mirror of
https://github.com/superseriousbusiness/gotosocial
synced 2025-06-05 21:59:39 +02:00
Merge branch 'main' into media_refactor
This commit is contained in:
@@ -32,10 +32,23 @@ import (
|
||||
const (
|
||||
// AuthSignInPath is the API path for users to sign in through
|
||||
AuthSignInPath = "/auth/sign_in"
|
||||
|
||||
// CheckYourEmailPath users land here after registering a new account, instructs them to confirm thier email
|
||||
CheckYourEmailPath = "/check_your_email"
|
||||
|
||||
// WaitForApprovalPath users land here after confirming thier email but before an admin approves thier account
|
||||
// (if such is required)
|
||||
WaitForApprovalPath = "/wait_for_approval"
|
||||
|
||||
// AccountDisabledPath users land here when thier account is suspended by an admin
|
||||
AccountDisabledPath = "/account_disabled"
|
||||
|
||||
// OauthTokenPath is the API path to use for granting token requests to users with valid credentials
|
||||
OauthTokenPath = "/oauth/token"
|
||||
|
||||
// OauthAuthorizePath is the API path for authorization requests (eg., authorize this app to act on my behalf as a user)
|
||||
OauthAuthorizePath = "/oauth/authorize"
|
||||
|
||||
// CallbackPath is the API path for receiving callback tokens from external OIDC providers
|
||||
CallbackPath = oidc.CallbackPath
|
||||
|
||||
|
@@ -18,4 +18,96 @@
|
||||
|
||||
package auth_test
|
||||
|
||||
// TODO
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http/httptest"
|
||||
|
||||
"github.com/gin-contrib/sessions"
|
||||
"github.com/gin-contrib/sessions/memstore"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/auth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oidc"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/router"
|
||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
||||
)
|
||||
|
||||
type AuthStandardTestSuite struct {
|
||||
suite.Suite
|
||||
db db.DB
|
||||
idp oidc.IDP
|
||||
oauthServer oauth.Server
|
||||
|
||||
// standard suite models
|
||||
testTokens map[string]*gtsmodel.Token
|
||||
testClients map[string]*gtsmodel.Client
|
||||
testApplications map[string]*gtsmodel.Application
|
||||
testUsers map[string]*gtsmodel.User
|
||||
testAccounts map[string]*gtsmodel.Account
|
||||
|
||||
// module being tested
|
||||
authModule *auth.Module
|
||||
}
|
||||
|
||||
const (
|
||||
sessionUserID = "userid"
|
||||
sessionClientID = "client_id"
|
||||
)
|
||||
|
||||
func (suite *AuthStandardTestSuite) SetupSuite() {
|
||||
suite.testTokens = testrig.NewTestTokens()
|
||||
suite.testClients = testrig.NewTestClients()
|
||||
suite.testApplications = testrig.NewTestApplications()
|
||||
suite.testUsers = testrig.NewTestUsers()
|
||||
suite.testAccounts = testrig.NewTestAccounts()
|
||||
}
|
||||
|
||||
func (suite *AuthStandardTestSuite) SetupTest() {
|
||||
testrig.InitTestConfig()
|
||||
suite.db = testrig.NewTestDB()
|
||||
testrig.InitTestLog()
|
||||
|
||||
suite.oauthServer = testrig.NewTestOauthServer(suite.db)
|
||||
var err error
|
||||
suite.idp, err = oidc.NewIDP(context.Background())
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
suite.authModule = auth.New(suite.db, suite.oauthServer, suite.idp).(*auth.Module)
|
||||
testrig.StandardDBSetup(suite.db, nil)
|
||||
}
|
||||
|
||||
func (suite *AuthStandardTestSuite) TearDownTest() {
|
||||
testrig.StandardDBTeardown(suite.db)
|
||||
}
|
||||
|
||||
func (suite *AuthStandardTestSuite) newContext(requestMethod string, requestPath string) (*gin.Context, *httptest.ResponseRecorder) {
|
||||
// create the recorder and gin test context
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, engine := gin.CreateTestContext(recorder)
|
||||
|
||||
// load templates into the engine
|
||||
testrig.ConfigureTemplatesWithGin(engine)
|
||||
|
||||
// create the request
|
||||
protocol := viper.GetString(config.Keys.Protocol)
|
||||
host := viper.GetString(config.Keys.Host)
|
||||
baseURI := fmt.Sprintf("%s://%s", protocol, host)
|
||||
requestURI := fmt.Sprintf("%s/%s", baseURI, requestPath)
|
||||
ctx.Request = httptest.NewRequest(requestMethod, requestURI, nil) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("accept", "text/html")
|
||||
|
||||
// trigger the session middleware on the context
|
||||
store := memstore.NewStore(make([]byte, 32), make([]byte, 32))
|
||||
store.Options(router.SessionOptions())
|
||||
sessionMiddleware := sessions.Sessions("gotosocial-localhost", store)
|
||||
sessionMiddleware(ctx)
|
||||
|
||||
return ctx, recorder
|
||||
}
|
||||
|
@@ -44,7 +44,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
|
||||
s := sessions.Default(c)
|
||||
|
||||
if _, err := api.NegotiateAccept(c, api.HTMLAcceptHeaders...); err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusNotAcceptable, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
@@ -57,7 +57,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
|
||||
if err := c.Bind(form); err != nil {
|
||||
l.Debugf("invalid auth form: %s", err)
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
l.Debugf("parsed auth form: %+v", form)
|
||||
@@ -65,7 +65,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
|
||||
if err := extractAuthForm(s, form); err != nil {
|
||||
l.Debugf(fmt.Sprintf("error parsing form at /oauth/authorize: %s", err))
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
c.Redirect(http.StatusSeeOther, AuthSignInPath)
|
||||
@@ -75,28 +75,33 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
|
||||
// We can use the client_id on the session to retrieve info about the app associated with the client_id
|
||||
clientID, ok := s.Get(sessionClientID).(string)
|
||||
if !ok || clientID == "" {
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "no client_id found in session"})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": "no client_id found in session"})
|
||||
return
|
||||
}
|
||||
app := >smodel.Application{}
|
||||
if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil {
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{
|
||||
"error": fmt.Sprintf("no application found for client id %s", clientID),
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
// we can also use the userid of the user to fetch their username from the db to greet them nicely <3
|
||||
// redirect the user if they have not confirmed their email yet, thier account has not been approved yet,
|
||||
// or thier account has been disabled.
|
||||
user := >smodel.User{}
|
||||
if err := m.db.GetByID(c.Request.Context(), userID, user); err != nil {
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
acct, err := m.db.GetAccountByID(c.Request.Context(), user.AccountID)
|
||||
if err != nil {
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
if !ensureUserIsAuthorizedOrRedirect(c, user, acct) {
|
||||
return
|
||||
}
|
||||
|
||||
@@ -104,13 +109,13 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
|
||||
redirect, ok := s.Get(sessionRedirectURI).(string)
|
||||
if !ok || redirect == "" {
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "no redirect_uri found in session"})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": "no redirect_uri found in session"})
|
||||
return
|
||||
}
|
||||
scope, ok := s.Get(sessionScope).(string)
|
||||
if !ok || scope == "" {
|
||||
m.clearSession(s)
|
||||
c.JSON(http.StatusInternalServerError, gin.H{"error": "no scope found in session"})
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": "no scope found in session"})
|
||||
return
|
||||
}
|
||||
|
||||
@@ -170,10 +175,28 @@ func (m *Module) AuthorizePOSTHandler(c *gin.Context) {
|
||||
errs = append(errs, "session missing userid")
|
||||
}
|
||||
|
||||
// redirect the user if they have not confirmed their email yet, thier account has not been approved yet,
|
||||
// or thier account has been disabled.
|
||||
user := >smodel.User{}
|
||||
if err := m.db.GetByID(c.Request.Context(), userID, user); err != nil {
|
||||
m.clearSession(s)
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
acct, err := m.db.GetAccountByID(c.Request.Context(), user.AccountID)
|
||||
if err != nil {
|
||||
m.clearSession(s)
|
||||
c.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
if !ensureUserIsAuthorizedOrRedirect(c, user, acct) {
|
||||
return
|
||||
}
|
||||
|
||||
m.clearSession(s)
|
||||
|
||||
if len(errs) != 0 {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": strings.Join(errs, ": ")})
|
||||
c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{"error": strings.Join(errs, ": ")})
|
||||
return
|
||||
}
|
||||
|
||||
@@ -190,7 +213,7 @@ func (m *Module) AuthorizePOSTHandler(c *gin.Context) {
|
||||
|
||||
// and proceed with authorization using the oauth2 library
|
||||
if err := m.server.HandleAuthorizeRequest(c.Writer, c.Request); err != nil {
|
||||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||||
c.HTML(http.StatusBadRequest, "error.tmpl", gin.H{"error": err.Error()})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -216,3 +239,27 @@ func extractAuthForm(s sessions.Session, form *model.OAuthAuthorize) error {
|
||||
s.Set(sessionState, uuid.NewString())
|
||||
return s.Save()
|
||||
}
|
||||
|
||||
func ensureUserIsAuthorizedOrRedirect(ctx *gin.Context, user *gtsmodel.User, account *gtsmodel.Account) bool {
|
||||
if user.ConfirmedAt.IsZero() {
|
||||
ctx.Redirect(http.StatusSeeOther, CheckYourEmailPath)
|
||||
return false
|
||||
}
|
||||
|
||||
if !user.Approved {
|
||||
ctx.Redirect(http.StatusSeeOther, WaitForApprovalPath)
|
||||
return false
|
||||
}
|
||||
|
||||
if user.Disabled {
|
||||
ctx.Redirect(http.StatusSeeOther, AccountDisabledPath)
|
||||
return false
|
||||
}
|
||||
|
||||
if !account.SuspendedAt.IsZero() {
|
||||
ctx.Redirect(http.StatusSeeOther, AccountDisabledPath)
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
113
internal/api/client/auth/authorize_test.go
Normal file
113
internal/api/client/auth/authorize_test.go
Normal file
@@ -0,0 +1,113 @@
|
||||
package auth_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"codeberg.org/gruf/go-errors"
|
||||
"github.com/gin-contrib/sessions"
|
||||
"github.com/stretchr/testify/suite"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/client/auth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
)
|
||||
|
||||
type AuthAuthorizeTestSuite struct {
|
||||
AuthStandardTestSuite
|
||||
}
|
||||
|
||||
type authorizeHandlerTestCase struct {
|
||||
description string
|
||||
mutateUserAccount func(*gtsmodel.User, *gtsmodel.Account)
|
||||
expectedStatusCode int
|
||||
expectedLocationHeader string
|
||||
}
|
||||
|
||||
func (suite *AuthAuthorizeTestSuite) TestAccountAuthorizeHandler() {
|
||||
|
||||
var tests = []authorizeHandlerTestCase{
|
||||
{
|
||||
description: "user has their email unconfirmed",
|
||||
mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
|
||||
// nothing to do, weed_lord420 already has their email unconfirmed
|
||||
},
|
||||
expectedStatusCode: http.StatusSeeOther,
|
||||
expectedLocationHeader: auth.CheckYourEmailPath,
|
||||
},
|
||||
{
|
||||
description: "user has their email confirmed but is not approved",
|
||||
mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
|
||||
user.ConfirmedAt = time.Now()
|
||||
user.Email = user.UnconfirmedEmail
|
||||
},
|
||||
expectedStatusCode: http.StatusSeeOther,
|
||||
expectedLocationHeader: auth.WaitForApprovalPath,
|
||||
},
|
||||
{
|
||||
description: "user has their email confirmed and is approved, but User entity has been disabled",
|
||||
mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
|
||||
user.ConfirmedAt = time.Now()
|
||||
user.Email = user.UnconfirmedEmail
|
||||
user.Approved = true
|
||||
user.Disabled = true
|
||||
},
|
||||
expectedStatusCode: http.StatusSeeOther,
|
||||
expectedLocationHeader: auth.AccountDisabledPath,
|
||||
},
|
||||
{
|
||||
description: "user has their email confirmed and is approved, but Account entity has been suspended",
|
||||
mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) {
|
||||
user.ConfirmedAt = time.Now()
|
||||
user.Email = user.UnconfirmedEmail
|
||||
user.Approved = true
|
||||
user.Disabled = false
|
||||
account.SuspendedAt = time.Now()
|
||||
},
|
||||
expectedStatusCode: http.StatusSeeOther,
|
||||
expectedLocationHeader: auth.AccountDisabledPath,
|
||||
},
|
||||
}
|
||||
|
||||
doTest := func(testCase authorizeHandlerTestCase) {
|
||||
ctx, recorder := suite.newContext(http.MethodGet, auth.OauthAuthorizePath)
|
||||
|
||||
user := suite.testUsers["unconfirmed_account"]
|
||||
account := suite.testAccounts["unconfirmed_account"]
|
||||
|
||||
testSession := sessions.Default(ctx)
|
||||
testSession.Set(sessionUserID, user.ID)
|
||||
testSession.Set(sessionClientID, suite.testApplications["application_1"].ClientID)
|
||||
if err := testSession.Save(); err != nil {
|
||||
panic(errors.WrapMsgf(err, "failed on case: %s", testCase.description))
|
||||
}
|
||||
|
||||
testCase.mutateUserAccount(user, account)
|
||||
|
||||
testCase.description = fmt.Sprintf("%s, %t, %s", user.Email, user.Disabled, account.SuspendedAt)
|
||||
|
||||
user.UpdatedAt = time.Now()
|
||||
err := suite.db.UpdateByPrimaryKey(context.Background(), user)
|
||||
suite.NoError(err)
|
||||
_, err = suite.db.UpdateAccount(context.Background(), account)
|
||||
suite.NoError(err)
|
||||
|
||||
// call the handler
|
||||
suite.authModule.AuthorizeGETHandler(ctx)
|
||||
|
||||
// 1. we should have a redirect
|
||||
suite.Equal(testCase.expectedStatusCode, recorder.Code, fmt.Sprintf("failed on case: %s", testCase.description))
|
||||
|
||||
// 2. we should have a redirect to the check your email path, as this user has not confirmed their email yet.
|
||||
suite.Equal(testCase.expectedLocationHeader, recorder.Header().Get("Location"), fmt.Sprintf("failed on case: %s", testCase.description))
|
||||
}
|
||||
|
||||
for _, testCase := range tests {
|
||||
doTest(testCase)
|
||||
}
|
||||
}
|
||||
|
||||
func TestAccountUpdateTestSuite(t *testing.T) {
|
||||
suite.Run(t, new(AuthAuthorizeTestSuite))
|
||||
}
|
@@ -30,8 +30,6 @@ import (
|
||||
"github.com/gin-contrib/sessions"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/google/uuid"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oidc"
|
||||
@@ -206,19 +204,27 @@ func (m *Module) parseUserFromClaims(ctx context.Context, claims *oidc.Claims, i
|
||||
}
|
||||
}
|
||||
|
||||
// we still need to set *a* password even if it's not a password the user will end up using, so set something random
|
||||
// in this case, we'll just set two uuids on top of each other, which should be long + random enough to baffle any attempts to crack.
|
||||
// We still need to set *a* password even if it's not a password the user will end up using, so set something random.
|
||||
// We'll just set two uuids on top of each other, which should be long + random enough to baffle any attempts to crack.
|
||||
//
|
||||
// if the user ever wants to log in using gts password rather than oidc flow, they'll have to request a password reset, which is fine
|
||||
// If the user ever wants to log in using gts password rather than oidc flow, they'll have to request a password reset, which is fine
|
||||
password := uuid.NewString() + uuid.NewString()
|
||||
|
||||
// Since this user is created via oidc, which has been set up by the admin, we can assume that the account is already
|
||||
// implicitly approved, and that the email address has already been verified: otherwise, we end up in situations where
|
||||
// the admin first approves the user in OIDC, and then has to approve them again in GoToSocial, which doesn't make sense.
|
||||
//
|
||||
// In other words, if a user logs in via OIDC, they should be able to use their account straight away.
|
||||
//
|
||||
// See: https://github.com/superseriousbusiness/gotosocial/issues/357
|
||||
requireApproval := false
|
||||
emailVerified := true
|
||||
|
||||
// create the user! this will also create an account and store it in the database so we don't need to do that here
|
||||
requireApproval := viper.GetBool(config.Keys.AccountsApprovalRequired)
|
||||
user, err = m.db.NewSignup(ctx, username, "", requireApproval, claims.Email, password, ip, "", appID, claims.EmailVerified, admin)
|
||||
user, err = m.db.NewSignup(ctx, username, "", requireApproval, claims.Email, password, ip, "", appID, emailVerified, admin)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error creating user: %s", err)
|
||||
}
|
||||
|
||||
return user, nil
|
||||
|
||||
}
|
||||
|
@@ -149,11 +149,9 @@ func validateCreateMedia(form *model.AttachmentRequest) error {
|
||||
return fmt.Errorf("file size limit exceeded: limit is %d bytes but attachment was %d bytes", maxSize, form.File.Size)
|
||||
}
|
||||
|
||||
if len(form.Description) < minDescriptionChars || len(form.Description) > maxDescriptionChars {
|
||||
if len(form.Description) > maxDescriptionChars {
|
||||
return fmt.Errorf("image description length must be between %d and %d characters (inclusive), but provided image description was %d chars", minDescriptionChars, maxDescriptionChars, len(form.Description))
|
||||
}
|
||||
|
||||
// TODO: validate focus here
|
||||
|
||||
return nil
|
||||
}
|
||||
|
@@ -21,6 +21,8 @@ package media_test
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
@@ -31,10 +33,11 @@ import (
|
||||
"codeberg.org/gruf/go-store/kv"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/stretchr/testify/suite"
|
||||
mediamodule "github.com/superseriousbusiness/gotosocial/internal/api/client/media"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/model"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/email"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/federation"
|
||||
@@ -117,7 +120,7 @@ func (suite *MediaCreateTestSuite) TearDownTest() {
|
||||
ACTUAL TESTS
|
||||
*/
|
||||
|
||||
func (suite *MediaCreateTestSuite) TestStatusCreatePOSTImageHandlerSuccessful() {
|
||||
func (suite *MediaCreateTestSuite) TestMediaCreateSuccessful() {
|
||||
// set up the context for the request
|
||||
t := suite.testTokens["local_account_1"]
|
||||
oauthToken := oauth.DBTokenToToken(t)
|
||||
@@ -171,16 +174,16 @@ func (suite *MediaCreateTestSuite) TestStatusCreatePOSTImageHandlerSuccessful()
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
assert.NoError(suite.T(), err)
|
||||
suite.NoError(err)
|
||||
fmt.Println(string(b))
|
||||
|
||||
attachmentReply := &model.Attachment{}
|
||||
err = json.Unmarshal(b, attachmentReply)
|
||||
assert.NoError(suite.T(), err)
|
||||
suite.NoError(err)
|
||||
|
||||
assert.Equal(suite.T(), "this is a test image -- a cool background from somewhere", attachmentReply.Description)
|
||||
assert.Equal(suite.T(), "image", attachmentReply.Type)
|
||||
assert.EqualValues(suite.T(), model.MediaMeta{
|
||||
suite.Equal("this is a test image -- a cool background from somewhere", attachmentReply.Description)
|
||||
suite.Equal("image", attachmentReply.Type)
|
||||
suite.EqualValues(model.MediaMeta{
|
||||
Original: model.MediaDimensions{
|
||||
Width: 1920,
|
||||
Height: 1080,
|
||||
@@ -198,11 +201,89 @@ func (suite *MediaCreateTestSuite) TestStatusCreatePOSTImageHandlerSuccessful()
|
||||
Y: 0.5,
|
||||
},
|
||||
}, attachmentReply.Meta)
|
||||
assert.Equal(suite.T(), "LjBzUo#6RQR._NvzRjWF?urqV@a$", attachmentReply.Blurhash)
|
||||
assert.NotEmpty(suite.T(), attachmentReply.ID)
|
||||
assert.NotEmpty(suite.T(), attachmentReply.URL)
|
||||
assert.NotEmpty(suite.T(), attachmentReply.PreviewURL)
|
||||
assert.Equal(suite.T(), len(storageKeysBeforeRequest)+2, len(storageKeysAfterRequest)) // 2 images should be added to storage: the original and the thumbnail
|
||||
suite.Equal("LjBzUo#6RQR._NvzRjWF?urqV@a$", attachmentReply.Blurhash)
|
||||
suite.NotEmpty(attachmentReply.ID)
|
||||
suite.NotEmpty(attachmentReply.URL)
|
||||
suite.NotEmpty(attachmentReply.PreviewURL)
|
||||
suite.Equal(len(storageKeysBeforeRequest)+2, len(storageKeysAfterRequest)) // 2 images should be added to storage: the original and the thumbnail
|
||||
}
|
||||
|
||||
func (suite *MediaCreateTestSuite) TestMediaCreateLongDescription() {
|
||||
// set up the context for the request
|
||||
t := suite.testTokens["local_account_1"]
|
||||
oauthToken := oauth.DBTokenToToken(t)
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
|
||||
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||
|
||||
// read a random string of a really long description
|
||||
descriptionBytes := make([]byte, 5000)
|
||||
if _, err := rand.Read(descriptionBytes); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
description := base64.RawStdEncoding.EncodeToString(descriptionBytes)
|
||||
|
||||
// create the request
|
||||
buf, w, err := testrig.CreateMultipartFormData("file", "../../../../testrig/media/test-jpeg.jpg", map[string]string{
|
||||
"description": description,
|
||||
"focus": "-0.5,0.5",
|
||||
})
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080/%s", mediamodule.BasePath), bytes.NewReader(buf.Bytes())) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("Content-Type", w.FormDataContentType())
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// do the actual request
|
||||
suite.mediaModule.MediaCreatePOSTHandler(ctx)
|
||||
|
||||
// check response
|
||||
suite.EqualValues(http.StatusUnprocessableEntity, recorder.Code)
|
||||
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
suite.NoError(err)
|
||||
|
||||
expectedErr := fmt.Sprintf(`{"error":"image description length must be between 0 and 500 characters (inclusive), but provided image description was %d chars"}`, len(description))
|
||||
suite.Equal(expectedErr, string(b))
|
||||
}
|
||||
|
||||
func (suite *MediaCreateTestSuite) TestMediaCreateTooShortDescription() {
|
||||
// set the min description length
|
||||
viper.Set(config.Keys.MediaDescriptionMinChars, 500)
|
||||
|
||||
// set up the context for the request
|
||||
t := suite.testTokens["local_account_1"]
|
||||
oauthToken := oauth.DBTokenToToken(t)
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
|
||||
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||
|
||||
// create the request
|
||||
buf, w, err := testrig.CreateMultipartFormData("file", "../../../../testrig/media/test-jpeg.jpg", map[string]string{
|
||||
"description": "", // provide an empty description
|
||||
"focus": "-0.5,0.5",
|
||||
})
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
ctx.Request = httptest.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:8080/%s", mediamodule.BasePath), bytes.NewReader(buf.Bytes())) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("Content-Type", w.FormDataContentType())
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
|
||||
// do the actual request
|
||||
suite.mediaModule.MediaCreatePOSTHandler(ctx)
|
||||
|
||||
// check response -- there should be no error because minimum description length is checked on *UPDATE*, not initial upload
|
||||
suite.EqualValues(http.StatusOK, recorder.Code)
|
||||
}
|
||||
|
||||
func TestMediaCreateTestSuite(t *testing.T) {
|
||||
|
235
internal/api/client/media/mediaupdate_test.go
Normal file
235
internal/api/client/media/mediaupdate_test.go
Normal file
@@ -0,0 +1,235 @@
|
||||
/*
|
||||
GoToSocial
|
||||
Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU Affero General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU Affero General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU Affero General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package media_test
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
"codeberg.org/gruf/go-store/kv"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/stretchr/testify/suite"
|
||||
mediamodule "github.com/superseriousbusiness/gotosocial/internal/api/client/media"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api/model"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/email"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/federation"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/media"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/typeutils"
|
||||
"github.com/superseriousbusiness/gotosocial/testrig"
|
||||
)
|
||||
|
||||
type MediaUpdateTestSuite struct {
|
||||
// standard suite interfaces
|
||||
suite.Suite
|
||||
db db.DB
|
||||
storage *kv.KVStore
|
||||
federator federation.Federator
|
||||
tc typeutils.TypeConverter
|
||||
mediaHandler media.Handler
|
||||
oauthServer oauth.Server
|
||||
emailSender email.Sender
|
||||
processor processing.Processor
|
||||
|
||||
// standard suite models
|
||||
testTokens map[string]*gtsmodel.Token
|
||||
testClients map[string]*gtsmodel.Client
|
||||
testApplications map[string]*gtsmodel.Application
|
||||
testUsers map[string]*gtsmodel.User
|
||||
testAccounts map[string]*gtsmodel.Account
|
||||
testAttachments map[string]*gtsmodel.MediaAttachment
|
||||
|
||||
// item being tested
|
||||
mediaModule *mediamodule.Module
|
||||
}
|
||||
|
||||
/*
|
||||
TEST INFRASTRUCTURE
|
||||
*/
|
||||
|
||||
func (suite *MediaUpdateTestSuite) SetupSuite() {
|
||||
// setup standard items
|
||||
testrig.InitTestConfig()
|
||||
testrig.InitTestLog()
|
||||
suite.db = testrig.NewTestDB()
|
||||
suite.storage = testrig.NewTestStorage()
|
||||
suite.tc = testrig.NewTestTypeConverter(suite.db)
|
||||
suite.mediaHandler = testrig.NewTestMediaHandler(suite.db, suite.storage)
|
||||
suite.oauthServer = testrig.NewTestOauthServer(suite.db)
|
||||
suite.federator = testrig.NewTestFederator(suite.db, testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil), suite.db), suite.storage)
|
||||
suite.emailSender = testrig.NewEmailSender("../../../../web/template/", nil)
|
||||
suite.processor = testrig.NewTestProcessor(suite.db, suite.storage, suite.federator, suite.emailSender)
|
||||
|
||||
// setup module being tested
|
||||
suite.mediaModule = mediamodule.New(suite.processor).(*mediamodule.Module)
|
||||
}
|
||||
|
||||
func (suite *MediaUpdateTestSuite) TearDownSuite() {
|
||||
if err := suite.db.Stop(context.Background()); err != nil {
|
||||
logrus.Panicf("error closing db connection: %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
func (suite *MediaUpdateTestSuite) SetupTest() {
|
||||
testrig.StandardDBSetup(suite.db, nil)
|
||||
testrig.StandardStorageSetup(suite.storage, "../../../../testrig/media")
|
||||
suite.testTokens = testrig.NewTestTokens()
|
||||
suite.testClients = testrig.NewTestClients()
|
||||
suite.testApplications = testrig.NewTestApplications()
|
||||
suite.testUsers = testrig.NewTestUsers()
|
||||
suite.testAccounts = testrig.NewTestAccounts()
|
||||
suite.testAttachments = testrig.NewTestAttachments()
|
||||
}
|
||||
|
||||
func (suite *MediaUpdateTestSuite) TearDownTest() {
|
||||
testrig.StandardDBTeardown(suite.db)
|
||||
testrig.StandardStorageTeardown(suite.storage)
|
||||
}
|
||||
|
||||
/*
|
||||
ACTUAL TESTS
|
||||
*/
|
||||
|
||||
func (suite *MediaUpdateTestSuite) TestUpdateImage() {
|
||||
toUpdate := suite.testAttachments["local_account_1_unattached_1"]
|
||||
|
||||
// set up the context for the request
|
||||
t := suite.testTokens["local_account_1"]
|
||||
oauthToken := oauth.DBTokenToToken(t)
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
|
||||
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||
|
||||
// create the request
|
||||
buf, w, err := testrig.CreateMultipartFormData("", "", map[string]string{
|
||||
"id": toUpdate.ID,
|
||||
"description": "new description!",
|
||||
"focus": "-0.1,0.3",
|
||||
})
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
ctx.Request = httptest.NewRequest(http.MethodPut, fmt.Sprintf("http://localhost:8080/%s/%s", mediamodule.BasePath, toUpdate.ID), bytes.NewReader(buf.Bytes())) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("Content-Type", w.FormDataContentType())
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
ctx.Params = gin.Params{
|
||||
gin.Param{
|
||||
Key: mediamodule.IDKey,
|
||||
Value: toUpdate.ID,
|
||||
},
|
||||
}
|
||||
|
||||
// do the actual request
|
||||
suite.mediaModule.MediaPUTHandler(ctx)
|
||||
|
||||
// check response
|
||||
suite.EqualValues(http.StatusOK, recorder.Code)
|
||||
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
suite.NoError(err)
|
||||
|
||||
// reply should be an attachment
|
||||
attachmentReply := &model.Attachment{}
|
||||
err = json.Unmarshal(b, attachmentReply)
|
||||
suite.NoError(err)
|
||||
|
||||
// the reply should contain the updated fields
|
||||
suite.Equal("new description!", attachmentReply.Description)
|
||||
suite.EqualValues("gif", attachmentReply.Type)
|
||||
suite.EqualValues(model.MediaMeta{
|
||||
Original: model.MediaDimensions{Width: 800, Height: 450, FrameRate: "", Duration: 0, Bitrate: 0, Size: "800x450", Aspect: 1.7777778},
|
||||
Small: model.MediaDimensions{Width: 256, Height: 144, FrameRate: "", Duration: 0, Bitrate: 0, Size: "256x144", Aspect: 1.7777778},
|
||||
Focus: model.MediaFocus{X: -0.1, Y: 0.3},
|
||||
}, attachmentReply.Meta)
|
||||
suite.Equal(toUpdate.Blurhash, attachmentReply.Blurhash)
|
||||
suite.Equal(toUpdate.ID, attachmentReply.ID)
|
||||
suite.Equal(toUpdate.URL, attachmentReply.URL)
|
||||
suite.NotEmpty(toUpdate.Thumbnail.URL, attachmentReply.PreviewURL)
|
||||
}
|
||||
|
||||
func (suite *MediaUpdateTestSuite) TestUpdateImageShortDescription() {
|
||||
// set the min description length
|
||||
viper.Set(config.Keys.MediaDescriptionMinChars, 50)
|
||||
|
||||
toUpdate := suite.testAttachments["local_account_1_unattached_1"]
|
||||
|
||||
// set up the context for the request
|
||||
t := suite.testTokens["local_account_1"]
|
||||
oauthToken := oauth.DBTokenToToken(t)
|
||||
recorder := httptest.NewRecorder()
|
||||
ctx, _ := gin.CreateTestContext(recorder)
|
||||
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
|
||||
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||
|
||||
// create the request
|
||||
buf, w, err := testrig.CreateMultipartFormData("", "", map[string]string{
|
||||
"id": toUpdate.ID,
|
||||
"description": "new description!",
|
||||
"focus": "-0.1,0.3",
|
||||
})
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
ctx.Request = httptest.NewRequest(http.MethodPut, fmt.Sprintf("http://localhost:8080/%s/%s", mediamodule.BasePath, toUpdate.ID), bytes.NewReader(buf.Bytes())) // the endpoint we're hitting
|
||||
ctx.Request.Header.Set("Content-Type", w.FormDataContentType())
|
||||
ctx.Request.Header.Set("accept", "application/json")
|
||||
ctx.Params = gin.Params{
|
||||
gin.Param{
|
||||
Key: mediamodule.IDKey,
|
||||
Value: toUpdate.ID,
|
||||
},
|
||||
}
|
||||
|
||||
// do the actual request
|
||||
suite.mediaModule.MediaPUTHandler(ctx)
|
||||
|
||||
// check response
|
||||
suite.EqualValues(http.StatusBadRequest, recorder.Code)
|
||||
|
||||
result := recorder.Result()
|
||||
defer result.Body.Close()
|
||||
b, err := ioutil.ReadAll(result.Body)
|
||||
suite.NoError(err)
|
||||
|
||||
// reply should be an error message
|
||||
suite.Equal(`{"error":"image description length must be between 50 and 500 characters (inclusive), but provided image description was 16 chars"}`, string(b))
|
||||
}
|
||||
|
||||
func TestMediaUpdateTestSuite(t *testing.T) {
|
||||
suite.Run(t, new(MediaUpdateTestSuite))
|
||||
}
|
@@ -96,6 +96,36 @@ type Status struct {
|
||||
Text string `json:"text"`
|
||||
}
|
||||
|
||||
/*
|
||||
** The below functions are added onto the API model status so that it satisfies
|
||||
** the Preparable interface in internal/timeline.
|
||||
*/
|
||||
|
||||
func (s *Status) GetID() string {
|
||||
return s.ID
|
||||
}
|
||||
|
||||
func (s *Status) GetAccountID() string {
|
||||
if s.Account != nil {
|
||||
return s.Account.ID
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (s *Status) GetBoostOfID() string {
|
||||
if s.Reblog != nil {
|
||||
return s.Reblog.ID
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (s *Status) GetBoostOfAccountID() string {
|
||||
if s.Reblog != nil && s.Reblog.Account != nil {
|
||||
return s.Reblog.Account.ID
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// StatusReblogged represents a reblogged status.
|
||||
//
|
||||
// swagger:model statusReblogged
|
||||
|
@@ -28,7 +28,6 @@ import (
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/spf13/viper"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/ap"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||
"github.com/superseriousbusiness/gotosocial/internal/config"
|
||||
)
|
||||
|
||||
@@ -68,11 +67,6 @@ func (m *Module) WebfingerGETRequest(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
if _, err := api.NegotiateAccept(c, api.JSONAcceptHeaders...); err != nil {
|
||||
c.JSON(http.StatusNotAcceptable, gin.H{"error": err.Error()})
|
||||
return
|
||||
}
|
||||
|
||||
// remove the acct: prefix if it's present
|
||||
trimAcct := strings.TrimPrefix(resourceQuery, "acct:")
|
||||
// remove the first @ in @whatever@example.org if it's present
|
||||
|
@@ -69,7 +69,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUser() {
|
||||
func (suite *WebfingerGetTestSuite) TestFingerUserWithDifferentAccountDomainByHost() {
|
||||
viper.Set(config.Keys.Host, "gts.example.org")
|
||||
viper.Set(config.Keys.AccountDomain, "example.org")
|
||||
suite.processor = processing.NewProcessor(suite.tc, suite.federator, testrig.NewTestOauthServer(suite.db), testrig.NewTestMediaManager(suite.db, suite.storage), suite.storage, testrig.NewTestTimelineManager(suite.db), suite.db, suite.emailSender)
|
||||
suite.processor = processing.NewProcessor(suite.tc, suite.federator, testrig.NewTestOauthServer(suite.db), testrig.NewTestMediaHandler(suite.db, suite.storage), suite.storage, suite.db, suite.emailSender)
|
||||
suite.webfingerModule = webfinger.New(suite.processor).(*webfinger.Module)
|
||||
|
||||
targetAccount := accountDomainAccount()
|
||||
@@ -103,7 +103,7 @@ func (suite *WebfingerGetTestSuite) TestFingerUserWithDifferentAccountDomainByHo
|
||||
func (suite *WebfingerGetTestSuite) TestFingerUserWithDifferentAccountDomainByAccountDomain() {
|
||||
viper.Set(config.Keys.Host, "gts.example.org")
|
||||
viper.Set(config.Keys.AccountDomain, "example.org")
|
||||
suite.processor = processing.NewProcessor(suite.tc, suite.federator, testrig.NewTestOauthServer(suite.db), testrig.NewTestMediaManager(suite.db, suite.storage), suite.storage, testrig.NewTestTimelineManager(suite.db), suite.db, suite.emailSender)
|
||||
suite.processor = processing.NewProcessor(suite.tc, suite.federator, testrig.NewTestOauthServer(suite.db), testrig.NewTestMediaHandler(suite.db, suite.storage), suite.storage, suite.db, suite.emailSender)
|
||||
suite.webfingerModule = webfinger.New(suite.processor).(*webfinger.Module)
|
||||
|
||||
targetAccount := accountDomainAccount()
|
||||
|
@@ -62,6 +62,22 @@ func (m *Module) TokenCheck(c *gin.Context) {
|
||||
l.Warnf("no user found for userID %s", userID)
|
||||
return
|
||||
}
|
||||
|
||||
if user.ConfirmedAt.IsZero() {
|
||||
l.Warnf("authenticated user %s has never confirmed thier email address", userID)
|
||||
return
|
||||
}
|
||||
|
||||
if !user.Approved {
|
||||
l.Warnf("authenticated user %s's account was never approved by an admin", userID)
|
||||
return
|
||||
}
|
||||
|
||||
if user.Disabled {
|
||||
l.Warnf("authenticated user %s's account was disabled'", userID)
|
||||
return
|
||||
}
|
||||
|
||||
c.Set(oauth.SessionAuthorizedUser, user)
|
||||
|
||||
// fetch account for this token
|
||||
@@ -74,6 +90,12 @@ func (m *Module) TokenCheck(c *gin.Context) {
|
||||
l.Warnf("no account found for userID %s", userID)
|
||||
return
|
||||
}
|
||||
|
||||
if !acct.SuspendedAt.IsZero() {
|
||||
l.Warnf("authenticated user %s's account (accountId=%s) has been suspended", userID, user.AccountID)
|
||||
return
|
||||
}
|
||||
|
||||
c.Set(oauth.SessionAuthorizedAccount, acct)
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user