iyo
/
go-sqlite3
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Fork github.com/mattn/go-sqlite3 with adjustment for go1.16.2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
2.4 MiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
go-sqlite3/sqlite3_opt_userauth_test.go

643 lines
15 KiB
Raw Permalink Normal View History

adjustment math
1 year ago
 
  1. // Copyright (C) 2018 G.J.R. Timmer <gjr.timmer@gmail.com>.

  2. //

  3. // Use of this source code is governed by an MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. // +build sqlite_userauth

  7. 

  8. package sqlite3
  9. 

  10. import (
  11. 	"database/sql"
  12. 	"fmt"
  13. 	"os"
  14. 	"testing"
  15. )
  16. 

  17. var (
  18. 	conn             *SQLiteConn
  19. 	create           func(t *testing.T, username, password string) (file string, err error)
  20. 	createWithCrypt  func(t *testing.T, username, password, crypt, salt string) (file string, err error)
  21. 	connect          func(t *testing.T, f string, username, password string) (file string, db *sql.DB, c *SQLiteConn, err error)
  22. 	connectWithCrypt func(t *testing.T, f string, username, password string, crypt string, salt string) (file string, db *sql.DB, c *SQLiteConn, err error)
  23. 	authEnabled      func(db *sql.DB) (exists bool, err error)
  24. 	addUser          func(db *sql.DB, username, password string, admin int) (rv int, err error)
  25. 	userExists       func(db *sql.DB, username string) (rv int, err error)
  26. 	isAdmin          func(db *sql.DB, username string) (rv bool, err error)
  27. 	modifyUser       func(db *sql.DB, username, password string, admin int) (rv int, err error)
  28. 	deleteUser       func(db *sql.DB, username string) (rv int, err error)
  29. )
  30. 

  31. func init() {
  32. 	// Create database connection

  33. 	sql.Register("sqlite3_with_conn",
  34. 		&SQLiteDriver{
  35. 			ConnectHook: func(c *SQLiteConn) error {
  36. 				conn = c
  37. 				return nil
  38. 			},
  39. 		})
  40. 

  41. 	create = func(t *testing.T, username, password string) (file string, err error) {
  42. 		var db *sql.DB
  43. 		file, db, _, err = connect(t, "", username, password)
  44. 		db.Close()
  45. 		return
  46. 	}
  47. 

  48. 	createWithCrypt = func(t *testing.T, username, password, crypt, salt string) (file string, err error) {
  49. 		var db *sql.DB
  50. 		file, db, _, err = connectWithCrypt(t, "", "admin", "admin", crypt, salt)
  51. 		db.Close()
  52. 		return
  53. 	}
  54. 

  55. 	connect = func(t *testing.T, f string, username, password string) (file string, db *sql.DB, c *SQLiteConn, err error) {
  56. 		conn = nil // Clear connection

  57. 		file = f   // Copy provided file (f) => file

  58. 		if file == "" {
  59. 			// Create dummy file

  60. 			file = TempFilename(t)
  61. 		}
  62. 

  63. 		params := "?_auth"
  64. 		if len(username) > 0 {
  65. 			params = fmt.Sprintf("%s&_auth_user=%s", params, username)
  66. 		}
  67. 		if len(password) > 0 {
  68. 			params = fmt.Sprintf("%s&_auth_pass=%s", params, password)
  69. 		}
  70. 		db, err = sql.Open("sqlite3_with_conn", "file:"+file+params)
  71. 		if err != nil {
  72. 			defer os.Remove(file)
  73. 			return file, nil, nil, err
  74. 		}
  75. 

  76. 		// Dummy query to force connection and database creation

  77. 		// Will return ErrUnauthorized (SQLITE_AUTH) if user authentication fails

  78. 		if _, err = db.Exec("SELECT 1;"); err != nil {
  79. 			defer os.Remove(file)
  80. 			defer db.Close()
  81. 			return file, nil, nil, err
  82. 		}
  83. 		c = conn
  84. 

  85. 		return
  86. 	}
  87. 

  88. 	connectWithCrypt = func(t *testing.T, f string, username, password string, crypt string, salt string) (file string, db *sql.DB, c *SQLiteConn, err error) {
  89. 		conn = nil // Clear connection

  90. 		file = f   // Copy provided file (f) => file

  91. 		if file == "" {
  92. 			// Create dummy file

  93. 			file = TempFilename(t)
  94. 		}
  95. 

  96. 		db, err = sql.Open("sqlite3_with_conn", "file:"+file+fmt.Sprintf("?_auth&_auth_user=%s&_auth_pass=%s&_auth_crypt=%s&_auth_salt=%s", username, password, crypt, salt))
  97. 		if err != nil {
  98. 			defer os.Remove(file)
  99. 			return file, nil, nil, err
  100. 		}
  101. 

  102. 		// Dummy query to force connection and database creation

  103. 		// Will return ErrUnauthorized (SQLITE_AUTH) if user authentication fails

  104. 		if _, err = db.Exec("SELECT 1;"); err != nil {
  105. 			defer os.Remove(file)
  106. 			defer db.Close()
  107. 			return file, nil, nil, err
  108. 		}
  109. 		c = conn
  110. 

  111. 		return
  112. 	}
  113. 

  114. 	authEnabled = func(db *sql.DB) (exists bool, err error) {
  115. 		err = db.QueryRow("select count(type) from sqlite_master WHERE type='table' and name='sqlite_user';").Scan(&exists)
  116. 		return
  117. 	}
  118. 

  119. 	addUser = func(db *sql.DB, username, password string, admin int) (rv int, err error) {
  120. 		err = db.QueryRow("select auth_user_add(?, ?, ?);", username, password, admin).Scan(&rv)
  121. 		return
  122. 	}
  123. 

  124. 	userExists = func(db *sql.DB, username string) (rv int, err error) {
  125. 		err = db.QueryRow("select count(uname) from sqlite_user where uname=?", username).Scan(&rv)
  126. 		return
  127. 	}
  128. 

  129. 	isAdmin = func(db *sql.DB, username string) (rv bool, err error) {
  130. 		err = db.QueryRow("select isAdmin from sqlite_user where uname=?", username).Scan(&rv)
  131. 		return
  132. 	}
  133. 

  134. 	modifyUser = func(db *sql.DB, username, password string, admin int) (rv int, err error) {
  135. 		err = db.QueryRow("select auth_user_change(?, ?, ?);", username, password, admin).Scan(&rv)
  136. 		return
  137. 	}
  138. 

  139. 	deleteUser = func(db *sql.DB, username string) (rv int, err error) {
  140. 		err = db.QueryRow("select auth_user_delete(?);", username).Scan(&rv)
  141. 		return
  142. 	}
  143. }
  144. 

  145. func TestUserAuthCreateDatabase(t *testing.T) {
  146. 	f, db, c, err := connect(t, "", "admin", "admin")
  147. 	if err != nil && c == nil && db == nil {
  148. 		t.Fatal(err)
  149. 	}
  150. 	defer db.Close()
  151. 	defer os.Remove(f)
  152. 

  153. 	enabled, err := authEnabled(db)
  154. 	if err != nil || !enabled {
  155. 		t.Fatalf("UserAuth not enabled: %s", err)
  156. 	}
  157. 

  158. 	e, err := userExists(db, "admin")
  159. 	if err != nil {
  160. 		t.Fatal(err)
  161. 	}
  162. 	if e != 1 {
  163. 		t.Fatal("UserAuth: admin does not exists")
  164. 	}
  165. 	a, err := isAdmin(db, "admin")
  166. 	if err != nil {
  167. 		t.Fatal(err)
  168. 	}
  169. 	if !a {
  170. 		t.Fatal("UserAuth: User is not administrator")
  171. 	}
  172. }
  173. 

  174. func TestUserAuthCreateDatabaseWithoutArgs(t *testing.T) {
  175. 	_, db, c, err := connect(t, "", "", "")
  176. 	if err == nil && c == nil && db == nil {
  177. 		t.Fatal("Should have failed due to missing _auth_* parameters")
  178. 	}
  179. 

  180. 	_, db, c, err = connect(t, "", "", "admin")
  181. 	if err == nil && c == nil && db == nil {
  182. 		t.Fatal("Should have failed due to missing _auth_user parameter")
  183. 	}
  184. 

  185. 	_, db, c, err = connect(t, "", "admin", "")
  186. 	if err == nil && c == nil && db == nil {
  187. 		t.Fatal("Should have failed due to missing _auth_pass parameter")
  188. 	}
  189. }
  190. 

  191. func TestUserAuthLogin(t *testing.T) {
  192. 	f1, err := create(t, "admin", "admin")
  193. 	if err != nil {
  194. 		t.Fatal(err)
  195. 	}
  196. 	defer os.Remove(f1)
  197. 

  198. 	f2, db2, c2, err := connect(t, f1, "admin", "admin")
  199. 	if err != nil {
  200. 		t.Fatal(err)
  201. 	}
  202. 	defer db2.Close()
  203. 	if f1 != f2 {
  204. 		t.Fatal("UserAuth: Database file mismatch")
  205. 	}
  206. 

  207. 	// Test lower level authentication

  208. 	err = c2.Authenticate("admin", "admin")
  209. 	if err != nil {
  210. 		t.Fatalf("UserAuth: *SQLiteConn.Authenticate() Failed: %s", err)
  211. 	}
  212. 

  213. 	// Test Login Failed

  214. 	_, _, _, err = connect(t, f1, "admin", "invalid")
  215. 	if err == nil {
  216. 		t.Fatal("Login successful while expecting to fail")
  217. 	}
  218. 	if err != ErrUnauthorized {
  219. 		t.Fatal(err)
  220. 	}
  221. 	err = c2.Authenticate("admin", "invalid")
  222. 	if err == nil {
  223. 		t.Fatal("Login successful while expecting to fail")
  224. 	}
  225. 	if err != ErrUnauthorized {
  226. 		t.Fatal(err)
  227. 	}
  228. }
  229. 

  230. func TestUserAuthAddAdmin(t *testing.T) {
  231. 	f, db, c, err := connect(t, "", "admin", "admin")
  232. 	if err != nil && c == nil && db == nil {
  233. 		t.Fatal(err)
  234. 	}
  235. 	defer db.Close()
  236. 	defer os.Remove(f)
  237. 

  238. 	// Add Admin User through SQL call

  239. 	rv, err := addUser(db, "admin2", "admin2", 1)
  240. 	if err != nil {
  241. 		t.Fatal(err)
  242. 	}
  243. 	if rv != 0 {
  244. 		t.Fatal("Failed to add user")
  245. 	}
  246. 

  247. 	// Check if user was created

  248. 	exists, err := userExists(db, "admin2")
  249. 	if err != nil {
  250. 		t.Fatal(err)
  251. 	}
  252. 	if exists != 1 {
  253. 		t.Fatal("UserAuth: 'admin2' does not exists")
  254. 	}
  255. 

  256. 	// Check if user was created as an Administrator

  257. 	admin, err := isAdmin(db, "admin2")
  258. 	if err != nil {
  259. 		t.Fatal(err)
  260. 	}
  261. 	if !admin {
  262. 		t.Fatal("UserAuth: 'admin2' is not administrator")
  263. 	}
  264. 

  265. 	// Test *SQLiteConn

  266. 	err = c.AuthUserAdd("admin3", "admin3", true)
  267. 	if err != nil {
  268. 		t.Fatal(err)
  269. 	}
  270. 

  271. 	// Check if user was created

  272. 	exists, err = userExists(db, "admin2")
  273. 	if err != nil {
  274. 		t.Fatal(err)
  275. 	}
  276. 	if exists != 1 {
  277. 		t.Fatal("UserAuth: 'admin3' does not exists")
  278. 	}
  279. 

  280. 	// Check if the user was created as an Administrator

  281. 	admin, err = isAdmin(db, "admin3")
  282. 	if err != nil {
  283. 		t.Fatal(err)
  284. 	}
  285. 	if !admin {
  286. 		t.Fatal("UserAuth: 'admin3' is not administrator")
  287. 	}
  288. }
  289. 

  290. func TestUserAuthAddUser(t *testing.T) {
  291. 	f1, db1, c, err := connect(t, "", "admin", "admin")
  292. 	if err != nil && c == nil && db == nil {
  293. 		t.Fatal(err)
  294. 	}
  295. 	defer os.Remove(f1)
  296. 

  297. 	// Add user through SQL call

  298. 	rv, err := addUser(db1, "user", "user", 0)
  299. 	if err != nil {
  300. 		t.Fatal(err)
  301. 	}
  302. 	if rv != 0 {
  303. 		t.Fatal("Failed to add user")
  304. 	}
  305. 

  306. 	// Check if user was created

  307. 	exists, err := userExists(db1, "user")
  308. 	if err != nil {
  309. 		t.Fatal(err)
  310. 	}
  311. 	if exists != 1 {
  312. 		t.Fatal("UserAuth: 'user' does not exists")
  313. 	}
  314. 

  315. 	// Check if user was created as an Administrator

  316. 	admin, err := isAdmin(db1, "user")
  317. 	if err != nil {
  318. 		t.Fatal(err)
  319. 	}
  320. 	if admin {
  321. 		t.Fatal("UserAuth: 'user' is administrator")
  322. 	}
  323. 

  324. 	// Test *SQLiteConn

  325. 	err = c.AuthUserAdd("user2", "user2", false)
  326. 	if err != nil {
  327. 		t.Fatal(err)
  328. 	}
  329. 

  330. 	// Check if user was created

  331. 	exists, err = userExists(db1, "user2")
  332. 	if err != nil {
  333. 		t.Fatal(err)
  334. 	}
  335. 	if exists != 1 {
  336. 		t.Fatal("UserAuth: 'user2' does not exists")
  337. 	}
  338. 

  339. 	// Check if the user was created as an Administrator

  340. 	admin, err = isAdmin(db1, "user2")
  341. 	if err != nil {
  342. 		t.Fatal(err)
  343. 	}
  344. 	if admin {
  345. 		t.Fatal("UserAuth: 'user2' is administrator")
  346. 	}
  347. 

  348. 	// Reconnect as normal user

  349. 	db1.Close()
  350. 	_, db2, c2, err := connect(t, f1, "user", "user")
  351. 	if err != nil {
  352. 		t.Fatal(err)
  353. 	}
  354. 	defer db2.Close()
  355. 

  356. 	// Try to create admin user while logged in as normal user

  357. 	rv, err = addUser(db2, "admin2", "admin2", 1)
  358. 	if err != nil {
  359. 		t.Fatal(err)
  360. 	}
  361. 	if rv != SQLITE_AUTH {
  362. 		t.Fatal("Created admin user while not allowed")
  363. 	}
  364. 

  365. 	err = c2.AuthUserAdd("admin3", "admin3", true)
  366. 	if err != ErrAdminRequired {
  367. 		t.Fatal("Created admin user while not allowed")
  368. 	}
  369. 

  370. 	// Try to create normal user while logged in as normal user

  371. 	rv, err = addUser(db2, "user3", "user3", 0)
  372. 	if err != nil {
  373. 		t.Fatal(err)
  374. 	}
  375. 	if rv != SQLITE_AUTH {
  376. 		t.Fatal("Created user while not allowed")
  377. 	}
  378. 

  379. 	err = c2.AuthUserAdd("user4", "user4", false)
  380. 	if err != ErrAdminRequired {
  381. 		t.Fatal("Created user while not allowed")
  382. 	}
  383. }
  384. 

  385. func TestUserAuthModifyUser(t *testing.T) {
  386. 	f1, db1, c1, err := connect(t, "", "admin", "admin")
  387. 	if err != nil && c1 == nil && db == nil {
  388. 		t.Fatal(err)
  389. 	}
  390. 	defer os.Remove(f1)
  391. 

  392. 	// Modify Password for current logged in admin

  393. 	// through SQL

  394. 	rv, err := modifyUser(db1, "admin", "admin2", 1)
  395. 	if err != nil {
  396. 		t.Fatal(err)
  397. 	}
  398. 	if rv != 0 {
  399. 		t.Fatal("Failed to modify password for admin")
  400. 	}
  401. 

  402. 	// Modify password for current logged in admin

  403. 	// through *SQLiteConn

  404. 	err = c1.AuthUserChange("admin", "admin3", true)
  405. 	if err != nil {
  406. 		t.Fatal(err)
  407. 	}
  408. 

  409. 	// Modify Administrator Flag

  410. 	// Because we are current logged in as 'admin'

  411. 	// Changing our own admin flag should fail.

  412. 	rv, err = modifyUser(db1, "admin", "admin3", 0)
  413. 	if err != nil {
  414. 		t.Fatal(err)
  415. 	}
  416. 	if rv != SQLITE_AUTH {
  417. 		t.Fatal("Successfully changed admin flag while not allowed")
  418. 	}
  419. 

  420. 	// Modify admin flag through (*SQLiteConn)

  421. 	// Because we are current logged in as 'admin'

  422. 	// Changing our own admin flag should fail.

  423. 	err = c1.AuthUserChange("admin", "admin3", false)
  424. 	if err != ErrAdminRequired {
  425. 		t.Fatal("Successfully changed admin flag while not allowed")
  426. 	}
  427. 

  428. 	// Add normal user

  429. 	rv, err = addUser(db1, "user", "password", 0)
  430. 	if err != nil {
  431. 		t.Fatal(err)
  432. 	}
  433. 	if rv != 0 {
  434. 		t.Fatal("Failed to add user")
  435. 	}
  436. 

  437. 	rv, err = addUser(db1, "user2", "user2", 0)
  438. 	if err != nil {
  439. 		t.Fatal(err)
  440. 	}
  441. 	if rv != 0 {
  442. 		t.Fatal("Failed to add user")
  443. 	}
  444. 

  445. 	// Modify other user password and flag through SQL

  446. 	rv, err = modifyUser(db1, "user", "pass", 1)
  447. 	if err != nil {
  448. 		t.Fatal(err)
  449. 	}
  450. 	if rv != 0 {
  451. 		t.Fatal("Failed to modify password for user")
  452. 	}
  453. 

  454. 	// Modify other user password and flag through *SQLiteConn

  455. 	err = c1.AuthUserChange("user", "newpass", false)
  456. 	if err != nil {
  457. 		t.Fatal(err)
  458. 	}
  459. 

  460. 	// Disconnect database for reconnect

  461. 	db1.Close()
  462. 	_, db2, c2, err := connect(t, f1, "user", "newpass")
  463. 	if err != nil {
  464. 		t.Fatal(err)
  465. 	}
  466. 	defer db2.Close()
  467. 

  468. 	// Modify other user password through SQL

  469. 	rv, err = modifyUser(db2, "user2", "newpass", 0)
  470. 	if err != nil {
  471. 		t.Fatal(err)
  472. 	}
  473. 	if rv != SQLITE_AUTH {
  474. 		t.Fatal("Password change successful while not allowed")
  475. 	}
  476. 

  477. 	// Modify other user password and flag through *SQLiteConn

  478. 	err = c2.AuthUserChange("user2", "invalid", false)
  479. 	if err != ErrAdminRequired {
  480. 		t.Fatal("Password change successful while not allowed")
  481. 	}
  482. }
  483. 

  484. func TestUserAuthDeleteUser(t *testing.T) {
  485. 	f1, db1, c, err := connect(t, "", "admin", "admin")
  486. 	if err != nil && c == nil && db == nil {
  487. 		t.Fatal(err)
  488. 	}
  489. 	defer os.Remove(f1)
  490. 

  491. 	// Add Admin User 2

  492. 	rv, err := addUser(db1, "admin2", "admin2", 1)
  493. 	if err != nil {
  494. 		t.Fatal(err)
  495. 	}
  496. 	if rv != 0 {
  497. 		t.Fatal("Failed to add user")
  498. 	}
  499. 

  500. 	rv, err = addUser(db1, "admin3", "admin3", 1)
  501. 	if err != nil {
  502. 		t.Fatal(err)
  503. 	}
  504. 	if rv != 0 {
  505. 		t.Fatal("Failed to add user")
  506. 	}
  507. 

  508. 	// Check if user was created

  509. 	exists, err := userExists(db1, "admin2")
  510. 	if err != nil {
  511. 		t.Fatal(err)
  512. 	}
  513. 	if exists != 1 {
  514. 		t.Fatal("UserAuth: 'admin2' does not exists")
  515. 	}
  516. 

  517. 	exists, err = userExists(db1, "admin3")
  518. 	if err != nil {
  519. 		t.Fatal(err)
  520. 	}
  521. 	if exists != 1 {
  522. 		t.Fatal("UserAuth: 'admin2' does not exists")
  523. 	}
  524. 

  525. 	// Delete user through SQL

  526. 	rv, err = deleteUser(db1, "admin2")
  527. 	if err != nil {
  528. 		t.Fatal(err)
  529. 	}
  530. 	if rv != 0 {
  531. 		t.Fatal("Failed to delete admin2")
  532. 	}
  533. 

  534. 	// Verify user admin2 deleted

  535. 	exists, err = userExists(db1, "admin2")
  536. 	if err != nil {
  537. 		t.Fatal(err)
  538. 	}
  539. 	if exists != 0 {
  540. 		t.Fatal("UserAuth: 'admin2' still exists")
  541. 	}
  542. 

  543. 	// Delete user through *SQLiteConn

  544. 	rv, err = deleteUser(db1, "admin3")
  545. 	if err != nil {
  546. 		t.Fatal(err)
  547. 	}
  548. 	if rv != 0 {
  549. 		t.Fatal("Failed to delete admin3")
  550. 	}
  551. 

  552. 	// Verify user admin3 deleted

  553. 	exists, err = userExists(db1, "admin3")
  554. 	if err != nil {
  555. 		t.Fatal(err)
  556. 	}
  557. 	if exists != 0 {
  558. 		t.Fatal("UserAuth: 'admin3' still exists")
  559. 	}
  560. 

  561. 	// Add normal user for reconnect and privileges check

  562. 	rv, err = addUser(db1, "reconnect", "reconnect", 0)
  563. 	if err != nil {
  564. 		t.Fatal(err)
  565. 	}
  566. 	if rv != 0 {
  567. 		t.Fatal("Failed to add user")
  568. 	}
  569. 

  570. 	// Add normal user for deletion through SQL

  571. 	rv, err = addUser(db1, "user", "user", 0)
  572. 	if err != nil {
  573. 		t.Fatal(err)
  574. 	}
  575. 	if rv != 0 {
  576. 		t.Fatal("Failed to add user")
  577. 	}
  578. 

  579. 	rv, err = addUser(db1, "user2", "user2", 0)
  580. 	if err != nil {
  581. 		t.Fatal(err)
  582. 	}
  583. 	if rv != 0 {
  584. 		t.Fatal("Failed to add user")
  585. 	}
  586. 

  587. 	// Close database for reconnect

  588. 	db1.Close()
  589. 

  590. 	// Reconnect as normal user

  591. 	_, db2, c2, err := connect(t, f1, "reconnect", "reconnect")
  592. 	if err != nil {
  593. 		t.Fatal(err)
  594. 	}
  595. 	defer db2.Close()
  596. 

  597. 	// Delete user while logged in as normal user

  598. 	// through SQL

  599. 	rv, err = deleteUser(db2, "user")
  600. 	if err != nil {
  601. 		t.Fatal(err)
  602. 	}
  603. 	if rv != SQLITE_AUTH {
  604. 		t.Fatal("Successfully deleted user wthout proper privileges")
  605. 	}
  606. 

  607. 	// Delete user while logged in as normal user

  608. 	// through *SQLiteConn

  609. 	err = c2.AuthUserDelete("user2")
  610. 	if err != ErrAdminRequired {
  611. 		t.Fatal("Successfully deleted user wthout proper privileges")
  612. 	}
  613. }
  614. 

  615. func TestUserAuthEncoders(t *testing.T) {
  616. 	cases := map[string]string{
  617. 		"sha1":    "",
  618. 		"ssha1":   "salted",
  619. 		"sha256":  "",
  620. 		"ssha256": "salted",
  621. 		"sha384":  "",
  622. 		"ssha384": "salted",
  623. 		"sha512":  "",
  624. 		"ssha512": "salted",
  625. 	}
  626. 

  627. 	for enc, salt := range cases {
  628. 		f, err := createWithCrypt(t, "admin", "admin", enc, salt)
  629. 		if err != nil {
  630. 			t.Fatal(err)
  631. 		}
  632. 		defer os.Remove(f)
  633. 

  634. 		_, db, _, err := connectWithCrypt(t, f, "admin", "admin", enc, salt)
  635. 		if err != nil {
  636. 			t.Fatal(err)
  637. 		}
  638. 		defer db.Close()
  639. 		if e, err := authEnabled(db); err != nil && !e {
  640. 			t.Fatalf("UserAuth (%s) not enabled %s", enc, err)
  641. 		}
  642. 	}
  643. }