Adding upstream version 0.28.1.

Signed-off-by: Daniel Baumann <daniel@debian.org>
2025-05-22 10:57:38 +02:00 · 2025-05-22 10:57:38 +02:00 · e28c88ef14
commit e28c88ef14
parent 88f1d47ab6
933 changed files with 194711 additions and 0 deletions
--- a/cmd/superuser_test.go
+++ b/cmd/superuser_test.go
@ -0,0 +1,403 @@
+package cmd_test
+
+import (
+	"testing"
+
+	"github.com/pocketbase/pocketbase/cmd"
+	"github.com/pocketbase/pocketbase/core"
+	"github.com/pocketbase/pocketbase/tests"
+)
+
+func TestSuperuserUpsertCommand(t *testing.T) {
+	t.Parallel()
+
+	app, _ := tests.NewTestApp()
+	defer app.Cleanup()
+
+	scenarios := []struct {
+		name        string
+		email       string
+		password    string
+		expectError bool
+	}{
+		{
+			"empty email and password",
+			"",
+			"",
+			true,
+		},
+		{
+			"empty email",
+			"",
+			"1234567890",
+			true,
+		},
+		{
+			"invalid email",
+			"invalid",
+			"1234567890",
+			true,
+		},
+		{
+			"empty password",
+			"test@example.com",
+			"",
+			true,
+		},
+		{
+			"short password",
+			"test_new@example.com",
+			"1234567",
+			true,
+		},
+		{
+			"existing user",
+			"test@example.com",
+			"1234567890!",
+			false,
+		},
+		{
+			"new user",
+			"test_new@example.com",
+			"1234567890!",
+			false,
+		},
+	}
+
+	for _, s := range scenarios {
+		t.Run(s.name, func(t *testing.T) {
+			command := cmd.NewSuperuserCommand(app)
+			command.SetArgs([]string{"upsert", s.email, s.password})
+
+			err := command.Execute()
+
+			hasErr := err != nil
+			if s.expectError != hasErr {
+				t.Fatalf("Expected hasErr %v, got %v (%v)", s.expectError, hasErr, err)
+			}
+
+			if hasErr {
+				return
+			}
+
+			// check whether the superuser account was actually upserted
+			superuser, err := app.FindAuthRecordByEmail(core.CollectionNameSuperusers, s.email)
+			if err != nil {
+				t.Fatalf("Failed to fetch superuser %s: %v", s.email, err)
+			} else if !superuser.ValidatePassword(s.password) {
+				t.Fatal("Expected the superuser password to match")
+			}
+		})
+	}
+}
+
+func TestSuperuserCreateCommand(t *testing.T) {
+	t.Parallel()
+
+	app, _ := tests.NewTestApp()
+	defer app.Cleanup()
+
+	scenarios := []struct {
+		name        string
+		email       string
+		password    string
+		expectError bool
+	}{
+		{
+			"empty email and password",
+			"",
+			"",
+			true,
+		},
+		{
+			"empty email",
+			"",
+			"1234567890",
+			true,
+		},
+		{
+			"invalid email",
+			"invalid",
+			"1234567890",
+			true,
+		},
+		{
+			"duplicated email",
+			"test@example.com",
+			"1234567890",
+			true,
+		},
+		{
+			"empty password",
+			"test@example.com",
+			"",
+			true,
+		},
+		{
+			"short password",
+			"test_new@example.com",
+			"1234567",
+			true,
+		},
+		{
+			"valid email and password",
+			"test_new@example.com",
+			"12345678",
+			false,
+		},
+	}
+
+	for _, s := range scenarios {
+		t.Run(s.name, func(t *testing.T) {
+			command := cmd.NewSuperuserCommand(app)
+			command.SetArgs([]string{"create", s.email, s.password})
+
+			err := command.Execute()
+
+			hasErr := err != nil
+			if s.expectError != hasErr {
+				t.Fatalf("Expected hasErr %v, got %v (%v)", s.expectError, hasErr, err)
+			}
+
+			if hasErr {
+				return
+			}
+
+			// check whether the superuser account was actually created
+			superuser, err := app.FindAuthRecordByEmail(core.CollectionNameSuperusers, s.email)
+			if err != nil {
+				t.Fatalf("Failed to fetch created superuser %s: %v", s.email, err)
+			} else if !superuser.ValidatePassword(s.password) {
+				t.Fatal("Expected the superuser password to match")
+			}
+		})
+	}
+}
+
+func TestSuperuserUpdateCommand(t *testing.T) {
+	app, _ := tests.NewTestApp()
+	defer app.Cleanup()
+
+	scenarios := []struct {
+		name        string
+		email       string
+		password    string
+		expectError bool
+	}{
+		{
+			"empty email and password",
+			"",
+			"",
+			true,
+		},
+		{
+			"empty email",
+			"",
+			"1234567890",
+			true,
+		},
+		{
+			"invalid email",
+			"invalid",
+			"1234567890",
+			true,
+		},
+		{
+			"nonexisting superuser",
+			"test_missing@example.com",
+			"1234567890",
+			true,
+		},
+		{
+			"empty password",
+			"test@example.com",
+			"",
+			true,
+		},
+		{
+			"short password",
+			"test_new@example.com",
+			"1234567",
+			true,
+		},
+		{
+			"valid email and password",
+			"test@example.com",
+			"12345678",
+			false,
+		},
+	}
+
+	for _, s := range scenarios {
+		t.Run(s.name, func(t *testing.T) {
+			command := cmd.NewSuperuserCommand(app)
+			command.SetArgs([]string{"update", s.email, s.password})
+
+			err := command.Execute()
+
+			hasErr := err != nil
+			if s.expectError != hasErr {
+				t.Fatalf("Expected hasErr %v, got %v (%v)", s.expectError, hasErr, err)
+			}
+
+			if hasErr {
+				return
+			}
+
+			// check whether the superuser password was actually changed
+			superuser, err := app.FindAuthRecordByEmail(core.CollectionNameSuperusers, s.email)
+			if err != nil {
+				t.Fatalf("Failed to fetch superuser %s: %v", s.email, err)
+			} else if !superuser.ValidatePassword(s.password) {
+				t.Fatal("Expected the superuser password to match")
+			}
+		})
+	}
+}
+
+func TestSuperuserDeleteCommand(t *testing.T) {
+	app, _ := tests.NewTestApp()
+	defer app.Cleanup()
+
+	scenarios := []struct {
+		name        string
+		email       string
+		expectError bool
+	}{
+		{
+			"empty email",
+			"",
+			true,
+		},
+		{
+			"invalid email",
+			"invalid",
+			true,
+		},
+		{
+			"nonexisting superuser",
+			"test_missing@example.com",
+			false,
+		},
+		{
+			"existing superuser",
+			"test@example.com",
+			false,
+		},
+	}
+
+	for _, s := range scenarios {
+		t.Run(s.name, func(t *testing.T) {
+			command := cmd.NewSuperuserCommand(app)
+			command.SetArgs([]string{"delete", s.email})
+
+			err := command.Execute()
+
+			hasErr := err != nil
+			if s.expectError != hasErr {
+				t.Fatalf("Expected hasErr %v, got %v (%v)", s.expectError, hasErr, err)
+			}
+
+			if hasErr {
+				return
+			}
+
+			if _, err := app.FindAuthRecordByEmail(core.CollectionNameSuperusers, s.email); err == nil {
+				t.Fatal("Expected the superuser account to be deleted")
+			}
+		})
+	}
+}
+
+func TestSuperuserOTPCommand(t *testing.T) {
+	app, _ := tests.NewTestApp()
+	defer app.Cleanup()
+
+	superusersCollection, err := app.FindCollectionByNameOrId(core.CollectionNameSuperusers)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// remove all existing otps
+	otps, err := app.FindAllOTPsByCollection(superusersCollection)
+	if err != nil {
+		t.Fatal(err)
+	}
+	for _, otp := range otps {
+		err = app.Delete(otp)
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	scenarios := []struct {
+		name        string
+		email       string
+		enabled     bool
+		expectError bool
+	}{
+		{
+			"empty email",
+			"",
+			true,
+			true,
+		},
+		{
+			"invalid email",
+			"invalid",
+			true,
+			true,
+		},
+		{
+			"nonexisting superuser",
+			"test_missing@example.com",
+			true,
+			true,
+		},
+		{
+			"existing superuser",
+			"test@example.com",
+			true,
+			false,
+		},
+		{
+			"existing superuser with disabled OTP",
+			"test@example.com",
+			false,
+			true,
+		},
+	}
+
+	for _, s := range scenarios {
+		t.Run(s.name, func(t *testing.T) {
+			command := cmd.NewSuperuserCommand(app)
+			command.SetArgs([]string{"otp", s.email})
+
+			superusersCollection.OTP.Enabled = s.enabled
+			if err = app.SaveNoValidate(superusersCollection); err != nil {
+				t.Fatal(err)
+			}
+
+			err := command.Execute()
+
+			hasErr := err != nil
+			if s.expectError != hasErr {
+				t.Fatalf("Expected hasErr %v, got %v (%v)", s.expectError, hasErr, err)
+			}
+
+			if hasErr {
+				return
+			}
+
+			superuser, err := app.FindAuthRecordByEmail(superusersCollection, s.email)
+			if err != nil {
+				t.Fatal(err)
+			}
+
+			otps, _ := app.FindAllOTPsByRecord(superuser)
+			if total := len(otps); total != 1 {
+				t.Fatalf("Expected 1 OTP, got %d", total)
+			}
+		})
+	}
+}