From dfa030a3765c5b5e43e263234155d344f5c6186e Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 24 May 2024 14:29:55 +0300
Subject: Do not allow unverified users to comment messages

---
 .../java/com/juick/server/tests/ServerTests.java   | 49 +++++++++++++++-------
 1 file changed, 33 insertions(+), 16 deletions(-)

(limited to 'src/test/java/com/juick/server')

diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 8b75ab6b..ba672831 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -278,6 +278,8 @@ public class ServerTests {
                     .orElseThrow(IllegalStateException::new);
             freefd = userService.createUser(freefdName, freefdPassword)
                     .orElseThrow(IllegalStateException::new);
+            ugnich = makeUserVerified(ugnich);
+            freefd = makeUserVerified(freefd);
             webClient.getOptions().setJavaScriptEnabled(false);
             webClient.getOptions().setCssEnabled(false);
             isSetUp = true;
@@ -660,8 +662,9 @@ public class ServerTests {
                 new TypeReference<>() {
                 });
         assertThat(users.size(), is(1));
-        assertThat(users.get(0).getTokens().size(), is(1));
-        assertThat(users.get(0).getTokens().get(0).token(), equalTo(token));
+        // ugnich has durov and apns token
+        assertThat(users.get(0).getTokens().size(), is(2));
+        assertThat(users.get(0).getTokens().stream().filter(t -> t.type().equals("apns")).findFirst().get().token(), equalTo(token));
     }
 
     @Test
@@ -775,6 +778,7 @@ public class ServerTests {
     public void protocolTests() throws Exception {
         String tmpDir = storageService.getTemporaryDirectory();
         User user = userService.createUser("me", "secret").orElseThrow(IllegalStateException::new);
+        user = makeUserVerified(user);
         Tag yo = tagService.getTag("yo", true);
         Message msg = commandsManager
                 .processCommand(user, "*yo yoyo",
@@ -846,6 +850,7 @@ public class ServerTests {
         last = list.get(0);
         assertThat(last, equalTo(reply.getCreated()));
         assertEquals(2, reply.getReplyto());
+        readerUser = makeUserVerified(readerUser);
         assertThat(commandsManager.processCommand(readerUser, "#" + mid + " *yo *there", emptyUri).getText(),
                 startsWith("Reply posted"));
         assertEquals("Tags are updated",
@@ -1230,8 +1235,9 @@ public class ServerTests {
         CommandResult result = commandsManager.processCommand(ugnich, "freefd - dick", emptyUri);
         int mid = result.getNewMessage().get().getMid();
         commandsManager.processCommand(freefd, String.format("#%d ugnich - dick too", mid), emptyUri);
-        commandsManager.processCommand(serviceUser, String.format("#%d/1 ban for a hour!", mid), emptyUri);
-        commandsManager.processCommand(serviceUser,
+        var juick = makeUserVerified(serviceUser);
+        commandsManager.processCommand(juick, String.format("#%d/1 ban for a hour!", mid), emptyUri);
+        commandsManager.processCommand(juick,
                 String.format("#%d freefd is here but it is hidden from you", mid),
                 emptyUri);
         assertThat(messagesService.getMessage(mid).get().getReplies(), is(3));
@@ -1246,7 +1252,7 @@ public class ServerTests {
         mockMvc.perform(get("/api/thread").with(httpBasic(ugnichName, ugnichPassword)).param("mid",
                         String.valueOf(mid)))
                 .andExpect(jsonPath("$[0].replies", is(1)));
-        commandsManager.processCommand(serviceUser, String.format("#%d/4 mmm?!", mid), emptyUri);
+        commandsManager.processCommand(juick, String.format("#%d/4 mmm?!", mid), emptyUri);
         assertThat(messagesService.getMessage(mid).get().getReplies(), is(5));
         replies = messagesService.getReplies(ugnich, mid);
         reply = messagesService.getReply(mid, 5);
@@ -1264,8 +1270,8 @@ public class ServerTests {
         int freefdMsg = messagesService.createMessage(freefd.getUid(), "sux", null, Set.of(tag));
         assertThat(messagesService.getTag(tag.getId(), freefd.getUid(), 0, 10).size(), is(1));
         assertThat(messagesService.getTag(tag.getId(), ugnich.getUid(), 0, 10).size(), is(0));
-        messagesService.recommendMessage(freefdMsg, serviceUser.getUid());
-        assertThat(messagesService.getUserBlogWithRecommendations(serviceUser, ugnich, 0, 0)
+        messagesService.recommendMessage(freefdMsg, juick.getUid());
+        assertThat(messagesService.getUserBlogWithRecommendations(juick, ugnich, 0, 0)
                         .contains(freefdMsg),
                 is(false));
         commandsManager.processCommand(ugnich, "BL @freefd", emptyUri);
@@ -2167,19 +2173,30 @@ public class ServerTests {
         assertThat(top.size(), is(1));
     }
 
+    private User makeUserVerified(User user) {
+        var id = System.currentTimeMillis();
+        telegramService.createTelegramUser(id, user.getName());
+        var hash = userService.getSignUpHashByTelegramID(id, user.getName());
+        userService.setTelegramUser(hash, user.getUid());
+        return userService.getUserByName(user.getName());
+    }
+
     @Test
     public void verifiedUsersTest() {
-        assertThat(userService.getUserByName("ugnich").isVerified(), is(false));
-        jdbcTemplate.update("INSERT INTO telegram(user_id, tg_id, tg_name) VALUES(?, ?, ?)", ugnich.getUid(),
-                100001866137681L, "tg_test");
-        assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(false));
+        var user = userService.createUser("new_unverified_user", "evil").orElseThrow();
+        assertThat(userService.getUserByName(user.getName()).isVerified(), is(false));
+        user = makeUserVerified(user);
+        assertThat(userService.getUserByName(user.getName()).isVerified(), is(true));
+        assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(false));
         userService.addFacebookState("12345", "http://localhost");
-        userService.createFacebookUser(12345, "12345", "5678", "ugnich");
-        userService.setFacebookUser("12345", ugnich.getUid());
-        assertThat(userService.getUserByName("ugnich").isVerified(), is(true));
-        assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(true));
+        userService.createFacebookUser(12345, "12345", "5678", user.getName());
+        userService.setFacebookUser("12345", user.getUid());
+        assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(true));
         jdbcTemplate.update("DELETE FROM facebook");
-        assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(false));
+        assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(false));
+        assertThat(userService.getUserByName(user.getName()).isVerified(), is(true));
+        telegramService.deleteTelegramUser(user.getUid());
+        assertThat(userService.getUserByName(user.getName()).isVerified(), is(false));
     }
 
     @Test
-- 
cgit v1.2.3