package command import ( "context" "testing" "github.com/stretchr/testify/assert" "github.com/caos/zitadel/internal/domain" caos_errs "github.com/caos/zitadel/internal/errors" "github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/eventstore/repository" "github.com/caos/zitadel/internal/eventstore/v1/models" "github.com/caos/zitadel/internal/repository/org" "github.com/caos/zitadel/internal/repository/policy" ) func TestCommandSide_AddPasswordAgePolicy(t *testing.T) { type fields struct { eventstore *eventstore.Eventstore } type args struct { ctx context.Context orgID string policy *domain.PasswordAgePolicy } type res struct { want *domain.PasswordAgePolicy err func(error) bool } tests := []struct { name string fields fields args args res res }{ { name: "org id missing, invalid argument error", fields: fields{ eventstore: eventstoreExpect( t, ), }, args: args{ ctx: context.Background(), policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ err: caos_errs.IsErrorInvalidArgument, }, }, { name: "mail template already existing, already exists error", fields: fields{ eventstore: eventstoreExpect( t, expectFilter( eventFromEventPusher( org.NewPasswordAgePolicyAddedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate, 365, 10, ), ), ), ), }, args: args{ ctx: context.Background(), orgID: "org1", policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ err: caos_errs.IsErrorAlreadyExists, }, }, { name: "add policy,ok", fields: fields{ eventstore: eventstoreExpect( t, expectFilter(), expectPush( []*repository.Event{ eventFromEventPusher( org.NewPasswordAgePolicyAddedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate, 10, 365, ), ), }, nil, ), ), }, args: args{ ctx: context.Background(), orgID: "org1", policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ want: &domain.PasswordAgePolicy{ ObjectRoot: models.ObjectRoot{ AggregateID: "org1", ResourceOwner: "org1", }, MaxAgeDays: 365, ExpireWarnDays: 10, }, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { r := &Commands{ eventstore: tt.fields.eventstore, } got, err := r.AddPasswordAgePolicy(tt.args.ctx, tt.args.orgID, tt.args.policy) if tt.res.err == nil { assert.NoError(t, err) } if tt.res.err != nil && !tt.res.err(err) { t.Errorf("got wrong err: %v ", err) } if tt.res.err == nil { assert.Equal(t, tt.res.want, got) } }) } } func TestCommandSide_ChangePasswordAgePolicy(t *testing.T) { type fields struct { eventstore *eventstore.Eventstore } type args struct { ctx context.Context orgID string policy *domain.PasswordAgePolicy } type res struct { want *domain.PasswordAgePolicy err func(error) bool } tests := []struct { name string fields fields args args res res }{ { name: "org id missing, invalid argument error", fields: fields{ eventstore: eventstoreExpect( t, ), }, args: args{ ctx: context.Background(), policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ err: caos_errs.IsErrorInvalidArgument, }, }, { name: "policy not existing, not found error", fields: fields{ eventstore: eventstoreExpect( t, expectFilter(), ), }, args: args{ ctx: context.Background(), orgID: "org1", policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ err: caos_errs.IsNotFound, }, }, { name: "no changes, precondition error", fields: fields{ eventstore: eventstoreExpect( t, expectFilter( eventFromEventPusher( org.NewPasswordAgePolicyAddedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate, 10, 365, ), ), ), ), }, args: args{ ctx: context.Background(), orgID: "org1", policy: &domain.PasswordAgePolicy{ MaxAgeDays: 365, ExpireWarnDays: 10, }, }, res: res{ err: caos_errs.IsPreconditionFailed, }, }, { name: "change, ok", fields: fields{ eventstore: eventstoreExpect( t, expectFilter( eventFromEventPusher( org.NewPasswordAgePolicyAddedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate, 10, 365, ), ), ), expectPush( []*repository.Event{ eventFromEventPusher( newPasswordAgePolicyChangedEvent(context.Background(), "org1", 150, 5), ), }, nil, ), ), }, args: args{ ctx: context.Background(), orgID: "org1", policy: &domain.PasswordAgePolicy{ MaxAgeDays: 150, ExpireWarnDays: 5, }, }, res: res{ want: &domain.PasswordAgePolicy{ ObjectRoot: models.ObjectRoot{ AggregateID: "org1", ResourceOwner: "org1", }, MaxAgeDays: 150, ExpireWarnDays: 5, }, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { r := &Commands{ eventstore: tt.fields.eventstore, } got, err := r.ChangePasswordAgePolicy(tt.args.ctx, tt.args.orgID, tt.args.policy) if tt.res.err == nil { assert.NoError(t, err) } if tt.res.err != nil && !tt.res.err(err) { t.Errorf("got wrong err: %v ", err) } if tt.res.err == nil { assert.Equal(t, tt.res.want, got) } }) } } func TestCommandSide_RemovePasswordAgePolicy(t *testing.T) { type fields struct { eventstore *eventstore.Eventstore } type args struct { ctx context.Context orgID string } type res struct { want *domain.ObjectDetails err func(error) bool } tests := []struct { name string fields fields args args res res }{ { name: "org id missing, invalid argument error", fields: fields{ eventstore: eventstoreExpect( t, ), }, args: args{ ctx: context.Background(), }, res: res{ err: caos_errs.IsErrorInvalidArgument, }, }, { name: "policy not existing, not found error", fields: fields{ eventstore: eventstoreExpect( t, expectFilter(), ), }, args: args{ ctx: context.Background(), orgID: "org1", }, res: res{ err: caos_errs.IsNotFound, }, }, { name: "remove, ok", fields: fields{ eventstore: eventstoreExpect( t, expectFilter( eventFromEventPusher( org.NewPasswordAgePolicyAddedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate, 10, 365, ), ), ), expectPush( []*repository.Event{ eventFromEventPusher( org.NewPasswordAgePolicyRemovedEvent(context.Background(), &org.NewAggregate("org1", "org1").Aggregate), ), }, nil, ), ), }, args: args{ ctx: context.Background(), orgID: "org1", }, res: res{ want: &domain.ObjectDetails{ ResourceOwner: "org1", }, }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { r := &Commands{ eventstore: tt.fields.eventstore, } got, err := r.RemovePasswordAgePolicy(tt.args.ctx, tt.args.orgID) if tt.res.err == nil { assert.NoError(t, err) } if tt.res.err != nil && !tt.res.err(err) { t.Errorf("got wrong err: %v ", err) } if tt.res.err == nil { assert.Equal(t, tt.res.want, got) } }) } } func newPasswordAgePolicyChangedEvent(ctx context.Context, orgID string, maxAgeDays, expireWarnDays uint64) *org.PasswordAgePolicyChangedEvent { event, _ := org.NewPasswordAgePolicyChangedEvent(ctx, &org.NewAggregate(orgID, orgID).Aggregate, []policy.PasswordAgePolicyChanges{ policy.ChangeMaxAgeDays(maxAgeDays), policy.ChangeExpireWarnDays(expireWarnDays), }, ) return event }