test_that("load users", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
unlink(tmp)
})
test_that("add 1 user", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user <- create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(length(user), 7)
expect_equal(length(user[["username"]]), 1)
expect_equal(nrow(get_all_users(tmp)), 1)
unlink(tmp)
})
test_that("do not add same user twice", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user <- create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(length(user[["username"]]), 1)
user <- create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(length(user[["username"]]), 1)
expect_equal(nrow(get_all_users(tmp)), 1)
unlink(tmp)
})
test_that("get user test", {
tmp <- tempfile("testdb")
expect_null(get_user("test", tmp))
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(length(get_user("test", tmp)), 7)
expect_equal(length(get_user("test", tmp)[["username"]]), 1)
unlink(tmp)
})
test_that("user key encryption", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
encrypted_key <- get_user_key("test", tmp)
decrypted_key <- decrypt_redcap_key("MyP@55W0rD!", encrypted_key)
expect_equal(decrypted_key, key)
unlink(tmp)
})
test_that("can't decrypt key with wrong password", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
encrypted_key <- get_user_key("test", tmp)
decrypted_key <- decrypt_redcap_key("MyP@55W0rD!B@d", encrypted_key)
expect_null(decrypted_key)
unlink(tmp)
})
test_that("missing user name returns NULL", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
expect_null(get_user("foo", tmp))
unlink(tmp)
})
test_that("user is valid", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
v <- validate_user("test", "MyP@55W0rD!", tmp)
expect_true(v)
unlink(tmp)
})
test_that("corrupted user is not valid", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
con <- DBI::dbConnect(RSQLite::SQLite(), tmp)
new_user <- create_user_df("test", "MyP@55W0rD!", key)
new_user$role <- "admin" #Corrupt the user
DBI::dbWriteTable(con, "users", new_user, overwrite = F, append = T)
DBI::dbDisconnect(con)
v <- validate_user("test", "MyP@55W0rD!", tmp)
expect_false(v)
unlink(tmp)
})
test_that("user with bad password is not valid", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
v <- validate_user("test", "MyP@55W0rD!B@d", tmp)
expect_false(v)
unlink(tmp)
})
test_that("missing user is not valid", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
v <- validate_user("test2", "MyP@55W0rD!", tmp)
expect_false(v)
unlink(tmp)
})
test_that("password can be checked", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
expect_true(check_password("test", tmp, "MyP@55W0rD!"))
expect_false(check_password("test", tmp, "MyP@55W0rD!B@d"))
expect_false(check_password("test2", tmp, "MyP@55W0rD!"))
unlink(tmp)
})
test_that("can't get key for missing user", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
expect_null(get_user_key("test2", tmp))
unlink(tmp)
})
test_that("can't update user with bad password or missing user", {
tmp <- tempfile("testdb")
key <- "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = key,
database = tmp
)
expect_null(update_user("test2", tmp, "MyP@55W0rD!"))
expect_null(update_user("test", tmp, "MyP@55W0rD!B@d"))
unlink(tmp)
})
test_that("can update user", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user1 <- create_user(
username = "test1",
password = "MyP@55W0rD!1",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
user2 <- create_user(
username = "test2",
password = "MyP@55W0rD!2",
redcap_key = "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 2)
u2 <- update_user("test2", tmp, "MyP@55W0rD!2", role = "new_role")
expect_equal(length(u2), 7)
expect_equal(length(u2[["username"]]), 1)
expect_true(user2[["username"]] == u2[["username"]])
expect_true(u2[["role"]] == "basic")
expect_true(check_password("test2", tmp, "MyP@55W0rD!2"))
expect_true(validate_user("test2", "MyP@55W0rD!2", tmp))
u3 <- update_user("test2", tmp, "MyP@55W0rD!2", password = "MyP@55W0rD!New")
expect_false(u3[["passwd_hash"]] == u2[["passwd_hash"]])
expect_false(check_password("test2", tmp, "MyP@55W0rD!2"))
expect_true(check_password("test2", tmp, "MyP@55W0rD!New"))
expect_true(validate_user("test2", "MyP@55W0rD!New", tmp))
key <- "CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC"
u4 <- update_user("test2", tmp, "MyP@55W0rD!New", key = key)
expect_true(validate_user("test2", "MyP@55W0rD!New", tmp))
encrypted_key <- get_user_key("test2", tmp)
decrypted_key <- decrypt_redcap_key("MyP@55W0rD!New", encrypted_key)
expect_equal(decrypted_key, key)
unlink(tmp)
})
test_that("can update user role", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user1 <- create_user(
username = "test1",
password = "MyP@55W0rD!1",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
user2 <- create_user(
username = "test2",
password = "MyP@55W0rD!2",
redcap_key = "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 2)
expect_equal(user1$role, "admin")
update_user_with_admin_access("test1", "MyP@55W0rD!1B@d", "test2", "MyP@55W0rD!2", tmp, role="New_role")
expect_equal(get_user("test2", tmp)$role, "basic")
update_user_with_admin_access("test1", "MyP@55W0rD!1", "test2", "MyP@55W0rD!2B@d", tmp, role="New_role")
expect_equal(get_user("test2", tmp)$role, "basic")
update_user_with_admin_access("test2", "MyP@55W0rD!2", "test2", "MyP@55W0rD!2", tmp, role="New_role")
expect_equal(get_user("test2", tmp)$role, "basic")
update_user_with_admin_access("test1", "MyP@55W0rD!1", "test2", "MyP@55W0rD!2", tmp, role="New_role")
expect_equal(get_user("test2", tmp)$role, "New_role")
unlink(tmp)
})
test_that("random password can be generated", {
p <- generate_password()
expect_equal(nchar(p), 32)
p <- generate_password(8)
expect_equal(nchar(p), 8)
p <- generate_password()
expect_true(check_password_strength(p)$score > 2)
})
test_that("user can be deleted", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user1 <- create_user(
username = "test1",
password = "MyP@55W0rD!1",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
user2 <- create_user(
username = "test2",
password = "MyP@55W0rD!2",
redcap_key = "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 2)
expect_false(delete_user("test2", "MyP@55W0rD!2", "test1", tmp))
expect_equal(nrow(get_all_users(tmp)), 2)
expect_true(delete_user("test1", "MyP@55W0rD!1", "test2", tmp))
expect_equal(nrow(get_all_users(tmp)), 1)
unlink(tmp)
})
test_that("user can't be deleted without password", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user1 <- create_user(
username = "test1",
password = "MyP@55W0rD!1",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
user2 <- create_user(
username = "test2",
password = "MyP@55W0rD!2",
redcap_key = "BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 2)
expect_false(delete_user("test1", "MyP@55W0rD!B@d", "test2", tmp))
expect_equal(nrow(get_all_users(tmp)), 2)
unlink(tmp)
})
test_that("password score as expected", {
unlink("zxcvbn.js")
password <- "aaa"
expect_equal(check_password_strength(password)$score, 0)
password <- "aaa123456"
expect_equal(check_password_strength(password)$score, 1)
password <- "MyP@55W0rD!"
expect_equal(check_password_strength(password)$score, 2)
password <- "MyGre@tP@55W0rD"
expect_equal(check_password_strength(password)$score, 3)
password <- "MyGre@tP@55W0rD!!"
expect_equal(check_password_strength(password)$score, 4)
password <- "HTyM=SK)W:n9qK7!D$#n!jrB7\aB[mKs"
expect_equal(check_password_strength(password)$score, 4)
})
test_that("can't create a user with password too simple", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user <- create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 1)
user <- create_user(
username = "test2",
password = "mypassword",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 1)
unlink(tmp)
})
test_that("can't update a user with password too simple", {
tmp <- tempfile("testdb")
expect_equal(nrow(get_all_users(tmp)), 0)
user <- create_user(
username = "test",
password = "MyP@55W0rD!",
redcap_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
database = tmp
)
expect_equal(nrow(get_all_users(tmp)), 1)
expect_null(update_user("test", tmp, "MyP@55W0rD!", password = "mypassword"))
unlink(tmp)
})
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.