From 0fb60ae72d8387abf6280874d85379cb502d6bca Mon Sep 17 00:00:00 2001
From: Hunter Kehoe <hunter.kehoe@gmail.com>
Date: Thu, 22 May 2025 20:01:50 -0600
Subject: [PATCH] test change user password and tier in single request

---
 server/server_admin_test.go | 52 +++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/server/server_admin_test.go b/server/server_admin_test.go
index 80da3224..98c268e9 100644
--- a/server/server_admin_test.go
+++ b/server/server_admin_test.go
@@ -143,6 +143,58 @@ func TestUser_ChangeUserTier(t *testing.T) {
 	require.Equal(t, "tier2", users[1].Tier.Code)
 }
 
+func TestUser_ChangeUserPasswordAndTier(t *testing.T) {
+	s := newTestServer(t, newTestConfigWithAuthFile(t))
+	defer s.closeDatabases()
+
+	// Create admin, tier
+	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleAdmin))
+	require.Nil(t, s.userManager.AddTier(&user.Tier{
+		Code: "tier1",
+	}))
+	require.Nil(t, s.userManager.AddTier(&user.Tier{
+		Code: "tier2",
+	}))
+
+	// Create user with tier via API
+	rr := request(t, s, "POST", "/v1/users", `{"username": "ben", "password":"ben", "tier": "tier1"}`, map[string]string{
+		"Authorization": util.BasicAuth("phil", "phil"),
+	})
+	require.Equal(t, 200, rr.Code)
+
+	// Check users
+	users, err := s.userManager.Users()
+	require.Nil(t, err)
+	require.Equal(t, 3, len(users))
+	require.Equal(t, "phil", users[0].Name)
+	require.Equal(t, "ben", users[1].Name)
+	require.Equal(t, user.RoleUser, users[1].Role)
+	require.Equal(t, "tier1", users[1].Tier.Code)
+
+	// Change user password and tier via API
+	rr = request(t, s, "PUT", "/v1/users", `{"username": "ben", "password":"ben-two", "tier": "tier2"}`, map[string]string{
+		"Authorization": util.BasicAuth("phil", "phil"),
+	})
+	require.Equal(t, 200, rr.Code)
+
+	// Make sure first password fails
+	rr = request(t, s, "POST", "/v1/account/token", "", map[string]string{
+		"Authorization": util.BasicAuth("ben", "ben"),
+	})
+	require.Equal(t, 401, rr.Code)
+
+	// Try to login with second password
+	rr = request(t, s, "POST", "/v1/account/token", "", map[string]string{
+		"Authorization": util.BasicAuth("ben", "ben-two"),
+	})
+	require.Equal(t, 200, rr.Code)
+
+	// Check new tier
+	users, err = s.userManager.Users()
+	require.Nil(t, err)
+	require.Equal(t, "tier2", users[1].Tier.Code)
+}
+
 func TestUser_DontChangeAdminPassword(t *testing.T) {
 	s := newTestServer(t, newTestConfigWithAuthFile(t))
 	defer s.closeDatabases()