libeufin

Integration and sandbox testing for FinTech APIs and data formats
Log | Files | Refs | Submodules | README | LICENSE
commit a4c712759f30fa5b62ca5ed3497680e0fcecc3e5
parent 6aeac38dcf0fa31b45f63b455f0dc1a143a281b7
Author: ms <ms@taler.net>
Date:   Sat, 30 Jan 2021 13:34:46 +0100

Fix integration tests.

Adapt those to the fact that most operations
are now only doable by the super user.

Diffstat:

Mintegration-tests/tests.py | 24+++++++++++-------------


Mnexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt | 10+++++++++-


2 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/integration-tests/tests.py b/integration-tests/tests.py
@@ -66,17 +66,9 @@ def prepareSandbox():
         )
     )
 
+# most of the operations are run by the superuser.
 def prepareNexus():
     makeNexusSuperuser()
-    # make a new nexus user.
-    assertResponse(
-        post(
-            f"{PERSONA.nexus.base_url}/users",
-            auth=auth.HTTPBasicAuth("admin", "x"),
-            json=dict(username=PERSONA.nexus.username, password=PERSONA.nexus.password),
-        )
-    )
-    # make a ebics bank connection for the new user.
     assertResponse(
         post(
             f"{PERSONA.nexus.base_url}/bank-connections",
@@ -135,8 +127,14 @@ def teardown_function():
     dropSandboxTables()
     dropNexusTables()
 
-# def test_double_username():
-
+def test_double_username():
+    assertResponse(
+        post(f"{PERSONA.nexus.base_url}/users",
+             auth=PERSONA.nexus.auth,
+             json=dict(username="admin", password="secret")
+        ),
+        acceptedResponses=[409]
+    )
 
 def test_change_nonadmin_password():
     assertResponse(
@@ -160,7 +158,7 @@ def test_change_nonadmin_password():
         )
     )
 
-    resp = assertResponse(
+    assertResponse(
         get(
             f"{PERSONA.nexus.base_url}/bank-accounts",
             auth=auth.HTTPBasicAuth("nonadmin", "changed")
@@ -470,7 +468,7 @@ def test_double_connection_name():
             ),
             auth=PERSONA.nexus.auth
         ),
-        [406] # expecting "406 Not acceptable"
+        [409] # Conflict
     )
 
 def test_ingestion_camt53_non_singleton():
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -355,6 +355,14 @@ fun serverMain(dbName: String, host: String, port: Int) {
                 val requestedUsername = requireValidResourceName(body.username)
                 transaction {
                     requireSuperuser(call.request)
+                    // check if username is available
+                    val checkUsername = NexusUserEntity.find {
+                        NexusUsersTable.username eq requestedUsername
+                    }.firstOrNull()
+                    if (checkUsername != null) throw NexusError(
+                        HttpStatusCode.Conflict,
+                        "Username $requestedUsername unavailable"
+                    )
                     NexusUserEntity.new {
                         username = requestedUsername
                         passwordHash = CryptoUtil.hashpw(body.password)
@@ -720,7 +728,7 @@ fun serverMain(dbName: String, host: String, port: Int) {
                         NexusBankConnectionEntity.find { NexusBankConnectionsTable.connectionId eq body.name }
                             .firstOrNull()
                     if (existingConn != null) {
-                        throw NexusError(HttpStatusCode.NotAcceptable, "connection '${body.name}' exists already")
+                        throw NexusError(HttpStatusCode.Conflict, "connection '${body.name}' exists already")
                     }
                     when (body) {
                         is CreateBankConnectionFromBackupRequestJson -> {