Skip to content

Commit 0add01a

Browse files
EmyrkEmyrk
committed
Test all api key methods
1 parent 53fcf79 commit 0add01a

File tree

2 files changed

+62
-2
lines changed

2 files changed

+62
-2
lines changed

coderd/authzquery/apikey.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,14 +27,14 @@ func (q *AuthzQuerier) GetAPIKeysLastUsedAfter(ctx context.Context, lastUsed tim
2727

2828
func (q *AuthzQuerier) InsertAPIKey(ctx context.Context, arg database.InsertAPIKeyParams) (database.APIKey, error) {
2929
return authorizedInsertWithReturn(q.logger, q.authorizer,
30-
rbac.ActionRead,
30+
rbac.ActionCreate,
3131
rbac.ResourceAPIKey.WithOwner(arg.UserID.String()),
3232
q.database.InsertAPIKey)(ctx, arg)
3333
}
3434

3535
func (q *AuthzQuerier) UpdateAPIKeyByID(ctx context.Context, arg database.UpdateAPIKeyByIDParams) error {
3636
fetch := func(ctx context.Context, arg database.UpdateAPIKeyByIDParams) (database.APIKey, error) {
37-
return q.GetAPIKeyByID(ctx, arg.ID)
37+
return q.database.GetAPIKeyByID(ctx, arg.ID)
3838
}
3939
return authorizedUpdate(q.logger, q.authorizer, fetch, q.database.UpdateAPIKeyByID)(ctx, arg)
4040
}

coderd/authzquery/apikey_test.go

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
package authzquery_test
2+
3+
import (
4+
"testing"
5+
"time"
6+
7+
"github.com/coder/coder/coderd/database"
8+
"github.com/coder/coder/coderd/database/dbgen"
9+
"github.com/coder/coder/coderd/rbac"
10+
)
11+
12+
func (suite *MethodTestSuite) TestAPIKey() {
13+
suite.Run("DeleteAPIKeyByID", func() {
14+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
15+
key, _ := dbgen.APIKey(t, db, database.APIKey{})
16+
return methodCase(inputs(key.ID), asserts(key, rbac.ActionDelete))
17+
})
18+
})
19+
suite.Run("GetAPIKeyByID", func() {
20+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
21+
key, _ := dbgen.APIKey(t, db, database.APIKey{})
22+
return methodCase(inputs(key.ID), asserts(key, rbac.ActionRead))
23+
})
24+
})
25+
suite.Run("GetAPIKeysByLoginType", func() {
26+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
27+
a, _ := dbgen.APIKey(t, db, database.APIKey{LoginType: database.LoginTypePassword})
28+
b, _ := dbgen.APIKey(t, db, database.APIKey{LoginType: database.LoginTypePassword})
29+
_, _ = dbgen.APIKey(t, db, database.APIKey{LoginType: database.LoginTypeGithub})
30+
return methodCase(inputs(database.LoginTypePassword), asserts(a, rbac.ActionRead, b, rbac.ActionRead))
31+
})
32+
})
33+
suite.Run("GetAPIKeysLastUsedAfter", func() {
34+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
35+
a, _ := dbgen.APIKey(t, db, database.APIKey{LastUsed: time.Now().Add(time.Hour)})
36+
b, _ := dbgen.APIKey(t, db, database.APIKey{LastUsed: time.Now().Add(time.Hour)})
37+
_, _ = dbgen.APIKey(t, db, database.APIKey{LastUsed: time.Now().Add(-time.Hour)})
38+
return methodCase(inputs(time.Now()), asserts(a, rbac.ActionRead, b, rbac.ActionRead))
39+
})
40+
})
41+
suite.Run("InsertAPIKey", func() {
42+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
43+
u := dbgen.User(t, db, database.User{})
44+
return methodCase(inputs(database.InsertAPIKeyParams{
45+
UserID: u.ID,
46+
LoginType: database.LoginTypePassword,
47+
Scope: database.APIKeyScopeAll,
48+
}), asserts(rbac.ResourceAPIKey.WithOwner(u.ID.String()), rbac.ActionCreate))
49+
})
50+
})
51+
suite.Run("UpdateAPIKeyByID", func() {
52+
suite.RunMethodTest(func(t *testing.T, db database.Store) MethodCase {
53+
a, _ := dbgen.APIKey(t, db, database.APIKey{})
54+
return methodCase(inputs(database.UpdateAPIKeyByIDParams{
55+
ID: a.ID,
56+
LastUsed: time.Now(),
57+
}), asserts(a, rbac.ActionUpdate))
58+
})
59+
})
60+
}

0 commit comments

Comments
 (0)