TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 14:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: deprecated api calls for v3 tests

Browse Source
This commit is contained in:
Stefan Benz
2025-06-23 14:12:35 +02:00
parent 1092caaceb
commit f17953b501
5 changed files with 9 additions and 3353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

659
internal/api/grpc/user/v2/integration_test/key_test.go
View File

@@ -1,659 +0,0 @@
//go:build integration
package user_test
import (
"context"
"fmt"
"slices"
"testing"
"time"
"github.com/brianvoe/gofakeit/v6"
"github.com/google/go-cmp/cmp"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/protobuf/testing/protocmp"
"google.golang.org/protobuf/types/known/timestamppb"
"github.com/zitadel/zitadel/internal/integration"
"github.com/zitadel/zitadel/pkg/grpc/filter/v2"
"github.com/zitadel/zitadel/pkg/grpc/user/v2"
)
func TestServer_AddKey(t *testing.T) {
resp := Instance.CreateUserTypeMachine(IamCTX)
userId := resp.GetId()
expirationDate := timestamppb.New(time.Now().Add(time.Hour * 24))
type args struct {
req *user.AddKeyRequest
prepare func(request *user.AddKeyRequest) error
}
tests := []struct {
name string
args args
wantErr bool
wantEmtpyKey bool
}{
{
name: "add key, user not existing",
args: args{
&user.AddKeyRequest{
UserId: "notexisting",
ExpirationDate: expirationDate,
},
func(request *user.AddKeyRequest) error { return nil },
},
wantErr: true,
},
{
name: "generate key pair, ok",
args: args{
&user.AddKeyRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddKeyRequest) error {
request.UserId = userId
return nil
},
},
},
{
name: "add valid public key, ok",
args: args{
&user.AddKeyRequest{
ExpirationDate: expirationDate,
// This is the public key of the tester system user. This must be valid.
PublicKey: []byte(`
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzi+FFSJL7f5yw4KTwzgM
P34ePGycm/M+kT0M7V4Cgx5V3EaDIvTQKTLfBaEB45zb9LtjIXzDw0rXRoS2hO6t
h+CYQCz3KCvh09C0IzxZiB2IS3H/aT+5Bx9EFY+vnAkZjccbyG5YNRvmtOlnvIeI
H7qZ0tEwkPfF5GEZNPJPtmy3UGV7iofdVQS1xRj73+aMw5rvH4D8IdyiAC3VekIb
pt0Vj0SUX3DwKtog337BzTiPk3aXRF0sbFhQoqdJRI8NqgZjCwjq9yfI5tyxYswn
+JGzHGdHvW3idODlmwEt5K2pasiRIWK2OGfq+w0EcltQHabuqEPgZlmhCkRdNfix
BwIDAQAB
-----END PUBLIC KEY-----
`),
},
func(request *user.AddKeyRequest) error {
request.UserId = userId
return nil
},
},
wantEmtpyKey: true,
},
{
name: "add invalid public key, error",
args: args{
&user.AddKeyRequest{
ExpirationDate: expirationDate,
PublicKey: []byte(`
-----BEGIN PUBLIC KEY-----
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
-----END PUBLIC KEY-----
`),
},
func(request *user.AddKeyRequest) error {
request.UserId = userId
return nil
},
},
wantErr: true,
},
{
name: "add key human, error",
args: args{
&user.AddKeyRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddKeyRequest) error {
resp := Instance.CreateUserTypeHuman(IamCTX)
request.UserId = resp.Id
return nil
},
},
wantErr: true,
},
{
name: "add another key, ok",
args: args{
&user.AddKeyRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddKeyRequest) error {
request.UserId = userId
_, err := Client.AddKey(IamCTX, &user.AddKeyRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.AddKey(CTX, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.KeyId, "key id is empty")
if tt.wantEmtpyKey {
assert.Empty(t, got.KeyContent, "key content is not empty")
} else {
assert.NotEmpty(t, got.KeyContent, "key content is empty")
}
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_AddKey_Permission(t *testing.T) {
OrgCTX := CTX
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("AddKey-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
request := &user.AddKeyRequest{
ExpirationDate: timestamppb.New(time.Now().Add(time.Hour * 24)),
UserId: otherOrgUser.GetId(),
}
type args struct {
ctx context.Context
req *user.AddKeyRequest
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{SystemCTX, request},
},
{
name: "instance, ok",
args: args{IamCTX, request},
},
{
name: "org, error",
args: args{OrgCTX, request},
wantErr: true,
},
{
name: "user, error",
args: args{UserCTX, request},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, err)
got, err := Client.AddKey(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.KeyId, "key id is empty")
assert.NotEmpty(t, got.KeyContent, "key content is empty")
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemoveKey(t *testing.T) {
resp := Instance.CreateUserTypeMachine(IamCTX)
userId := resp.GetId()
expirationDate := timestamppb.New(time.Now().Add(time.Hour * 24))
type args struct {
req *user.RemoveKeyRequest
prepare func(request *user.RemoveKeyRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "remove key, user not existing",
args: args{
&user.RemoveKeyRequest{
UserId: "notexisting",
},
func(request *user.RemoveKeyRequest) error {
key, err := Client.AddKey(IamCTX, &user.AddKeyRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
request.KeyId = key.GetKeyId()
return err
},
},
wantErr: true,
},
{
name: "remove key, not existing",
args: args{
&user.RemoveKeyRequest{
KeyId: "notexisting",
},
func(request *user.RemoveKeyRequest) error {
request.UserId = userId
return nil
},
},
wantErr: true,
},
{
name: "remove key, ok",
args: args{
&user.RemoveKeyRequest{},
func(request *user.RemoveKeyRequest) error {
key, err := Client.AddKey(IamCTX, &user.AddKeyRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
request.KeyId = key.GetKeyId()
request.UserId = userId
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.RemoveKey(CTX, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
deletionDate := got.DeletionDate.AsTime()
assert.Greater(t, deletionDate, now, "creation date is before the test started")
assert.Less(t, deletionDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemoveKey_Permission(t *testing.T) {
OrgCTX := CTX
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("RemoveKey-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
request := &user.RemoveKeyRequest{
UserId: otherOrgUser.GetId(),
}
prepare := func(request *user.RemoveKeyRequest) error {
key, err := Client.AddKey(IamCTX, &user.AddKeyRequest{
ExpirationDate: timestamppb.New(time.Now().Add(time.Hour * 24)),
UserId: otherOrgUser.GetId(),
})
request.KeyId = key.GetKeyId()
return err
}
require.NoError(t, err)
type args struct {
ctx context.Context
req *user.RemoveKeyRequest
prepare func(request *user.RemoveKeyRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{SystemCTX, request, prepare},
},
{
name: "instance, ok",
args: args{IamCTX, request, prepare},
},
{
name: "org, error",
args: args{OrgCTX, request, prepare},
wantErr: true,
},
{
name: "user, error",
args: args{UserCTX, request, prepare},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, tt.args.prepare(tt.args.req))
got, err := Client.RemoveKey(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.DeletionDate, "client key is empty")
creationDate := got.DeletionDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_ListKeys(t *testing.T) {
type args struct {
ctx context.Context
req *user.ListKeysRequest
}
type testCase struct {
name string
args args
want *user.ListKeysResponse
}
OrgCTX := CTX
otherOrg := Instance.CreateOrganization(SystemCTX, fmt.Sprintf("ListKeys-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(SystemCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
otherOrgUserId := otherOrgUser.GetId()
otherUserId := Instance.CreateUserTypeMachine(SystemCTX).GetId()
onlySinceTestStartFilter := &user.KeysSearchFilter{Filter: &user.KeysSearchFilter_CreatedDateFilter{CreatedDateFilter: &filter.TimestampFilter{
Timestamp: timestamppb.Now(),
Method: filter.TimestampFilterMethod_TIMESTAMP_FILTER_METHOD_AFTER_OR_EQUALS,
}}}
myOrgId := Instance.DefaultOrg.GetId()
myUserId := Instance.Users.Get(integration.UserTypeNoPermission).ID
expiresInADay := time.Now().Truncate(time.Hour).Add(time.Hour * 24)
myDataPoint := setupKeyDataPoint(t, myUserId, myOrgId, expiresInADay)
otherUserDataPoint := setupKeyDataPoint(t, otherUserId, myOrgId, expiresInADay)
otherOrgDataPointExpiringSoon := setupKeyDataPoint(t, otherOrgUserId, otherOrg.OrganizationId, time.Now().Truncate(time.Hour).Add(time.Hour))
otherOrgDataPointExpiringLate := setupKeyDataPoint(t, otherOrgUserId, otherOrg.OrganizationId, expiresInADay.Add(time.Hour*24*30))
sortingColumnExpirationDate := user.KeyFieldName_KEY_FIELD_NAME_KEY_EXPIRATION_DATE
awaitKeys(t, onlySinceTestStartFilter,
otherOrgDataPointExpiringSoon.GetId(),
otherOrgDataPointExpiringLate.GetId(),
otherUserDataPoint.GetId(),
myDataPoint.GetId(),
)
tests := []testCase{
{
name: "list all, instance",
args: args{
IamCTX,
&user.ListKeysRequest{Filters: []*user.KeysSearchFilter{onlySinceTestStartFilter}},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherOrgDataPointExpiringLate,
otherOrgDataPointExpiringSoon,
otherUserDataPoint,
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 4,
AppliedLimit: 100,
},
},
},
{
name: "list all, org",
args: args{
OrgCTX,
&user.ListKeysRequest{Filters: []*user.KeysSearchFilter{onlySinceTestStartFilter}},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherUserDataPoint,
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "list all, user",
args: args{
UserCTX,
&user.ListKeysRequest{Filters: []*user.KeysSearchFilter{onlySinceTestStartFilter}},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 1,
AppliedLimit: 100,
},
},
},
{
name: "list by id",
args: args{
IamCTX,
&user.ListKeysRequest{
Filters: []*user.KeysSearchFilter{
onlySinceTestStartFilter,
{
Filter: &user.KeysSearchFilter_KeyIdFilter{
KeyIdFilter: &filter.IDFilter{Id: otherOrgDataPointExpiringSoon.Id},
},
},
},
},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherOrgDataPointExpiringSoon,
},
Pagination: &filter.PaginationResponse{
TotalResult: 1,
AppliedLimit: 100,
},
},
},
{
name: "list all from other org",
args: args{
IamCTX,
&user.ListKeysRequest{
Filters: []*user.KeysSearchFilter{
onlySinceTestStartFilter,
{
Filter: &user.KeysSearchFilter_OrganizationIdFilter{
OrganizationIdFilter: &filter.IDFilter{Id: otherOrg.OrganizationId},
},
},
},
},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherOrgDataPointExpiringLate,
otherOrgDataPointExpiringSoon,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "sort by next expiration dates",
args: args{
IamCTX,
&user.ListKeysRequest{
Pagination: &filter.PaginationRequest{
Asc: true,
},
SortingColumn: &sortingColumnExpirationDate,
Filters: []*user.KeysSearchFilter{
onlySinceTestStartFilter,
{Filter: &user.KeysSearchFilter_OrganizationIdFilter{OrganizationIdFilter: &filter.IDFilter{Id: otherOrg.OrganizationId}}},
},
},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherOrgDataPointExpiringSoon,
otherOrgDataPointExpiringLate,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "get page",
args: args{
IamCTX,
&user.ListKeysRequest{
Pagination: &filter.PaginationRequest{
Offset: 2,
Limit: 2,
Asc: true,
},
Filters: []*user.KeysSearchFilter{
onlySinceTestStartFilter,
},
},
},
want: &user.ListKeysResponse{
Result: []*user.Key{
otherOrgDataPointExpiringSoon,
otherOrgDataPointExpiringLate,
},
Pagination: &filter.PaginationResponse{
TotalResult: 4,
AppliedLimit: 2,
},
},
},
{
name: "empty list",
args: args{
UserCTX,
&user.ListKeysRequest{
Filters: []*user.KeysSearchFilter{
{
Filter: &user.KeysSearchFilter_KeyIdFilter{
KeyIdFilter: &filter.IDFilter{Id: otherUserDataPoint.Id},
},
},
},
},
},
want: &user.ListKeysResponse{
Result: []*user.Key{},
Pagination: &filter.PaginationResponse{
TotalResult: 0,
AppliedLimit: 100,
},
},
},
}
t.Run("with permission flag v2", func(t *testing.T) {
setPermissionCheckV2Flag(t, true)
defer setPermissionCheckV2Flag(t, false)
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.ListKeys(tt.args.ctx, tt.args.req)
require.NoError(t, err)
assert.Len(t, got.Result, len(tt.want.Result))
if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" {
t.Errorf("ListKeys() mismatch (-want +got):\n%s", diff)
}
})
}
})
t.Run("without permission flag v2", func(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.ListKeys(tt.args.ctx, tt.args.req)
require.NoError(t, err)
assert.Len(t, got.Result, len(tt.want.Result))
// ignore the total result, as this is a known bug with the in-memory permission checks.
// The command can't know how many keys exist in the system if the SQL statement has a limit.
// This is fixed, once the in-memory permission checks are removed with https://github.com/zitadel/zitadel/issues/9188
tt.want.Pagination.TotalResult = got.Pagination.TotalResult
if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" {
t.Errorf("ListKeys() mismatch (-want +got):\n%s", diff)
}
})
}
})
}
func setupKeyDataPoint(t *testing.T, userId, orgId string, expirationDate time.Time) *user.Key {
expirationDatePb := timestamppb.New(expirationDate)
newKey, err := Client.AddKey(SystemCTX, &user.AddKeyRequest{
UserId: userId,
ExpirationDate: expirationDatePb,
PublicKey: nil,
})
require.NoError(t, err)
return &user.Key{
CreationDate: newKey.CreationDate,
ChangeDate: newKey.CreationDate,
Id: newKey.GetKeyId(),
UserId: userId,
OrganizationId: orgId,
ExpirationDate: expirationDatePb,
}
}
func awaitKeys(t *testing.T, sinceTestStartFilter *user.KeysSearchFilter, keyIds ...string) {
sortingColumn := user.KeyFieldName_KEY_FIELD_NAME_ID
slices.Sort(keyIds)
require.EventuallyWithT(t, func(collect *assert.CollectT) {
result, err := Client.ListKeys(SystemCTX, &user.ListKeysRequest{
Filters: []*user.KeysSearchFilter{sinceTestStartFilter},
SortingColumn: &sortingColumn,
Pagination: &filter.PaginationRequest{
Asc: true,
},
})
require.NoError(t, err)
if !assert.Len(collect, result.Result, len(keyIds)) {
return
}
for i := range keyIds {
keyId := keyIds[i]
require.Equal(collect, keyId, result.Result[i].GetId())
}
}, 5*time.Second, time.Second, "key not created in time")
}

615
internal/api/grpc/user/v2/integration_test/pat_test.go
View File

@@ -1,615 +0,0 @@
//go:build integration
package user_test
import (
"context"
"fmt"
"slices"
"testing"
"time"
"github.com/brianvoe/gofakeit/v6"
"github.com/google/go-cmp/cmp"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/protobuf/testing/protocmp"
"google.golang.org/protobuf/types/known/timestamppb"
"github.com/zitadel/zitadel/internal/integration"
"github.com/zitadel/zitadel/pkg/grpc/filter/v2"
"github.com/zitadel/zitadel/pkg/grpc/user/v2"
)
func TestServer_AddPersonalAccessToken(t *testing.T) {
resp := Instance.CreateUserTypeMachine(IamCTX)
userId := resp.GetId()
expirationDate := timestamppb.New(time.Now().Add(time.Hour * 24))
type args struct {
req *user.AddPersonalAccessTokenRequest
prepare func(request *user.AddPersonalAccessTokenRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "add pat, user not existing",
args: args{
&user.AddPersonalAccessTokenRequest{
UserId: "notexisting",
ExpirationDate: expirationDate,
},
func(request *user.AddPersonalAccessTokenRequest) error { return nil },
},
wantErr: true,
},
{
name: "add pat, ok",
args: args{
&user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddPersonalAccessTokenRequest) error {
request.UserId = userId
return nil
},
},
},
{
name: "add pat human, not ok",
args: args{
&user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddPersonalAccessTokenRequest) error {
resp := Instance.CreateUserTypeHuman(IamCTX)
request.UserId = resp.Id
return nil
},
},
wantErr: true,
},
{
name: "add another pat, ok",
args: args{
&user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
},
func(request *user.AddPersonalAccessTokenRequest) error {
request.UserId = userId
_, err := Client.AddPersonalAccessToken(IamCTX, &user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.AddPersonalAccessToken(CTX, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.TokenId, "id is empty")
assert.NotEmpty(t, got.Token, "token is empty")
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_AddPersonalAccessToken_Permission(t *testing.T) {
OrgCTX := CTX
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("AddPersonalAccessToken-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
request := &user.AddPersonalAccessTokenRequest{
ExpirationDate: timestamppb.New(time.Now().Add(time.Hour * 24)),
UserId: otherOrgUser.GetId(),
}
type args struct {
ctx context.Context
req *user.AddPersonalAccessTokenRequest
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{SystemCTX, request},
},
{
name: "instance, ok",
args: args{IamCTX, request},
},
{
name: "org, error",
args: args{OrgCTX, request},
wantErr: true,
},
{
name: "user, error",
args: args{UserCTX, request},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, err)
got, err := Client.AddPersonalAccessToken(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.TokenId, "id is empty")
assert.NotEmpty(t, got.Token, "token is empty")
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemovePersonalAccessToken(t *testing.T) {
resp := Instance.CreateUserTypeMachine(IamCTX)
userId := resp.GetId()
expirationDate := timestamppb.New(time.Now().Add(time.Hour * 24))
type args struct {
req *user.RemovePersonalAccessTokenRequest
prepare func(request *user.RemovePersonalAccessTokenRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "remove pat, user not existing",
args: args{
&user.RemovePersonalAccessTokenRequest{
UserId: "notexisting",
},
func(request *user.RemovePersonalAccessTokenRequest) error {
pat, err := Client.AddPersonalAccessToken(CTX, &user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
request.TokenId = pat.GetTokenId()
return err
},
},
wantErr: true,
},
{
name: "remove pat, not existing",
args: args{
&user.RemovePersonalAccessTokenRequest{
TokenId: "notexisting",
},
func(request *user.RemovePersonalAccessTokenRequest) error {
request.UserId = userId
return nil
},
},
wantErr: true,
},
{
name: "remove pat, ok",
args: args{
&user.RemovePersonalAccessTokenRequest{},
func(request *user.RemovePersonalAccessTokenRequest) error {
pat, err := Client.AddPersonalAccessToken(CTX, &user.AddPersonalAccessTokenRequest{
ExpirationDate: expirationDate,
UserId: userId,
})
request.TokenId = pat.GetTokenId()
request.UserId = userId
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.RemovePersonalAccessToken(CTX, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
deletionDate := got.DeletionDate.AsTime()
assert.Greater(t, deletionDate, now, "creation date is before the test started")
assert.Less(t, deletionDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemovePersonalAccessToken_Permission(t *testing.T) {
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("RemovePersonalAccessToken-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
request := &user.RemovePersonalAccessTokenRequest{
UserId: otherOrgUser.GetId(),
}
prepare := func(request *user.RemovePersonalAccessTokenRequest) error {
pat, err := Client.AddPersonalAccessToken(IamCTX, &user.AddPersonalAccessTokenRequest{
ExpirationDate: timestamppb.New(time.Now().Add(time.Hour * 24)),
UserId: otherOrgUser.GetId(),
})
request.TokenId = pat.GetTokenId()
return err
}
require.NoError(t, err)
type args struct {
ctx context.Context
req *user.RemovePersonalAccessTokenRequest
prepare func(request *user.RemovePersonalAccessTokenRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{SystemCTX, request, prepare},
},
{
name: "instance, ok",
args: args{IamCTX, request, prepare},
},
{
name: "org, error",
args: args{CTX, request, prepare},
wantErr: true,
},
{
name: "user, error",
args: args{UserCTX, request, prepare},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, tt.args.prepare(tt.args.req))
got, err := Client.RemovePersonalAccessToken(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.DeletionDate, "client pat is empty")
creationDate := got.DeletionDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_ListPersonalAccessTokens(t *testing.T) {
type args struct {
ctx context.Context
req *user.ListPersonalAccessTokensRequest
}
type testCase struct {
name string
args args
want *user.ListPersonalAccessTokensResponse
}
OrgCTX := CTX
otherOrg := Instance.CreateOrganization(SystemCTX, fmt.Sprintf("ListPersonalAccessTokens-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Client.CreateUser(SystemCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
otherOrgUserId := otherOrgUser.GetId()
otherUserId := Instance.CreateUserTypeMachine(SystemCTX).GetId()
onlySinceTestStartFilter := &user.PersonalAccessTokensSearchFilter{Filter: &user.PersonalAccessTokensSearchFilter_CreatedDateFilter{CreatedDateFilter: &filter.TimestampFilter{
Timestamp: timestamppb.Now(),
Method: filter.TimestampFilterMethod_TIMESTAMP_FILTER_METHOD_AFTER_OR_EQUALS,
}}}
myOrgId := Instance.DefaultOrg.GetId()
myUserId := Instance.Users.Get(integration.UserTypeNoPermission).ID
expiresInADay := time.Now().Truncate(time.Hour).Add(time.Hour * 24)
myDataPoint := setupPATDataPoint(t, myUserId, myOrgId, expiresInADay)
otherUserDataPoint := setupPATDataPoint(t, otherUserId, myOrgId, expiresInADay)
otherOrgDataPointExpiringSoon := setupPATDataPoint(t, otherOrgUserId, otherOrg.OrganizationId, time.Now().Truncate(time.Hour).Add(time.Hour))
otherOrgDataPointExpiringLate := setupPATDataPoint(t, otherOrgUserId, otherOrg.OrganizationId, expiresInADay.Add(time.Hour*24*30))
sortingColumnExpirationDate := user.PersonalAccessTokenFieldName_PERSONAL_ACCESS_TOKEN_FIELD_NAME_EXPIRATION_DATE
awaitPersonalAccessTokens(t,
onlySinceTestStartFilter,
otherOrgDataPointExpiringSoon.GetId(),
otherOrgDataPointExpiringLate.GetId(),
otherUserDataPoint.GetId(),
myDataPoint.GetId(),
)
tests := []testCase{
{
name: "list all, instance",
args: args{
IamCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{onlySinceTestStartFilter},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherOrgDataPointExpiringLate,
otherOrgDataPointExpiringSoon,
otherUserDataPoint,
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 4,
AppliedLimit: 100,
},
},
},
{
name: "list all, org",
args: args{
OrgCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{onlySinceTestStartFilter},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherUserDataPoint,
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "list all, user",
args: args{
UserCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{onlySinceTestStartFilter},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
myDataPoint,
},
Pagination: &filter.PaginationResponse{
TotalResult: 1,
AppliedLimit: 100,
},
},
},
{
name: "list by id",
args: args{
IamCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{
onlySinceTestStartFilter,
{
Filter: &user.PersonalAccessTokensSearchFilter_TokenIdFilter{
TokenIdFilter: &filter.IDFilter{Id: otherOrgDataPointExpiringSoon.Id},
},
},
},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherOrgDataPointExpiringSoon,
},
Pagination: &filter.PaginationResponse{
TotalResult: 1,
AppliedLimit: 100,
},
},
},
{
name: "list all from other org",
args: args{
IamCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{
onlySinceTestStartFilter,
{
Filter: &user.PersonalAccessTokensSearchFilter_OrganizationIdFilter{
OrganizationIdFilter: &filter.IDFilter{Id: otherOrg.OrganizationId},
},
}},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherOrgDataPointExpiringLate,
otherOrgDataPointExpiringSoon,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "sort by next expiration dates",
args: args{
IamCTX,
&user.ListPersonalAccessTokensRequest{
Pagination: &filter.PaginationRequest{
Asc: true,
},
SortingColumn: &sortingColumnExpirationDate,
Filters: []*user.PersonalAccessTokensSearchFilter{
onlySinceTestStartFilter,
{Filter: &user.PersonalAccessTokensSearchFilter_OrganizationIdFilter{OrganizationIdFilter: &filter.IDFilter{Id: otherOrg.OrganizationId}}},
},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherOrgDataPointExpiringSoon,
otherOrgDataPointExpiringLate,
},
Pagination: &filter.PaginationResponse{
TotalResult: 2,
AppliedLimit: 100,
},
},
},
{
name: "get page",
args: args{
IamCTX,
&user.ListPersonalAccessTokensRequest{
Pagination: &filter.PaginationRequest{
Offset: 2,
Limit: 2,
Asc: true,
},
Filters: []*user.PersonalAccessTokensSearchFilter{
onlySinceTestStartFilter,
},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{
otherOrgDataPointExpiringSoon,
otherOrgDataPointExpiringLate,
},
Pagination: &filter.PaginationResponse{
TotalResult: 4,
AppliedLimit: 2,
},
},
},
{
name: "empty list",
args: args{
UserCTX,
&user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{
{
Filter: &user.PersonalAccessTokensSearchFilter_TokenIdFilter{
TokenIdFilter: &filter.IDFilter{Id: otherUserDataPoint.Id},
},
},
},
},
},
want: &user.ListPersonalAccessTokensResponse{
Result: []*user.PersonalAccessToken{},
Pagination: &filter.PaginationResponse{
TotalResult: 0,
AppliedLimit: 100,
},
},
},
}
t.Run("with permission flag v2", func(t *testing.T) {
setPermissionCheckV2Flag(t, true)
defer setPermissionCheckV2Flag(t, false)
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.ListPersonalAccessTokens(tt.args.ctx, tt.args.req)
require.NoError(t, err)
assert.Len(t, got.Result, len(tt.want.Result))
if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" {
t.Errorf("ListPersonalAccessTokens() mismatch (-want +got):\n%s", diff)
}
})
}
})
t.Run("without permission flag v2", func(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.ListPersonalAccessTokens(tt.args.ctx, tt.args.req)
require.NoError(t, err)
assert.Len(t, got.Result, len(tt.want.Result))
// ignore the total result, as this is a known bug with the in-memory permission checks.
// The command can't know how many keys exist in the system if the SQL statement has a limit.
// This is fixed, once the in-memory permission checks are removed with https://github.com/zitadel/zitadel/issues/9188
tt.want.Pagination.TotalResult = got.Pagination.TotalResult
if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" {
t.Errorf("ListPersonalAccessTokens() mismatch (-want +got):\n%s", diff)
}
})
}
})
}
func setupPATDataPoint(t *testing.T, userId, orgId string, expirationDate time.Time) *user.PersonalAccessToken {
expirationDatePb := timestamppb.New(expirationDate)
newPersonalAccessToken, err := Client.AddPersonalAccessToken(SystemCTX, &user.AddPersonalAccessTokenRequest{
UserId: userId,
ExpirationDate: expirationDatePb,
})
require.NoError(t, err)
return &user.PersonalAccessToken{
CreationDate: newPersonalAccessToken.CreationDate,
ChangeDate: newPersonalAccessToken.CreationDate,
Id: newPersonalAccessToken.GetTokenId(),
UserId: userId,
OrganizationId: orgId,
ExpirationDate: expirationDatePb,
}
}
func awaitPersonalAccessTokens(t *testing.T, sinceTestStartFilter *user.PersonalAccessTokensSearchFilter, patIds ...string) {
sortingColumn := user.PersonalAccessTokenFieldName_PERSONAL_ACCESS_TOKEN_FIELD_NAME_ID
slices.Sort(patIds)
require.EventuallyWithT(t, func(collect *assert.CollectT) {
result, err := Client.ListPersonalAccessTokens(SystemCTX, &user.ListPersonalAccessTokensRequest{
Filters: []*user.PersonalAccessTokensSearchFilter{sinceTestStartFilter},
SortingColumn: &sortingColumn,
Pagination: &filter.PaginationRequest{
Asc: true,
},
})
require.NoError(t, err)
if !assert.Len(collect, result.Result, len(patIds)) {
return
}
for i := range patIds {
patId := patIds[i]
require.Equal(collect, patId, result.Result[i].GetId())
}
}, 5*time.Second, time.Second, "pat not created in time")
}

347
internal/api/grpc/user/v2/integration_test/secret_test.go
View File

@@ -1,347 +0,0 @@
//go:build integration
package user_test
import (
"context"
"fmt"
"testing"
"time"
"github.com/brianvoe/gofakeit/v6"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/zitadel/zitadel/pkg/grpc/user/v2"
)
func TestServer_AddSecret(t *testing.T) {
type args struct {
ctx context.Context
req *user.AddSecretRequest
prepare func(request *user.AddSecretRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "add secret, user not existing",
args: args{
CTX,
&user.AddSecretRequest{
UserId: "notexisting",
},
func(request *user.AddSecretRequest) error { return nil },
},
wantErr: true,
},
{
name: "add secret, ok",
args: args{
CTX,
&user.AddSecretRequest{},
func(request *user.AddSecretRequest) error {
resp := Instance.CreateUserTypeMachine(CTX)
request.UserId = resp.GetId()
return nil
},
},
},
{
name: "add secret human, not ok",
args: args{
CTX,
&user.AddSecretRequest{},
func(request *user.AddSecretRequest) error {
resp := Instance.CreateUserTypeMachine(CTX)
request.UserId = resp.GetId()
return nil
},
},
},
{
name: "overwrite secret, ok",
args: args{
CTX,
&user.AddSecretRequest{},
func(request *user.AddSecretRequest) error {
resp := Instance.CreateUserTypeMachine(CTX)
request.UserId = resp.GetId()
_, err := Client.AddSecret(CTX, &user.AddSecretRequest{
UserId: resp.GetId(),
})
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.AddSecret(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.ClientSecret, "client secret is empty")
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_AddSecret_Permission(t *testing.T) {
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("AddSecret-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Instance.Client.UserV2.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
type args struct {
ctx context.Context
req *user.AddSecretRequest
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{
SystemCTX,
&user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
},
},
},
{
name: "instance, ok",
args: args{
IamCTX,
&user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
},
},
},
{
name: "org, error",
args: args{
CTX,
&user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
},
},
wantErr: true,
},
{
name: "user, error",
args: args{
UserCTX,
&user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
},
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, err)
got, err := Client.AddSecret(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.ClientSecret, "client secret is empty")
creationDate := got.CreationDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemoveSecret(t *testing.T) {
type args struct {
ctx context.Context
req *user.RemoveSecretRequest
prepare func(request *user.RemoveSecretRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "remove secret, user not existing",
args: args{
CTX,
&user.RemoveSecretRequest{
UserId: "notexisting",
},
func(request *user.RemoveSecretRequest) error { return nil },
},
wantErr: true,
},
{
name: "remove secret, not existing",
args: args{
CTX,
&user.RemoveSecretRequest{},
func(request *user.RemoveSecretRequest) error {
resp := Instance.CreateUserTypeMachine(CTX)
request.UserId = resp.GetId()
return nil
},
},
wantErr: true,
},
{
name: "remove secret, ok",
args: args{
CTX,
&user.RemoveSecretRequest{},
func(request *user.RemoveSecretRequest) error {
resp := Instance.CreateUserTypeMachine(CTX)
request.UserId = resp.GetId()
_, err := Instance.Client.UserV2.AddSecret(CTX, &user.AddSecretRequest{
UserId: resp.GetId(),
})
return err
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
err := tt.args.prepare(tt.args.req)
require.NoError(t, err)
got, err := Client.RemoveSecret(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
deletionDate := got.DeletionDate.AsTime()
assert.Greater(t, deletionDate, now, "creation date is before the test started")
assert.Less(t, deletionDate, time.Now(), "creation date is in the future")
})
}
}
func TestServer_RemoveSecret_Permission(t *testing.T) {
otherOrg := Instance.CreateOrganization(IamCTX, fmt.Sprintf("RemoveSecret-%s", gofakeit.AppName()), gofakeit.Email())
otherOrgUser, err := Instance.Client.UserV2.CreateUser(IamCTX, &user.CreateUserRequest{
OrganizationId: otherOrg.OrganizationId,
UserType: &user.CreateUserRequest_Machine_{
Machine: &user.CreateUserRequest_Machine{
Name: gofakeit.Name(),
},
},
})
require.NoError(t, err)
type args struct {
ctx context.Context
req *user.RemoveSecretRequest
prepare func(request *user.RemoveSecretRequest) error
}
tests := []struct {
name string
args args
wantErr bool
}{
{
name: "system, ok",
args: args{
SystemCTX,
&user.RemoveSecretRequest{
UserId: otherOrgUser.GetId(),
},
func(request *user.RemoveSecretRequest) error {
_, err := Instance.Client.UserV2.AddSecret(IamCTX, &user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
})
return err
},
},
},
{
name: "instance, ok",
args: args{
IamCTX,
&user.RemoveSecretRequest{
UserId: otherOrgUser.GetId(),
},
func(request *user.RemoveSecretRequest) error {
_, err := Instance.Client.UserV2.AddSecret(IamCTX, &user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
})
return err
},
},
},
{
name: "org, error",
args: args{
CTX,
&user.RemoveSecretRequest{
UserId: otherOrgUser.GetId(),
},
func(request *user.RemoveSecretRequest) error {
_, err := Instance.Client.UserV2.AddSecret(IamCTX, &user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
})
return err
},
},
wantErr: true,
},
{
name: "user, error",
args: args{
UserCTX,
&user.RemoveSecretRequest{
UserId: otherOrgUser.GetId(),
},
func(request *user.RemoveSecretRequest) error {
_, err := Instance.Client.UserV2.AddSecret(IamCTX, &user.AddSecretRequest{
UserId: otherOrgUser.GetId(),
})
return err
},
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
now := time.Now()
require.NoError(t, tt.args.prepare(tt.args.req))
got, err := Client.RemoveSecret(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
return
}
require.NoError(t, err)
assert.NotEmpty(t, got.DeletionDate, "client secret is empty")
creationDate := got.DeletionDate.AsTime()
assert.Greater(t, creationDate, now, "creation date is before the test started")
assert.Less(t, creationDate, time.Now(), "creation date is in the future")
})
}
}

1700
internal/api/grpc/user/v2/integration_test/user_test.go
View File

File diff suppressed because it is too large Load Diff

41
internal/integration/client.go
View File

@@ -233,45 +233,8 @@ func (i *Instance) CreateHumanUserWithTOTP(ctx context.Context, secret string) *
return resp return resp
} }
func (i *Instance) CreateUserTypeHuman(ctx context.Context) *user_v2.CreateUserResponse { func (i *Instance) CreatePersonalAccessToken(ctx context.Context, userID string) *mgmt.AddPersonalAccessTokenResponse {
resp, err := i.Client.UserV2.CreateUser(ctx, &user_v2.CreateUserRequest{ resp, err := i.Client.Mgmt.AddPersonalAccessToken(ctx, &mgmt.AddPersonalAccessTokenRequest{
OrganizationId: i.DefaultOrg.GetId(),
UserType: &user_v2.CreateUserRequest_Human_{
Human: &user_v2.CreateUserRequest_Human{
Profile: &user_v2.SetHumanProfile{
GivenName: "Mickey",
FamilyName: "Mouse",
},
Email: &user_v2.SetHumanEmail{
Email: fmt.Sprintf("%d@mouse.com", time.Now().UnixNano()),
Verification: &user_v2.SetHumanEmail_ReturnCode{
ReturnCode: &user_v2.ReturnEmailVerificationCode{},
},
},
},
},
})
logging.OnError(err).Panic("create human user")
i.TriggerUserByID(ctx, resp.GetId())
return resp
}
func (i *Instance) CreateUserTypeMachine(ctx context.Context) *user_v2.CreateUserResponse {
resp, err := i.Client.UserV2.CreateUser(ctx, &user_v2.CreateUserRequest{
OrganizationId: i.DefaultOrg.GetId(),
UserType: &user_v2.CreateUserRequest_Machine_{
Machine: &user_v2.CreateUserRequest_Machine{
Name: "machine",
},
},
})
logging.OnError(err).Panic("create machine user")
i.TriggerUserByID(ctx, resp.GetId())
return resp
}
func (i *Instance) CreatePersonalAccessToken(ctx context.Context, userID string) *user_v2.AddPersonalAccessTokenResponse {
resp, err := i.Client.UserV2.AddPersonalAccessToken(ctx, &user_v2.AddPersonalAccessTokenRequest{
UserId: userID, UserId: userID,
ExpirationDate: timestamppb.New(time.Now().Add(30 * time.Minute)), ExpirationDate: timestamppb.New(time.Now().Add(30 * time.Minute)),
}) })