|
|
|
@ -90,3 +90,107 @@ func TestSignRequired(t *testing.T) {
|
|
|
|
|
SignRequiredFunc(c)
|
|
|
|
|
asserts.NotNil(c)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestWebDAVAuth(t *testing.T) {
|
|
|
|
|
asserts := assert.New(t)
|
|
|
|
|
rec := httptest.NewRecorder()
|
|
|
|
|
AuthFunc := WebDAVAuth()
|
|
|
|
|
|
|
|
|
|
// options请求跳过验证
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("OPTIONS", "/test", nil)
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 请求HTTP Basic Auth
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("POST", "/test", nil)
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
asserts.NotEmpty(c.Writer.Header()["WWW-Authenticate"])
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 用户名不存在
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("POST", "/test", nil)
|
|
|
|
|
c.Request.Header = map[string][]string{
|
|
|
|
|
"Authorization": {"Basic d2hvQGNsb3VkcmV2ZS5vcmc6YWRtaW4="},
|
|
|
|
|
}
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)users(.+)").
|
|
|
|
|
WillReturnRows(
|
|
|
|
|
sqlmock.NewRows([]string{"id", "password", "email"}),
|
|
|
|
|
)
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
asserts.NoError(mock.ExpectationsWereMet())
|
|
|
|
|
asserts.Equal(c.Writer.Status(), http.StatusUnauthorized)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 密码错误
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("POST", "/test", nil)
|
|
|
|
|
c.Request.Header = map[string][]string{
|
|
|
|
|
"Authorization": {"Basic d2hvQGNsb3VkcmV2ZS5vcmc6YWRtaW4="},
|
|
|
|
|
}
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)users(.+)").
|
|
|
|
|
WillReturnRows(
|
|
|
|
|
sqlmock.NewRows([]string{"id", "password", "email", "options"}).AddRow(1, "123", "who@cloudreve.org", "{}"),
|
|
|
|
|
)
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
asserts.NoError(mock.ExpectationsWereMet())
|
|
|
|
|
asserts.Equal(c.Writer.Status(), http.StatusUnauthorized)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//未启用 WebDAV
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("POST", "/test", nil)
|
|
|
|
|
c.Request.Header = map[string][]string{
|
|
|
|
|
"Authorization": {"Basic d2hvQGNsb3VkcmV2ZS5vcmc6YWRtaW4="},
|
|
|
|
|
}
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)users(.+)").
|
|
|
|
|
WillReturnRows(
|
|
|
|
|
sqlmock.NewRows(
|
|
|
|
|
[]string{"id", "password", "email", "group_id", "options"}).
|
|
|
|
|
AddRow(1,
|
|
|
|
|
"rfBd67ti3SMtYvSg:ce6dc7bca4f17f2660e18e7608686673eae0fdf3",
|
|
|
|
|
"who@cloudreve.org",
|
|
|
|
|
1,
|
|
|
|
|
"{}",
|
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)groups(.+)").WillReturnRows(sqlmock.NewRows([]string{"id", "web_dav_enabled"}).AddRow(1, false))
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
asserts.NoError(mock.ExpectationsWereMet())
|
|
|
|
|
asserts.Equal(c.Writer.Status(), http.StatusForbidden)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//正常
|
|
|
|
|
{
|
|
|
|
|
c, _ := gin.CreateTestContext(rec)
|
|
|
|
|
c.Request, _ = http.NewRequest("POST", "/test", nil)
|
|
|
|
|
c.Request.Header = map[string][]string{
|
|
|
|
|
"Authorization": {"Basic d2hvQGNsb3VkcmV2ZS5vcmc6YWRtaW4="},
|
|
|
|
|
}
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)users(.+)").
|
|
|
|
|
WillReturnRows(
|
|
|
|
|
sqlmock.NewRows(
|
|
|
|
|
[]string{"id", "password", "email", "group_id", "options"}).
|
|
|
|
|
AddRow(1,
|
|
|
|
|
"rfBd67ti3SMtYvSg:ce6dc7bca4f17f2660e18e7608686673eae0fdf3",
|
|
|
|
|
"who@cloudreve.org",
|
|
|
|
|
1,
|
|
|
|
|
"{}",
|
|
|
|
|
),
|
|
|
|
|
)
|
|
|
|
|
mock.ExpectQuery("SELECT(.+)groups(.+)").WillReturnRows(sqlmock.NewRows([]string{"id", "web_dav_enabled"}).AddRow(1, true))
|
|
|
|
|
AuthFunc(c)
|
|
|
|
|
asserts.NoError(mock.ExpectationsWereMet())
|
|
|
|
|
asserts.Equal(c.Writer.Status(), 200)
|
|
|
|
|
_, ok := c.Get("user")
|
|
|
|
|
asserts.True(ok)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|