AstralTransRocketries/drasl
1
0
Fork 0
mirror of https://github.com/unmojang/drasl.git synced 2025-08-03 19:06:04 -04:00
Code Issues Packages Projects Releases Wiki Activity

Test player name in use as another user's username

Browse Source
This commit is contained in:
Evan Goode 2024-12-21 11:51:14 -05:00
parent 43f9d3d815
commit 00a56daac1
1 changed files with 58 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
api_test.go
View File

@ -3,6 +3,7 @@ package main
import ( import (
"encoding/json" "encoding/json"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"gorm.io/gorm"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"net/url" "net/url"
@ -347,7 +348,10 @@ func (ts *TestSuite) testAPIGetPlayer(t *testing.T) {
func (ts *TestSuite) testAPICreatePlayer(t *testing.T) { func (ts *TestSuite) testAPICreatePlayer(t *testing.T) {
adminUsername := "admin" adminUsername := "admin"
adminPlayerName := "AdminPlayer"
admin, _ := ts.CreateTestUser(t, ts.App, ts.Server, adminUsername) admin, _ := ts.CreateTestUser(t, ts.App, ts.Server, adminUsername)
admin.Players[0].Name = adminPlayerName
assert.Nil(t, ts.App.DB.Session(&gorm.Session{FullSaveAssociations: true}).Save(&admin).Error)
username := "user" username := "user"
user, _ := ts.CreateTestUser(t, ts.App, ts.Server, username) user, _ := ts.CreateTestUser(t, ts.App, ts.Server, username)
@ -357,35 +361,63 @@ func (ts *TestSuite) testAPICreatePlayer(t *testing.T) {
newName := "newPlayer" newName := "newPlayer"
payload := APICreatePlayerRequest{ {
Name: newName, payload := APICreatePlayerRequest{
UserUUID: Ptr(user.UUID), Name: newName,
SkinBase64: Ptr(RED_SKIN_BASE64_STRING), UserUUID: Ptr(user.UUID),
CapeBase64: Ptr(RED_CAPE_BASE64_STRING), SkinBase64: Ptr(RED_SKIN_BASE64_STRING),
CapeBase64: Ptr(RED_CAPE_BASE64_STRING),
}
// Should fail since the user already has one player
rec := ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &user.APIToken)
assert.Equal(t, http.StatusBadRequest, rec.Code)
var apiError APIError
assert.Nil(t, json.NewDecoder(rec.Body).Decode(&apiError))
assert.Equal(t, "You are only allowed to own 1 player(s).", apiError.Message)
// Admins should be able to override the MaxPlayerCount limit
rec = ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &admin.APIToken)
assert.Equal(t, http.StatusOK, rec.Code)
var createdAPIPlayer APIPlayer
assert.Nil(t, json.NewDecoder(rec.Body).Decode(&createdAPIPlayer))
assert.Equal(t, newName, createdAPIPlayer.Name)
assert.NotEqual(t, "", createdAPIPlayer.SkinURL)
assert.NotEqual(t, "", createdAPIPlayer.CapeURL)
assert.Nil(t, ts.App.DB.First(&user, "uuid = ?", user.UUID).Error)
assert.Equal(t, 2, len(user.Players))
var player Player
assert.Nil(t, ts.App.DB.First(&player, "uuid = ?", createdAPIPlayer.UUID).Error)
assert.Equal(t, newName, player.Name)
} }
{
// Player name is already in use by another player
payload := APICreatePlayerRequest{
Name: adminPlayerName,
UserUUID: Ptr(user.UUID),
}
// Should fail since the user already has one player rec := ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &admin.APIToken)
rec := ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &user.APIToken) assert.Equal(t, http.StatusBadRequest, rec.Code)
assert.Equal(t, http.StatusBadRequest, rec.Code) var apiError APIError
var apiError APIError assert.Nil(t, json.NewDecoder(rec.Body).Decode(&apiError))
assert.Nil(t, json.NewDecoder(rec.Body).Decode(&apiError)) assert.Equal(t, "That player name is taken.", apiError.Message)
assert.Equal(t, "You are only allowed to own 1 player(s).", apiError.Message) }
{
// Player name is already in use as another user's username
payload := APICreatePlayerRequest{
Name: adminUsername,
UserUUID: Ptr(user.UUID),
}
// Admins should be able to override the MaxPlayerCount limit rec := ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &admin.APIToken)
rec = ts.PostJSON(t, ts.Server, DRASL_API_PREFIX+"/players", payload, nil, &admin.APIToken) assert.Equal(t, http.StatusBadRequest, rec.Code)
assert.Equal(t, http.StatusOK, rec.Code) var apiError APIError
var createdAPIPlayer APIPlayer assert.Nil(t, json.NewDecoder(rec.Body).Decode(&apiError))
assert.Nil(t, json.NewDecoder(rec.Body).Decode(&createdAPIPlayer)) assert.Equal(t, "That player name is in use as another user's username.", apiError.Message)
assert.Equal(t, newName, createdAPIPlayer.Name) }
assert.NotEqual(t, "", createdAPIPlayer.SkinURL)
assert.NotEqual(t, "", createdAPIPlayer.CapeURL)
assert.Nil(t, ts.App.DB.First(&user, "uuid = ?", user.UUID).Error)
assert.Equal(t, 2, len(user.Players))
var player Player
assert.Nil(t, ts.App.DB.First(&player, "uuid = ?", createdAPIPlayer.UUID).Error)
assert.Equal(t, newName, player.Name)
assert.Nil(t, ts.App.DeleteUser(&GOD, user)) assert.Nil(t, ts.App.DeleteUser(&GOD, user))
assert.Nil(t, ts.App.DeleteUser(&GOD, admin)) assert.Nil(t, ts.App.DeleteUser(&GOD, admin))