MXS-1354: Add creation of basic/admin users to maxctrl

The type of the created user can now be specified with the --type option. Expanded tests that cover the user creation. Also added a test case that checks that basic users are only allowed to read through the REST API.
2017-08-16 11:16:38 +03:00
parent 9d24a63c10
commit 6ee7ed6a38
6 changed files with 85 additions and 9 deletions
--- a/server/core/test/rest-api/test/auth.js
+++ b/server/core/test/rest-api/test/auth.js
@ -25,7 +25,8 @@ describe("Authentication", function() {
            id: "user1",
            type: "inet",
            attributes: {
-                password: "pw1"
+                password: "pw1",
+                account: "admin"
            }
        }
    }
@ -35,13 +36,26 @@ describe("Authentication", function() {
            id: "user2",
            type: "inet",
            attributes: {
-                password: "pw2"
+                password: "pw2",
+                account: "admin"
+            }
+        }
+    }
+
+    var user3 = {
+        data: {
+            id: "user3",
+            type: "inet",
+            attributes: {
+                password: "pw3",
+                account: "basic"
            }
        }
    }

    var auth1 = "http://" + user1.data.id + ":" + user1.data.attributes.password + "@"
    var auth2 = "http://" + user2.data.id + ":" + user2.data.attributes.password + "@"
+    var auth3 = "http://" + user3.data.id + ":" + user3.data.attributes.password + "@"

    it("unauthorized request without authentication", function() {
        return request.get(base_url + "/maxscale")
@ -88,6 +102,25 @@ describe("Authentication", function() {
            .should.be.fulfilled
    })

+    it("create basic user", function() {
+        return request.post(auth2 + host + "/users/inet", { json: user3 })
+            .should.be.fulfilled
+    })
+
+    it("accept read request with basic user", function() {
+        return request.get(auth3 + host + "/servers/server1/")
+            .should.be.fulfilled
+    })
+
+    it("reject write request with basic user", function() {
+        return request.get(auth3 + host + "/servers/server1/")
+            .then(function(res) {
+                var obj = JSON.parse(res)
+                return request.patch(auth3 + host + "/servers/server1/", {json: obj})
+                    .should.be.rejected
+            })
+    })
+
    it("request with wrong user", function() {
        return request.get(auth1 + host + "/maxscale")
            .should.be.rejected
--- a/server/core/test/rest-api/test/users.js
+++ b/server/core/test/rest-api/test/users.js
@ -9,6 +9,7 @@ describe("Users", function() {
            id: "user1",
            type: "inet",
            attributes: {
+                account: "admin"
            }
        }
    }