-
1
-
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
-
333
-
334
-
335
-
336
-
337
-
338
-
339
-
340
-
341
-
342
-
343
-
344
-
345
-
346
-
347
-
348
-
349
-
350
-
351
-
352
-
353
-
354
-
355
-
356
-
357
-
358
-
359
-
360
-
361
-
362
-
363
-
364
-
365
-
366
-
367
-
368
-
369
-
370
-
371
-
372
-
373
-
374
-
375
-
376
-
377
-
378
-
379
// SPDX-FileCopyrightText: 2025 Shota FUJI <pockawoooh@gmail.com>
// SPDX-License-Identifier: AGPL-3.0-only
//go:build !js && !wasm
package v2
import (
"context"
"reflect"
"testing"
"connectrpc.com/connect"
"google.golang.org/protobuf/proto"
workspaceV2 "pocka.jp/x/yamori/proto/go/workspace/v2"
"pocka.jp/x/yamori/proto/go/workspace/v2/v2connect"
)
func TestDeleteUserGetOK(t *testing.T) {
server, jar := setupLogin(t)
httpClient := server.Client()
httpClient.Jar = jar
client := v2connect.NewWorkspaceServiceClient(httpClient, server.URL())
creation, err := client.CreateUser(
context.Background(),
connect.NewRequest(&workspaceV2.CreateUserRequest{
Name: proto.String("bob"),
DisplayName: proto.String("Bob"),
Password: proto.String("bob_password"),
}),
)
if err != nil {
t.Fatal(err)
}
created, ok := creation.Msg.Result.(*workspaceV2.CreateUserResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(creation.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
deletion, err := client.DeleteUser(
context.Background(),
connect.NewRequest(&workspaceV2.DeleteUserRequest{
Id: created.Ok.Id,
}),
)
if err != nil {
t.Fatal(err)
}
deleted, ok := deletion.Msg.Result.(*workspaceV2.DeleteUserResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(deletion.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
if deleted.Ok.Id.GetValue() != created.Ok.Id.GetValue() {
t.Fatalf("Expected ID=%s, got ID=%s", created.Ok.Id.GetValue(), deleted.Ok.Id.GetValue())
}
getting, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
get, ok := getting.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(getting.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
for _, u := range get.Ok.Users {
if u.Id.GetValue() == created.Ok.Id.GetValue() {
t.Errorf("User not deleted: ID=%s still exists", created.Ok.Id.GetValue())
}
}
}
func TestDeleteUserInsufficientPermission(t *testing.T) {
server, jar := setupLogin(t)
httpClient := server.Client()
httpClient.Jar = jar
client := v2connect.NewWorkspaceServiceClient(httpClient, server.URL())
bob, err := client.CreateUser(
context.Background(),
connect.NewRequest(&workspaceV2.CreateUserRequest{
Name: proto.String("bob"),
DisplayName: proto.String("Bob"),
Password: proto.String("bob_password"),
Permissions: &workspaceV2.UserPermissions{
CanAddUser: proto.Bool(true),
},
}),
)
if err != nil {
t.Fatal(err)
}
v, ok := bob.Msg.Result.(*workspaceV2.CreateUserResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(bob.Msg.Result))
t.Errorf("Expected ok, got %s", typeName.Type().Name())
}
if v.Ok.GetName() != "bob" {
t.Errorf("Expected bob, got %s", v.Ok.GetName())
}
bobLogin, err := client.Login(
context.Background(),
connect.NewRequest(&workspaceV2.LoginRequest{
Name: proto.String("bob"),
Password: proto.String("bob_password"),
}),
)
if err != nil {
t.Fatal(err)
}
if _, ok := bobLogin.Msg.Result.(*workspaceV2.LoginResponse_Ok); !ok {
typeName := reflect.Indirect(reflect.ValueOf(bobLogin.Msg.Result))
t.Errorf("Expected ok, got %s", typeName.Type().Name())
}
creation, err := client.CreateUser(
context.Background(),
connect.NewRequest(&workspaceV2.CreateUserRequest{
Name: proto.String("carol"),
DisplayName: proto.String("Carol"),
Password: proto.String("carol_password"),
}),
)
created, ok := creation.Msg.Result.(*workspaceV2.CreateUserResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(creation.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
deletion, err := client.DeleteUser(
context.Background(),
connect.NewRequest(&workspaceV2.DeleteUserRequest{
Id: created.Ok.Id,
}),
)
if err != nil {
t.Fatal(err)
}
_, ok = deletion.Msg.Result.(*workspaceV2.DeleteUserResponse_PermissionError)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(deletion.Msg.Result))
t.Fatalf("Expected permission_error, got %s", typeName.Type().Name())
}
getting, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
get, ok := getting.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(getting.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
for _, u := range get.Ok.Users {
if u.Id.GetValue() == created.Ok.Id.GetValue() {
return
}
}
t.Errorf("User deleted: Cannot find ID=%s", created.Ok.Id.GetValue())
}
func TestDeleteUserRejectsRegularUserDeleteingAdmin(t *testing.T) {
server, jar := setupLogin(t)
httpClient := server.Client()
httpClient.Jar = jar
client := v2connect.NewWorkspaceServiceClient(httpClient, server.URL())
gettingBefore, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
before, ok := gettingBefore.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(gettingBefore.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
var adminID string
for _, u := range before.Ok.Users {
if u.GetIsAdmin() {
adminID = u.Id.GetValue()
break
}
}
if adminID == "" {
t.Fatal("No admin found: test helper did not create admin user")
}
bob, err := client.CreateUser(
context.Background(),
connect.NewRequest(&workspaceV2.CreateUserRequest{
Name: proto.String("bob"),
DisplayName: proto.String("Bob"),
Password: proto.String("bob_password"),
Permissions: &workspaceV2.UserPermissions{
CanDeleteRegularUser: proto.Bool(true),
},
}),
)
if err != nil {
t.Fatal(err)
}
v, ok := bob.Msg.Result.(*workspaceV2.CreateUserResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(bob.Msg.Result))
t.Errorf("Expected ok, got %s", typeName.Type().Name())
}
if v.Ok.GetName() != "bob" {
t.Errorf("Expected bob, got %s", v.Ok.GetName())
}
bobLogin, err := client.Login(
context.Background(),
connect.NewRequest(&workspaceV2.LoginRequest{
Name: proto.String("bob"),
Password: proto.String("bob_password"),
}),
)
if err != nil {
t.Fatal(err)
}
if _, ok := bobLogin.Msg.Result.(*workspaceV2.LoginResponse_Ok); !ok {
typeName := reflect.Indirect(reflect.ValueOf(bobLogin.Msg.Result))
t.Errorf("Expected ok, got %s", typeName.Type().Name())
}
deletion, err := client.DeleteUser(
context.Background(),
connect.NewRequest(&workspaceV2.DeleteUserRequest{
Id: &workspaceV2.UserID{
Value: proto.String(adminID),
},
}),
)
if err != nil {
t.Fatal(err)
}
_, ok = deletion.Msg.Result.(*workspaceV2.DeleteUserResponse_PermissionError)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(deletion.Msg.Result))
t.Fatalf("Expected permission_error, got %s", typeName.Type().Name())
}
gettingAfter, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
after, ok := gettingAfter.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(gettingAfter.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
for _, u := range after.Ok.Users {
if u.Id.GetValue() == adminID {
return
}
}
t.Errorf("User deleted: Cannot find ID=%s", adminID)
}
func TestDeleteUserRejectsOnlyAdminDeletingSelf(t *testing.T) {
server, jar := setupLogin(t)
httpClient := server.Client()
httpClient.Jar = jar
client := v2connect.NewWorkspaceServiceClient(httpClient, server.URL())
gettingBefore, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
before, ok := gettingBefore.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(gettingBefore.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
var adminID string
for _, u := range before.Ok.Users {
if u.GetIsAdmin() {
adminID = u.Id.GetValue()
break
}
}
if adminID == "" {
t.Fatal("No admin found: test helper did not create admin user")
}
deletion, err := client.DeleteUser(
context.Background(),
connect.NewRequest(&workspaceV2.DeleteUserRequest{
Id: &workspaceV2.UserID{
Value: proto.String(adminID),
},
}),
)
if err != nil {
t.Fatal(err)
}
_, ok = deletion.Msg.Result.(*workspaceV2.DeleteUserResponse_YouAreTheOnlyAdmin)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(deletion.Msg.Result))
t.Fatalf("Expected you_are_the_only_admin, got %s", typeName.Type().Name())
}
gettingAfter, err := client.Get(
context.Background(),
connect.NewRequest(&workspaceV2.GetRequest{}),
)
if err != nil {
t.Fatal(err)
}
after, ok := gettingAfter.Msg.Result.(*workspaceV2.GetResponse_Ok)
if !ok {
typeName := reflect.Indirect(reflect.ValueOf(gettingAfter.Msg.Result))
t.Fatalf("Expected ok, got %s", typeName.Type().Name())
}
for _, u := range after.Ok.Users {
if u.Id.GetValue() == adminID {
return
}
}
t.Errorf("User deleted: Cannot find ID=%s", adminID)
}