { + t.Fatal("Failed to open database:", err) + } + + // Dummy Query to force connection + if _, err := db.Exec("SELECT 1;"); err != nil { + t.Fatalf("Failed to connect: %s", err) + } + + if err := db.QueryRow("select auth_user_add('user', 'user', false);").Scan(&rv); err != nil || rv != 0 { + if err != nil { + t.Fatal(err) + } + t.Fatal("Failed to create normal user") + } + + if err := db.QueryRow("select auth_user_change('admin', 'nimda', true);").Scan(&rv); err != nil || rv != 0 { + if err != nil { + t.Fatal(err) + } + t.Fatal("Failed to change password") + } + db.Close() + + // Re-Connect with new credentials + db, err = sql.Open("sqlite3", "file:"+tempFilename+"?_auth_user=admin&_auth_pass=nimda") + if err != nil { + t.Fatal("Failed to open database:", err) + } + + if err := db.QueryRow("select count(uname) from sqlite_user where uname = 'admin';").Scan(&rv); err != nil { t.Fatal(err) } - fmt.Printf("RV: %v\n", rv) - // if rv != SQLITE_AUTH { - // t.Fatal("Succeeded creating user while not admin") - // } + defer db.Close() - // // Try to create admin user - // if _, err := db.Exec("select auth_user_add('admin2', 'admin2', true);"); err != nil { - // t.Fatal(err) - // } + // Dummy Query to force connection to test authorization + if _, err := db.Exec("SELECT 1;"); err != nil && err != ErrUnauthorized { + t.Fatalf("Failed to connect: %s", err) + } +} + +func TestAuthUserDelete(t *testing.T) { + tempFilename := TempFilename(t) + defer os.Remove(tempFilename) + + var rv int + + db, err := sql.Open("sqlite3", "file:"+tempFilename+"?_auth&_auth_user=admin&_auth_pass=admin") + if err != nil { + t.Fatal("Failed to open database:", err) + } + defer db.Close() + + // Dummy Query to force connection to test authorization + if _, err := db.Exec("SELECT 1;"); err != nil { + t.Fatalf("Failed to connect: %s", err) + } + + // Add User + if _, err := db.Exec("select auth_user_add('user', 'user', false);"); err != nil { + t.Fatal(err) + } + + // Verify, their should be now 2 users + var users int + if err := db.QueryRow("select count(uname) from sqlite_user;").Scan(&users); err != nil { + t.Fatal(err) + } + if users != 2 { + t.Fatal("Failed to add user") + } + + // Delete User + if _, err := db.Exec("select auth_user_delete('user');"); err != nil { + t.Fatal(err) + } + + // Verify their should now only be 1 user remaining, the current logged in admin user + if err := db.QueryRow("select count(uname) from sqlite_user;").Scan(&users); err != nil { + t.Fatal(err) + } + if users != 1 { + t.Fatal("Failed to delete user") + } }