feat: Add validation and error handling for notification templates and uptime handlers
- Implement tests for invalid JSON input in notification template creation, update, and preview endpoints. - Enhance uptime handler tests to cover sync success and error scenarios for delete and list operations. - Update routes to include backup service in certificate handler initialization. - Introduce certificate usage check before deletion in the certificate service, preventing deletion of certificates in use. - Update certificate service tests to validate new behavior regarding certificate deletion. - Add new tests for security service to verify break glass token generation and validation. - Enhance frontend certificate list component to prevent deletion of certificates in use and ensure proper backup creation. - Create unit tests for the CertificateList component to validate deletion logic and error handling.
This commit is contained in:
GitHub Actions
@@ -1,71 +1,71 @@
|
||||
package tests
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"strings"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"strings"
|
||||
"testing"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"gorm.io/driver/sqlite"
|
||||
"gorm.io/gorm"
|
||||
"github.com/gin-gonic/gin"
|
||||
"gorm.io/driver/sqlite"
|
||||
"gorm.io/gorm"
|
||||
|
||||
"github.com/Wikid82/charon/backend/internal/api/routes"
|
||||
"github.com/Wikid82/charon/backend/internal/config"
|
||||
"github.com/Wikid82/charon/backend/internal/api/routes"
|
||||
"github.com/Wikid82/charon/backend/internal/config"
|
||||
)
|
||||
|
||||
// TestIntegration_WAF_BlockAndMonitor exercises middleware behavior and metrics exposure.
|
||||
func TestIntegration_WAF_BlockAndMonitor(t *testing.T) {
|
||||
gin.SetMode(gin.TestMode)
|
||||
gin.SetMode(gin.TestMode)
|
||||
|
||||
// Helper to spin server with given WAF mode
|
||||
newServer := func(mode string) (*gin.Engine, *gorm.DB) {
|
||||
db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{})
|
||||
if err != nil {
|
||||
t.Fatalf("db open: %v", err)
|
||||
}
|
||||
cfg, err := config.Load()
|
||||
if err != nil {
|
||||
t.Fatalf("load cfg: %v", err)
|
||||
}
|
||||
cfg.Security.WAFMode = mode
|
||||
r := gin.New()
|
||||
if err := routes.Register(r, db, cfg); err != nil {
|
||||
t.Fatalf("register: %v", err)
|
||||
}
|
||||
return r, db
|
||||
}
|
||||
// Helper to spin server with given WAF mode
|
||||
newServer := func(mode string) (*gin.Engine, *gorm.DB) {
|
||||
db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{})
|
||||
if err != nil {
|
||||
t.Fatalf("db open: %v", err)
|
||||
}
|
||||
cfg, err := config.Load()
|
||||
if err != nil {
|
||||
t.Fatalf("load cfg: %v", err)
|
||||
}
|
||||
cfg.Security.WAFMode = mode
|
||||
r := gin.New()
|
||||
if err := routes.Register(r, db, cfg); err != nil {
|
||||
t.Fatalf("register: %v", err)
|
||||
}
|
||||
return r, db
|
||||
}
|
||||
|
||||
// Block mode should reject suspicious payload on an API route covered by middleware
|
||||
rBlock, _ := newServer("block")
|
||||
req := httptest.NewRequest(http.MethodGet, "/api/v1/remote-servers?test=<script>", nil)
|
||||
w := httptest.NewRecorder()
|
||||
rBlock.ServeHTTP(w, req)
|
||||
if w.Code == http.StatusOK {
|
||||
t.Fatalf("expected block in block mode, got 200: body=%s", w.Body.String())
|
||||
}
|
||||
// Block mode should reject suspicious payload on an API route covered by middleware
|
||||
rBlock, _ := newServer("block")
|
||||
req := httptest.NewRequest(http.MethodGet, "/api/v1/remote-servers?test=<script>", nil)
|
||||
w := httptest.NewRecorder()
|
||||
rBlock.ServeHTTP(w, req)
|
||||
if w.Code == http.StatusOK {
|
||||
t.Fatalf("expected block in block mode, got 200: body=%s", w.Body.String())
|
||||
}
|
||||
|
||||
// Monitor mode should allow request but still evaluate (log-only)
|
||||
rMon, _ := newServer("monitor")
|
||||
req2 := httptest.NewRequest(http.MethodGet, "/api/v1/remote-servers?test=<script>", nil)
|
||||
w2 := httptest.NewRecorder()
|
||||
rMon.ServeHTTP(w2, req2)
|
||||
if w2.Code != http.StatusOK {
|
||||
t.Fatalf("unexpected status in monitor mode: %d", w2.Code)
|
||||
}
|
||||
// Monitor mode should allow request but still evaluate (log-only)
|
||||
rMon, _ := newServer("monitor")
|
||||
req2 := httptest.NewRequest(http.MethodGet, "/api/v1/remote-servers?test=<script>", nil)
|
||||
w2 := httptest.NewRecorder()
|
||||
rMon.ServeHTTP(w2, req2)
|
||||
if w2.Code != http.StatusOK {
|
||||
t.Fatalf("unexpected status in monitor mode: %d", w2.Code)
|
||||
}
|
||||
|
||||
// Metrics should be exposed
|
||||
reqM := httptest.NewRequest(http.MethodGet, "/metrics", nil)
|
||||
wM := httptest.NewRecorder()
|
||||
rMon.ServeHTTP(wM, reqM)
|
||||
if wM.Code != http.StatusOK {
|
||||
t.Fatalf("metrics not served: %d", wM.Code)
|
||||
}
|
||||
body := wM.Body.String()
|
||||
required := []string{"charon_waf_requests_total", "charon_waf_blocked_total", "charon_waf_monitored_total"}
|
||||
for _, k := range required {
|
||||
if !strings.Contains(body, k) {
|
||||
t.Fatalf("missing metric %s in /metrics output", k)
|
||||
}
|
||||
}
|
||||
// Metrics should be exposed
|
||||
reqM := httptest.NewRequest(http.MethodGet, "/metrics", nil)
|
||||
wM := httptest.NewRecorder()
|
||||
rMon.ServeHTTP(wM, reqM)
|
||||
if wM.Code != http.StatusOK {
|
||||
t.Fatalf("metrics not served: %d", wM.Code)
|
||||
}
|
||||
body := wM.Body.String()
|
||||
required := []string{"charon_waf_requests_total", "charon_waf_blocked_total", "charon_waf_monitored_total"}
|
||||
for _, k := range required {
|
||||
if !strings.Contains(body, k) {
|
||||
t.Fatalf("missing metric %s in /metrics output", k)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user