extern crate dispatcher; use serde_json::json; use uuid::Uuid; #[tokio::test] async fn test1() { let admin1 = json!({"username": "rust22", "password": "rust", "stripe_access_code": "test", "data": {}}); let admin1_login = json!({"username": "rust22", "password": "rust"}); let admin2 = json!({"username": "rust23", "password": "rust", "stripe_access_code": "test", "data": {}}); let admin2_login = json!({"username": "rust23", "password": "rust"}); let platform1 = json!({"name": "test"}); let platform2 = json!({"name": "test2"}); let tenant1 = json!({"name": "test1", "stripe_customer_id": "test", "seats": 2, "data": {}}); let tenant2 = json!({"name": "test2", "stripe_customer_id": "test", "seats": 2, "data": {}}); let tenant3 = json!({"name": "test3", "stripe_customer_id": "test", "seats": 0, "data": {}}); let tenant_update1 = json!({"data": {"foo": "bar"}, "seats": 2}); let client = reqwest::Client::new(); // get health check - want success let res = client.get("http://localhost:8080/v1/health") .send().await.unwrap(); assert_eq!(res.status(), 200); // create admin 1 - want success let res = client.post("http://localhost:8080/v1/admins") .json(&admin1) .send().await.unwrap(); assert_eq!(res.status(), 200); // create admin 1 - want success let res = client.post("http://localhost:8080/v1/admins") .json(&admin2) .send().await.unwrap(); assert_eq!(res.status(), 200); // create admin 1 again - want failure let res = client.post("http://localhost:8080/v1/admins") .json(&admin1) .send().await.unwrap(); assert_eq!(res.status(), 400); // admin login for admin 1 - want success let res = client.post("http://localhost:8080/v1/admin_login") .json(&admin1_login) .send().await.unwrap(); assert_eq!(res.status(), 200); let token: dispatcher::Token = serde_json::from_str(&res.text().await.unwrap()).unwrap(); let bearer1 = format!("Bearer {}", token.jwt); // admin login for admin 2 - want success let res = client.post("http://localhost:8080/v1/admin_login") .json(&admin2_login) .send().await.unwrap(); assert_eq!(res.status(), 200); let token: dispatcher::Token = serde_json::from_str(&res.text().await.unwrap()).unwrap(); let bearer2 = format!("Bearer {}", token.jwt); // create platform without auth - want failure let res = client.post("http://localhost:8080/v1/platforms") .json(&platform1) .send().await.unwrap() .status(); assert_eq!(res, 400); // create platform without auth - want failure let res = client.post("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", "foo") .send().await.unwrap() .status(); assert_eq!(res, 401); // create platform without auth - want failure let res = client.post("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", "Bearer 1234") .send().await.unwrap() .status(); assert_eq!(res, 401); // create platform 1 with admin 1 - want success let res = client.post("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let platform1: dispatcher::PlatformCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create platform 1 with admin 1 - want success let res = client.post("http://localhost:8080/v1/platforms") .json(&platform2) .header("Authorization", &bearer2) .send().await.unwrap(); assert_eq!(res.status(), 200); let platform2: dispatcher::PlatformCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create platform with auth again - want failure let res = client.post("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", &bearer1) .send().await.unwrap() .status(); assert_eq!(res, 400); // get platforms without auth - want failure let res = client.get("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", "Bearer 1234") .send().await.unwrap() .status(); assert_eq!(res, 401); // get platforms with auth - want success let res = client.get("http://localhost:8080/v1/platforms") .json(&platform1) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let _ : dispatcher::Platforms = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create api key objects let api_key1 = json!({"name": "test", "platform_id": platform1.id}); let api_key2 = json!({"name": "test2", "platform_id": platform2.id}); let api_key3 = json!({"name": "test3", "platform_id": platform2.id}); // create api key with auth - want success let res = client.post("http://localhost:8080/v1/api_keys") .json(&api_key1) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let api_key_req1: dispatcher::APIKeyCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create api key with auth but same key name - want failure let res = client.post("http://localhost:8080/v1/api_keys") .json(&api_key1) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 400); // create api key with wrong admin - want failure let res = client.post("http://localhost:8080/v1/api_keys") .json(&api_key2) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 400); // create api key with auth - want success let res = client.post("http://localhost:8080/v1/api_keys") .json(&api_key2) .header("Authorization", &bearer2) .send().await.unwrap(); assert_eq!(res.status(), 200); let api_key_req2: dispatcher::APIKeyCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create api key with auth - want success let res = client.post("http://localhost:8080/v1/api_keys") .json(&api_key3) .header("Authorization", &bearer2) .send().await.unwrap(); assert_eq!(res.status(), 200); let api_key_req3: dispatcher::APIKeyCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // delete api key from admin 2 by admin 1 - want failure let u = format!("http://localhost:8080/v1/api_keys/{}", api_key_req3.id); let res = client.delete(&u) .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 400); // delete api key from admin 2 by admin 2 - want success let u = format!("http://localhost:8080/v1/api_keys/{}", api_key_req3.id); let res = client.delete(&u) .header("Authorization", &bearer2) .send().await.unwrap(); assert_eq!(res.status(), 200); // get api keys by admin 1 - want success let res = client.get("http://localhost:8080/v1/api_keys") .header("Authorization", &bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let _ : dispatcher::APIKeys = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create tenant with deleted key - want failure let res = client.post("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", &api_key_req3.id.to_string()) .json(&tenant1) .send().await.unwrap(); assert_eq!(res.status(), 401); // create tenant with fake key - want failure let res = client.post("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", "1234") .json(&tenant1) .send().await.unwrap(); assert_eq!(res.status(), 401); // create tenant with no key - want failure let res = client.post("http://localhost:8080/v1/tenants") .json(&tenant1) .send().await.unwrap(); assert_eq!(res.status(), 400); // create tenant with good key - want success let res = client.post("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .json(&tenant3) .send().await.unwrap(); assert_eq!(res.status(), 400); // create tenant with good key - want success let res = client.post("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .json(&tenant1) .send().await.unwrap(); assert_eq!(res.status(), 200); let tenant1: dispatcher::TenantCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create tenant with good key - want success let res = client.post("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", &api_key_req2.id.to_string()) .json(&tenant2) .send().await.unwrap(); assert_eq!(res.status(), 200); // let tenant2: dispatcher::TenantCreate = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // get tenant with bad auth - want failure let u = format!("http://localhost:8080/v1/tenants/{}", tenant1.id.to_string()); let res = client.get(&u) .header("X-Dispatcher-Auth", "1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // get tenant by admin 1 - want success let u = format!("http://localhost:8080/v1/tenants/{}", tenant1.id.to_string()); let res = client.get(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .send().await.unwrap(); assert_eq!(res.status(), 200); let _ : dispatcher::TenantCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // update tenant with bad auth - want failure let u = format!("http://localhost:8080/v1/tenants/{}", tenant1.id.to_string()); let res = client.put(&u) .json(&tenant_update1) .header("X-Dispatcher-Auth", "1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // update tenant by admin 1 - want success let u = format!("http://localhost:8080/v1/tenants/{}", tenant1.id.to_string()); let res = client.put(&u) .json(&tenant_update1) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .send().await.unwrap(); assert_eq!(res.status(), 200); let t_update1 : dispatcher::TenantUpdateResult = serde_json::from_str(&res.text().await.unwrap()).unwrap(); assert_eq!(t_update1.data, json!({"foo": "bar"})); assert_eq!(t_update1.seats, 2); // get tenants with bad auth - want failure let res = client.get("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", "1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // get tenants by admin 1 - want success let res = client.get("http://localhost:8080/v1/tenants") .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .send().await.unwrap(); assert_eq!(res.status(), 200); let _ : dispatcher::Tenants = serde_json::from_str(&res.text().await.unwrap()).unwrap(); let uuid1 = Uuid::new_v4(); let user1 = json!({"username": "rusty22", "password": "rust", "tenant_id": tenant1.id, "collection_id": uuid1}); let uuid2 = Uuid::new_v4(); let user2 = json!({"username": "rusty23", "password": "rust", "tenant_id": tenant1.id, "collection_id": uuid2}); let user1_login = json!({"username": "rusty22", "password": "rust"}); let _user2_login = json!({"username": "rusty23", "password": "rust"}); // create user with bad key - want failure let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); let res = client.post(&u) .header("X-Dispatcher-Auth", "1234") .json(&user1) .send().await.unwrap(); assert_eq!(res.status(), 401); // TODO: this tests fails as it just hits the unwrap and bombs // // create user with other user's key - want failure // let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); // let res = client.post(&u) // .header("X-Dispatcher-Auth", &api_key_req2.id.to_string()) // .json(&user1) // .send().await.unwrap(); // assert_eq!(res.status(), 401); // TODO: this tests fails as it just hits the unwrap and bombs // // create user with good key but other tenant id - want failure // let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant2.id.to_string()); // let res = client.post(&u) // .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) // .json(&user1) // .send().await.unwrap(); // assert_eq!(res.status(), 400); // create user with good key - want success let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); let res = client.post(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .json(&user1) .send().await.unwrap(); assert_eq!(res.status(), 200); let user_full1 : dispatcher::UserCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create user with good key - want success let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); let res = client.post(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .json(&user2) .send().await.unwrap(); assert_eq!(res.status(), 200); let _user_full2 : dispatcher::UserCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // create user with good key but too many users - want failure let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); let res = client.post(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .json(&user1) .send().await.unwrap(); assert_eq!(res.status(), 400); // revoke user with bad key - want failure let u = format!("http://localhost:8080/v1/users/{}", user_full1.id.to_string()); let res = client.delete(&u) .header("X-Dispatcher-Auth", "1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // revoke user - want success let u = format!("http://localhost:8080/v1/users/{}", user_full1.id.to_string()); let res = client.delete(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .send().await.unwrap(); assert_eq!(res.status(), 200); // TODO: this tests fails as it just hits the unwrap and bombs // // get users with bad key - want failure // let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); // let res = client.get(&u) // .header("X-Dispatcher-Auth", &api_key_req2.id.to_string()) // .send().await.unwrap(); // assert_eq!(res.status(), 400); // get users with good key - want success let u = format!("http://localhost:8080/v1/tenants/{}/users", tenant1.id.to_string()); let res = client.get(&u) .header("X-Dispatcher-Auth", &api_key_req1.id.to_string()) .send().await.unwrap(); assert_eq!(res.status(), 200); let _ : dispatcher::Users = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // user login for user 1 - want success let u = format!("http://localhost:8080/v1/platforms/{}/login", platform1.id.to_string()); let res = client.post(&u) .json(&user1_login) .send().await.unwrap(); assert_eq!(res.status(), 200); let token: dispatcher::Token = serde_json::from_str(&res.text().await.unwrap()).unwrap(); let user_bearer1 = format!("Bearer {}", token.jwt); // event let event1 = json!({"event": "foo", "collection_id": "112718d1-a0be-4468-b902-0749c3d964ae", "platform": false, "payment_amount": "", "payment_currency": "", "associated_collection_ids": [], "data": {"test": "test"}}); // publish for user 1 with bad key - want failure let u = format!("http://localhost:8080/v1/platforms/{}/publish", platform1.id.to_string()); let res = client.post(&u) .header("Authorization", "Bearer 1234") .json(&event1) .send().await.unwrap(); assert_eq!(res.status(), 401); // publish for for user 1 - want success let u = format!("http://localhost:8080/v1/platforms/{}/publish", platform1.id.to_string()); let res = client.post(&u) .header("Authorization", &user_bearer1) .json(&event1) .send().await.unwrap(); assert_eq!(res.status(), 200); let event1 : dispatcher::EventCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); // get collections for user 1 with bad key - want failure let u = format!("http://localhost:8080/v1/platforms/{}/collections/{}", platform1.id.to_string(), event1.collection_id.to_string()); let res = client.get(&u) .header("Authorization", "Bearer 1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // get collections for user 1 with good key - want success let u = format!("http://localhost:8080/v1/platforms/{}/collections/{}", platform1.id.to_string(), event1.collection_id.to_string()); let res = client.get(&u) .header("Authorization", &user_bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let collect1 : dispatcher::EventCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); println!("{:?}", collect1); // get event collections for user 1 with bad key - want failure let u = format!("http://localhost:8080/v1/platforms/{}/events/{}", platform1.id.to_string(), "foo"); let res = client.get(&u) .header("Authorization", "Bearer 1234") .send().await.unwrap(); assert_eq!(res.status(), 401); // get collections for user 1 with good key - want success let u = format!("http://localhost:8080/v1/platforms/{}/events/{}", platform1.id.to_string(), "foo"); let res = client.get(&u) .header("Authorization", &user_bearer1) .send().await.unwrap(); assert_eq!(res.status(), 200); let collect1 : dispatcher::EventCompact = serde_json::from_str(&res.text().await.unwrap()).unwrap(); println!("{:?}", collect1); }