(t *testing.T)
| 15 | ) |
| 16 | |
| 17 | func TestUser(t *testing.T) { |
| 18 | ctx := context.Background() |
| 19 | fix := testadmin.New(t) |
| 20 | |
| 21 | t.Run("Deleting a user", func(t *testing.T) { |
| 22 | // Create a superuser and two normal users |
| 23 | _, sc1 := fix.NewSuperuser(t) |
| 24 | u2, c2 := fix.NewUser(t) |
| 25 | u3, c3 := fix.NewUser(t) |
| 26 | |
| 27 | // A normal user can't delete another normal user |
| 28 | _, err := c2.DeleteUser(ctx, &adminv1.DeleteUserRequest{ |
| 29 | Email: u3.Email, |
| 30 | }) |
| 31 | require.Error(t, err) |
| 32 | require.Equal(t, codes.PermissionDenied, grpc.Code(err)) |
| 33 | |
| 34 | // A normal user can delete themselves |
| 35 | _, err = c2.DeleteUser(ctx, &adminv1.DeleteUserRequest{ |
| 36 | Email: u2.Email, |
| 37 | }) |
| 38 | require.NoError(t, err) |
| 39 | fix.Admin.PurgeAuthTokenCache() |
| 40 | |
| 41 | _, err = c2.GetCurrentUser(ctx, &adminv1.GetCurrentUserRequest{}) |
| 42 | require.Error(t, err) |
| 43 | require.Equal(t, codes.Unauthenticated, grpc.Code(err)) |
| 44 | |
| 45 | // A superuser can delete any user |
| 46 | _, err = sc1.DeleteUser(ctx, &adminv1.DeleteUserRequest{ |
| 47 | Email: u3.Email, |
| 48 | SuperuserForceAccess: true, |
| 49 | }) |
| 50 | require.NoError(t, err) |
| 51 | fix.Admin.PurgeAuthTokenCache() |
| 52 | |
| 53 | _, err = c3.GetCurrentUser(ctx, &adminv1.GetCurrentUserRequest{}) |
| 54 | require.Error(t, err) |
| 55 | require.Equal(t, codes.Unauthenticated, grpc.Code(err)) |
| 56 | }) |
| 57 | |
| 58 | t.Run("Single-user orgs quota", func(t *testing.T) { |
| 59 | u1, c1 := fix.NewUser(t) |
| 60 | |
| 61 | _, err := fix.Admin.DB.UpdateUser(ctx, u1.ID, &database.UpdateUserOptions{ |
| 62 | QuotaSingleuserOrgs: 3, |
| 63 | }) |
| 64 | require.NoError(t, err) |
| 65 | |
| 66 | for i := 0; i < 4; i++ { |
| 67 | orgName := "org" + strconv.Itoa(i) |
| 68 | org, err := c1.CreateOrganization(ctx, &adminv1.CreateOrganizationRequest{ |
| 69 | Name: orgName, |
| 70 | }) |
| 71 | if err != nil { |
| 72 | require.Equal(t, codes.FailedPrecondition, status.Code(err), "error is: %v", err) |
| 73 | require.ErrorContains(t, err, "quota exceeded") |
| 74 | break |
nothing calls this directly
no test coverage detected