From dfa030a3765c5b5e43e263234155d344f5c6186e Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 24 May 2024 14:29:55 +0300 Subject: Do not allow unverified users to comment messages --- .../java/com/juick/server/tests/ServerTests.java | 49 +++++++++++++++------- 1 file changed, 33 insertions(+), 16 deletions(-) (limited to 'src/test/java/com') diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index 8b75ab6b..ba672831 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -278,6 +278,8 @@ public class ServerTests { .orElseThrow(IllegalStateException::new); freefd = userService.createUser(freefdName, freefdPassword) .orElseThrow(IllegalStateException::new); + ugnich = makeUserVerified(ugnich); + freefd = makeUserVerified(freefd); webClient.getOptions().setJavaScriptEnabled(false); webClient.getOptions().setCssEnabled(false); isSetUp = true; @@ -660,8 +662,9 @@ public class ServerTests { new TypeReference<>() { }); assertThat(users.size(), is(1)); - assertThat(users.get(0).getTokens().size(), is(1)); - assertThat(users.get(0).getTokens().get(0).token(), equalTo(token)); + // ugnich has durov and apns token + assertThat(users.get(0).getTokens().size(), is(2)); + assertThat(users.get(0).getTokens().stream().filter(t -> t.type().equals("apns")).findFirst().get().token(), equalTo(token)); } @Test @@ -775,6 +778,7 @@ public class ServerTests { public void protocolTests() throws Exception { String tmpDir = storageService.getTemporaryDirectory(); User user = userService.createUser("me", "secret").orElseThrow(IllegalStateException::new); + user = makeUserVerified(user); Tag yo = tagService.getTag("yo", true); Message msg = commandsManager .processCommand(user, "*yo yoyo", @@ -846,6 +850,7 @@ public class ServerTests { last = list.get(0); assertThat(last, equalTo(reply.getCreated())); assertEquals(2, reply.getReplyto()); + readerUser = makeUserVerified(readerUser); assertThat(commandsManager.processCommand(readerUser, "#" + mid + " *yo *there", emptyUri).getText(), startsWith("Reply posted")); assertEquals("Tags are updated", @@ -1230,8 +1235,9 @@ public class ServerTests { CommandResult result = commandsManager.processCommand(ugnich, "freefd - dick", emptyUri); int mid = result.getNewMessage().get().getMid(); commandsManager.processCommand(freefd, String.format("#%d ugnich - dick too", mid), emptyUri); - commandsManager.processCommand(serviceUser, String.format("#%d/1 ban for a hour!", mid), emptyUri); - commandsManager.processCommand(serviceUser, + var juick = makeUserVerified(serviceUser); + commandsManager.processCommand(juick, String.format("#%d/1 ban for a hour!", mid), emptyUri); + commandsManager.processCommand(juick, String.format("#%d freefd is here but it is hidden from you", mid), emptyUri); assertThat(messagesService.getMessage(mid).get().getReplies(), is(3)); @@ -1246,7 +1252,7 @@ public class ServerTests { mockMvc.perform(get("/api/thread").with(httpBasic(ugnichName, ugnichPassword)).param("mid", String.valueOf(mid))) .andExpect(jsonPath("$[0].replies", is(1))); - commandsManager.processCommand(serviceUser, String.format("#%d/4 mmm?!", mid), emptyUri); + commandsManager.processCommand(juick, String.format("#%d/4 mmm?!", mid), emptyUri); assertThat(messagesService.getMessage(mid).get().getReplies(), is(5)); replies = messagesService.getReplies(ugnich, mid); reply = messagesService.getReply(mid, 5); @@ -1264,8 +1270,8 @@ public class ServerTests { int freefdMsg = messagesService.createMessage(freefd.getUid(), "sux", null, Set.of(tag)); assertThat(messagesService.getTag(tag.getId(), freefd.getUid(), 0, 10).size(), is(1)); assertThat(messagesService.getTag(tag.getId(), ugnich.getUid(), 0, 10).size(), is(0)); - messagesService.recommendMessage(freefdMsg, serviceUser.getUid()); - assertThat(messagesService.getUserBlogWithRecommendations(serviceUser, ugnich, 0, 0) + messagesService.recommendMessage(freefdMsg, juick.getUid()); + assertThat(messagesService.getUserBlogWithRecommendations(juick, ugnich, 0, 0) .contains(freefdMsg), is(false)); commandsManager.processCommand(ugnich, "BL @freefd", emptyUri); @@ -2167,19 +2173,30 @@ public class ServerTests { assertThat(top.size(), is(1)); } + private User makeUserVerified(User user) { + var id = System.currentTimeMillis(); + telegramService.createTelegramUser(id, user.getName()); + var hash = userService.getSignUpHashByTelegramID(id, user.getName()); + userService.setTelegramUser(hash, user.getUid()); + return userService.getUserByName(user.getName()); + } + @Test public void verifiedUsersTest() { - assertThat(userService.getUserByName("ugnich").isVerified(), is(false)); - jdbcTemplate.update("INSERT INTO telegram(user_id, tg_id, tg_name) VALUES(?, ?, ?)", ugnich.getUid(), - 100001866137681L, "tg_test"); - assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(false)); + var user = userService.createUser("new_unverified_user", "evil").orElseThrow(); + assertThat(userService.getUserByName(user.getName()).isVerified(), is(false)); + user = makeUserVerified(user); + assertThat(userService.getUserByName(user.getName()).isVerified(), is(true)); + assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(false)); userService.addFacebookState("12345", "http://localhost"); - userService.createFacebookUser(12345, "12345", "5678", "ugnich"); - userService.setFacebookUser("12345", ugnich.getUid()); - assertThat(userService.getUserByName("ugnich").isVerified(), is(true)); - assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(true)); + userService.createFacebookUser(12345, "12345", "5678", user.getName()); + userService.setFacebookUser("12345", user.getUid()); + assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(true)); jdbcTemplate.update("DELETE FROM facebook"); - assertThat(userService.canDeleteTelegramUser(userService.getUserByName("ugnich")), is(false)); + assertThat(userService.canDeleteTelegramUser(userService.getUserByName(user.getName())), is(false)); + assertThat(userService.getUserByName(user.getName()).isVerified(), is(true)); + telegramService.deleteTelegramUser(user.getUid()); + assertThat(userService.getUserByName(user.getName()).isVerified(), is(false)); } @Test -- cgit v1.2.3