Skip to content

Commit 1b11e53

Browse files
Merge pull request #12949 from rust-lang/more-user-related-tests
Add more tests around user account behavior
2 parents cec727f + 4850002 commit 1b11e53

File tree

2 files changed

+57
-0
lines changed

2 files changed

+57
-0
lines changed

src/tests/routes/users/read.rs

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ use crates_io::models::NewUser;
44
use crates_io::schema::users;
55
use crates_io::views::EncodablePublicUser;
66
use diesel_async::RunQueryDsl;
7+
use insta::assert_snapshot;
78
use serde::Deserialize;
89

910
#[derive(Deserialize)]
@@ -19,9 +20,14 @@ async fn show() {
1920
let json: UserShowPublicResponse = anon.get("/api/v1/users/foo").await.good();
2021
assert_eq!(json.user.login, "foo");
2122

23+
// Lookup by username is case insensitive; returned data uses capitalization in database
2224
let json: UserShowPublicResponse = anon.get("/api/v1/users/bAr").await.good();
2325
assert_eq!(json.user.login, "Bar");
2426
assert_eq!(json.user.url, "https://github.com/Bar");
27+
28+
// Username not in database results in 404
29+
let response = anon.get::<()>("/api/v1/users/not_a_user").await;
30+
assert_snapshot!(response.status(), @"404 Not Found");
2531
}
2632

2733
#[tokio::test(flavor = "multi_thread")]
@@ -64,3 +70,24 @@ async fn show_latest_user_case_insensitively() {
6470
json.user.name.unwrap()
6571
);
6672
}
73+
74+
#[tokio::test(flavor = "multi_thread")]
75+
async fn user_without_github_account() {
76+
let (app, anon) = TestApp::init().empty().await;
77+
let mut conn = app.db_conn().await;
78+
79+
let new_user = NewUser::builder()
80+
// The gh_id column will eventually be removed; there are currently records in production
81+
// that have `-1` for their `gh_id` because the associated GitHub accounts have been deleted
82+
.gh_id(-1)
83+
.gh_login("foobar")
84+
.name("I deleted my github account")
85+
.gh_encrypted_token(&[])
86+
.build();
87+
new_user.insert(&mut conn).await.unwrap();
88+
// This user doesn't have a linked record in `oauth_github`
89+
90+
// The crates.io username still exists
91+
let json: UserShowPublicResponse = anon.get("/api/v1/users/fOObAr").await.good();
92+
assert_eq!("I deleted my github account", json.user.name.unwrap());
93+
}

src/tests/user.rs

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -326,5 +326,35 @@ async fn also_write_to_oauth_github() -> anyhow::Result<()> {
326326
let decrypted_token = encryption.decrypt(&oauth_github.encrypted_token)?;
327327
assert_eq!(decrypted_token.secret(), "a different token");
328328

329+
// Now that the user has renamed their account on GitHub, someone else can claim it and log in
330+
// to crates.io with it (with a different GitHub ID)
331+
let new_gh_id = gh_id + 1;
332+
let gh_user = GitHubUser {
333+
id: new_gh_id,
334+
login: "arbitrary_username".to_string(),
335+
name: None,
336+
email: Some(email.to_string()),
337+
avatar_url: None,
338+
};
339+
let encrypted_token = encryption.encrypt("a different random token")?;
340+
let u = session::save_user_to_database(&gh_user, &encrypted_token, emails, &mut conn).await?;
341+
342+
assert_eq!(u.gh_login, "arbitrary_username");
343+
assert_eq!(u.gh_id, new_gh_id);
344+
345+
let oauth_github_records: Vec<OauthGithub> = oauth_github::table.load(&mut conn).await.unwrap();
346+
assert_eq!(oauth_github_records.len(), 2);
347+
let additional_user_oauth_github = oauth_github_records
348+
.iter()
349+
.find(|gh| *gh.id() == new_gh_id as i64)
350+
.unwrap();
351+
352+
assert_eq!(additional_user_oauth_github.user_id, u.id);
353+
assert_eq!(additional_user_oauth_github.account_id, new_gh_id as i64);
354+
assert_eq!(additional_user_oauth_github.login, u.gh_login);
355+
assert!(additional_user_oauth_github.avatar.is_none());
356+
let decrypted_token = encryption.decrypt(&additional_user_oauth_github.encrypted_token)?;
357+
assert_eq!(decrypted_token.secret(), "a different random token");
358+
329359
Ok(())
330360
}

0 commit comments

Comments
 (0)