Cleaning out old code, adding more tests.

Author: elliotcourant

.dockerignore

@@ -1,5 +1,6 @@
 # Ignore everything
 **
+node_modules
 
 # Allow the golang stuff.
 !/pkg/**

Makefile.local

@@ -84,8 +84,8 @@ init-mini: info local-dependencies-maybe
 	make deploy-redis
 	make deploy-postgres
 	make vault-mini
-	make deploy-mini-application
 	make mail-mini
+	make deploy-mini-application
 	make vault-token
 	$(call infoMsg,Local environment is setup; you should be able to access the API at: https://api.$(LOCAL_DOMAIN))
 
@@ -511,7 +511,7 @@ work-mini:
 	@echo "\033[0;31m#################################################################################\033[0m"
 
 ###################### Mailhog UI ##################################
-mail-mini:
+mail-mini: $(VALUES)
 	$(KUBECTL) apply -f $(PWD)/minikube/mailhog.yaml \
 		--namespace $(MINIKUBE_NAMESPACE)
 	$(KUBECTL) rollout status deploy/mail \

pkg/communication/comms.go

@@ -0,0 +1,14 @@
+package communication
+
+import (
+	"context"
+	"github.com/monetr/rest-api/pkg/models"
+)
+
+type VerifyEmailParams struct {
+	Login models.Login
+}
+
+type UserCommunication interface {
+	SendVerificationEmail(ctx context.Context, params VerifyEmailParams) error
+}

pkg/communication/smtp.go

@@ -57,6 +57,10 @@ func (s *smtpCommunication) Send(ctx context.Context, request SendEmailRequest)
 	builder.WriteString(request.To)
 	builder.WriteRune('\r')
 	builder.WriteRune('\n')
+	builder.WriteString("From: ")
+	builder.WriteString(request.From)
+	builder.WriteRune('\r')
+	builder.WriteRune('\n')
 	builder.WriteString("Subject: ")
 	builder.WriteString(request.Subject)
 	builder.WriteRune('\r')

pkg/communication/smtp_mini_test.go

@@ -0,0 +1,34 @@
+//+build mini
+
+package communication
+
+import (
+	"context"
+	"fmt"
+	"github.com/monetr/rest-api/pkg/config"
+	"github.com/monetr/rest-api/pkg/internal/testutils"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func TestSmtpCommunication_Send(t *testing.T) {
+	t.Run("simple", func(t *testing.T) {
+		mail := NewSMTPCommunication(testutils.GetLog(t), config.SMTPClient{
+			Enabled:      true,
+			Username:     "restapi",
+			Password:     "mailpassword",
+			Host:         "mail.default.svc.cluster.local",
+			Port:         1025,
+			VerifyEmails: true,
+		})
+
+		err := mail.Send(context.Background(), SendEmailRequest{
+			From:    fmt.Sprintf("no-reply@%s", "monetr.mini"),
+			To:      "[email protected]",
+			Subject: "Verify your email address",
+			IsHTML:  true,
+			Content: "<html><body><h1>Hello World!</h1></body></html>",
+		})
+		assert.NoError(t, err, "should succeed")
+	})
+}

pkg/config/configuration.go

@@ -73,10 +73,13 @@ type SMTPClient struct {
 	Password string
 	Host     string
 	Port     int
-
 	VerifyEmails bool
 }
 
+func (s SMTPClient) ShouldVerifyEmails() bool {
+	return s.Enabled && s.VerifyEmails
+}
+
 type SendGrid struct {
 	Enabled   bool
 	APIKey    string
@@ -93,6 +96,14 @@ type ReCAPTCHA struct {
 	VerifyRegister bool
 }
 
+func (r ReCAPTCHA) ShouldVerifyLogin() bool {
+	return r.Enabled && r.VerifyLogin
+}
+
+func (r ReCAPTCHA) ShouldVerifyRegistration() bool {
+	return r.Enabled && r.VerifyRegister
+}
+
 type Plaid struct {
 	ClientID     string
 	ClientSecret string

pkg/controller/account.go

@@ -3,9 +3,17 @@ package controller
 // SubscriptionNotActiveError is returned to the client whenever they attempt to make an API call to an endpoint that
 // requires an active subscription.
 type SubscriptionNotActiveError struct {
+	// Will include a message indicating that the user's subscription is not active. Will always be returned with a 402
+	// status code.
 	Error string `json:"error" example:"subscription is not active"`
 }
 
+// MalformedJSONError is returned to the client when the request body is not valid JSON or cannot be properly parsed.
+type MalformedJSONError struct {
+	// Will include a message indicating that the request body is not valid JSON.
+	Error string `json:"error" example:"malformed json"`
+}
+
 type ApiError struct {
 	Error string `json:"error" example:"something went wrong on our end"`
 }

pkg/controller/error.go

@@ -2,7 +2,6 @@ package controller
 
 import (
 	"github.com/kataras/iris/v12"
-	"github.com/kataras/iris/v12/context"
 	"github.com/monetr/rest-api/pkg/models"
 	"net/http"
 	"strings"
@@ -13,40 +12,7 @@ func (c *Controller) linksController(p iris.Party) {
 	// GET will list all the links in the current account.
 	p.Get("/", c.getLinks)
 	p.Post("/", c.postLinks)
-
-	p.Put("/{linkId:uint64}", func(ctx *context.Context) {
-		linkId := ctx.Params().GetUint64Default("linkId", 0)
-		if linkId == 0 {
-			c.returnError(ctx, http.StatusBadRequest, "must specify a link Id to update")
-			return
-		}
-
-		var link models.Link
-		if err := ctx.ReadJSON(&link); err != nil {
-			// TODO (elliotcourant) Add tests for malformed json.
-			c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "malformed JSON")
-			return
-		}
-
-		link.LinkId = linkId
-
-		// We are not going to update default value or null fields. So we can simply clear these fields out to make sure
-		// the user does not overwrite them somehow.
-		link.CreatedByUserId = 0 // Make sure they don't change the created by userId.
-		link.CreatedAt = time.Time{}
-		link.InstitutionName = "" // This cannot be changed. If the user wants to set a name then they need to change the custom one.
-		link.LinkType = 0         // Make sure they don't change the link type. This can be changed, but not by the user.
-		link.PlaidLinkId = nil    // Make sure they don't change the plaidLink.
-
-		repo := c.mustGetAuthenticatedRepository(ctx)
-
-		if err := repo.UpdateLink(&link); err != nil {
-			c.wrapPgError(ctx, err, "could not update link")
-			return
-		}
-
-		ctx.JSON(link)
-	})
+	p.Put("/{linkId:uint64}", c.putLinks)
 }
 
 // List all links
@@ -58,8 +24,9 @@ func (c *Controller) linksController(p iris.Party) {
 // @Security ApiKeyAuth
 // @Router /links [get]
 // @Success 200 {array} swag.LinkResponse
+// @Failure 402 {object} SubscriptionNotActiveError The user's subscription is not active.
 // @Failure 500 {object} ApiError Something went wrong on our end.
-func (c *Controller) getLinks(ctx *context.Context) {
+func (c *Controller) getLinks(ctx iris.Context) {
 	repo := c.mustGetAuthenticatedRepository(ctx)
 
 	links, err := repo.GetLinks()
@@ -82,9 +49,10 @@ func (c *Controller) getLinks(ctx *context.Context) {
 // @Router /links [post]
 // @Param newLink body swag.CreateLinkRequest true "New Manual Link"
 // @Success 200 {object} swag.LinkResponse "Newly created manual link"
-// @Failure 400 {object} ApiError "Malformed JSON."
+// @Failure 400 {object} MalformedJSONError "Malformed JSON."
+// @Failure 402 {object} SubscriptionNotActiveError The user's subscription is not active.
 // @Failure 500 {object} ApiError "Something went wrong on our end."
-func (c *Controller) postLinks(ctx *context.Context) {
+func (c *Controller) postLinks(ctx iris.Context) {
 	var link models.Link
 	if err := ctx.ReadJSON(&link); err != nil {
 		c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "malformed JSON")
@@ -104,3 +72,36 @@ func (c *Controller) postLinks(ctx *context.Context) {
 
 	ctx.JSON(link)
 }
+
+func (c *Controller) putLinks(ctx iris.Context) {
+	linkId := ctx.Params().GetUint64Default("linkId", 0)
+	if linkId == 0 {
+		c.returnError(ctx, http.StatusBadRequest, "must specify a link Id to update")
+		return
+	}
+
+	var link models.Link
+	if err := ctx.ReadJSON(&link); err != nil {
+		c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "malformed JSON")
+		return
+	}
+
+	link.LinkId = linkId
+
+	// We are not going to update default value or null fields. So we can simply clear these fields out to make sure
+	// the user does not overwrite them somehow.
+	link.CreatedByUserId = 0 // Make sure they don't change the created by userId.
+	link.CreatedAt = time.Time{}
+	link.InstitutionName = "" // This cannot be changed. If the user wants to set a name then they need to change the custom one.
+	link.LinkType = 0         // Make sure they don't change the link type. This can be changed, but not by the user.
+	link.PlaidLinkId = nil    // Make sure they don't change the plaidLink.
+
+	repo := c.mustGetAuthenticatedRepository(ctx)
+
+	if err := repo.UpdateLink(&link); err != nil {
+		c.wrapPgError(ctx, err, "could not update link")
+		return
+	}
+
+	ctx.JSON(link)
+}

pkg/controller/jobs.go

@@ -41,14 +41,15 @@ func (c *Controller) loginEndpoint(ctx iris.Context) {
 		Captcha  string `json:"captcha"`
 	}
 	if err := ctx.ReadJSON(&loginRequest); err != nil {
-		c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "failed to decode login request")
+		c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "malformed json")
 		return
 	}
 
 	// This will take the captcha from the request and validate it if the API is
 	// configured to do so. If it is enabled and the captcha fails then an error
 	// is returned to the client.
-	if err := c.validateCaptchaMaybe(c.getContext(ctx), loginRequest.Captcha); err != nil {
+
+	if err := c.validateLoginCaptcha(c.getContext(ctx), loginRequest.Captcha); err != nil {
 		c.wrapAndReturnError(ctx, err, http.StatusBadRequest, "valid ReCAPTCHA is required")
 		return
 	}