-- Test check_cookie set client_min_messages to warning; create extension if not exists pgtap; reset client_min_messages; begin; select plan(15); set search_path to auth, numerus, public; select has_function('public', 'check_cookie', array ['text']); select function_lang_is('public', 'check_cookie', array ['text'], 'plpgsql'); select function_returns('public', 'check_cookie', array ['text'], 'record'); select is_definer('public', 'check_cookie', array ['text']); select volatility_is('public', 'check_cookie', array ['text'], 'stable'); select function_privs_are('public', 'check_cookie', array ['text'], 'guest', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'invoicer', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'admin', array []::text[]); select function_privs_are('public', 'check_cookie', array ['text'], 'authenticator', array ['EXECUTE']); set client_min_messages to warning; truncate auth."user" cascade; reset client_min_messages; insert into auth."user" (email, name, password, role, cookie, cookie_expires_at) values ('demo@tandem.blog', 'Demo', 'test', 'invoicer', '44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e', current_timestamp + interval '1 month') , ('admin@tandem.blog', 'Demo', 'test', 'admin', '12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524', current_timestamp + interval '1 month') ; select results_eq ( $$ select * from check_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog') as (e text, r name) $$, $$ values ('demo@tandem.blog', 'invoicer'::name) $$, 'Should validate the cookie for the first user' ); select results_eq ( $$ select * from check_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog') as (e text, r name) $$, $$ values ('admin@tandem.blog', 'admin'::name) $$, 'Should validate the cookie for the second user' ); select results_eq ( $$ select * from check_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/admin@tandem.blog') as (e text, r name) $$, $$ values ('', 'guest'::name) $$, 'Should only match with the correct email' ); select results_eq ( $$ select * from check_cookie('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/admin@tandem.blog') as (e text, r name) $$, $$ values ('', 'guest'::name) $$, 'Should only match with the correct cookie value' ); update "user" set cookie_expires_at = current_timestamp - interval '1 minute'; select results_eq ( $$ select * from check_cookie('44facbb30d8a419dfd4bfbc44a4b5539d4970148dfc84bed0e/demo@tandem.blog') as (e text, r name) $$, $$ values ('', 'guest'::name) $$, 'Should not allow expired cookies' ); select results_eq ( $$ select * from check_cookie('12af4c88b528c2ad4222e3740496ecbc58e76e26f087657524/admin@tandem.blog') as (e text, r name) $$, $$ values ('', 'guest'::name) $$, 'Should not allow expired cookied for the other user as well' ); select * from finish(); rollback;