mirror of
https://github.com/coder/coder.git
synced 2025-07-09 11:45:56 +00:00
test: add unit test to excercise bug when idp sync hits deleted orgs (#17405)
Deleted organizations are still attempting to sync members. This causes an error on inserting the member, and would likely cause issues later in the sync process even if that member is inserted. Deleted orgs should be skipped.
This commit is contained in:
@ -1,6 +1,7 @@
|
||||
package idpsync_test
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"testing"
|
||||
|
||||
"github.com/golang-jwt/jwt/v4"
|
||||
@ -8,6 +9,11 @@ import (
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"cdr.dev/slog/sloggers/slogtest"
|
||||
"github.com/coder/coder/v2/coderd/database"
|
||||
"github.com/coder/coder/v2/coderd/database/db2sdk"
|
||||
"github.com/coder/coder/v2/coderd/database/dbfake"
|
||||
"github.com/coder/coder/v2/coderd/database/dbgen"
|
||||
"github.com/coder/coder/v2/coderd/database/dbtestutil"
|
||||
"github.com/coder/coder/v2/coderd/idpsync"
|
||||
"github.com/coder/coder/v2/coderd/runtimeconfig"
|
||||
"github.com/coder/coder/v2/testutil"
|
||||
@ -38,3 +44,108 @@ func TestParseOrganizationClaims(t *testing.T) {
|
||||
require.False(t, params.SyncEntitled)
|
||||
})
|
||||
}
|
||||
|
||||
func TestSyncOrganizations(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
// This test creates some deleted organizations and checks the behavior is
|
||||
// correct.
|
||||
t.Run("SyncUserToDeletedOrg", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitMedium)
|
||||
db, _ := dbtestutil.NewDB(t)
|
||||
user := dbgen.User(t, db, database.User{})
|
||||
|
||||
// Create orgs for:
|
||||
// - stays = User is a member, and stays
|
||||
// - leaves = User is a member, and leaves
|
||||
// - joins = User is not a member, and joins
|
||||
// For deleted orgs, the user **should not** be a member of afterwards.
|
||||
// - deletedStays = User is a member of deleted org, and wants to stay
|
||||
// - deletedLeaves = User is a member of deleted org, and wants to leave
|
||||
// - deletedJoins = User is not a member of deleted org, and wants to join
|
||||
stays := dbfake.Organization(t, db).Members(user).Do()
|
||||
leaves := dbfake.Organization(t, db).Members(user).Do()
|
||||
joins := dbfake.Organization(t, db).Do()
|
||||
|
||||
deletedStays := dbfake.Organization(t, db).Members(user).Deleted(true).Do()
|
||||
deletedLeaves := dbfake.Organization(t, db).Members(user).Deleted(true).Do()
|
||||
deletedJoins := dbfake.Organization(t, db).Deleted(true).Do()
|
||||
|
||||
// Now sync the user to the deleted organization
|
||||
s := idpsync.NewAGPLSync(
|
||||
slogtest.Make(t, &slogtest.Options{}),
|
||||
runtimeconfig.NewManager(),
|
||||
idpsync.DeploymentSyncSettings{
|
||||
OrganizationField: "orgs",
|
||||
OrganizationMapping: map[string][]uuid.UUID{
|
||||
"stay": {stays.Org.ID, deletedStays.Org.ID},
|
||||
"leave": {leaves.Org.ID, deletedLeaves.Org.ID},
|
||||
"join": {joins.Org.ID, deletedJoins.Org.ID},
|
||||
},
|
||||
OrganizationAssignDefault: false,
|
||||
},
|
||||
)
|
||||
|
||||
err := s.SyncOrganizations(ctx, db, user, idpsync.OrganizationParams{
|
||||
SyncEntitled: true,
|
||||
MergedClaims: map[string]interface{}{
|
||||
"orgs": []string{"stay", "join"},
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
orgs, err := db.GetOrganizationsByUserID(ctx, database.GetOrganizationsByUserIDParams{
|
||||
UserID: user.ID,
|
||||
Deleted: sql.NullBool{},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
require.Len(t, orgs, 2)
|
||||
|
||||
// Verify the user only exists in 2 orgs. The one they stayed, and the one they
|
||||
// joined.
|
||||
inIDs := db2sdk.List(orgs, func(org database.Organization) uuid.UUID {
|
||||
return org.ID
|
||||
})
|
||||
require.ElementsMatch(t, []uuid.UUID{stays.Org.ID, joins.Org.ID}, inIDs)
|
||||
})
|
||||
|
||||
t.Run("UserToZeroOrgs", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitMedium)
|
||||
db, _ := dbtestutil.NewDB(t)
|
||||
user := dbgen.User(t, db, database.User{})
|
||||
|
||||
deletedLeaves := dbfake.Organization(t, db).Members(user).Deleted(true).Do()
|
||||
|
||||
// Now sync the user to the deleted organization
|
||||
s := idpsync.NewAGPLSync(
|
||||
slogtest.Make(t, &slogtest.Options{}),
|
||||
runtimeconfig.NewManager(),
|
||||
idpsync.DeploymentSyncSettings{
|
||||
OrganizationField: "orgs",
|
||||
OrganizationMapping: map[string][]uuid.UUID{
|
||||
"leave": {deletedLeaves.Org.ID},
|
||||
},
|
||||
OrganizationAssignDefault: false,
|
||||
},
|
||||
)
|
||||
|
||||
err := s.SyncOrganizations(ctx, db, user, idpsync.OrganizationParams{
|
||||
SyncEntitled: true,
|
||||
MergedClaims: map[string]interface{}{
|
||||
"orgs": []string{},
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
orgs, err := db.GetOrganizationsByUserID(ctx, database.GetOrganizationsByUserIDParams{
|
||||
UserID: user.ID,
|
||||
Deleted: sql.NullBool{},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
require.Len(t, orgs, 0)
|
||||
})
|
||||
}
|
||||
|
Reference in New Issue
Block a user