[chore] The Big Middleware and API Refactor (tm) (#1250)

* interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths
2025-06-05 21:59:39 +02:00 · 2023-01-02 13:10:50 +01:00
parent 560ff1209d
commit 941893a774
228 changed files with 3188 additions and 3047 deletions
--- a/internal/api/auth/authorize_test.go
+++ b/internal/api/auth/authorize_test.go
@ -0,0 +1,118 @@
+package auth_test
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/gin-contrib/sessions"
+	"github.com/stretchr/testify/suite"
+	"github.com/superseriousbusiness/gotosocial/internal/api/auth"
+	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"github.com/superseriousbusiness/gotosocial/testrig"
+)
+
+type AuthAuthorizeTestSuite struct {
+	AuthStandardTestSuite
+}
+
+type authorizeHandlerTestCase struct {
+	description            string
+	mutateUserAccount      func(*gtsmodel.User, *gtsmodel.Account) []string
+	expectedStatusCode     int
+	expectedLocationHeader string
+}
+
+func (suite *AuthAuthorizeTestSuite) TestAccountAuthorizeHandler() {
+	tests := []authorizeHandlerTestCase{
+		{
+			description: "user has their email unconfirmed",
+			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+				user.ConfirmedAt = time.Time{}
+				return []string{"confirmed_at"}
+			},
+			expectedStatusCode:     http.StatusSeeOther,
+			expectedLocationHeader: "/auth" + auth.AuthCheckYourEmailPath,
+		},
+		{
+			description: "user has their email confirmed but is not approved",
+			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+				user.ConfirmedAt = time.Now()
+				user.Email = user.UnconfirmedEmail
+				return []string{"confirmed_at", "email"}
+			},
+			expectedStatusCode:     http.StatusSeeOther,
+			expectedLocationHeader: "/auth" + auth.AuthWaitForApprovalPath,
+		},
+		{
+			description: "user has their email confirmed and is approved, but User entity has been disabled",
+			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+				user.ConfirmedAt = time.Now()
+				user.Email = user.UnconfirmedEmail
+				user.Approved = testrig.TrueBool()
+				user.Disabled = testrig.TrueBool()
+				return []string{"confirmed_at", "email", "approved", "disabled"}
+			},
+			expectedStatusCode:     http.StatusSeeOther,
+			expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
+		},
+		{
+			description: "user has their email confirmed and is approved, but Account entity has been suspended",
+			mutateUserAccount: func(user *gtsmodel.User, account *gtsmodel.Account) []string {
+				user.ConfirmedAt = time.Now()
+				user.Email = user.UnconfirmedEmail
+				user.Approved = testrig.TrueBool()
+				user.Disabled = testrig.FalseBool()
+				account.SuspendedAt = time.Now()
+				return []string{"confirmed_at", "email", "approved", "disabled"}
+			},
+			expectedStatusCode:     http.StatusSeeOther,
+			expectedLocationHeader: "/auth" + auth.AuthAccountDisabledPath,
+		},
+	}
+
+	doTest := func(testCase authorizeHandlerTestCase) {
+		ctx, recorder := suite.newContext(http.MethodGet, auth.OauthAuthorizePath, nil, "")
+
+		user := &gtsmodel.User{}
+		account := &gtsmodel.Account{}
+
+		*user = *suite.testUsers["unconfirmed_account"]
+		*account = *suite.testAccounts["unconfirmed_account"]
+
+		testSession := sessions.Default(ctx)
+		testSession.Set(sessionUserID, user.ID)
+		testSession.Set(sessionClientID, suite.testApplications["application_1"].ClientID)
+		if err := testSession.Save(); err != nil {
+			panic(fmt.Errorf("failed on case %s: %w", testCase.description, err))
+		}
+
+		columns := testCase.mutateUserAccount(user, account)
+
+		testCase.description = fmt.Sprintf("%s, %t, %s", user.Email, *user.Disabled, account.SuspendedAt)
+
+		err := suite.db.UpdateUser(context.Background(), user, columns...)
+		suite.NoError(err)
+		err = suite.db.UpdateAccount(context.Background(), account)
+		suite.NoError(err)
+
+		// call the handler
+		suite.authModule.AuthorizeGETHandler(ctx)
+
+		// 1. we should have a redirect
+		suite.Equal(testCase.expectedStatusCode, recorder.Code, fmt.Sprintf("failed on case: %s", testCase.description))
+
+		// 2. we should have a redirect to the check your email path, as this user has not confirmed their email yet.
+		suite.Equal(testCase.expectedLocationHeader, recorder.Header().Get("Location"), fmt.Sprintf("failed on case: %s", testCase.description))
+	}
+
+	for _, testCase := range tests {
+		doTest(testCase)
+	}
+}
+
+func TestAccountUpdateTestSuite(t *testing.T) {
+	suite.Run(t, new(AuthAuthorizeTestSuite))
+}