diff --git a/backend/internal/api/handlers/access_list_handler_coverage_test.go b/backend/internal/api/handlers/access_list_handler_coverage_test.go index 19ff63f1..fac2cac5 100644 --- a/backend/internal/api/handlers/access_list_handler_coverage_test.go +++ b/backend/internal/api/handlers/access_list_handler_coverage_test.go @@ -121,7 +121,6 @@ func TestAccessListHandler_List_DBError(t *testing.T) { db, _ := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) // Don't migrate the table to cause error - gin.SetMode(gin.TestMode) router := gin.New() handler := NewAccessListHandler(db) @@ -138,7 +137,6 @@ func TestAccessListHandler_Get_DBError(t *testing.T) { db, _ := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) // Don't migrate the table to cause error - gin.SetMode(gin.TestMode) router := gin.New() handler := NewAccessListHandler(db) @@ -157,7 +155,6 @@ func TestAccessListHandler_Delete_InternalError(t *testing.T) { // Migrate AccessList but not ProxyHost to cause internal error on delete _ = db.AutoMigrate(&models.AccessList{}) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewAccessListHandler(db) @@ -285,7 +282,6 @@ func TestAccessListHandler_TestIP_InternalError(t *testing.T) { db, _ := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) // Don't migrate - this causes a "no such table" error which is an internal error - gin.SetMode(gin.TestMode) router := gin.New() handler := NewAccessListHandler(db) diff --git a/backend/internal/api/handlers/access_list_handler_test.go b/backend/internal/api/handlers/access_list_handler_test.go index 1bf89978..b2f22fb9 100644 --- a/backend/internal/api/handlers/access_list_handler_test.go +++ b/backend/internal/api/handlers/access_list_handler_test.go @@ -21,7 +21,6 @@ func setupAccessListTestRouter(t *testing.T) (*gin.Engine, *gorm.DB) { err = db.AutoMigrate(&models.AccessList{}, &models.ProxyHost{}) assert.NoError(t, err) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewAccessListHandler(db) diff --git a/backend/internal/api/handlers/additional_coverage_test.go b/backend/internal/api/handlers/additional_coverage_test.go index 63b95a1f..0b4eb969 100644 --- a/backend/internal/api/handlers/additional_coverage_test.go +++ b/backend/internal/api/handlers/additional_coverage_test.go @@ -27,7 +27,6 @@ func setupImportCoverageDB(t *testing.T) *gorm.DB { } func TestImportHandler_Commit_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -44,7 +43,6 @@ func TestImportHandler_Commit_InvalidJSON(t *testing.T) { } func TestImportHandler_Commit_InvalidSessionUUID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -67,7 +65,6 @@ func TestImportHandler_Commit_InvalidSessionUUID(t *testing.T) { } func TestImportHandler_Commit_SessionNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -98,7 +95,6 @@ func setupRemoteServerCoverageDB2(t *testing.T) *gorm.DB { } func TestRemoteServerHandler_TestConnection_Unreachable(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB2(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -137,7 +133,6 @@ func setupSecurityCoverageDB3(t *testing.T) *gorm.DB { } func TestSecurityHandler_GetConfig_InternalError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -157,7 +152,6 @@ func TestSecurityHandler_GetConfig_InternalError(t *testing.T) { } func TestSecurityHandler_UpdateConfig_ApplyCaddyError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) // Create handler with nil caddy manager (ApplyConfig will be called but is nil) @@ -181,7 +175,6 @@ func TestSecurityHandler_UpdateConfig_ApplyCaddyError(t *testing.T) { } func TestSecurityHandler_GenerateBreakGlass_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -201,7 +194,6 @@ func TestSecurityHandler_GenerateBreakGlass_Error(t *testing.T) { } func TestSecurityHandler_ListDecisions_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -220,7 +212,6 @@ func TestSecurityHandler_ListDecisions_Error(t *testing.T) { } func TestSecurityHandler_ListRuleSets_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -239,7 +230,6 @@ func TestSecurityHandler_ListRuleSets_Error(t *testing.T) { } func TestSecurityHandler_UpsertRuleSet_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -265,7 +255,6 @@ func TestSecurityHandler_UpsertRuleSet_Error(t *testing.T) { } func TestSecurityHandler_CreateDecision_LogError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -291,7 +280,6 @@ func TestSecurityHandler_CreateDecision_LogError(t *testing.T) { } func TestSecurityHandler_DeleteRuleSet_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSecurityCoverageDB3(t) h := NewSecurityHandler(config.SecurityConfig{}, db, nil) @@ -313,7 +301,6 @@ func TestSecurityHandler_DeleteRuleSet_Error(t *testing.T) { // CrowdSec ImportConfig additional coverage tests func TestCrowdsec_ImportConfig_EmptyUpload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -344,7 +331,6 @@ func TestCrowdsec_ImportConfig_EmptyUpload(t *testing.T) { // Backup Handler additional coverage tests func TestBackupHandler_List_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) // Use a non-writable temp dir to simulate errors tmpDir := t.TempDir() @@ -370,7 +356,6 @@ func TestBackupHandler_List_DBError(t *testing.T) { // ImportHandler UploadMulti coverage tests func TestImportHandler_UploadMulti_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -387,7 +372,6 @@ func TestImportHandler_UploadMulti_InvalidJSON(t *testing.T) { } func TestImportHandler_UploadMulti_MissingCaddyfile(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -411,7 +395,6 @@ func TestImportHandler_UploadMulti_MissingCaddyfile(t *testing.T) { } func TestImportHandler_UploadMulti_EmptyContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -435,7 +418,6 @@ func TestImportHandler_UploadMulti_EmptyContent(t *testing.T) { } func TestImportHandler_UploadMulti_PathTraversal(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -481,7 +463,6 @@ func setupLogsDownloadTest(t *testing.T) (h *LogsHandler, logsDir string) { } func TestLogsHandler_Download_PathTraversal(t *testing.T) { - gin.SetMode(gin.TestMode) h, _ := setupLogsDownloadTest(t) w := httptest.NewRecorder() @@ -496,7 +477,6 @@ func TestLogsHandler_Download_PathTraversal(t *testing.T) { } func TestLogsHandler_Download_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) h, _ := setupLogsDownloadTest(t) w := httptest.NewRecorder() @@ -511,7 +491,6 @@ func TestLogsHandler_Download_NotFound(t *testing.T) { } func TestLogsHandler_Download_Success(t *testing.T) { - gin.SetMode(gin.TestMode) h, logsDir := setupLogsDownloadTest(t) // Create a log file to download @@ -531,7 +510,6 @@ func TestLogsHandler_Download_Success(t *testing.T) { // Import Handler Upload error tests func TestImportHandler_Upload_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -548,7 +526,6 @@ func TestImportHandler_Upload_InvalidJSON(t *testing.T) { } func TestImportHandler_Upload_EmptyContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -571,7 +548,6 @@ func TestImportHandler_Upload_EmptyContent(t *testing.T) { // Additional Backup Handler tests func TestBackupHandler_List_ServiceError(t *testing.T) { - gin.SetMode(gin.TestMode) // Create a temp dir with invalid permission for backup dir tmpDir := t.TempDir() @@ -608,7 +584,6 @@ func TestBackupHandler_List_ServiceError(t *testing.T) { } func TestBackupHandler_Delete_PathTraversal(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -639,7 +614,6 @@ func TestBackupHandler_Delete_PathTraversal(t *testing.T) { } func TestBackupHandler_Delete_InternalError2(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -689,7 +663,6 @@ func TestBackupHandler_Delete_InternalError2(t *testing.T) { // Remote Server TestConnection error paths func TestRemoteServerHandler_TestConnection_NotFound2(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB2(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -704,7 +677,6 @@ func TestRemoteServerHandler_TestConnection_NotFound2(t *testing.T) { } func TestRemoteServerHandler_TestConnectionCustom_Unreachable2(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB2(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -735,7 +707,6 @@ func setupAuthCoverageDB(t *testing.T) *gorm.DB { } func TestAuthHandler_Register_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuthCoverageDB(t) cfg := config.Config{JWTSecret: "test-secret"} @@ -755,7 +726,6 @@ func TestAuthHandler_Register_InvalidJSON(t *testing.T) { // Health handler coverage func TestHealthHandler_Basic(t *testing.T) { - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -771,7 +741,6 @@ func TestHealthHandler_Basic(t *testing.T) { // Backup Create error coverage func TestBackupHandler_Create_Error(t *testing.T) { - gin.SetMode(gin.TestMode) // Use a path where database file doesn't exist tmpDir := t.TempDir() @@ -811,7 +780,6 @@ func setupSettingsCoverageDB(t *testing.T) *gorm.DB { } func TestSettingsHandler_GetSettings_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsCoverageDB(t) h := NewSettingsHandler(db) @@ -830,7 +798,6 @@ func TestSettingsHandler_GetSettings_Error(t *testing.T) { } func TestSettingsHandler_UpdateSetting_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsCoverageDB(t) h := NewSettingsHandler(db) @@ -849,7 +816,6 @@ func TestSettingsHandler_UpdateSetting_InvalidJSON(t *testing.T) { // Additional remote server TestConnection tests func TestRemoteServerHandler_TestConnection_Reachable(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB2(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -873,7 +839,6 @@ func TestRemoteServerHandler_TestConnection_Reachable(t *testing.T) { } func TestRemoteServerHandler_TestConnection_EmptyHost(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB2(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -900,7 +865,6 @@ func TestRemoteServerHandler_TestConnection_EmptyHost(t *testing.T) { // Additional UploadMulti test with valid Caddyfile content func TestImportHandler_UploadMulti_ValidCaddyfile(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") @@ -925,7 +889,6 @@ func TestImportHandler_UploadMulti_ValidCaddyfile(t *testing.T) { } func TestImportHandler_UploadMulti_SubdirFile(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageDB(t) h := NewImportHandler(db, "", t.TempDir(), "") diff --git a/backend/internal/api/handlers/audit_log_handler_test.go b/backend/internal/api/handlers/audit_log_handler_test.go index 1c337851..4a730e33 100644 --- a/backend/internal/api/handlers/audit_log_handler_test.go +++ b/backend/internal/api/handlers/audit_log_handler_test.go @@ -30,7 +30,6 @@ func setupAuditLogTestDB(t *testing.T) *gorm.DB { } func TestAuditLogHandler_List(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -130,7 +129,6 @@ func TestAuditLogHandler_List(t *testing.T) { } func TestAuditLogHandler_Get(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -198,7 +196,6 @@ func TestAuditLogHandler_Get(t *testing.T) { } func TestAuditLogHandler_ListByProvider(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -286,7 +283,6 @@ func TestAuditLogHandler_ListByProvider(t *testing.T) { } func TestAuditLogHandler_ListWithDateFilters(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -371,7 +367,6 @@ func TestAuditLogHandler_ListWithDateFilters(t *testing.T) { // TestAuditLogHandler_ServiceErrors tests error handling when service layer fails func TestAuditLogHandler_ServiceErrors(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -422,7 +417,6 @@ func TestAuditLogHandler_ServiceErrors(t *testing.T) { // TestAuditLogHandler_List_PaginationBoundaryEdgeCases tests pagination boundary edge cases func TestAuditLogHandler_List_PaginationBoundaryEdgeCases(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -513,7 +507,6 @@ func TestAuditLogHandler_List_PaginationBoundaryEdgeCases(t *testing.T) { // TestAuditLogHandler_ListByProvider_PaginationBoundaryEdgeCases tests pagination boundary edge cases for provider list func TestAuditLogHandler_ListByProvider_PaginationBoundaryEdgeCases(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -583,7 +576,6 @@ func TestAuditLogHandler_ListByProvider_PaginationBoundaryEdgeCases(t *testing.T // TestAuditLogHandler_List_InvalidDateFormats tests handling of invalid date formats func TestAuditLogHandler_List_InvalidDateFormats(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditLogTestDB(t) securityService := services.NewSecurityService(db) defer securityService.Close() @@ -624,7 +616,6 @@ func TestAuditLogHandler_List_InvalidDateFormats(t *testing.T) { // TestAuditLogHandler_Get_InternalError tests Get when service returns internal error func TestAuditLogHandler_Get_InternalError(t *testing.T) { - gin.SetMode(gin.TestMode) // Create a fresh DB and immediately close it to simulate internal error db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) diff --git a/backend/internal/api/handlers/auth_handler_test.go b/backend/internal/api/handlers/auth_handler_test.go index 9e945e75..bc437280 100644 --- a/backend/internal/api/handlers/auth_handler_test.go +++ b/backend/internal/api/handlers/auth_handler_test.go @@ -6,7 +6,6 @@ import ( "encoding/json" "net/http" "net/http/httptest" - "os" "testing" "github.com/Wikid82/charon/backend/internal/api/middleware" @@ -45,7 +44,6 @@ func TestAuthHandler_Login(t *testing.T) { _ = user.SetPassword("password123") db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/login", handler.Login) @@ -65,9 +63,6 @@ func TestAuthHandler_Login(t *testing.T) { } func TestSetSecureCookie_HTTPS_Strict(t *testing.T) { - gin.SetMode(gin.TestMode) - _ = os.Setenv("CHARON_ENV", "production") - defer func() { _ = os.Unsetenv("CHARON_ENV") }() recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "https://example.com/login", http.NoBody) @@ -83,7 +78,6 @@ func TestSetSecureCookie_HTTPS_Strict(t *testing.T) { func TestSetSecureCookie_HTTP_Lax(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://192.0.2.10/login", http.NoBody) @@ -100,7 +94,6 @@ func TestSetSecureCookie_HTTP_Lax(t *testing.T) { func TestSetSecureCookie_HTTP_Loopback_Insecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://127.0.0.1:8080/login", http.NoBody) @@ -118,9 +111,6 @@ func TestSetSecureCookie_HTTP_Loopback_Insecure(t *testing.T) { func TestSetSecureCookie_ForwardedHTTPS_LocalhostForcesInsecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) - _ = os.Setenv("CHARON_ENV", "production") - defer func() { _ = os.Unsetenv("CHARON_ENV") }() recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) @@ -139,9 +129,6 @@ func TestSetSecureCookie_ForwardedHTTPS_LocalhostForcesInsecure(t *testing.T) { func TestSetSecureCookie_ForwardedHTTPS_LoopbackForcesInsecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) - _ = os.Setenv("CHARON_ENV", "production") - defer func() { _ = os.Unsetenv("CHARON_ENV") }() recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) @@ -160,9 +147,6 @@ func TestSetSecureCookie_ForwardedHTTPS_LoopbackForcesInsecure(t *testing.T) { func TestSetSecureCookie_ForwardedHostLocalhostForcesInsecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) - _ = os.Setenv("CHARON_ENV", "production") - defer func() { _ = os.Unsetenv("CHARON_ENV") }() recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) @@ -182,9 +166,6 @@ func TestSetSecureCookie_ForwardedHostLocalhostForcesInsecure(t *testing.T) { func TestSetSecureCookie_OriginLoopbackForcesInsecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) - _ = os.Setenv("CHARON_ENV", "production") - defer func() { _ = os.Unsetenv("CHARON_ENV") }() recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) @@ -204,7 +185,6 @@ func TestSetSecureCookie_OriginLoopbackForcesInsecure(t *testing.T) { func TestSetSecureCookie_HTTP_PrivateIP_Insecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://192.168.1.50:8080/login", http.NoBody) @@ -222,7 +202,6 @@ func TestSetSecureCookie_HTTP_PrivateIP_Insecure(t *testing.T) { func TestSetSecureCookie_HTTP_10Network_Insecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://10.0.0.5:8080/login", http.NoBody) @@ -240,7 +219,6 @@ func TestSetSecureCookie_HTTP_10Network_Insecure(t *testing.T) { func TestSetSecureCookie_HTTP_172Network_Insecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://172.16.0.1:8080/login", http.NoBody) @@ -258,7 +236,6 @@ func TestSetSecureCookie_HTTP_172Network_Insecure(t *testing.T) { func TestSetSecureCookie_HTTPS_PrivateIP_Secure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "https://192.168.1.50:8080/login", http.NoBody) @@ -276,7 +253,6 @@ func TestSetSecureCookie_HTTPS_PrivateIP_Secure(t *testing.T) { func TestSetSecureCookie_HTTP_IPv6ULA_Insecure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://[fd12::1]:8080/login", http.NoBody) @@ -294,7 +270,6 @@ func TestSetSecureCookie_HTTP_IPv6ULA_Insecure(t *testing.T) { func TestSetSecureCookie_HTTP_PublicIP_Secure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) req := httptest.NewRequest("POST", "http://203.0.113.5:8080/login", http.NoBody) @@ -322,7 +297,6 @@ func TestIsProduction(t *testing.T) { } func TestRequestScheme(t *testing.T) { - gin.SetMode(gin.TestMode) t.Run("forwarded proto first value wins", func(t *testing.T) { recorder := httptest.NewRecorder() @@ -393,7 +367,6 @@ func TestHostHelpers(t *testing.T) { } func TestIsLocalRequest(t *testing.T) { - gin.SetMode(gin.TestMode) t.Run("forwarded host list includes localhost", func(t *testing.T) { recorder := httptest.NewRecorder() @@ -428,7 +401,6 @@ func TestIsLocalRequest(t *testing.T) { } func TestClearSecureCookie(t *testing.T) { - gin.SetMode(gin.TestMode) recorder := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(recorder) ctx.Request = httptest.NewRequest("POST", "http://example.com/logout", http.NoBody) @@ -445,7 +417,6 @@ func TestClearSecureCookie(t *testing.T) { func TestAuthHandler_Login_Errors(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/login", handler.Login) @@ -473,7 +444,6 @@ func TestAuthHandler_Register(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/register", handler.Register) @@ -497,7 +467,6 @@ func TestAuthHandler_Register_Duplicate(t *testing.T) { handler, db := setupAuthHandler(t) db.Create(&models.User{UUID: uuid.NewString(), Email: "dup@example.com", Name: "Dup"}) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/register", handler.Register) @@ -519,7 +488,6 @@ func TestAuthHandler_Logout(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/logout", handler.Logout) @@ -548,7 +516,6 @@ func TestAuthHandler_Me(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() // Simulate middleware r.Use(func(c *gin.Context) { @@ -574,7 +541,6 @@ func TestAuthHandler_Me(t *testing.T) { func TestAuthHandler_Me_NotFound(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(999)) // Non-existent ID @@ -602,7 +568,6 @@ func TestAuthHandler_ChangePassword(t *testing.T) { _ = user.SetPassword("oldpassword") db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() // Simulate middleware r.Use(func(c *gin.Context) { @@ -637,7 +602,6 @@ func TestAuthHandler_ChangePassword_WrongOld(t *testing.T) { _ = user.SetPassword("correct") db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -661,7 +625,6 @@ func TestAuthHandler_ChangePassword_WrongOld(t *testing.T) { func TestAuthHandler_ChangePassword_Errors(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/change-password", handler.ChangePassword) @@ -708,7 +671,6 @@ func TestNewAuthHandlerWithDB(t *testing.T) { func TestAuthHandler_Verify_NoCookie(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -723,7 +685,6 @@ func TestAuthHandler_Verify_NoCookie(t *testing.T) { func TestAuthHandler_Verify_InvalidToken(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -753,7 +714,6 @@ func TestAuthHandler_Verify_ValidToken(t *testing.T) { // Generate token token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -783,7 +743,6 @@ func TestAuthHandler_Verify_BearerToken(t *testing.T) { token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -813,7 +772,6 @@ func TestAuthHandler_Verify_DisabledUser(t *testing.T) { token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -853,7 +811,6 @@ func TestAuthHandler_Verify_ForwardAuthDenied(t *testing.T) { token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -869,7 +826,6 @@ func TestAuthHandler_Verify_ForwardAuthDenied(t *testing.T) { func TestAuthHandler_VerifyStatus_NotAuthenticated(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/status", handler.VerifyStatus) @@ -886,7 +842,6 @@ func TestAuthHandler_VerifyStatus_NotAuthenticated(t *testing.T) { func TestAuthHandler_VerifyStatus_InvalidToken(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/status", handler.VerifyStatus) @@ -917,7 +872,6 @@ func TestAuthHandler_VerifyStatus_Authenticated(t *testing.T) { token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/status", handler.VerifyStatus) @@ -951,7 +905,6 @@ func TestAuthHandler_VerifyStatus_DisabledUser(t *testing.T) { token, _ := handler.authService.GenerateToken(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/status", handler.VerifyStatus) @@ -969,7 +922,6 @@ func TestAuthHandler_VerifyStatus_DisabledUser(t *testing.T) { func TestAuthHandler_GetAccessibleHosts_Unauthorized(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/hosts", handler.GetAccessibleHosts) @@ -1000,7 +952,6 @@ func TestAuthHandler_GetAccessibleHosts_AllowAll(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1037,7 +988,6 @@ func TestAuthHandler_GetAccessibleHosts_DenyAll(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1077,7 +1027,6 @@ func TestAuthHandler_GetAccessibleHosts_PermittedHosts(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1100,7 +1049,6 @@ func TestAuthHandler_GetAccessibleHosts_UserNotFound(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(99999)) @@ -1118,7 +1066,6 @@ func TestAuthHandler_GetAccessibleHosts_UserNotFound(t *testing.T) { func TestAuthHandler_CheckHostAccess_Unauthorized(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/hosts/:hostId/access", handler.CheckHostAccess) @@ -1136,7 +1083,6 @@ func TestAuthHandler_CheckHostAccess_InvalidHostID(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "check@example.com", Enabled: true} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1166,7 +1112,6 @@ func TestAuthHandler_CheckHostAccess_Allowed(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1199,7 +1144,6 @@ func TestAuthHandler_CheckHostAccess_Denied(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -1276,7 +1220,6 @@ func TestAuthHandler_Me_RequiresUserContext(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/me", handler.Me) @@ -1360,7 +1303,6 @@ func TestAuthHandler_Refresh(t *testing.T) { require.NoError(t, user.SetPassword("password123")) require.NoError(t, db.Create(user).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/refresh", func(c *gin.Context) { c.Set("userID", user.ID) @@ -1381,7 +1323,6 @@ func TestAuthHandler_Refresh_Unauthorized(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/refresh", handler.Refresh) @@ -1396,7 +1337,6 @@ func TestAuthHandler_Register_BadRequest(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/register", handler.Register) @@ -1412,7 +1352,6 @@ func TestAuthHandler_Logout_InvalidateSessionsFailure(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(999999)) @@ -1456,7 +1395,6 @@ func TestAuthHandler_Verify_UsesOriginalHostFallback(t *testing.T) { token, err := handler.authService.GenerateToken(user) require.NoError(t, err) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/verify", handler.Verify) @@ -1474,7 +1412,6 @@ func TestAuthHandler_GetAccessibleHosts_DatabaseUnavailable(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(1)) @@ -1494,7 +1431,6 @@ func TestAuthHandler_CheckHostAccess_DatabaseUnavailable(t *testing.T) { t.Parallel() handler, _ := setupAuthHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(1)) @@ -1514,7 +1450,6 @@ func TestAuthHandler_CheckHostAccess_UserNotFound(t *testing.T) { t.Parallel() handler, _ := setupAuthHandlerWithDB(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", uint(999999)) diff --git a/backend/internal/api/handlers/backup_handler_sanitize_test.go b/backend/internal/api/handlers/backup_handler_sanitize_test.go index 2584811a..c26ab8ec 100644 --- a/backend/internal/api/handlers/backup_handler_sanitize_test.go +++ b/backend/internal/api/handlers/backup_handler_sanitize_test.go @@ -16,7 +16,6 @@ import ( ) func TestBackupHandlerSanitizesFilename(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // prepare a fake "database" dbPath := filepath.Join(tmpDir, "db.sqlite") diff --git a/backend/internal/api/handlers/cerberus_logs_ws_test.go b/backend/internal/api/handlers/cerberus_logs_ws_test.go index a6202dff..e5220614 100644 --- a/backend/internal/api/handlers/cerberus_logs_ws_test.go +++ b/backend/internal/api/handlers/cerberus_logs_ws_test.go @@ -21,7 +21,6 @@ import ( ) func init() { - gin.SetMode(gin.TestMode) } // TestCerberusLogsHandler_NewHandler verifies handler creation. diff --git a/backend/internal/api/handlers/certificate_handler_coverage_test.go b/backend/internal/api/handlers/certificate_handler_coverage_test.go index e936bc00..acf70e3d 100644 --- a/backend/internal/api/handlers/certificate_handler_coverage_test.go +++ b/backend/internal/api/handlers/certificate_handler_coverage_test.go @@ -16,7 +16,6 @@ func TestCertificateHandler_List_DBError(t *testing.T) { db := OpenTestDB(t) // Don't migrate to cause error - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -33,7 +32,6 @@ func TestCertificateHandler_List_DBError(t *testing.T) { func TestCertificateHandler_Delete_InvalidID(t *testing.T) { db := OpenTestDBWithMigrations(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -50,7 +48,6 @@ func TestCertificateHandler_Delete_InvalidID(t *testing.T) { func TestCertificateHandler_Delete_NotFound(t *testing.T) { db := OpenTestDBWithMigrations(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -71,7 +68,6 @@ func TestCertificateHandler_Delete_NoBackupService(t *testing.T) { cert := models.SSLCertificate{UUID: "test-cert-no-backup", Name: "no-backup-cert", Provider: "custom", Domains: "nobackup.example.com"} db.Create(&cert) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -97,7 +93,6 @@ func TestCertificateHandler_Delete_CheckUsageDBError(t *testing.T) { cert := models.SSLCertificate{UUID: "test-cert-db-err", Name: "db-error-cert", Provider: "custom", Domains: "dberr.example.com"} db.Create(&cert) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -118,7 +113,6 @@ func TestCertificateHandler_List_WithCertificates(t *testing.T) { db.Create(&models.SSLCertificate{UUID: "cert-1", Name: "Cert 1", Provider: "custom", Domains: "one.example.com"}) db.Create(&models.SSLCertificate{UUID: "cert-2", Name: "Cert 2", Provider: "custom", Domains: "two.example.com"}) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -139,7 +133,6 @@ func TestCertificateHandler_Delete_ZeroID(t *testing.T) { // DELETE /api/certificates/0 should return 400 Bad Request db := OpenTestDBWithMigrations(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -173,7 +166,6 @@ func TestCertificateHandler_DBSetupOrdering(t *testing.T) { t.Fatalf("expected proxy_hosts table to exist before service initialization") } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) diff --git a/backend/internal/api/handlers/certificate_handler_security_test.go b/backend/internal/api/handlers/certificate_handler_security_test.go index 9df3eabb..a118fa7f 100644 --- a/backend/internal/api/handlers/certificate_handler_security_test.go +++ b/backend/internal/api/handlers/certificate_handler_security_test.go @@ -25,7 +25,6 @@ func TestCertificateHandler_Delete_RequiresAuth(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() // Add a middleware that rejects all unauthenticated requests r.Use(func(c *gin.Context) { @@ -55,7 +54,6 @@ func TestCertificateHandler_List_RequiresAuth(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() // Add a middleware that rejects all unauthenticated requests r.Use(func(c *gin.Context) { @@ -85,7 +83,6 @@ func TestCertificateHandler_Upload_RequiresAuth(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() // Add a middleware that rejects all unauthenticated requests r.Use(func(c *gin.Context) { @@ -126,7 +123,6 @@ func TestCertificateHandler_Delete_DiskSpaceCheck(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -179,7 +175,6 @@ func TestCertificateHandler_Delete_NotificationRateLimiting(t *testing.T) { t.Fatalf("failed to create cert2: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) diff --git a/backend/internal/api/handlers/certificate_handler_test.go b/backend/internal/api/handlers/certificate_handler_test.go index bb10ac01..7971bcbc 100644 --- a/backend/internal/api/handlers/certificate_handler_test.go +++ b/backend/internal/api/handlers/certificate_handler_test.go @@ -36,7 +36,6 @@ func mockAuthMiddleware() gin.HandlerFunc { func setupCertTestRouter(t *testing.T, db *gorm.DB) *gin.Engine { t.Helper() - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) @@ -110,7 +109,6 @@ func TestDeleteCertificate_CreatesBackup(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -164,7 +162,6 @@ func TestDeleteCertificate_BackupFailure(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -218,7 +215,6 @@ func TestDeleteCertificate_InUse_NoBackup(t *testing.T) { t.Fatalf("failed to create proxy host: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -296,7 +292,6 @@ func TestCertificateHandler_List(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) r.Use(mockAuthMiddleware()) @@ -324,7 +319,6 @@ func TestCertificateHandler_Upload_MissingName(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -352,7 +346,6 @@ func TestCertificateHandler_Upload_MissingCertFile(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -383,7 +376,6 @@ func TestCertificateHandler_Upload_MissingKeyFile(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -410,7 +402,6 @@ func TestCertificateHandler_Upload_MissingKeyFile_MultipartWithCert(t *testing.T t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -450,7 +441,6 @@ func TestCertificateHandler_Upload_Success(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) @@ -525,7 +515,6 @@ func TestCertificateHandler_Upload_WithNotificationService(t *testing.T) { require.NoError(t, err) require.NoError(t, db.AutoMigrate(&models.SSLCertificate{}, &models.ProxyHost{}, &models.Setting{}, &models.NotificationProvider{})) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) @@ -564,7 +553,6 @@ func TestDeleteCertificate_InvalidID(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -590,7 +578,6 @@ func TestDeleteCertificate_ZeroID(t *testing.T) { t.Fatalf("failed to migrate: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -622,7 +609,6 @@ func TestDeleteCertificate_LowDiskSpace(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -671,7 +657,6 @@ func TestDeleteCertificate_DiskSpaceCheckError(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -730,7 +715,6 @@ func TestDeleteCertificate_ExpiredLetsEncrypt_NotInUse(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -789,7 +773,6 @@ func TestDeleteCertificate_ValidLetsEncrypt_NotInUse(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -835,7 +818,6 @@ func TestDeleteCertificate_UsageCheckError(t *testing.T) { t.Fatalf("failed to create cert: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) @@ -873,7 +855,6 @@ func TestDeleteCertificate_NotificationRateLimit(t *testing.T) { t.Fatalf("failed to create cert2: %v", err) } - gin.SetMode(gin.TestMode) r := gin.New() r.Use(mockAuthMiddleware()) svc := services.NewCertificateService("/tmp", db) diff --git a/backend/internal/api/handlers/coverage_helpers_test.go b/backend/internal/api/handlers/coverage_helpers_test.go index ce6fa7ef..cde20263 100644 --- a/backend/internal/api/handlers/coverage_helpers_test.go +++ b/backend/internal/api/handlers/coverage_helpers_test.go @@ -129,7 +129,6 @@ func Test_mapCrowdsecStatus(t *testing.T) { // Test actorFromContext helper function func Test_actorFromContext(t *testing.T) { - gin.SetMode(gin.TestMode) t.Run("with userID in context", func(t *testing.T) { c, _ := gin.CreateTestContext(httptest.NewRecorder()) @@ -157,7 +156,6 @@ func Test_actorFromContext(t *testing.T) { // Test hubEndpoints helper function func Test_hubEndpoints(t *testing.T) { - gin.SetMode(gin.TestMode) t.Run("nil Hub returns nil", func(t *testing.T) { h := &CrowdsecHandler{Hub: nil} @@ -193,7 +191,6 @@ func TestRealCommandExecutor_Execute(t *testing.T) { // Test isCerberusEnabled helper func Test_isCerberusEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) @@ -243,7 +240,6 @@ func Test_isCerberusEnabled(t *testing.T) { // Test isConsoleEnrollmentEnabled helper func Test_isConsoleEnrollmentEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) @@ -293,7 +289,6 @@ func Test_isConsoleEnrollmentEnabled(t *testing.T) { // Test CrowdsecHandler.ExportConfig func TestCrowdsecHandler_ExportConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -320,7 +315,6 @@ func TestCrowdsecHandler_ExportConfig(t *testing.T) { // Test CrowdsecHandler.CheckLAPIHealth func TestCrowdsecHandler_CheckLAPIHealth(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -340,7 +334,6 @@ func TestCrowdsecHandler_CheckLAPIHealth(t *testing.T) { // Test CrowdsecHandler Console endpoints func TestCrowdsecHandler_ConsoleStatus(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{}, &models.CrowdsecConsoleEnrollment{})) @@ -362,7 +355,6 @@ func TestCrowdsecHandler_ConsoleStatus(t *testing.T) { } func TestCrowdsecHandler_ConsoleEnroll_Disabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -385,7 +377,6 @@ func TestCrowdsecHandler_ConsoleEnroll_Disabled(t *testing.T) { } func TestCrowdsecHandler_DeleteConsoleEnrollment(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -405,7 +396,6 @@ func TestCrowdsecHandler_DeleteConsoleEnrollment(t *testing.T) { // Test CrowdsecHandler.BanIP and UnbanIP func TestCrowdsecHandler_BanIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -434,7 +424,6 @@ func TestCrowdsecHandler_BanIP(t *testing.T) { } func TestCrowdsecHandler_UnbanIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -460,7 +449,6 @@ func TestCrowdsecHandler_UnbanIP(t *testing.T) { // Test CrowdsecHandler.UpdateAcquisitionConfig func TestCrowdsecHandler_UpdateAcquisitionConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -540,7 +528,6 @@ func Test_safeFloat64ToUint(t *testing.T) { // Test CrowdsecHandler_DiagnosticsConnectivity func TestCrowdsecHandler_DiagnosticsConnectivity(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{}, &models.CrowdsecConsoleEnrollment{})) @@ -569,7 +556,6 @@ func TestCrowdsecHandler_DiagnosticsConnectivity(t *testing.T) { // Test CrowdsecHandler_DiagnosticsConfig func TestCrowdsecHandler_DiagnosticsConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -595,7 +581,6 @@ func TestCrowdsecHandler_DiagnosticsConfig(t *testing.T) { // Test CrowdsecHandler_ConsoleHeartbeat func TestCrowdsecHandler_ConsoleHeartbeat(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{}, &models.CrowdsecConsoleEnrollment{})) @@ -623,7 +608,6 @@ func TestCrowdsecHandler_ConsoleHeartbeat(t *testing.T) { // Test CrowdsecHandler_ConsoleHeartbeat_Disabled func TestCrowdsecHandler_ConsoleHeartbeat_Disabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) diff --git a/backend/internal/api/handlers/coverage_quick_test.go b/backend/internal/api/handlers/coverage_quick_test.go index 9bdd6661..e525d375 100644 --- a/backend/internal/api/handlers/coverage_quick_test.go +++ b/backend/internal/api/handlers/coverage_quick_test.go @@ -33,7 +33,6 @@ func createValidSQLiteDB(t *testing.T, dbPath string) error { // Use a real BackupService, but point it at tmpDir for isolation func TestBackupHandlerQuick(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create a valid SQLite database for backup operations dbPath := filepath.Join(tmpDir, "db.sqlite") diff --git a/backend/internal/api/handlers/credential_handler_test.go b/backend/internal/api/handlers/credential_handler_test.go index 11a2965a..fee64ebd 100644 --- a/backend/internal/api/handlers/credential_handler_test.go +++ b/backend/internal/api/handlers/credential_handler_test.go @@ -31,7 +31,6 @@ func setupCredentialHandlerTest(t *testing.T) (*gin.Engine, *gorm.DB, *models.DN _ = os.Unsetenv("CHARON_ENCRYPTION_KEY") }) - gin.SetMode(gin.TestMode) router := gin.New() // Use test name for unique database with WAL mode to avoid locking issues diff --git a/backend/internal/api/handlers/crowdsec_archive_validation_test.go b/backend/internal/api/handlers/crowdsec_archive_validation_test.go index 6ecca4b7..4e047533 100644 --- a/backend/internal/api/handlers/crowdsec_archive_validation_test.go +++ b/backend/internal/api/handlers/crowdsec_archive_validation_test.go @@ -251,7 +251,6 @@ func TestConfigArchiveValidator_RequiredFiles(t *testing.T) { // TestImportConfig_Validation tests the enhanced ImportConfig handler with validation. func TestImportConfig_Validation(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -320,7 +319,6 @@ func TestImportConfig_Validation(t *testing.T) { // TestImportConfig_Rollback tests backup restoration on validation failure. func TestImportConfig_Rollback(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() diff --git a/backend/internal/api/handlers/crowdsec_cache_verification_test.go b/backend/internal/api/handlers/crowdsec_cache_verification_test.go index 05f870a6..656148b2 100644 --- a/backend/internal/api/handlers/crowdsec_cache_verification_test.go +++ b/backend/internal/api/handlers/crowdsec_cache_verification_test.go @@ -16,7 +16,6 @@ import ( // TestListPresetsShowsCachedStatus verifies the /presets endpoint marks cached presets. func TestListPresetsShowsCachedStatus(t *testing.T) { - gin.SetMode(gin.TestMode) cacheDir := t.TempDir() dataDir := t.TempDir() diff --git a/backend/internal/api/handlers/crowdsec_coverage_boost_test.go b/backend/internal/api/handlers/crowdsec_coverage_boost_test.go index b5ef3b7c..faf7ab37 100644 --- a/backend/internal/api/handlers/crowdsec_coverage_boost_test.go +++ b/backend/internal/api/handlers/crowdsec_coverage_boost_test.go @@ -16,7 +16,6 @@ import ( // ============================================ func TestUpdateAcquisitionConfigMissingContent(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -33,7 +32,6 @@ func TestUpdateAcquisitionConfigMissingContent(t *testing.T) { } func TestUpdateAcquisitionConfigInvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -49,7 +47,6 @@ func TestUpdateAcquisitionConfigInvalidJSON(t *testing.T) { } func TestGetLAPIDecisionsWithIPFilter(t *testing.T) { - gin.SetMode(gin.TestMode) mockExec := &mockCommandExecutor{output: []byte(`[]`), err: nil} h := &CrowdsecHandler{ CmdExec: mockExec, @@ -68,7 +65,6 @@ func TestGetLAPIDecisionsWithIPFilter(t *testing.T) { } func TestGetLAPIDecisionsWithScopeFilter(t *testing.T) { - gin.SetMode(gin.TestMode) mockExec := &mockCommandExecutor{output: []byte(`[]`), err: nil} h := &CrowdsecHandler{ CmdExec: mockExec, @@ -86,7 +82,6 @@ func TestGetLAPIDecisionsWithScopeFilter(t *testing.T) { } func TestGetLAPIDecisionsWithTypeFilter(t *testing.T) { - gin.SetMode(gin.TestMode) mockExec := &mockCommandExecutor{output: []byte(`[]`), err: nil} h := &CrowdsecHandler{ CmdExec: mockExec, @@ -104,7 +99,6 @@ func TestGetLAPIDecisionsWithTypeFilter(t *testing.T) { } func TestGetLAPIDecisionsWithMultipleFilters(t *testing.T) { - gin.SetMode(gin.TestMode) mockExec := &mockCommandExecutor{output: []byte(`[]`), err: nil} h := &CrowdsecHandler{ CmdExec: mockExec, diff --git a/backend/internal/api/handlers/crowdsec_coverage_gap_test.go b/backend/internal/api/handlers/crowdsec_coverage_gap_test.go index ff5c78aa..38b1cb79 100644 --- a/backend/internal/api/handlers/crowdsec_coverage_gap_test.go +++ b/backend/internal/api/handlers/crowdsec_coverage_gap_test.go @@ -32,7 +32,6 @@ func (m *MockCommandExecutor) ExecuteWithEnv(ctx context.Context, name string, a // TestConsoleEnrollMissingKey covers the "enrollment_key required" branch func TestConsoleEnrollMissingKey(t *testing.T) { - gin.SetMode(gin.TestMode) mockExec := new(MockCommandExecutor) @@ -59,7 +58,6 @@ func TestConsoleEnrollMissingKey(t *testing.T) { // TestGetCachedPreset_ValidationAndMiss covers path param validation empty check (if any) and cache miss func TestGetCachedPreset_ValidationAndMiss(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() cache, _ := crowdsec.NewHubCache(tmpDir, time.Hour) @@ -86,7 +84,6 @@ func TestGetCachedPreset_ValidationAndMiss(t *testing.T) { } func TestGetCachedPreset_SlugRequired(t *testing.T) { - gin.SetMode(gin.TestMode) h := &CrowdsecHandler{} t.Setenv("FEATURE_CERBERUS_ENABLED", "1") diff --git a/backend/internal/api/handlers/crowdsec_coverage_target_test.go b/backend/internal/api/handlers/crowdsec_coverage_target_test.go index 164cc86a..2a5c5a8e 100644 --- a/backend/internal/api/handlers/crowdsec_coverage_target_test.go +++ b/backend/internal/api/handlers/crowdsec_coverage_target_test.go @@ -22,7 +22,6 @@ import ( // TestUpdateAcquisitionConfigSuccess tests successful config update func TestUpdateAcquisitionConfigSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create fake acquis.yaml path in tmp @@ -50,7 +49,6 @@ func TestUpdateAcquisitionConfigSuccess(t *testing.T) { // TestRegisterBouncerScriptPathError tests script not found func TestRegisterBouncerScriptPathError(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -92,7 +90,6 @@ func (f *fakeExecWithOutput) Status(ctx context.Context, configDir string) (runn // TestGetLAPIDecisionsRequestError tests request creation error func TestGetLAPIDecisionsEmptyResponse(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -109,7 +106,6 @@ func TestGetLAPIDecisionsEmptyResponse(t *testing.T) { // TestGetLAPIDecisionsWithFilters tests query parameter handling func TestGetLAPIDecisionsIPQueryParam(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -124,7 +120,6 @@ func TestGetLAPIDecisionsIPQueryParam(t *testing.T) { // TestGetLAPIDecisionsScopeParam tests scope parameter func TestGetLAPIDecisionsScopeParam(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -139,7 +134,6 @@ func TestGetLAPIDecisionsScopeParam(t *testing.T) { // TestGetLAPIDecisionsTypeParam tests type parameter func TestGetLAPIDecisionsTypeParam(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -154,7 +148,6 @@ func TestGetLAPIDecisionsTypeParam(t *testing.T) { // TestGetLAPIDecisionsCombinedParams tests multiple query params func TestGetLAPIDecisionsCombinedParams(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -169,7 +162,6 @@ func TestGetLAPIDecisionsCombinedParams(t *testing.T) { // TestCheckLAPIHealthTimeout tests health check func TestCheckLAPIHealthRequest(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -223,7 +215,6 @@ func TestGetLAPIKeyAlternative(t *testing.T) { // TestStatusContextTimeout tests context handling func TestStatusRequest(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -238,7 +229,6 @@ func TestStatusRequest(t *testing.T) { // TestRegisterBouncerExecutionSuccess tests successful registration func TestRegisterBouncerFlow(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create fake script @@ -267,7 +257,6 @@ func TestRegisterBouncerFlow(t *testing.T) { // TestRegisterBouncerWithError tests execution error func TestRegisterBouncerExecutionFailure(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create fake script @@ -294,7 +283,6 @@ func TestRegisterBouncerExecutionFailure(t *testing.T) { // TestGetAcquisitionConfigFileError tests file read error func TestGetAcquisitionConfigNotPresent(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") diff --git a/backend/internal/api/handlers/crowdsec_dashboard.go b/backend/internal/api/handlers/crowdsec_dashboard.go index c36c9d64..35243efd 100644 --- a/backend/internal/api/handlers/crowdsec_dashboard.go +++ b/backend/internal/api/handlers/crowdsec_dashboard.go @@ -203,7 +203,7 @@ func (h *CrowdsecHandler) fetchActiveDecisionCount(ctx context.Context) int64 { } } - baseURL, err := validateCrowdsecLAPIBaseURL(lapiURL) + baseURL, err := h.resolveLAPIURLValidator(lapiURL) if err != nil { return -1 } @@ -476,7 +476,7 @@ func (h *CrowdsecHandler) fetchLAPIAlerts(ctx context.Context, since time.Time, } } - baseURL, err := validateCrowdsecLAPIBaseURL(lapiURL) + baseURL, err := h.resolveLAPIURLValidator(lapiURL) if err != nil { return h.fetchAlertsCscli(ctx, scenario, limit) } diff --git a/backend/internal/api/handlers/crowdsec_dashboard_test.go b/backend/internal/api/handlers/crowdsec_dashboard_test.go index a34bbb19..435b77a0 100644 --- a/backend/internal/api/handlers/crowdsec_dashboard_test.go +++ b/backend/internal/api/handlers/crowdsec_dashboard_test.go @@ -19,7 +19,6 @@ import ( // setupDashboardHandler creates a CrowdsecHandler with an in-memory DB seeded with decisions. func setupDashboardHandler(t *testing.T) (*CrowdsecHandler, *gin.Engine) { t.Helper() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) @@ -419,7 +418,6 @@ func TestDashboardCache_TTLExpiry_DeletesEntry(t *testing.T) { func TestDashboardSummary_DecisionsTrend(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) @@ -582,7 +580,6 @@ func TestDashboardSummary_7dRange(t *testing.T) { func TestDashboardSummary_TrendNegative100(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) @@ -914,7 +911,6 @@ func TestExportDecisions_AllSources(t *testing.T) { func TestDashboardSummary_ActiveDecisions_LAPIReachable(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -922,12 +918,6 @@ func TestDashboardSummary_ActiveDecisions_LAPIReachable(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) @@ -938,6 +928,7 @@ func TestDashboardSummary_ActiveDecisions_LAPIReachable(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -961,19 +952,12 @@ func TestDashboardSummary_ActiveDecisions_LAPIReachable(t *testing.T) { func TestDashboardSummary_ActiveDecisions_LAPIBadStatus(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusInternalServerError) })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -981,6 +965,7 @@ func TestDashboardSummary_ActiveDecisions_LAPIBadStatus(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -998,7 +983,6 @@ func TestDashboardSummary_ActiveDecisions_LAPIBadStatus(t *testing.T) { func TestDashboardSummary_ActiveDecisions_LAPIBadJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1006,12 +990,6 @@ func TestDashboardSummary_ActiveDecisions_LAPIBadJSON(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1019,6 +997,7 @@ func TestDashboardSummary_ActiveDecisions_LAPIBadJSON(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1036,7 +1015,6 @@ func TestDashboardSummary_ActiveDecisions_LAPIBadJSON(t *testing.T) { func TestListAlerts_LAPISuccess(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1044,12 +1022,6 @@ func TestListAlerts_LAPISuccess(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1057,6 +1029,7 @@ func TestListAlerts_LAPISuccess(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1075,7 +1048,6 @@ func TestListAlerts_LAPISuccess(t *testing.T) { func TestListAlerts_LAPISuccessWithOffset(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1083,12 +1055,6 @@ func TestListAlerts_LAPISuccessWithOffset(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1096,6 +1062,7 @@ func TestListAlerts_LAPISuccessWithOffset(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1116,7 +1083,6 @@ func TestListAlerts_LAPISuccessWithOffset(t *testing.T) { func TestListAlerts_LAPISuccessWithLargeOffset(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1124,12 +1090,6 @@ func TestListAlerts_LAPISuccessWithLargeOffset(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1137,6 +1097,7 @@ func TestListAlerts_LAPISuccessWithLargeOffset(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1159,7 +1120,6 @@ func TestListAlerts_LAPISuccessWithLargeOffset(t *testing.T) { func TestListAlerts_LAPISuccessWithLimitSlicing(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1167,12 +1127,6 @@ func TestListAlerts_LAPISuccessWithLimitSlicing(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1180,6 +1134,7 @@ func TestListAlerts_LAPISuccessWithLimitSlicing(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1200,7 +1155,6 @@ func TestListAlerts_LAPISuccessWithLimitSlicing(t *testing.T) { func TestListAlerts_LAPIBadJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -1208,12 +1162,6 @@ func TestListAlerts_LAPIBadJSON(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1221,6 +1169,7 @@ func TestListAlerts_LAPIBadJSON(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1239,19 +1188,12 @@ func TestListAlerts_LAPIBadJSON(t *testing.T) { func TestListAlerts_LAPIBadStatus(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { w.WriteHeader(http.StatusForbidden) })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1259,6 +1201,7 @@ func TestListAlerts_LAPIBadStatus(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1276,7 +1219,6 @@ func TestListAlerts_LAPIBadStatus(t *testing.T) { func TestListAlerts_LAPIWithScenarioFilter(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) var capturedQuery string server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { @@ -1286,12 +1228,6 @@ func TestListAlerts_LAPIWithScenarioFilter(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { validateCrowdsecLAPIBaseURLFunc = original }) - db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) require.NoError(t, db.Create(&models.SecurityConfig{ @@ -1299,6 +1235,7 @@ func TestListAlerts_LAPIWithScenarioFilter(t *testing.T) { }).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") @@ -1314,7 +1251,6 @@ func TestListAlerts_LAPIWithScenarioFilter(t *testing.T) { func TestFetchAlertsCscli_ErrorExec(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) @@ -1345,7 +1281,6 @@ func TestFetchAlertsCscli_ErrorExec(t *testing.T) { func TestFetchAlertsCscli_ValidJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityConfig{}, &models.Setting{})) diff --git a/backend/internal/api/handlers/crowdsec_decisions_test.go b/backend/internal/api/handlers/crowdsec_decisions_test.go index 1ef9c26a..00d4097e 100644 --- a/backend/internal/api/handlers/crowdsec_decisions_test.go +++ b/backend/internal/api/handlers/crowdsec_decisions_test.go @@ -28,7 +28,6 @@ func (m *mockCommandExecutor) Execute(ctx context.Context, name string, args ... } func TestListDecisions_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -67,7 +66,6 @@ func TestListDecisions_Success(t *testing.T) { } func TestListDecisions_EmptyList(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -98,7 +96,6 @@ func TestListDecisions_EmptyList(t *testing.T) { } func TestListDecisions_CscliError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -130,7 +127,6 @@ func TestListDecisions_CscliError(t *testing.T) { } func TestListDecisions_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -154,7 +150,6 @@ func TestListDecisions_InvalidJSON(t *testing.T) { } func TestBanIP_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -205,7 +200,6 @@ func TestBanIP_Success(t *testing.T) { } func TestBanIP_DefaultDuration(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -245,7 +239,6 @@ func TestBanIP_DefaultDuration(t *testing.T) { } func TestBanIP_MissingIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -268,7 +261,6 @@ func TestBanIP_MissingIP(t *testing.T) { } func TestBanIP_EmptyIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -293,7 +285,6 @@ func TestBanIP_EmptyIP(t *testing.T) { } func TestBanIP_CscliError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -323,7 +314,6 @@ func TestBanIP_CscliError(t *testing.T) { } func TestUnbanIP_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -357,7 +347,6 @@ func TestUnbanIP_Success(t *testing.T) { } func TestUnbanIP_CscliError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -381,7 +370,6 @@ func TestUnbanIP_CscliError(t *testing.T) { } func TestListDecisions_MultipleDecisions(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -430,7 +418,6 @@ func TestListDecisions_MultipleDecisions(t *testing.T) { } func TestBanIP_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() diff --git a/backend/internal/api/handlers/crowdsec_handler.go b/backend/internal/api/handlers/crowdsec_handler.go index 595304d0..157012a2 100644 --- a/backend/internal/api/handlers/crowdsec_handler.go +++ b/backend/internal/api/handlers/crowdsec_handler.go @@ -68,6 +68,11 @@ type CrowdsecHandler struct { LAPIPollInterval time.Duration // For testing; 0 means 500ms default dashCache *dashboardCache + // validateLAPIURL validates and parses a LAPI base URL. + // This field allows tests to inject a permissive validator for mock servers + // without mutating package-level state (which causes data races). + validateLAPIURL func(string) (*url.URL, error) + // registrationMutex protects concurrent bouncer registration attempts registrationMutex sync.Mutex @@ -85,6 +90,14 @@ const ( bouncerName = "caddy-bouncer" ) +// resolveLAPIURLValidator returns the handler's validator or the default. +func (h *CrowdsecHandler) resolveLAPIURLValidator(raw string) (*url.URL, error) { + if h.validateLAPIURL != nil { + return h.validateLAPIURL(raw) + } + return validateCrowdsecLAPIBaseURLDefault(raw) +} + func (h *CrowdsecHandler) bouncerKeyPath() string { if h != nil && strings.TrimSpace(h.DataDir) != "" { return filepath.Join(h.DataDir, "bouncer_key") @@ -371,15 +384,16 @@ func NewCrowdsecHandler(db *gorm.DB, executor CrowdsecExecutor, binPath, dataDir consoleSvc = crowdsec.NewConsoleEnrollmentService(db, &crowdsec.SecureCommandExecutor{}, dataDir, consoleSecret) } return &CrowdsecHandler{ - DB: db, - Executor: executor, - CmdExec: &RealCommandExecutor{}, - BinPath: binPath, - DataDir: dataDir, - Hub: hubSvc, - Console: consoleSvc, - Security: securitySvc, - dashCache: newDashboardCache(), + DB: db, + Executor: executor, + CmdExec: &RealCommandExecutor{}, + BinPath: binPath, + DataDir: dataDir, + Hub: hubSvc, + Console: consoleSvc, + Security: securitySvc, + dashCache: newDashboardCache(), + validateLAPIURL: validateCrowdsecLAPIBaseURLDefault, } } @@ -1444,18 +1458,10 @@ const ( defaultCrowdsecLAPIPort = 8085 ) -// validateCrowdsecLAPIBaseURLFunc is a variable holding the LAPI URL validation function. -// This indirection allows tests to inject a permissive validator for mock servers. -var validateCrowdsecLAPIBaseURLFunc = validateCrowdsecLAPIBaseURLDefault - func validateCrowdsecLAPIBaseURLDefault(raw string) (*url.URL, error) { return security.ValidateInternalServiceBaseURL(raw, defaultCrowdsecLAPIPort, security.InternalServiceHostAllowlist()) } -func validateCrowdsecLAPIBaseURL(raw string) (*url.URL, error) { - return validateCrowdsecLAPIBaseURLFunc(raw) -} - // GetLAPIDecisions queries CrowdSec LAPI directly for current decisions. // This is an alternative to ListDecisions which uses cscli. // Query params: @@ -1473,7 +1479,7 @@ func (h *CrowdsecHandler) GetLAPIDecisions(c *gin.Context) { } } - baseURL, err := validateCrowdsecLAPIBaseURL(lapiURL) + baseURL, err := h.resolveLAPIURLValidator(lapiURL) if err != nil { logger.Log().WithError(err).WithField("lapi_url", lapiURL).Warn("Blocked CrowdSec LAPI URL by internal allowlist policy") // Fallback to cscli-based method. @@ -2144,7 +2150,7 @@ func (h *CrowdsecHandler) CheckLAPIHealth(c *gin.Context) { ctx, cancel := context.WithTimeout(c.Request.Context(), 5*time.Second) defer cancel() - baseURL, err := validateCrowdsecLAPIBaseURL(lapiURL) + baseURL, err := h.resolveLAPIURLValidator(lapiURL) if err != nil { c.JSON(http.StatusOK, gin.H{"healthy": false, "error": "invalid LAPI URL (blocked by SSRF policy)", "lapi_url": lapiURL}) return diff --git a/backend/internal/api/handlers/crowdsec_handler_comprehensive_test.go b/backend/internal/api/handlers/crowdsec_handler_comprehensive_test.go index 3b9a9e4a..38ca0826 100644 --- a/backend/internal/api/handlers/crowdsec_handler_comprehensive_test.go +++ b/backend/internal/api/handlers/crowdsec_handler_comprehensive_test.go @@ -106,7 +106,6 @@ func TestMapCrowdsecStatus(t *testing.T) { // TestIsConsoleEnrollmentEnabled tests the isConsoleEnrollmentEnabled helper func TestIsConsoleEnrollmentEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) tests := []struct { name string @@ -191,7 +190,6 @@ func TestActorFromContext(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) tt.setupCtx(c) @@ -204,7 +202,6 @@ func TestActorFromContext(t *testing.T) { // TestHubEndpoints tests the hubEndpoints helper func TestHubEndpoints(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -233,7 +230,6 @@ func TestHubEndpoints(t *testing.T) { // TestGetCachedPreset tests the GetCachedPreset handler func TestGetCachedPreset(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -264,7 +260,6 @@ func TestGetCachedPreset(t *testing.T) { // TestGetCachedPreset_NotFound tests GetCachedPreset with non-existent preset func TestGetCachedPreset_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -293,7 +288,6 @@ func TestGetCachedPreset_NotFound(t *testing.T) { // TestGetLAPIDecisions tests the GetLAPIDecisions handler func TestGetLAPIDecisions(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -313,7 +307,6 @@ func TestGetLAPIDecisions(t *testing.T) { // TestCheckLAPIHealth tests the CheckLAPIHealth handler func TestCheckLAPIHealth(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -332,7 +325,6 @@ func TestCheckLAPIHealth(t *testing.T) { // TestListDecisions tests the ListDecisions handler func TestListDecisions(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -351,7 +343,6 @@ func TestListDecisions(t *testing.T) { // TestBanIP tests the BanIP handler func TestBanIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -373,7 +364,6 @@ func TestBanIP(t *testing.T) { // TestUnbanIP tests the UnbanIP handler func TestUnbanIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -395,7 +385,6 @@ func TestUnbanIP(t *testing.T) { // TestGetAcquisitionConfig tests the GetAcquisitionConfig handler func TestGetAcquisitionConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() acquisPath := filepath.Join(tmpDir, "acquis.yaml") @@ -417,7 +406,6 @@ func TestGetAcquisitionConfig(t *testing.T) { // TestUpdateAcquisitionConfig tests the UpdateAcquisitionConfig handler func TestUpdateAcquisitionConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() acquisPath := filepath.Join(tmpDir, "acquis.yaml") diff --git a/backend/internal/api/handlers/crowdsec_handler_coverage_test.go b/backend/internal/api/handlers/crowdsec_handler_coverage_test.go index 1a82ad98..5e6c7c8d 100644 --- a/backend/internal/api/handlers/crowdsec_handler_coverage_test.go +++ b/backend/internal/api/handlers/crowdsec_handler_coverage_test.go @@ -29,7 +29,6 @@ func (f *errorExec) Status(ctx context.Context, configDir string) (running bool, } func TestCrowdsec_Start_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -48,7 +47,6 @@ func TestCrowdsec_Start_Error(t *testing.T) { } func TestCrowdsec_Stop_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -67,7 +65,6 @@ func TestCrowdsec_Stop_Error(t *testing.T) { } func TestCrowdsec_Status_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -87,7 +84,6 @@ func TestCrowdsec_Status_Error(t *testing.T) { // ReadFile tests func TestCrowdsec_ReadFile_MissingPath(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -106,7 +102,6 @@ func TestCrowdsec_ReadFile_MissingPath(t *testing.T) { } func TestCrowdsec_ReadFile_PathTraversal(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -126,7 +121,6 @@ func TestCrowdsec_ReadFile_PathTraversal(t *testing.T) { } func TestCrowdsec_ReadFile_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -146,7 +140,6 @@ func TestCrowdsec_ReadFile_NotFound(t *testing.T) { // WriteFile tests func TestCrowdsec_WriteFile_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -166,7 +159,6 @@ func TestCrowdsec_WriteFile_InvalidPayload(t *testing.T) { } func TestCrowdsec_WriteFile_MissingPath(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -189,7 +181,6 @@ func TestCrowdsec_WriteFile_MissingPath(t *testing.T) { } func TestCrowdsec_WriteFile_PathTraversal(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -214,7 +205,6 @@ func TestCrowdsec_WriteFile_PathTraversal(t *testing.T) { // ExportConfig tests func TestCrowdsec_ExportConfig_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) // Use a non-existent directory nonExistentDir := "/tmp/crowdsec-nonexistent-dir-12345" @@ -238,7 +228,6 @@ func TestCrowdsec_ExportConfig_NotFound(t *testing.T) { // ListFiles tests func TestCrowdsec_ListFiles_EmptyDir(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -263,7 +252,6 @@ func TestCrowdsec_ListFiles_EmptyDir(t *testing.T) { } func TestCrowdsec_ListFiles_NonExistent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) nonExistentDir := "/tmp/crowdsec-nonexistent-dir-67890" _ = os.RemoveAll(nonExistentDir) @@ -289,7 +277,6 @@ func TestCrowdsec_ListFiles_NonExistent(t *testing.T) { // ImportConfig error cases func TestCrowdsec_ImportConfig_NoFile(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -310,7 +297,6 @@ func TestCrowdsec_ImportConfig_NoFile(t *testing.T) { // Additional ReadFile test with nested path that exists func TestCrowdsec_ReadFile_NestedPath(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -336,7 +322,6 @@ func TestCrowdsec_ReadFile_NestedPath(t *testing.T) { // Test WriteFile when backup fails (simulate by making dir unwritable) func TestCrowdsec_WriteFile_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -364,7 +349,6 @@ func TestCrowdsec_WriteFile_Success(t *testing.T) { } func TestCrowdsec_ListPresets_Disabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) t.Setenv("FEATURE_CERBERUS_ENABLED", "false") tmpDir := t.TempDir() @@ -383,7 +367,6 @@ func TestCrowdsec_ListPresets_Disabled(t *testing.T) { } func TestCrowdsec_ListPresets_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -406,7 +389,6 @@ func TestCrowdsec_ListPresets_Success(t *testing.T) { } func TestCrowdsec_PullPreset_Validation(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -431,7 +413,6 @@ func TestCrowdsec_PullPreset_Validation(t *testing.T) { } func TestCrowdsec_ApplyPreset_Validation(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() diff --git a/backend/internal/api/handlers/crowdsec_handler_test.go b/backend/internal/api/handlers/crowdsec_handler_test.go index bf72edb1..659e17c3 100644 --- a/backend/internal/api/handlers/crowdsec_handler_test.go +++ b/backend/internal/api/handlers/crowdsec_handler_test.go @@ -89,7 +89,6 @@ func newTestCrowdsecHandler(t *testing.T, db *gorm.DB, executor CrowdsecExecutor func TestCrowdsecEndpoints(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -127,7 +126,6 @@ func TestCrowdsecEndpoints(t *testing.T) { func TestImportConfig(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() fe := &fakeExec{} @@ -173,7 +171,6 @@ func TestImportConfig(t *testing.T) { func TestImportCreatesBackup(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() // create existing config dir with a marker file @@ -240,7 +237,6 @@ func TestImportCreatesBackup(t *testing.T) { func TestExportConfig(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -272,7 +268,6 @@ func TestExportConfig(t *testing.T) { func TestListAndReadFile(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() // create a nested file @@ -304,7 +299,6 @@ func TestListAndReadFile(t *testing.T) { func TestExportConfigStreamsArchive(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) dataDir := t.TempDir() require.NoError(t, os.WriteFile(filepath.Join(dataDir, "config.yaml"), []byte("hello"), 0o600)) // #nosec G306 -- test fixture @@ -345,7 +339,6 @@ func TestExportConfigStreamsArchive(t *testing.T) { func TestWriteFileCreatesBackup(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() // create existing config dir with a marker file @@ -384,7 +377,6 @@ func TestWriteFileCreatesBackup(t *testing.T) { } func TestListPresetsCerberusDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -403,7 +395,6 @@ func TestListPresetsCerberusDisabled(t *testing.T) { func TestReadFileInvalidPath(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -420,7 +411,6 @@ func TestReadFileInvalidPath(t *testing.T) { func TestWriteFileInvalidPath(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -439,7 +429,6 @@ func TestWriteFileInvalidPath(t *testing.T) { func TestWriteFileMissingPath(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -456,7 +445,6 @@ func TestWriteFileMissingPath(t *testing.T) { func TestWriteFileInvalidPayload(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -472,7 +460,6 @@ func TestWriteFileInvalidPayload(t *testing.T) { func TestImportConfigRequiresFile(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -489,7 +476,6 @@ func TestImportConfigRequiresFile(t *testing.T) { func TestImportConfigRejectsEmptyUpload(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -513,7 +499,6 @@ func TestImportConfigRejectsEmptyUpload(t *testing.T) { func TestListFilesMissingDir(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) missingDir := filepath.Join(t.TempDir(), "does-not-exist") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", missingDir) @@ -532,7 +517,6 @@ func TestListFilesMissingDir(t *testing.T) { func TestListFilesReturnsEntries(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) dataDir := t.TempDir() require.NoError(t, os.WriteFile(filepath.Join(dataDir, "root.txt"), []byte("root"), 0o600)) // #nosec G306 -- test fixture nestedDir := filepath.Join(dataDir, "nested") @@ -562,7 +546,6 @@ func TestListFilesReturnsEntries(t *testing.T) { func TestIsCerberusEnabledFromDB(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) require.NoError(t, db.Create(&models.Setting{Key: "feature.cerberus.enabled", Value: "0"}).Error) @@ -582,7 +565,6 @@ func TestIsCerberusEnabledFromDB(t *testing.T) { } func TestIsCerberusEnabledInvalidEnv(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "not-a-bool") h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) @@ -592,7 +574,6 @@ func TestIsCerberusEnabledInvalidEnv(t *testing.T) { } func TestIsCerberusEnabledLegacyEnv(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) t.Setenv("CERBERUS_ENABLED", "0") @@ -636,7 +617,6 @@ func (m *mockEnvExecutor) ExecuteWithEnv(ctx context.Context, name string, args func setupTestConsoleEnrollment(t *testing.T) (*CrowdsecHandler, *mockEnvExecutor) { t.Helper() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.CrowdsecConsoleEnrollment{})) @@ -651,7 +631,6 @@ func setupTestConsoleEnrollment(t *testing.T) (*CrowdsecHandler, *mockEnvExecuto } func TestConsoleEnrollDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -670,7 +649,6 @@ func TestConsoleEnrollDisabled(t *testing.T) { } func TestConsoleEnrollServiceUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -691,7 +669,6 @@ func TestConsoleEnrollServiceUnavailable(t *testing.T) { } func TestConsoleEnrollInvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -709,7 +686,6 @@ func TestConsoleEnrollInvalidPayload(t *testing.T) { } func TestConsoleEnrollSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -732,7 +708,6 @@ func TestConsoleEnrollSuccess(t *testing.T) { } func TestConsoleEnrollMissingAgentName(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -751,7 +726,6 @@ func TestConsoleEnrollMissingAgentName(t *testing.T) { } func TestConsoleStatusDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -768,7 +742,6 @@ func TestConsoleStatusDisabled(t *testing.T) { } func TestConsoleStatusServiceUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -787,7 +760,6 @@ func TestConsoleStatusServiceUnavailable(t *testing.T) { } func TestConsoleStatusSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -808,7 +780,6 @@ func TestConsoleStatusSuccess(t *testing.T) { } func TestConsoleStatusAfterEnroll(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -844,7 +815,6 @@ func TestConsoleStatusAfterEnroll(t *testing.T) { func TestIsConsoleEnrollmentEnabledFromDB(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) require.NoError(t, db.Create(&models.Setting{Key: "feature.crowdsec.console_enrollment", Value: "true"}).Error) @@ -855,7 +825,6 @@ func TestIsConsoleEnrollmentEnabledFromDB(t *testing.T) { func TestIsConsoleEnrollmentDisabledFromDB(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) require.NoError(t, db.Create(&models.Setting{Key: "feature.crowdsec.console_enrollment", Value: "false"}).Error) @@ -865,7 +834,6 @@ func TestIsConsoleEnrollmentDisabledFromDB(t *testing.T) { } func TestIsConsoleEnrollmentEnabledFromEnv(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) @@ -873,7 +841,6 @@ func TestIsConsoleEnrollmentEnabledFromEnv(t *testing.T) { } func TestIsConsoleEnrollmentDisabledFromEnv(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "0") h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) @@ -881,7 +848,6 @@ func TestIsConsoleEnrollmentDisabledFromEnv(t *testing.T) { } func TestIsConsoleEnrollmentInvalidEnv(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "invalid") h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) @@ -889,7 +855,6 @@ func TestIsConsoleEnrollmentInvalidEnv(t *testing.T) { } func TestIsConsoleEnrollmentDefaultDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, nil, &fakeExec{}, "/bin/false", t.TempDir()) require.False(t, h.isConsoleEnrollmentEnabled()) @@ -914,7 +879,6 @@ func TestIsConsoleEnrollmentDBTrueVariants(t *testing.T) { for _, tc := range tests { t.Run(tc.value, func(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) require.NoError(t, db.Create(&models.Setting{Key: "feature.crowdsec.console_enrollment", Value: tc.value}).Error) @@ -948,7 +912,6 @@ func (m *mockCmdExecutor) Execute(ctx context.Context, name string, args ...stri func TestRegisterBouncerScriptNotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() g := r.Group("/api/v1") @@ -965,7 +928,6 @@ func TestRegisterBouncerScriptNotFound(t *testing.T) { func TestRegisterBouncerSuccess(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Create a temp script that mimics successful bouncer registration tmpDir := t.TempDir() @@ -1003,7 +965,6 @@ func TestRegisterBouncerSuccess(t *testing.T) { func TestRegisterBouncerExecutionError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Create a mock command executor that simulates execution error mockExec := &mockCmdExecutor{ @@ -1032,7 +993,6 @@ func TestRegisterBouncerExecutionError(t *testing.T) { // ============================================ func TestGetAcquisitionConfigNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", filepath.Join(t.TempDir(), "missing-acquis.yaml")) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -1048,7 +1008,6 @@ func TestGetAcquisitionConfigNotFound(t *testing.T) { } func TestGetAcquisitionConfigSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) // Create a temp acquis.yaml to test with tmpDir := t.TempDir() @@ -1087,7 +1046,6 @@ labels: // ============================================ func TestDeleteConsoleEnrollmentDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) // Feature flag not set, should return 404 h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1104,7 +1062,6 @@ func TestDeleteConsoleEnrollmentDisabled(t *testing.T) { } func TestDeleteConsoleEnrollmentServiceUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") // Create handler with nil Console service @@ -1131,7 +1088,6 @@ func TestDeleteConsoleEnrollmentServiceUnavailable(t *testing.T) { } func TestDeleteConsoleEnrollmentSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -1164,7 +1120,6 @@ func TestDeleteConsoleEnrollmentSuccess(t *testing.T) { } func TestDeleteConsoleEnrollmentNoRecordSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -1184,7 +1139,6 @@ func TestDeleteConsoleEnrollmentNoRecordSuccess(t *testing.T) { } func TestDeleteConsoleEnrollmentThenReenroll(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -1252,7 +1206,6 @@ func TestDeleteConsoleEnrollmentThenReenroll(t *testing.T) { // Start Handler - LAPI Readiness Polling Tests func TestCrowdsecStart_LAPINotReadyTimeout(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns error for lapi status checks mockExec := &mockCmdExecutor{ @@ -1311,7 +1264,6 @@ func (f *fakeExecWithError) Status(ctx context.Context, configDir string) (runni func TestCrowdsecHandler_Status_Error(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) fe := &fakeExecWithError{statusError: errors.New("status check failed")} db := setupCrowdDB(t) @@ -1331,7 +1283,6 @@ func TestCrowdsecHandler_Status_Error(t *testing.T) { func TestCrowdsecHandler_Start_ExecutorError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) fe := &fakeExecWithError{startError: errors.New("failed to start process")} db := setupCrowdDB(t) @@ -1351,7 +1302,6 @@ func TestCrowdsecHandler_Start_ExecutorError(t *testing.T) { func TestCrowdsecHandler_ExportConfig_DirNotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) // Use a non-existent directory @@ -1376,7 +1326,6 @@ func TestCrowdsecHandler_ExportConfig_DirNotFound(t *testing.T) { func TestCrowdsecHandler_ReadFile_NotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -1396,7 +1345,6 @@ func TestCrowdsecHandler_ReadFile_NotFound(t *testing.T) { func TestCrowdsecHandler_ReadFile_MissingPath(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) @@ -1415,7 +1363,6 @@ func TestCrowdsecHandler_ReadFile_MissingPath(t *testing.T) { func TestCrowdsecHandler_ListDecisions_Success(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns valid JSON decisions mockExec := &mockCmdExecutor{ @@ -1444,7 +1391,6 @@ func TestCrowdsecHandler_ListDecisions_Success(t *testing.T) { func TestCrowdsecHandler_ListDecisions_Empty(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns null (no decisions) mockExec := &mockCmdExecutor{ @@ -1472,7 +1418,6 @@ func TestCrowdsecHandler_ListDecisions_Empty(t *testing.T) { func TestCrowdsecHandler_ListDecisions_CscliError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns an error mockExec := &mockCmdExecutor{ @@ -1498,7 +1443,6 @@ func TestCrowdsecHandler_ListDecisions_CscliError(t *testing.T) { func TestCrowdsecHandler_ListDecisions_InvalidJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns invalid JSON mockExec := &mockCmdExecutor{ @@ -1524,7 +1468,6 @@ func TestCrowdsecHandler_ListDecisions_InvalidJSON(t *testing.T) { func TestCrowdsecHandler_BanIP_Success(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("Decision created"), @@ -1554,7 +1497,6 @@ func TestCrowdsecHandler_BanIP_Success(t *testing.T) { func TestCrowdsecHandler_BanIP_MissingIP(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) @@ -1575,7 +1517,6 @@ func TestCrowdsecHandler_BanIP_MissingIP(t *testing.T) { func TestCrowdsecHandler_BanIP_EmptyIP(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) @@ -1596,7 +1537,6 @@ func TestCrowdsecHandler_BanIP_EmptyIP(t *testing.T) { func TestCrowdsecHandler_BanIP_DefaultDuration(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("Decision created"), @@ -1626,7 +1566,6 @@ func TestCrowdsecHandler_BanIP_DefaultDuration(t *testing.T) { func TestCrowdsecHandler_UnbanIP_Success(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("Decision deleted"), @@ -1653,7 +1592,6 @@ func TestCrowdsecHandler_UnbanIP_Success(t *testing.T) { func TestCrowdsecHandler_UnbanIP_Error(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("error"), @@ -1682,7 +1620,6 @@ func TestCrowdsecHandler_UnbanIP_Error(t *testing.T) { func TestCrowdsecHandler_BanIP_ExecutionError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("error: failed to add decision"), @@ -1711,7 +1648,6 @@ func TestCrowdsecHandler_BanIP_ExecutionError(t *testing.T) { func TestCrowdsecHandler_CheckLAPIHealth_InvalidURL(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -1747,7 +1683,6 @@ func TestCrowdsecHandler_CheckLAPIHealth_InvalidURL(t *testing.T) { func TestCrowdsecHandler_GetLAPIDecisions_Fallback(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that simulates fallback to cscli mockExec := &mockCmdExecutor{ @@ -1786,7 +1721,6 @@ func TestCrowdsecHandler_GetLAPIDecisions_Fallback(t *testing.T) { } func TestCrowdsecHandler_PullPreset_CerberusDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1805,7 +1739,6 @@ func TestCrowdsecHandler_PullPreset_CerberusDisabled(t *testing.T) { } func TestCrowdsecHandler_PullPreset_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1823,7 +1756,6 @@ func TestCrowdsecHandler_PullPreset_InvalidPayload(t *testing.T) { } func TestCrowdsecHandler_PullPreset_EmptySlug(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1842,7 +1774,6 @@ func TestCrowdsecHandler_PullPreset_EmptySlug(t *testing.T) { } func TestCrowdsecHandler_PullPreset_HubUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1863,7 +1794,6 @@ func TestCrowdsecHandler_PullPreset_HubUnavailable(t *testing.T) { } func TestCrowdsecHandler_ApplyPreset_CerberusDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1882,7 +1812,6 @@ func TestCrowdsecHandler_ApplyPreset_CerberusDisabled(t *testing.T) { } func TestCrowdsecHandler_ApplyPreset_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1900,7 +1829,6 @@ func TestCrowdsecHandler_ApplyPreset_InvalidPayload(t *testing.T) { } func TestCrowdsecHandler_ApplyPreset_EmptySlug(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1919,7 +1847,6 @@ func TestCrowdsecHandler_ApplyPreset_EmptySlug(t *testing.T) { } func TestCrowdsecHandler_ApplyPreset_HubUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -1941,7 +1868,6 @@ func TestCrowdsecHandler_ApplyPreset_HubUnavailable(t *testing.T) { func TestCrowdsecHandler_UpdateAcquisitionConfig_MissingContent(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -1960,7 +1886,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_MissingContent(t *testing.T) { func TestCrowdsecHandler_UpdateAcquisitionConfig_InvalidJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -1977,7 +1902,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_InvalidJSON(t *testing.T) { func TestCrowdsecHandler_ListDecisions_WithConfigYaml(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create config.yaml to trigger the config path code @@ -2018,7 +1942,6 @@ func TestCrowdsecHandler_ListDecisions_WithConfigYaml(t *testing.T) { func TestCrowdsecHandler_BanIP_WithConfigYaml(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create config.yaml to trigger the config path code @@ -2048,7 +1971,6 @@ func TestCrowdsecHandler_BanIP_WithConfigYaml(t *testing.T) { func TestCrowdsecHandler_UnbanIP_WithConfigYaml(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create config.yaml to trigger the config path code @@ -2076,7 +1998,6 @@ func TestCrowdsecHandler_UnbanIP_WithConfigYaml(t *testing.T) { func TestCrowdsecHandler_Status_LAPIReady(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Create config.yaml @@ -2112,7 +2033,6 @@ func TestCrowdsecHandler_Status_LAPIReady(t *testing.T) { func TestCrowdsecHandler_Status_LAPINotReady(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -2146,7 +2066,6 @@ func TestCrowdsecHandler_Status_LAPINotReady(t *testing.T) { func TestCrowdsecHandler_ListDecisions_WithCreatedAt(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Mock executor that returns decisions with created_at field mockExec := &mockCmdExecutor{ @@ -2180,7 +2099,6 @@ func TestCrowdsecHandler_ListDecisions_WithCreatedAt(t *testing.T) { func TestCrowdsecHandler_HubEndpoints(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Test with nil Hub h := &CrowdsecHandler{Hub: nil} @@ -2196,7 +2114,6 @@ func TestCrowdsecHandler_HubEndpoints(t *testing.T) { } func TestCrowdsecHandler_ConsoleEnroll_ProgressConflict(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") h, _ := setupTestConsoleEnrollment(t) @@ -2224,7 +2141,6 @@ func TestCrowdsecHandler_ConsoleEnroll_ProgressConflict(t *testing.T) { } func TestCrowdsecHandler_GetCachedPreset_CerberusDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "false") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -2241,7 +2157,6 @@ func TestCrowdsecHandler_GetCachedPreset_CerberusDisabled(t *testing.T) { } func TestCrowdsecHandler_GetCachedPreset_HubUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -2261,7 +2176,6 @@ func TestCrowdsecHandler_GetCachedPreset_HubUnavailable(t *testing.T) { } func TestCrowdsecHandler_GetCachedPreset_EmptySlug(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") db := OpenTestDB(t) @@ -2283,7 +2197,6 @@ func TestCrowdsecHandler_GetCachedPreset_EmptySlug(t *testing.T) { // TestCrowdsecHandler_Start_StatusCode tests starting CrowdSec returns 200 status func TestCrowdsecHandler_Start_StatusCode(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() fe := &fakeExec{} @@ -2307,7 +2220,6 @@ func TestCrowdsecHandler_Start_StatusCode(t *testing.T) { // TestCrowdsecHandler_Stop_UpdatesSecurityConfig tests stopping CrowdSec updates SecurityConfig func TestCrowdsecHandler_Stop_UpdatesSecurityConfig(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() fe := &fakeExec{started: true} @@ -2342,7 +2254,6 @@ func TestCrowdsecHandler_Stop_UpdatesSecurityConfig(t *testing.T) { // TestCrowdsecHandler_ActorFromContext tests actor extraction from Gin context func TestCrowdsecHandler_ActorFromContext(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Test with userID present c1, _ := gin.CreateTestContext(httptest.NewRecorder()) @@ -2359,7 +2270,6 @@ func TestCrowdsecHandler_ActorFromContext(t *testing.T) { // TestCrowdsecHandler_IsCerberusEnabled_EnvVar tests Cerberus feature flag via environment variable func TestCrowdsecHandler_IsCerberusEnabled_EnvVar(t *testing.T) { // Note: Cannot use t.Parallel() with t.Setenv in subtests - gin.SetMode(gin.TestMode) testCases := []struct { name string @@ -2397,7 +2307,6 @@ func TestCrowdsecHandler_IsCerberusEnabled_EnvVar(t *testing.T) { // TestCrowdsecHandler_ApplyPreset_InvalidJSON verifies JSON binding error handling func TestCrowdsecHandler_ApplyPreset_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -2416,7 +2325,6 @@ func TestCrowdsecHandler_ApplyPreset_InvalidJSON(t *testing.T) { // TestCrowdsecHandler_ApplyPreset_MissingPresetFile verifies cache miss handling func TestCrowdsecHandler_ApplyPreset_MissingPresetFile(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") db := OpenTestDB(t) @@ -2444,7 +2352,6 @@ func TestCrowdsecHandler_ApplyPreset_MissingPresetFile(t *testing.T) { // TestCrowdsecHandler_GetPresets_DirectoryReadError simulates directory access errors func TestCrowdsecHandler_GetPresets_DirectoryReadError(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") db := OpenTestDB(t) @@ -2480,7 +2387,6 @@ func TestCrowdsecHandler_GetPresets_DirectoryReadError(t *testing.T) { // TestCrowdsecHandler_Start_AlreadyRunning verifies Start when process is already running func TestCrowdsecHandler_Start_AlreadyRunning(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Create executor that reports process is already running fe := &fakeExec{started: true} @@ -2514,7 +2420,6 @@ func TestCrowdsecHandler_Start_AlreadyRunning(t *testing.T) { // TestCrowdsecHandler_Stop_WhenNotRunning verifies Stop behavior when process isn't running func TestCrowdsecHandler_Stop_WhenNotRunning(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) fe := &fakeExec{started: false} @@ -2539,7 +2444,6 @@ func TestCrowdsecHandler_Stop_WhenNotRunning(t *testing.T) { // TestCrowdsecHandler_BanIP_InvalidJSON verifies JSON binding for ban requests func TestCrowdsecHandler_BanIP_InvalidJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -2558,7 +2462,6 @@ func TestCrowdsecHandler_BanIP_InvalidJSON(t *testing.T) { // TestCrowdsecHandler_UnbanIP_MissingParam verifies parameter validation func TestCrowdsecHandler_UnbanIP_MissingParam(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -2583,7 +2486,6 @@ func TestCrowdsecHandler_ListFiles_WalkError(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() restrictedDir := filepath.Join(tmpDir, "restricted") @@ -2609,7 +2511,6 @@ func TestCrowdsecHandler_ListFiles_WalkError(t *testing.T) { // TestCrowdsecHandler_GetCachedPreset_InvalidSlug verifies slug validation func TestCrowdsecHandler_GetCachedPreset_InvalidSlug(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -2627,7 +2528,6 @@ func TestCrowdsecHandler_GetCachedPreset_InvalidSlug(t *testing.T) { // TestCrowdsecHandler_GetCachedPreset_CacheMiss verifies cache miss handling func TestCrowdsecHandler_GetCachedPreset_CacheMiss(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -2651,7 +2551,6 @@ func TestCrowdsecHandler_GetCachedPreset_CacheMiss(t *testing.T) { func TestCrowdsecHandler_RegisterBouncer_InvalidAPIKey(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Create mock executor that returns invalid API key format mockExec := &mockCmdExecutor{ @@ -2686,7 +2585,6 @@ exit 1 func TestCrowdsecHandler_RegisterBouncer_LAPIConnectionError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("Error: Cannot connect to LAPI\ncscli lapi status: connection refused\n"), @@ -2712,7 +2610,6 @@ func TestCrowdsecHandler_RegisterBouncer_LAPIConnectionError(t *testing.T) { func TestCrowdsecHandler_GetAcquisitionConfig_FileNotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) r := gin.New() @@ -2735,7 +2632,6 @@ func TestCrowdsecHandler_GetAcquisitionConfig_FileNotFound(t *testing.T) { func TestCrowdsecHandler_GetAcquisitionConfig_ParseError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // This test verifies the handler returns content even if YAML is malformed // The handler doesn't parse YAML, it just reads the file content @@ -2758,7 +2654,6 @@ func TestCrowdsecHandler_GetAcquisitionConfig_ParseError(t *testing.T) { func TestCrowdsecHandler_ImportConfig_InvalidYAML(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -2788,7 +2683,6 @@ func TestCrowdsecHandler_ImportConfig_InvalidYAML(t *testing.T) { func TestCrowdsecHandler_ImportConfig_ReadError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -2816,7 +2710,6 @@ func TestCrowdsecHandler_ImportConfig_ReadError(t *testing.T) { func TestCrowdsecHandler_ImportConfig_MissingRequiredFields(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", t.TempDir()) @@ -2848,7 +2741,6 @@ func TestCrowdsecHandler_ExportConfig_WriteError(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -2880,7 +2772,6 @@ func TestCrowdsecHandler_ExportConfig_PermissionsDenied(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() restrictedFile := filepath.Join(tmpDir, "restricted.conf") @@ -2910,7 +2801,6 @@ func TestCrowdsecHandler_ExportConfig_PermissionsDenied(t *testing.T) { func TestCrowdsecHandler_ExportConfig_SuccessValidation(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -2976,7 +2866,6 @@ common: func TestCrowdsecHandler_ListFiles_DirectoryNotExists(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) // Use explicitly non-existent directory nonExistentDir := filepath.Join(os.TempDir(), "crowdsec-test-nonexistent-"+t.Name()) @@ -3019,7 +2908,6 @@ func TestCrowdsecHandler_ListFiles_PermissionDenied(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() restrictedDir := filepath.Join(tmpDir, "restricted") @@ -3050,7 +2938,6 @@ func TestCrowdsecHandler_ListFiles_PermissionDenied(t *testing.T) { func TestCrowdsecHandler_ListFiles_FilteringLogic(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3103,7 +2990,6 @@ func TestCrowdsecHandler_ListFiles_FilteringLogic(t *testing.T) { // Test actual file operations to increase ExportConfig coverage func TestCrowdsecHandler_ExportConfig_MultipleDirectories(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3163,7 +3049,6 @@ func TestCrowdsecHandler_ExportConfig_MultipleDirectories(t *testing.T) { // Test ListFiles with deeply nested structure func TestCrowdsecHandler_ListFiles_DeepNesting(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3194,7 +3079,6 @@ func TestCrowdsecHandler_ListFiles_DeepNesting(t *testing.T) { // Test ImportConfig with actual file operations func TestCrowdsecHandler_ImportConfig_LargeFile(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -3235,7 +3119,6 @@ func TestCrowdsecHandler_ImportConfig_LargeFile(t *testing.T) { // Test Start with SecurityConfig creation func TestCrowdsecHandler_Start_CreatesSecurityConfig(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -3269,7 +3152,6 @@ func TestCrowdsecHandler_Start_CreatesSecurityConfig(t *testing.T) { // Test Stop updates existing SecurityConfig func TestCrowdsecHandler_Stop_UpdatesExistingConfig(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -3306,7 +3188,6 @@ func TestCrowdsecHandler_Stop_UpdatesExistingConfig(t *testing.T) { // Test WriteFile backup creation func TestCrowdsecHandler_WriteFile_BackupCreation(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3350,7 +3231,6 @@ func TestCrowdsecHandler_WriteFile_BackupCreation(t *testing.T) { // Test ReadFile with path traversal protection func TestCrowdsecHandler_ReadFile_PathTraversal(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3375,7 +3255,6 @@ func TestCrowdsecHandler_ReadFile_PathTraversal(t *testing.T) { // Test Status with config.yaml present func TestCrowdsecHandler_Status_WithConfigFile(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3412,7 +3291,6 @@ func TestCrowdsecHandler_Status_WithConfigFile(t *testing.T) { // Test BanIP with reason func TestCrowdsecHandler_BanIP_WithReason(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte("Decision created"), @@ -3457,7 +3335,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_CreatesBackup(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -3483,7 +3360,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_CreatesBackup(t *testing.T) { // Test Start when executor.Start fails func TestCrowdsecHandler_Start_ExecutorFailure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) @@ -3522,7 +3398,6 @@ func TestCrowdsecHandler_Start_ExecutorFailure(t *testing.T) { // Test Start when LAPI doesn't become ready func TestCrowdsecHandler_Start_LAPINotReady(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) @@ -3557,7 +3432,6 @@ func TestCrowdsecHandler_Start_LAPINotReady(t *testing.T) { // Test ConsoleStatus when not enrolled func TestCrowdsecHandler_ConsoleStatus_NotEnrolled(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") t.Setenv("FEATURE_CROWDSEC_CONSOLE_ENROLLMENT", "true") @@ -3590,7 +3464,6 @@ func TestCrowdsecHandler_ConsoleStatus_NotEnrolled(t *testing.T) { // Test WriteFile with directory creation func TestCrowdsecHandler_WriteFile_DirectoryCreation(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() @@ -3624,7 +3497,6 @@ func TestCrowdsecHandler_WriteFile_DirectoryCreation(t *testing.T) { // Test GetLAPIDecisions with API errors func TestCrowdsecHandler_GetLAPIDecisions_APIError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) @@ -3659,7 +3531,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_ReadError(t *testing.T) { } t.Parallel() - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -3682,7 +3553,6 @@ func TestCrowdsecHandler_UpdateAcquisitionConfig_ReadError(t *testing.T) { // Test CheckLAPIHealth with various failure modes func TestCrowdsecHandler_CheckLAPIHealth_Timeout(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(""), @@ -3711,7 +3581,6 @@ func TestCrowdsecHandler_CheckLAPIHealth_Timeout(t *testing.T) { // Test ExportConfig with write errors func TestCrowdsecHandler_ExportConfig_EmptyDirectory(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // Don't create any subdirectories @@ -3733,7 +3602,6 @@ func TestCrowdsecHandler_ExportConfig_EmptyDirectory(t *testing.T) { // Test ImportConfig with corrupted archive func TestCrowdsecHandler_ImportConfig_CorruptedArchive(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -3894,7 +3762,6 @@ func TestValidateAPIKeyFormat(t *testing.T) { // Security: Critical test to prevent API key leakage in logs (CWE-312, CWE-315, CWE-359). func TestLogBouncerKeyBanner_NoSecretExposure(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) tmpDir := t.TempDir() @@ -4493,7 +4360,6 @@ func TestEnsureBouncerRegistration_ConcurrentCalls(t *testing.T) { func TestValidateBouncerKey_BouncerExists(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(`[{"name":"caddy-bouncer"}]`), @@ -4514,7 +4380,6 @@ func TestValidateBouncerKey_BouncerExists(t *testing.T) { func TestValidateBouncerKey_BouncerNotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(`[{"name":"some-other-bouncer"}]`), @@ -4533,7 +4398,6 @@ func TestValidateBouncerKey_BouncerNotFound(t *testing.T) { func TestValidateBouncerKey_EmptyOutput(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(``), @@ -4552,7 +4416,6 @@ func TestValidateBouncerKey_EmptyOutput(t *testing.T) { func TestValidateBouncerKey_NullOutput(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(`null`), @@ -4571,7 +4434,6 @@ func TestValidateBouncerKey_NullOutput(t *testing.T) { func TestValidateBouncerKey_CmdError(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: nil, @@ -4590,7 +4452,6 @@ func TestValidateBouncerKey_CmdError(t *testing.T) { func TestValidateBouncerKey_InvalidJSON(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) mockExec := &mockCmdExecutor{ output: []byte(`not valid json`), @@ -4608,7 +4469,6 @@ func TestValidateBouncerKey_InvalidJSON(t *testing.T) { } func TestGetBouncerInfo_FromEnvVar(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "test-api-key-12345678901234567890") mockExec := &mockCmdExecutor{ @@ -4636,7 +4496,6 @@ func TestGetBouncerInfo_FromEnvVar(t *testing.T) { } func TestGetBouncerInfo_NotRegistered(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "test-api-key-12345678901234567890") mockExec := &mockCmdExecutor{ @@ -4663,7 +4522,6 @@ func TestGetBouncerInfo_NotRegistered(t *testing.T) { } func TestGetBouncerKey_FromEnvVar(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "test-env-key-value-12345") h := &CrowdsecHandler{} @@ -4683,7 +4541,6 @@ func TestGetBouncerKey_FromEnvVar(t *testing.T) { } func TestGetKeyStatus_EnvKeyValid(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "test-api-key-12345678901234567890") h := &CrowdsecHandler{} @@ -4703,7 +4560,6 @@ func TestGetKeyStatus_EnvKeyValid(t *testing.T) { } func TestGetKeyStatus_EnvKeyRejected(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "rejected-key-123456789012345") h := &CrowdsecHandler{ diff --git a/backend/internal/api/handlers/crowdsec_lapi_test.go b/backend/internal/api/handlers/crowdsec_lapi_test.go index 58e7a97b..28f4f3b3 100644 --- a/backend/internal/api/handlers/crowdsec_lapi_test.go +++ b/backend/internal/api/handlers/crowdsec_lapi_test.go @@ -12,7 +12,6 @@ import ( ) func TestGetLAPIDecisions_FallbackToCscli(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() // Create handler with mock executor @@ -40,7 +39,6 @@ func TestGetLAPIDecisions_FallbackToCscli(t *testing.T) { } func TestGetLAPIDecisions_EmptyResponse(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() // Create handler with mock executor that returns empty array @@ -67,7 +65,6 @@ func TestGetLAPIDecisions_EmptyResponse(t *testing.T) { } func TestCheckLAPIHealth_Handler(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() handler := &CrowdsecHandler{ diff --git a/backend/internal/api/handlers/crowdsec_presets_handler_test.go b/backend/internal/api/handlers/crowdsec_presets_handler_test.go index 2947eaa6..cf0e734a 100644 --- a/backend/internal/api/handlers/crowdsec_presets_handler_test.go +++ b/backend/internal/api/handlers/crowdsec_presets_handler_test.go @@ -46,7 +46,6 @@ func makePresetTar(t *testing.T, files map[string]string) []byte { } func TestListPresetsIncludesCacheAndIndex(t *testing.T) { - gin.SetMode(gin.TestMode) cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) _, err = cache.Store(context.Background(), "crowdsecurity/demo", "etag1", "hub", "preview", []byte("archive")) @@ -92,7 +91,6 @@ func TestListPresetsIncludesCacheAndIndex(t *testing.T) { } func TestPullPresetHandlerSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) dataDir := filepath.Join(t.TempDir(), "crowdsec") @@ -132,7 +130,6 @@ func TestPullPresetHandlerSuccess(t *testing.T) { } func TestApplyPresetHandlerAudits(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.CrowdsecPresetEvent{})) @@ -186,7 +183,6 @@ func TestApplyPresetHandlerAudits(t *testing.T) { } func TestPullPresetHandlerHubError(t *testing.T) { - gin.SetMode(gin.TestMode) cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) @@ -213,7 +209,6 @@ func TestPullPresetHandlerHubError(t *testing.T) { } func TestPullPresetHandlerTimeout(t *testing.T) { - gin.SetMode(gin.TestMode) cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) @@ -241,7 +236,6 @@ func TestPullPresetHandlerTimeout(t *testing.T) { } func TestGetCachedPresetNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) @@ -260,7 +254,6 @@ func TestGetCachedPresetNotFound(t *testing.T) { } func TestGetCachedPresetServiceUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) h.Hub = &crowdsec.HubService{} @@ -277,7 +270,6 @@ func TestGetCachedPresetServiceUnavailable(t *testing.T) { } func TestApplyPresetHandlerBackupFailure(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.CrowdsecPresetEvent{})) @@ -325,7 +317,6 @@ func TestApplyPresetHandlerBackupFailure(t *testing.T) { } func TestListPresetsMergesCuratedAndHub(t *testing.T) { - gin.SetMode(gin.TestMode) hub := crowdsec.NewHubService(nil, nil, t.TempDir()) hub.HubBaseURL = "http://hub.example" @@ -375,7 +366,6 @@ func TestListPresetsMergesCuratedAndHub(t *testing.T) { } func TestGetCachedPresetSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) @@ -403,7 +393,6 @@ func TestGetCachedPresetSuccess(t *testing.T) { } func TestGetCachedPresetSlugRequired(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") cache, err := crowdsec.NewHubCache(t.TempDir(), time.Hour) require.NoError(t, err) @@ -424,7 +413,6 @@ func TestGetCachedPresetSlugRequired(t *testing.T) { } func TestGetCachedPresetPreviewError(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") cacheDir := t.TempDir() cache, err := crowdsec.NewHubCache(cacheDir, time.Hour) @@ -451,7 +439,6 @@ func TestGetCachedPresetPreviewError(t *testing.T) { } func TestPullCuratedPresetSkipsHub(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") // Setup handler with a hub service that would fail if called @@ -489,7 +476,6 @@ func TestPullCuratedPresetSkipsHub(t *testing.T) { } func TestApplyCuratedPresetSkipsHub(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("FEATURE_CERBERUS_ENABLED", "true") db := OpenTestDB(t) diff --git a/backend/internal/api/handlers/crowdsec_pull_apply_integration_test.go b/backend/internal/api/handlers/crowdsec_pull_apply_integration_test.go index e0fcdc07..f714e42d 100644 --- a/backend/internal/api/handlers/crowdsec_pull_apply_integration_test.go +++ b/backend/internal/api/handlers/crowdsec_pull_apply_integration_test.go @@ -24,7 +24,6 @@ import ( // TestPullThenApplyIntegration tests the complete pull→apply workflow from the user's perspective. // This reproduces the scenario where a user pulls a preset and then tries to apply it. func TestPullThenApplyIntegration(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup cacheDir := t.TempDir() @@ -111,7 +110,6 @@ func TestPullThenApplyIntegration(t *testing.T) { // TestApplyWithoutPullReturnsProperError verifies the error message when applying without pulling first. func TestApplyWithoutPullReturnsProperError(t *testing.T) { - gin.SetMode(gin.TestMode) cacheDir := t.TempDir() dataDir := t.TempDir() @@ -155,7 +153,6 @@ func TestApplyWithoutPullReturnsProperError(t *testing.T) { } func TestApplyRollbackWhenCacheMissingAndRepullFails(t *testing.T) { - gin.SetMode(gin.TestMode) cacheDir := t.TempDir() dataRoot := t.TempDir() diff --git a/backend/internal/api/handlers/crowdsec_state_sync_test.go b/backend/internal/api/handlers/crowdsec_state_sync_test.go index 6b50810b..a7cb29cd 100644 --- a/backend/internal/api/handlers/crowdsec_state_sync_test.go +++ b/backend/internal/api/handlers/crowdsec_state_sync_test.go @@ -14,7 +14,6 @@ import ( // TestStartSyncsSettingsTable verifies that Start() updates the settings table. func TestStartSyncsSettingsTable(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) // Migrate both SecurityConfig and Setting tables @@ -78,7 +77,6 @@ func TestStartSyncsSettingsTable(t *testing.T) { // TestStopSyncsSettingsTable verifies that Stop() updates the settings table. func TestStopSyncsSettingsTable(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) // Migrate both SecurityConfig and Setting tables @@ -147,7 +145,6 @@ func TestStopSyncsSettingsTable(t *testing.T) { // TestStartAndStopStateConsistency verifies consistent state across Start/Stop cycles. func TestStartAndStopStateConsistency(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -219,7 +216,6 @@ func TestStartAndStopStateConsistency(t *testing.T) { // TestExistingSettingIsUpdated verifies that an existing setting is updated, not duplicated. func TestExistingSettingIsUpdated(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -293,7 +289,6 @@ func (f *fakeFailingExec) Status(ctx context.Context, configDir string) (running // TestStartFailureRevertsSettings verifies that a failed Start reverts the settings. func TestStartFailureRevertsSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -330,7 +325,6 @@ func TestStartFailureRevertsSettings(t *testing.T) { // TestStatusResponseFormat verifies the status endpoint response format. func TestStatusResponseFormat(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) diff --git a/backend/internal/api/handlers/crowdsec_stop_lapi_test.go b/backend/internal/api/handlers/crowdsec_stop_lapi_test.go index 01f1cccb..b305b037 100644 --- a/backend/internal/api/handlers/crowdsec_stop_lapi_test.go +++ b/backend/internal/api/handlers/crowdsec_stop_lapi_test.go @@ -51,7 +51,6 @@ func createTestSecurityService(t *testing.T, db *gorm.DB) *services.SecurityServ // TestCrowdsecHandler_Stop_Success tests the Stop handler with successful execution func TestCrowdsecHandler_Stop_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -97,7 +96,6 @@ func TestCrowdsecHandler_Stop_Success(t *testing.T) { // TestCrowdsecHandler_Stop_Error tests the Stop handler with an execution error func TestCrowdsecHandler_Stop_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -123,7 +121,6 @@ func TestCrowdsecHandler_Stop_Error(t *testing.T) { // TestCrowdsecHandler_Stop_NoSecurityConfig tests Stop when there's no existing SecurityConfig func TestCrowdsecHandler_Stop_NoSecurityConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{})) @@ -152,10 +149,6 @@ func TestCrowdsecHandler_Stop_NoSecurityConfig(t *testing.T) { // TestGetLAPIDecisions_WithMockServer tests GetLAPIDecisions with a mock LAPI server func TestGetLAPIDecisions_WithMockServer(t *testing.T) { - // Use permissive validator for testing with mock server on random port - orig := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = permissiveLAPIURLValidator - defer func() { validateCrowdsecLAPIBaseURLFunc = orig }() // Create a mock LAPI server mockLAPI := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { @@ -165,7 +158,6 @@ func TestGetLAPIDecisions_WithMockServer(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -179,6 +171,7 @@ func TestGetLAPIDecisions_WithMockServer(t *testing.T) { Security: secSvc, CmdExec: &mockCommandExecutor{}, DataDir: t.TempDir(), + validateLAPIURL: permissiveLAPIURLValidator, } r := gin.New() @@ -202,10 +195,6 @@ func TestGetLAPIDecisions_WithMockServer(t *testing.T) { // TestGetLAPIDecisions_Unauthorized tests GetLAPIDecisions when LAPI returns 401 func TestGetLAPIDecisions_Unauthorized(t *testing.T) { - // Use permissive validator for testing with mock server on random port - orig := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = permissiveLAPIURLValidator - defer func() { validateCrowdsecLAPIBaseURLFunc = orig }() // Create a mock LAPI server that returns 401 mockLAPI := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { @@ -213,7 +202,6 @@ func TestGetLAPIDecisions_Unauthorized(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -226,6 +214,7 @@ func TestGetLAPIDecisions_Unauthorized(t *testing.T) { Security: secSvc, CmdExec: &mockCommandExecutor{}, DataDir: t.TempDir(), + validateLAPIURL: permissiveLAPIURLValidator, } r := gin.New() @@ -240,10 +229,6 @@ func TestGetLAPIDecisions_Unauthorized(t *testing.T) { // TestGetLAPIDecisions_NullResponse tests GetLAPIDecisions when LAPI returns null func TestGetLAPIDecisions_NullResponse(t *testing.T) { - // Use permissive validator for testing with mock server on random port - orig := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = permissiveLAPIURLValidator - defer func() { validateCrowdsecLAPIBaseURLFunc = orig }() mockLAPI := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Content-Type", "application/json") @@ -252,7 +237,6 @@ func TestGetLAPIDecisions_NullResponse(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -265,6 +249,7 @@ func TestGetLAPIDecisions_NullResponse(t *testing.T) { Security: secSvc, CmdExec: &mockCommandExecutor{}, DataDir: t.TempDir(), + validateLAPIURL: permissiveLAPIURLValidator, } r := gin.New() @@ -292,7 +277,6 @@ func TestGetLAPIDecisions_NonJSONContentType(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -320,10 +304,6 @@ func TestGetLAPIDecisions_NonJSONContentType(t *testing.T) { // TestCheckLAPIHealth_WithMockServer tests CheckLAPIHealth with a healthy LAPI func TestCheckLAPIHealth_WithMockServer(t *testing.T) { - // Use permissive validator for testing with mock server on random port - orig := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = permissiveLAPIURLValidator - defer func() { validateCrowdsecLAPIBaseURLFunc = orig }() mockLAPI := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/health" { @@ -335,7 +315,6 @@ func TestCheckLAPIHealth_WithMockServer(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -348,6 +327,7 @@ func TestCheckLAPIHealth_WithMockServer(t *testing.T) { Security: secSvc, CmdExec: &mockCommandExecutor{}, DataDir: t.TempDir(), + validateLAPIURL: permissiveLAPIURLValidator, } r := gin.New() @@ -368,10 +348,6 @@ func TestCheckLAPIHealth_WithMockServer(t *testing.T) { // TestCheckLAPIHealth_FallbackToDecisions tests the fallback to /v1/decisions endpoint // when the primary /health endpoint is unreachable func TestCheckLAPIHealth_FallbackToDecisions(t *testing.T) { - // Use permissive validator for testing with mock server on random port - orig := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = permissiveLAPIURLValidator - defer func() { validateCrowdsecLAPIBaseURLFunc = orig }() // Create a mock server that only responds to /v1/decisions, not /health mockLAPI := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { @@ -385,7 +361,6 @@ func TestCheckLAPIHealth_FallbackToDecisions(t *testing.T) { })) defer mockLAPI.Close() - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -398,6 +373,7 @@ func TestCheckLAPIHealth_FallbackToDecisions(t *testing.T) { Security: secSvc, CmdExec: &mockCommandExecutor{}, DataDir: t.TempDir(), + validateLAPIURL: permissiveLAPIURLValidator, } r := gin.New() diff --git a/backend/internal/api/handlers/crowdsec_wave3_test.go b/backend/internal/api/handlers/crowdsec_wave3_test.go index 4d719f9c..c9ddac69 100644 --- a/backend/internal/api/handlers/crowdsec_wave3_test.go +++ b/backend/internal/api/handlers/crowdsec_wave3_test.go @@ -47,7 +47,6 @@ func TestReadAcquisitionConfig_ErrorsAndSuccess(t *testing.T) { } func TestCrowdsec_AcquisitionEndpoints_InvalidConfiguredPath(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CHARON_CROWDSEC_ACQUIS_PATH", "relative/path.yaml") h := newTestCrowdsecHandler(t, OpenTestDB(t), &fakeExec{}, "/bin/false", t.TempDir()) @@ -68,7 +67,6 @@ func TestCrowdsec_AcquisitionEndpoints_InvalidConfiguredPath(t *testing.T) { } func TestCrowdsec_GetBouncerKey_NotConfigured(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "") t.Setenv("CROWDSEC_BOUNCER_API_KEY", "") t.Setenv("CERBERUS_SECURITY_CROWDSEC_API_KEY", "") diff --git a/backend/internal/api/handlers/crowdsec_wave5_test.go b/backend/internal/api/handlers/crowdsec_wave5_test.go index b71df08e..98ffa8f1 100644 --- a/backend/internal/api/handlers/crowdsec_wave5_test.go +++ b/backend/internal/api/handlers/crowdsec_wave5_test.go @@ -27,7 +27,6 @@ func TestCrowdsecWave5_ReadAcquisitionConfig_InvalidFilenameBranch(t *testing.T) } func TestCrowdsecWave5_GetLAPIDecisions_Unauthorized(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -36,17 +35,11 @@ func TestCrowdsecWave5_GetLAPIDecisions_Unauthorized(t *testing.T) { })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { - validateCrowdsecLAPIBaseURLFunc = original - }) require.NoError(t, db.Create(&models.SecurityConfig{UUID: "default", CrowdSecAPIURL: server.URL}).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", tmpDir) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } r := gin.New() g := r.Group("/api/v1") h.RegisterRoutes(g) @@ -60,7 +53,6 @@ func TestCrowdsecWave5_GetLAPIDecisions_Unauthorized(t *testing.T) { } func TestCrowdsecWave5_GetLAPIDecisions_NonJSONContentTypeFallsBack(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupCrowdDB(t) tmpDir := t.TempDir() @@ -71,17 +63,11 @@ func TestCrowdsecWave5_GetLAPIDecisions_NonJSONContentTypeFallsBack(t *testing.T })) t.Cleanup(server.Close) - original := validateCrowdsecLAPIBaseURLFunc - validateCrowdsecLAPIBaseURLFunc = func(raw string) (*url.URL, error) { - return url.Parse(raw) - } - t.Cleanup(func() { - validateCrowdsecLAPIBaseURLFunc = original - }) require.NoError(t, db.Create(&models.SecurityConfig{UUID: "default", CrowdSecAPIURL: server.URL}).Error) h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", tmpDir) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } h.CmdExec = &mockCmdExecutor{output: []byte("[]"), err: nil} r := gin.New() g := r.Group("/api/v1") @@ -96,7 +82,6 @@ func TestCrowdsecWave5_GetLAPIDecisions_NonJSONContentTypeFallsBack(t *testing.T } func TestCrowdsecWave5_GetBouncerInfo_And_GetBouncerKey_FileSource(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_BOUNCER_API_KEY", "") t.Setenv("CERBERUS_SECURITY_CROWDSEC_API_KEY", "") t.Setenv("CHARON_SECURITY_CROWDSEC_API_KEY", "") @@ -105,6 +90,7 @@ func TestCrowdsecWave5_GetBouncerInfo_And_GetBouncerKey_FileSource(t *testing.T) tmpDir := t.TempDir() h := newTestCrowdsecHandler(t, db, &fakeExec{}, "/bin/false", tmpDir) + h.validateLAPIURL = func(raw string) (*url.URL, error) { return url.Parse(raw) } keyPath := h.bouncerKeyPath() require.NoError(t, os.MkdirAll(filepath.Dir(keyPath), 0o750)) require.NoError(t, os.WriteFile(keyPath, []byte("abcdefghijklmnop1234567890"), 0o600)) diff --git a/backend/internal/api/handlers/crowdsec_wave6_test.go b/backend/internal/api/handlers/crowdsec_wave6_test.go index 48571053..7c697c1d 100644 --- a/backend/internal/api/handlers/crowdsec_wave6_test.go +++ b/backend/internal/api/handlers/crowdsec_wave6_test.go @@ -17,7 +17,6 @@ func TestCrowdsecWave6_BouncerKeyPath_UsesEnvFallback(t *testing.T) { } func TestCrowdsecWave6_GetBouncerInfo_NoneSource(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "") t.Setenv("CROWDSEC_BOUNCER_API_KEY", "") t.Setenv("CERBERUS_SECURITY_CROWDSEC_API_KEY", "") @@ -40,7 +39,6 @@ func TestCrowdsecWave6_GetBouncerInfo_NoneSource(t *testing.T) { } func TestCrowdsecWave6_GetKeyStatus_NoKeyConfiguredMessage(t *testing.T) { - gin.SetMode(gin.TestMode) t.Setenv("CROWDSEC_API_KEY", "") t.Setenv("CROWDSEC_BOUNCER_API_KEY", "") t.Setenv("CERBERUS_SECURITY_CROWDSEC_API_KEY", "") diff --git a/backend/internal/api/handlers/crowdsec_wave7_test.go b/backend/internal/api/handlers/crowdsec_wave7_test.go index 3211de9c..e5f0d95f 100644 --- a/backend/internal/api/handlers/crowdsec_wave7_test.go +++ b/backend/internal/api/handlers/crowdsec_wave7_test.go @@ -28,7 +28,6 @@ func TestCrowdsecWave7_ReadAcquisitionConfig_ReadErrorOnDirectory(t *testing.T) } func TestCrowdsecWave7_Start_CreateSecurityConfigFailsOnReadOnlyDB(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dbPath := filepath.Join(tmpDir, "crowdsec-readonly.db") diff --git a/backend/internal/api/handlers/db_health_handler_test.go b/backend/internal/api/handlers/db_health_handler_test.go index d76b17fc..47cbfd3d 100644 --- a/backend/internal/api/handlers/db_health_handler_test.go +++ b/backend/internal/api/handlers/db_health_handler_test.go @@ -36,7 +36,6 @@ func createTestSQLiteDB(dbPath string) error { } func TestDBHealthHandler_Check_Healthy(t *testing.T) { - gin.SetMode(gin.TestMode) // Create in-memory database db, err := database.Connect("file::memory:?cache=shared") @@ -65,7 +64,6 @@ func TestDBHealthHandler_Check_Healthy(t *testing.T) { } func TestDBHealthHandler_Check_WithBackupService(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup temp dirs for backup service tmpDir := t.TempDir() @@ -116,7 +114,6 @@ func TestDBHealthHandler_Check_WithBackupService(t *testing.T) { } func TestDBHealthHandler_Check_WALMode(t *testing.T) { - gin.SetMode(gin.TestMode) // Create file-based database to test WAL mode tmpDir := t.TempDir() @@ -145,7 +142,6 @@ func TestDBHealthHandler_Check_WALMode(t *testing.T) { } func TestDBHealthHandler_ResponseJSONTags(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := database.Connect("file::memory:?cache=shared") require.NoError(t, err) @@ -200,7 +196,6 @@ func TestNewDBHealthHandler(t *testing.T) { // Phase 1 & 3: Critical coverage tests func TestDBHealthHandler_Check_CorruptedDatabase(t *testing.T) { - gin.SetMode(gin.TestMode) // Create a file-based database and corrupt it tmpDir := t.TempDir() @@ -252,7 +247,6 @@ func TestDBHealthHandler_Check_CorruptedDatabase(t *testing.T) { } func TestDBHealthHandler_Check_BackupServiceError(t *testing.T) { - gin.SetMode(gin.TestMode) // Create database db, err := database.Connect("file::memory:?cache=shared") @@ -294,7 +288,6 @@ func TestDBHealthHandler_Check_BackupServiceError(t *testing.T) { } func TestDBHealthHandler_Check_BackupTimeZero(t *testing.T) { - gin.SetMode(gin.TestMode) // Create database db, err := database.Connect("file::memory:?cache=shared") diff --git a/backend/internal/api/handlers/dns_detection_handler_test.go b/backend/internal/api/handlers/dns_detection_handler_test.go index 61d02c99..fafa91a7 100644 --- a/backend/internal/api/handlers/dns_detection_handler_test.go +++ b/backend/internal/api/handlers/dns_detection_handler_test.go @@ -51,7 +51,6 @@ func TestNewDNSDetectionHandler(t *testing.T) { } func TestDetect_Success(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -177,7 +176,6 @@ func TestDetect_Success(t *testing.T) { } func TestDetect_ValidationErrors(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -216,7 +214,6 @@ func TestDetect_ValidationErrors(t *testing.T) { } func TestDetect_ServiceError(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -246,7 +243,6 @@ func TestDetect_ServiceError(t *testing.T) { } func TestGetPatterns(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -287,7 +283,6 @@ func TestGetPatterns(t *testing.T) { } func TestDetect_WildcardDomain(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -327,7 +322,6 @@ func TestDetect_WildcardDomain(t *testing.T) { } func TestDetect_LowConfidence(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -368,7 +362,6 @@ func TestDetect_LowConfidence(t *testing.T) { } func TestDetect_DNSLookupError(t *testing.T) { - gin.SetMode(gin.TestMode) mockService := new(mockDNSDetectionService) handler := NewDNSDetectionHandler(mockService) @@ -438,7 +431,6 @@ func TestDetectRequest_Binding(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Request = httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString(tt.body)) c.Request.Header.Set("Content-Type", "application/json") diff --git a/backend/internal/api/handlers/dns_provider_handler_test.go b/backend/internal/api/handlers/dns_provider_handler_test.go index 89d24b79..8719627e 100644 --- a/backend/internal/api/handlers/dns_provider_handler_test.go +++ b/backend/internal/api/handlers/dns_provider_handler_test.go @@ -106,7 +106,6 @@ func (m *MockDNSProviderService) GetDecryptedCredentials(ctx context.Context, id } func setupDNSProviderTestRouter() (*gin.Engine, *MockDNSProviderService) { - gin.SetMode(gin.TestMode) router := gin.New() mockService := new(MockDNSProviderService) handler := NewDNSProviderHandler(mockService) diff --git a/backend/internal/api/handlers/docker_handler_test.go b/backend/internal/api/handlers/docker_handler_test.go index 99a297fd..73cc811d 100644 --- a/backend/internal/api/handlers/docker_handler_test.go +++ b/backend/internal/api/handlers/docker_handler_test.go @@ -41,7 +41,6 @@ func (f *fakeRemoteServerService) GetByUUID(uuidStr string) (*models.RemoteServe } func TestDockerHandler_ListContainers_InvalidHostRejected(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{} @@ -60,7 +59,6 @@ func TestDockerHandler_ListContainers_InvalidHostRejected(t *testing.T) { } func TestDockerHandler_ListContainers_DockerUnavailableMappedTo503(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{err: services.NewDockerUnavailableError(errors.New("no docker socket"), "Local Docker socket is mounted but not accessible by current process")} @@ -82,7 +80,6 @@ func TestDockerHandler_ListContainers_DockerUnavailableMappedTo503(t *testing.T) } func TestDockerHandler_ListContainers_ServerIDResolvesToTCPHost(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{ret: []services.DockerContainer{}} @@ -103,7 +100,6 @@ func TestDockerHandler_ListContainers_ServerIDResolvesToTCPHost(t *testing.T) { } func TestDockerHandler_ListContainers_ServerIDNotFoundReturns404(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{} @@ -125,7 +121,6 @@ func TestDockerHandler_ListContainers_ServerIDNotFoundReturns404(t *testing.T) { func TestDockerHandler_ListContainers_Local(t *testing.T) { // Test local/default docker connection (empty host parameter) - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{ @@ -163,7 +158,6 @@ func TestDockerHandler_ListContainers_Local(t *testing.T) { func TestDockerHandler_ListContainers_RemoteServerSuccess(t *testing.T) { // Test successful remote server connection via server_id - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{ @@ -203,7 +197,6 @@ func TestDockerHandler_ListContainers_RemoteServerSuccess(t *testing.T) { func TestDockerHandler_ListContainers_RemoteServerNotFound(t *testing.T) { // Test server_id that doesn't exist in database - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{} @@ -226,7 +219,6 @@ func TestDockerHandler_ListContainers_RemoteServerNotFound(t *testing.T) { func TestDockerHandler_ListContainers_InvalidHost(t *testing.T) { // Test SSRF protection: reject arbitrary host values - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{} @@ -289,7 +281,6 @@ func TestDockerHandler_ListContainers_DockerUnavailable(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{err: tt.err} @@ -340,7 +331,6 @@ func TestDockerHandler_ListContainers_GenericError(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{err: tt.err} @@ -362,7 +352,6 @@ func TestDockerHandler_ListContainers_GenericError(t *testing.T) { } func TestDockerHandler_ListContainers_503FallbackDetailsWhenEmpty(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() dockerSvc := &fakeDockerService{err: services.NewDockerUnavailableError(errors.New("socket error"))} @@ -382,7 +371,6 @@ func TestDockerHandler_ListContainers_503FallbackDetailsWhenEmpty(t *testing.T) } func TestDockerHandler_ListContainers_503DetailsWithGroupGuidance(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() groupDetails := `Local Docker socket is mounted but not accessible by current process (uid=1000 gid=1000). Process groups (1000) do not include socket gid 988; run container with matching supplemental group (e.g., --group-add 988 or compose group_add: ["988"]).` diff --git a/backend/internal/api/handlers/emergency_handler_test.go b/backend/internal/api/handlers/emergency_handler_test.go index 4106577a..77c75b78 100644 --- a/backend/internal/api/handlers/emergency_handler_test.go +++ b/backend/internal/api/handlers/emergency_handler_test.go @@ -87,7 +87,6 @@ func setupEmergencyTestDB(t *testing.T) *gorm.DB { } func setupEmergencyRouter(handler *EmergencyHandler) *gin.Engine { - gin.SetMode(gin.TestMode) router := gin.New() _ = router.SetTrustedProxies(nil) router.POST("/api/v1/emergency/security-reset", handler.SecurityReset) @@ -385,7 +384,6 @@ func TestEmergencySecurityReset_MiddlewarePrevalidatedBypass(t *testing.T) { db := setupEmergencyTestDB(t) handler := NewEmergencyHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() router.POST("/api/v1/emergency/security-reset", func(c *gin.Context) { c.Set("emergency_bypass", true) @@ -407,7 +405,6 @@ func TestEmergencySecurityReset_MiddlewareBypass_ResetFailure(t *testing.T) { require.NoError(t, err) require.NoError(t, stdDB.Close()) - gin.SetMode(gin.TestMode) router := gin.New() router.POST("/api/v1/emergency/security-reset", func(c *gin.Context) { c.Set("emergency_bypass", true) @@ -475,7 +472,6 @@ func TestGenerateToken_Success(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.POST("/api/v1/emergency/token", func(c *gin.Context) { c.Set("role", "admin") @@ -504,7 +500,6 @@ func TestGenerateToken_AdminRequired(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.POST("/api/v1/emergency/token", func(c *gin.Context) { // No role set - simulating non-admin user @@ -527,7 +522,6 @@ func TestGenerateToken_InvalidExpirationDays(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.POST("/api/v1/emergency/token", func(c *gin.Context) { c.Set("role", "admin") @@ -554,7 +548,6 @@ func TestGetTokenStatus_Success(t *testing.T) { // Generate a token first _, _ = tokenService.Generate(services.GenerateRequest{ExpirationDays: 30}) - gin.SetMode(gin.TestMode) router := gin.New() router.GET("/api/v1/emergency/token/status", func(c *gin.Context) { c.Set("role", "admin") @@ -581,7 +574,6 @@ func TestGetTokenStatus_AdminRequired(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.GET("/api/v1/emergency/token/status", handler.GetTokenStatus) @@ -602,7 +594,6 @@ func TestRevokeToken_Success(t *testing.T) { // Generate a token first _, _ = tokenService.Generate(services.GenerateRequest{ExpirationDays: 30}) - gin.SetMode(gin.TestMode) router := gin.New() router.DELETE("/api/v1/emergency/token", func(c *gin.Context) { c.Set("role", "admin") @@ -624,7 +615,6 @@ func TestRevokeToken_AdminRequired(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.DELETE("/api/v1/emergency/token", handler.RevokeToken) @@ -645,7 +635,6 @@ func TestUpdateTokenExpiration_Success(t *testing.T) { // Generate a token first _, _ = tokenService.Generate(services.GenerateRequest{ExpirationDays: 30}) - gin.SetMode(gin.TestMode) router := gin.New() router.PATCH("/api/v1/emergency/token/expiration", func(c *gin.Context) { c.Set("role", "admin") @@ -669,7 +658,6 @@ func TestUpdateTokenExpiration_AdminRequired(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.PATCH("/api/v1/emergency/token/expiration", handler.UpdateTokenExpiration) @@ -689,7 +677,6 @@ func TestUpdateTokenExpiration_InvalidDays(t *testing.T) { handler := NewEmergencyTokenHandler(tokenService) defer handler.Close() - gin.SetMode(gin.TestMode) router := gin.New() router.PATCH("/api/v1/emergency/token/expiration", func(c *gin.Context) { c.Set("role", "admin") diff --git a/backend/internal/api/handlers/encryption_handler_test.go b/backend/internal/api/handlers/encryption_handler_test.go index d6addbe9..7e7479cd 100644 --- a/backend/internal/api/handlers/encryption_handler_test.go +++ b/backend/internal/api/handlers/encryption_handler_test.go @@ -40,7 +40,6 @@ func setupEncryptionTestDB(t *testing.T) *gorm.DB { } func setupEncryptionTestRouter(handler *EncryptionHandler, isAdmin bool) *gin.Engine { - gin.SetMode(gin.TestMode) router := gin.New() // Mock admin middleware - matches production auth middleware key names @@ -558,7 +557,6 @@ func TestEncryptionHandler_IntegrationFlow(t *testing.T) { // TestEncryptionHandler_HelperFunctions tests the isAdmin and getActorFromGinContext helpers func TestEncryptionHandler_HelperFunctions(t *testing.T) { - gin.SetMode(gin.TestMode) t.Run("isAdmin with invalid role type", func(t *testing.T) { router := gin.New() @@ -787,7 +785,6 @@ func TestEncryptionHandler_RefreshKey_InvalidOldKey(t *testing.T) { // TestEncryptionHandler_GetActorFromGinContext_InvalidType tests getActorFromGinContext with invalid type func TestEncryptionHandler_GetActorFromGinContext_InvalidType(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() var capturedActor string @@ -884,7 +881,6 @@ func TestEncryptionHandler_RotateWithPartialFailures(t *testing.T) { // TestEncryptionHandler_isAdmin_NoRoleSet tests isAdmin when no role is set func TestEncryptionHandler_isAdmin_NoRoleSet(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() // No middleware setting user_role @@ -905,7 +901,6 @@ func TestEncryptionHandler_isAdmin_NoRoleSet(t *testing.T) { // TestEncryptionHandler_isAdmin_NonAdminRole tests isAdmin with non-admin role func TestEncryptionHandler_isAdmin_NonAdminRole(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() router.Use(func(c *gin.Context) { diff --git a/backend/internal/api/handlers/feature_flags_blocker3_test.go b/backend/internal/api/handlers/feature_flags_blocker3_test.go index 25cfe9dd..050a03e9 100644 --- a/backend/internal/api/handlers/feature_flags_blocker3_test.go +++ b/backend/internal/api/handlers/feature_flags_blocker3_test.go @@ -15,7 +15,6 @@ import ( // TestBlocker3_SecurityProviderEventsFlagInResponse tests that the feature flag is included in GET response. func TestBlocker3_SecurityProviderEventsFlagInResponse(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -50,7 +49,6 @@ func TestBlocker3_SecurityProviderEventsFlagInResponse(t *testing.T) { // TestBlocker3_SecurityProviderEventsFlagDefaultValue tests the default value of the flag. func TestBlocker3_SecurityProviderEventsFlagDefaultValue(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -85,7 +83,6 @@ func TestBlocker3_SecurityProviderEventsFlagDefaultValue(t *testing.T) { // TestBlocker3_SecurityProviderEventsFlagCanBeEnabled tests that the flag can be enabled. func TestBlocker3_SecurityProviderEventsFlagCanBeEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) diff --git a/backend/internal/api/handlers/feature_flags_handler_coverage_test.go b/backend/internal/api/handlers/feature_flags_handler_coverage_test.go index dfe19cb9..83c18e79 100644 --- a/backend/internal/api/handlers/feature_flags_handler_coverage_test.go +++ b/backend/internal/api/handlers/feature_flags_handler_coverage_test.go @@ -15,7 +15,6 @@ import ( ) func TestFeatureFlagsHandler_GetFlags_DBPrecedence(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set a flag in DB @@ -48,7 +47,6 @@ func TestFeatureFlagsHandler_GetFlags_DBPrecedence(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_EnvFallback(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set env var (no DB value exists) @@ -73,7 +71,6 @@ func TestFeatureFlagsHandler_GetFlags_EnvFallback(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_EnvShortForm(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set short form env var (CERBERUS_ENABLED instead of FEATURE_CERBERUS_ENABLED) @@ -98,7 +95,6 @@ func TestFeatureFlagsHandler_GetFlags_EnvShortForm(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_EnvNumeric(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set numeric env var (1/0 instead of true/false) @@ -123,7 +119,6 @@ func TestFeatureFlagsHandler_GetFlags_EnvNumeric(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_DefaultTrue(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // No DB value, no env var - check defaults @@ -148,7 +143,6 @@ func TestFeatureFlagsHandler_GetFlags_DefaultTrue(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_AllDefaultFlagsPresent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -173,7 +167,6 @@ func TestFeatureFlagsHandler_GetFlags_AllDefaultFlagsPresent(t *testing.T) { } func TestFeatureFlagsHandler_UpdateFlags_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -208,7 +201,6 @@ func TestFeatureFlagsHandler_UpdateFlags_Success(t *testing.T) { } func TestFeatureFlagsHandler_UpdateFlags_Upsert(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Create existing setting @@ -249,7 +241,6 @@ func TestFeatureFlagsHandler_UpdateFlags_Upsert(t *testing.T) { } func TestFeatureFlagsHandler_UpdateFlags_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -265,7 +256,6 @@ func TestFeatureFlagsHandler_UpdateFlags_InvalidJSON(t *testing.T) { } func TestFeatureFlagsHandler_UpdateFlags_OnlyAllowedKeys(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -298,7 +288,6 @@ func TestFeatureFlagsHandler_UpdateFlags_OnlyAllowedKeys(t *testing.T) { } func TestFeatureFlagsHandler_UpdateFlags_EmptyPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -339,7 +328,6 @@ func TestFeatureFlagsHandler_GetFlags_DBValueVariants(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set flag with test value @@ -387,7 +375,6 @@ func TestFeatureFlagsHandler_GetFlags_EnvValueVariants(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) // Set env var (no DB value) @@ -425,7 +412,6 @@ func TestFeatureFlagsHandler_UpdateFlags_BoolValues(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) @@ -462,7 +448,6 @@ func TestFeatureFlagsHandler_NewFeatureFlagsHandler(t *testing.T) { } func TestFeatureFlagsHandler_GetFlags_EmailFlagDefaultFalse(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) diff --git a/backend/internal/api/handlers/feature_flags_handler_test.go b/backend/internal/api/handlers/feature_flags_handler_test.go index 90881451..1da8b768 100644 --- a/backend/internal/api/handlers/feature_flags_handler_test.go +++ b/backend/internal/api/handlers/feature_flags_handler_test.go @@ -28,7 +28,6 @@ func TestFeatureFlags_GetAndUpdate(t *testing.T) { h := NewFeatureFlagsHandler(db) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/api/v1/feature-flags", h.GetFlags) r.PUT("/api/v1/feature-flags", h.UpdateFlags) @@ -81,7 +80,6 @@ func TestFeatureFlags_EnvFallback(t *testing.T) { db := setupFlagsDB(t) // Do not write any settings so DB lookup fails and env is used h := NewFeatureFlagsHandler(db) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/api/v1/feature-flags", h.GetFlags) @@ -178,7 +176,6 @@ func TestGetFlags_BatchQuery(t *testing.T) { db.Create(&models.Setting{Key: "feature.crowdsec.console_enrollment", Value: "true", Type: "bool", Category: "feature"}) h := NewFeatureFlagsHandler(db) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/api/v1/feature-flags", h.GetFlags) @@ -219,7 +216,6 @@ func TestUpdateFlags_TransactionRollback(t *testing.T) { _ = sqlDB.Close() h := NewFeatureFlagsHandler(db) - gin.SetMode(gin.TestMode) r := gin.New() r.PUT("/api/v1/feature-flags", h.UpdateFlags) @@ -244,7 +240,6 @@ func TestUpdateFlags_TransactionAtomic(t *testing.T) { db := setupFlagsDB(t) h := NewFeatureFlagsHandler(db) - gin.SetMode(gin.TestMode) r := gin.New() r.PUT("/api/v1/feature-flags", h.UpdateFlags) diff --git a/backend/internal/api/handlers/handlers_blackbox_test.go b/backend/internal/api/handlers/handlers_blackbox_test.go index 1ecaeacd..acc686b1 100644 --- a/backend/internal/api/handlers/handlers_blackbox_test.go +++ b/backend/internal/api/handlers/handlers_blackbox_test.go @@ -50,7 +50,6 @@ func addAdminMiddleware(router *gin.Engine) { } func TestImportHandler_GetStatus(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Case 1: No active session, no mount @@ -78,7 +77,6 @@ func TestImportHandler_GetStatus(t *testing.T) { } func TestImportHandler_Commit(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -120,7 +118,6 @@ func TestImportHandler_Commit(t *testing.T) { } func TestImportHandler_Upload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Use fake caddy script @@ -151,7 +148,6 @@ func TestImportHandler_Upload(t *testing.T) { } func TestImportHandler_GetPreview_WithContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() handler := handlers.NewImportHandler(db, "echo", tmpDir, "") @@ -188,7 +184,6 @@ func TestImportHandler_GetPreview_WithContent(t *testing.T) { } func TestImportHandler_Commit_Errors(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -233,7 +228,6 @@ func TestImportHandler_Commit_Errors(t *testing.T) { } func TestImportHandler_Cancel_Errors(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -279,7 +273,6 @@ func TestCheckMountedImport(t *testing.T) { } func TestImportHandler_Upload_Failure(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Use fake caddy script that fails @@ -310,7 +303,6 @@ func TestImportHandler_Upload_Failure(t *testing.T) { } func TestImportHandler_Upload_Conflict(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Pre-create a host to cause conflict @@ -359,7 +351,6 @@ func TestImportHandler_Upload_Conflict(t *testing.T) { } func TestImportHandler_GetPreview_BackupContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() handler := handlers.NewImportHandler(db, "echo", tmpDir, "") @@ -410,7 +401,6 @@ func TestImportHandler_RegisterRoutes(t *testing.T) { } func TestImportHandler_GetPreview_TransientMount(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() mountPath := filepath.Join(tmpDir, "mounted.caddyfile") @@ -455,7 +445,6 @@ func TestImportHandler_GetPreview_TransientMount(t *testing.T) { } func TestImportHandler_Commit_TransientUpload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() @@ -515,7 +504,6 @@ func TestImportHandler_Commit_TransientUpload(t *testing.T) { } func TestImportHandler_Commit_TransientMount(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() mountPath := filepath.Join(tmpDir, "mounted.caddyfile") @@ -562,7 +550,6 @@ func TestImportHandler_Commit_TransientMount(t *testing.T) { } func TestImportHandler_Cancel_TransientUpload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() @@ -597,7 +584,6 @@ func TestImportHandler_Cancel_TransientUpload(t *testing.T) { } func TestImportHandler_DetectImports(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -660,7 +646,6 @@ func TestImportHandler_DetectImports(t *testing.T) { } func TestImportHandler_DetectImports_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -676,7 +661,6 @@ func TestImportHandler_DetectImports_InvalidJSON(t *testing.T) { } func TestImportHandler_UploadMulti(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() @@ -791,7 +775,6 @@ func TestImportHandler_UploadMulti(t *testing.T) { // Additional tests for comprehensive coverage func TestImportHandler_Cancel_MissingSessionUUID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -810,7 +793,6 @@ func TestImportHandler_Cancel_MissingSessionUUID(t *testing.T) { } func TestImportHandler_Cancel_InvalidSessionUUID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -829,7 +811,6 @@ func TestImportHandler_Cancel_InvalidSessionUUID(t *testing.T) { } func TestImportHandler_Commit_InvalidSessionUUID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := handlers.NewImportHandler(db, "echo", "/tmp", "") router := gin.New() @@ -884,7 +865,6 @@ func (m *mockProxyHostService) List() ([]models.ProxyHost, error) { // TestImportHandler_Commit_UpdateFailure tests the error logging path when Update fails (line 676) func TestImportHandler_Commit_UpdateFailure(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create an existing host that we'll try to overwrite @@ -959,7 +939,6 @@ func TestImportHandler_Commit_UpdateFailure(t *testing.T) { // TestImportHandler_Commit_CreateFailure tests the error logging path when Create fails (line 682) func TestImportHandler_Commit_CreateFailure(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create an existing host to cause a duplicate error @@ -1019,7 +998,6 @@ func TestImportHandler_Commit_CreateFailure(t *testing.T) { // TestUpload_NormalizationSuccess tests the success path where NormalizeCaddyfile succeeds (line 271) func TestUpload_NormalizationSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Use fake caddy script that handles both fmt and adapt @@ -1065,7 +1043,6 @@ func TestUpload_NormalizationSuccess(t *testing.T) { // TestUpload_NormalizationFallback tests the fallback path where NormalizeCaddyfile fails (line 269) func TestUpload_NormalizationFallback(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Use fake caddy script that fails fmt but succeeds on adapt @@ -1113,7 +1090,6 @@ func TestUpload_NormalizationFallback(t *testing.T) { // TestCommit_OverwriteAction tests that overwrite preserves certificate ID func TestCommit_OverwriteAction(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create existing host with certificate association @@ -1184,7 +1160,6 @@ func ptrToUint(v uint) *uint { // TestCommit_RenameAction tests that rename appends suffix func TestCommit_RenameAction(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create existing host @@ -1252,7 +1227,6 @@ func TestCommit_RenameAction(t *testing.T) { } func TestGetPreview_WithConflictDetails(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() mountPath := filepath.Join(tmpDir, "mounted.caddyfile") @@ -1310,7 +1284,6 @@ func TestGetPreview_WithConflictDetails(t *testing.T) { } func TestSafeJoin_PathTraversalCases(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() handler := handlers.NewImportHandler(db, "echo", tmpDir, "") @@ -1375,7 +1348,6 @@ func TestSafeJoin_PathTraversalCases(t *testing.T) { } func TestCommit_SkipAction(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) session := models.ImportSession{ @@ -1433,7 +1405,6 @@ func TestCommit_SkipAction(t *testing.T) { } func TestCommit_CustomNames(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) session := models.ImportSession{ @@ -1483,7 +1454,6 @@ func TestCommit_CustomNames(t *testing.T) { } func TestGetStatus_AlreadyCommittedMount(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) tmpDir := t.TempDir() mountPath := filepath.Join(tmpDir, "mounted.caddyfile") @@ -1519,7 +1489,6 @@ func TestGetStatus_AlreadyCommittedMount(t *testing.T) { } func TestImportHandler_Commit_SessionSaveWarning(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create an import session with one host to create @@ -1591,7 +1560,6 @@ func newTestImportHandler(t *testing.T, db *gorm.DB, importDir string, mountPath // TestGetStatus_DatabaseError tests GetStatus when database query fails func TestGetStatus_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) handler := newTestImportHandler(t, db, t.TempDir(), "") @@ -1613,7 +1581,6 @@ func TestGetStatus_DatabaseError(t *testing.T) { // TestGetPreview_MountAlreadyCommitted tests GetPreview when mount is already committed with FUTURE timestamp func TestGetPreview_MountAlreadyCommitted(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create mount file @@ -1648,7 +1615,6 @@ func TestGetPreview_MountAlreadyCommitted(t *testing.T) { // TestUpload_MkdirAllFailure tests Upload when MkdirAll fails func TestUpload_MkdirAllFailure(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportTestDB(t) // Create a FILE where uploads directory should be (blocks MkdirAll) diff --git a/backend/internal/api/handlers/handlers_test.go b/backend/internal/api/handlers/handlers_test.go index 996234a1..2f71217f 100644 --- a/backend/internal/api/handlers/handlers_test.go +++ b/backend/internal/api/handlers/handlers_test.go @@ -36,7 +36,6 @@ func setupTestDB(t *testing.T) *gorm.DB { func TestRemoteServerHandler_List(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test server @@ -71,7 +70,6 @@ func TestRemoteServerHandler_List(t *testing.T) { func TestRemoteServerHandler_Create(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) ns := services.NewNotificationService(db, nil) @@ -105,7 +103,6 @@ func TestRemoteServerHandler_Create(t *testing.T) { func TestRemoteServerHandler_TestConnection(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test server @@ -140,7 +137,6 @@ func TestRemoteServerHandler_TestConnection(t *testing.T) { func TestRemoteServerHandler_Get(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test server @@ -174,7 +170,6 @@ func TestRemoteServerHandler_Get(t *testing.T) { func TestRemoteServerHandler_Update(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test server @@ -220,7 +215,6 @@ func TestRemoteServerHandler_Update(t *testing.T) { func TestRemoteServerHandler_Delete(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test server @@ -256,7 +250,6 @@ func TestRemoteServerHandler_Delete(t *testing.T) { func TestProxyHostHandler_List(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Create test proxy host @@ -292,7 +285,6 @@ func TestProxyHostHandler_List(t *testing.T) { func TestProxyHostHandler_Create(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) ns := services.NewNotificationService(db, nil) @@ -328,7 +320,6 @@ func TestProxyHostHandler_Create(t *testing.T) { func TestProxyHostHandler_PartialUpdate_DoesNotWipeFields(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Seed a proxy host @@ -386,7 +377,6 @@ func TestProxyHostHandler_PartialUpdate_DoesNotWipeFields(t *testing.T) { func TestHealthHandler(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) router := gin.New() router.GET("/health", handlers.HealthHandler) @@ -405,7 +395,6 @@ func TestHealthHandler(t *testing.T) { func TestRemoteServerHandler_Errors(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) ns := services.NewNotificationService(db, nil) diff --git a/backend/internal/api/handlers/health_handler_test.go b/backend/internal/api/handlers/health_handler_test.go index 2ed9e5f0..11ec8f4b 100644 --- a/backend/internal/api/handlers/health_handler_test.go +++ b/backend/internal/api/handlers/health_handler_test.go @@ -11,7 +11,6 @@ import ( ) func TestHealthHandler(t *testing.T) { - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/health", HealthHandler) diff --git a/backend/internal/api/handlers/import_handler_coverage_test.go b/backend/internal/api/handlers/import_handler_coverage_test.go index 418d487d..a6cc9787 100644 --- a/backend/internal/api/handlers/import_handler_coverage_test.go +++ b/backend/internal/api/handlers/import_handler_coverage_test.go @@ -101,7 +101,6 @@ func (m *MockImporterService) ValidateCaddyBinary() error { // TestUploadMulti_EmptyList covers the manual check for len(Files) == 0 func TestUploadMulti_EmptyList(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) @@ -135,7 +134,6 @@ func TestUploadMulti_EmptyList(t *testing.T) { // TestUploadMulti_FileServerDetected covers the logic where parsable routes trigger a warning // because they contain file_server but no valid reverse_proxy hosts func TestUploadMulti_FileServerDetected(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) mockSvc := new(MockImporterService) @@ -185,7 +183,6 @@ func TestUploadMulti_FileServerDetected(t *testing.T) { // TestUploadMulti_NoSitesParsed covers successfull parsing but 0 result hosts func TestUploadMulti_NoSitesParsed(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) mockSvc := new(MockImporterService) @@ -227,7 +224,6 @@ func TestUploadMulti_NoSitesParsed(t *testing.T) { } func TestUpload_ImportsDetectedNoImportableHosts(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) mockSvc := new(MockImporterService) @@ -263,7 +259,6 @@ func TestUpload_ImportsDetectedNoImportableHosts(t *testing.T) { } func TestUploadMulti_RequiresMainCaddyfile(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) h := NewImportHandler(db, "caddy", t.TempDir(), "") @@ -291,7 +286,6 @@ func TestUploadMulti_RequiresMainCaddyfile(t *testing.T) { } func TestUploadMulti_RejectsEmptyFileContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) h := NewImportHandler(db, "caddy", t.TempDir(), "") @@ -319,7 +313,6 @@ func TestUploadMulti_RejectsEmptyFileContent(t *testing.T) { } func TestCommitAndCancel_InvalidSessionUUID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) tmpImport := t.TempDir() @@ -352,7 +345,6 @@ func TestCommitAndCancel_InvalidSessionUUID(t *testing.T) { } func TestCancel_RemovesTransientUpload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupImportCoverageTestDB(t) tmpImport := t.TempDir() @@ -381,7 +373,6 @@ func TestCancel_RemovesTransientUpload(t *testing.T) { } func TestUpload_ReadOnlyDBRespondsWithPermissionError(t *testing.T) { - gin.SetMode(gin.TestMode) roDB := setupReadOnlyImportDB(t) mockSvc := new(MockImporterService) @@ -414,7 +405,6 @@ func TestUpload_ReadOnlyDBRespondsWithPermissionError(t *testing.T) { } func TestUploadMulti_ReadOnlyDBRespondsWithPermissionError(t *testing.T) { - gin.SetMode(gin.TestMode) roDB := setupReadOnlyImportDB(t) mockSvc := new(MockImporterService) @@ -448,7 +438,6 @@ func TestUploadMulti_ReadOnlyDBRespondsWithPermissionError(t *testing.T) { } func TestCommit_ReadOnlyDBSaveRespondsWithPermissionError(t *testing.T) { - gin.SetMode(gin.TestMode) roDB := setupReadOnlyImportDB(t) mockSvc := new(MockImporterService) @@ -483,7 +472,6 @@ func TestCommit_ReadOnlyDBSaveRespondsWithPermissionError(t *testing.T) { } func TestCancel_ReadOnlyDBSaveRespondsWithPermissionError(t *testing.T) { - gin.SetMode(gin.TestMode) tmp := t.TempDir() dbPath := filepath.Join(tmp, "cancel_ro.db") diff --git a/backend/internal/api/handlers/import_handler_sanitize_test.go b/backend/internal/api/handlers/import_handler_sanitize_test.go index 8609f029..f9452ccf 100644 --- a/backend/internal/api/handlers/import_handler_sanitize_test.go +++ b/backend/internal/api/handlers/import_handler_sanitize_test.go @@ -17,7 +17,6 @@ import ( ) func TestImportUploadSanitizesFilename(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() // set up in-memory DB for handler db := OpenTestDB(t) diff --git a/backend/internal/api/handlers/import_handler_test.go b/backend/internal/api/handlers/import_handler_test.go index 3e8b5050..52d7c318 100644 --- a/backend/internal/api/handlers/import_handler_test.go +++ b/backend/internal/api/handlers/import_handler_test.go @@ -136,7 +136,6 @@ func TestImportHandler_GetStatus_MountCommittedUnchanged(t *testing.T) { handler, _, _ := setupTestHandler(t, tx) handler.mountPath = mountPath - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -173,7 +172,6 @@ func TestImportHandler_GetStatus_MountModifiedAfterCommit(t *testing.T) { handler, _, _ := setupTestHandler(t, tx) handler.mountPath = mountPath - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -223,7 +221,6 @@ func TestUpload_NormalizationSuccess(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -272,7 +269,6 @@ func TestUpload_NormalizationFailure(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -313,7 +309,6 @@ func TestUpload_PathTraversalBlocked(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -354,7 +349,6 @@ func TestUploadMulti_ArchiveExtraction(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -400,7 +394,6 @@ func TestUploadMulti_ConflictDetection(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -439,7 +432,6 @@ func TestCommit_TransientToImport(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -484,7 +476,6 @@ func TestCommit_RollbackOnError(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -517,7 +508,6 @@ func TestDetectImports_EmptyCaddyfile(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -662,7 +652,6 @@ func TestImportHandler_Upload_NullByteInjection(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -689,7 +678,6 @@ func TestImportHandler_DetectImports_MalformedFile(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -835,7 +823,6 @@ func TestImportHandler_Upload_InvalidSessionPaths(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -860,7 +847,6 @@ func TestImportHandler_Commit_InvalidSessionUUID_BranchCoverage(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -893,7 +879,6 @@ func TestImportHandler_Upload_NoImportableHosts_WithImportsDetected(t *testing.T req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -925,7 +910,6 @@ func TestImportHandler_Upload_NoImportableHosts_NoImportsNoFileServer(t *testing req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -967,7 +951,6 @@ func TestImportHandler_Commit_OverwriteAndRenameFlows(t *testing.T) { req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -986,7 +969,6 @@ func TestImportHandler_Cancel_ValidationAndNotFound_BranchCoverage(t *testing.T) testutil.WithTx(t, setupImportTestDB(t), func(tx *gorm.DB) { handler, _, _ := setupTestHandler(t, tx) - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) @@ -1021,7 +1003,6 @@ func TestImportHandler_Cancel_TransientUploadCancelled_BranchCoverage(t *testing uploadPath := filepath.Join(uploadDir, sessionID+".caddyfile") require.NoError(t, os.WriteFile(uploadPath, []byte("example.com { respond \"ok\" }"), 0o600)) - gin.SetMode(gin.TestMode) router := gin.New() addAdminMiddleware(router) handler.RegisterRoutes(router.Group("/api/v1")) diff --git a/backend/internal/api/handlers/json_import_handler_test.go b/backend/internal/api/handlers/json_import_handler_test.go index 3345dd2a..409ac5f2 100644 --- a/backend/internal/api/handlers/json_import_handler_test.go +++ b/backend/internal/api/handlers/json_import_handler_test.go @@ -40,7 +40,6 @@ func TestJSONImportHandler_RegisterRoutes(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -60,7 +59,6 @@ func TestJSONImportHandler_Upload_CharonFormat(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -119,7 +117,6 @@ func TestJSONImportHandler_Upload_NPMFormatFallback(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -162,7 +159,6 @@ func TestJSONImportHandler_Upload_UnrecognizedFormat(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -188,7 +184,6 @@ func TestJSONImportHandler_Upload_InvalidJSON(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -208,7 +203,6 @@ func TestJSONImportHandler_Commit_CharonFormat(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -277,7 +271,6 @@ func TestJSONImportHandler_Commit_NPMFormatFallback(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -339,7 +332,6 @@ func TestJSONImportHandler_Commit_SessionNotFound(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -370,7 +362,6 @@ func TestJSONImportHandler_Cancel(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -459,7 +450,6 @@ func TestJSONImportHandler_ConflictDetection(t *testing.T) { handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -501,7 +491,6 @@ func TestJSONImportHandler_Cancel_RequiresValidJSONBody(t *testing.T) { db := setupJSONTestDB(t) handler := NewJSONImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) diff --git a/backend/internal/api/handlers/logs_handler_coverage_test.go b/backend/internal/api/handlers/logs_handler_coverage_test.go index e09edea2..1192cd1b 100644 --- a/backend/internal/api/handlers/logs_handler_coverage_test.go +++ b/backend/internal/api/handlers/logs_handler_coverage_test.go @@ -17,7 +17,6 @@ import ( ) func TestLogsHandler_Read_FilterBySearch(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -50,7 +49,6 @@ func TestLogsHandler_Read_FilterBySearch(t *testing.T) { } func TestLogsHandler_Read_FilterByHost(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -80,7 +78,6 @@ func TestLogsHandler_Read_FilterByHost(t *testing.T) { } func TestLogsHandler_Read_FilterByLevel(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -110,7 +107,6 @@ func TestLogsHandler_Read_FilterByLevel(t *testing.T) { } func TestLogsHandler_Read_FilterByStatus(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -140,7 +136,6 @@ func TestLogsHandler_Read_FilterByStatus(t *testing.T) { } func TestLogsHandler_Read_SortAsc(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -170,7 +165,6 @@ func TestLogsHandler_Read_SortAsc(t *testing.T) { } func TestLogsHandler_List_DirectoryIsFile(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") @@ -197,7 +191,6 @@ func TestLogsHandler_List_DirectoryIsFile(t *testing.T) { } func TestLogsHandler_Download_TempFileError(t *testing.T) { - gin.SetMode(gin.TestMode) tmpDir := t.TempDir() dataDir := filepath.Join(tmpDir, "data") diff --git a/backend/internal/api/handlers/logs_ws_test.go b/backend/internal/api/handlers/logs_ws_test.go index 06034712..d477bff6 100644 --- a/backend/internal/api/handlers/logs_ws_test.go +++ b/backend/internal/api/handlers/logs_ws_test.go @@ -71,7 +71,6 @@ func TestUpgraderCheckOrigin(t *testing.T) { } func TestLogsWebSocketHandler_DeprecatedWrapperUpgradeFailure(t *testing.T) { - gin.SetMode(gin.TestMode) charonlogger.Init(false, io.Discard) r := gin.New() @@ -85,7 +84,6 @@ func TestLogsWebSocketHandler_DeprecatedWrapperUpgradeFailure(t *testing.T) { } func TestLogsWSHandler_StreamWithFiltersAndTracker(t *testing.T) { - gin.SetMode(gin.TestMode) charonlogger.Init(false, io.Discard) tracker := services.NewWebSocketTracker() diff --git a/backend/internal/api/handlers/manual_challenge_handler_test.go b/backend/internal/api/handlers/manual_challenge_handler_test.go index d03503f1..8a3d18a2 100644 --- a/backend/internal/api/handlers/manual_challenge_handler_test.go +++ b/backend/internal/api/handlers/manual_challenge_handler_test.go @@ -82,7 +82,6 @@ func (m *mockDNSProviderServiceForChallenge) Get(ctx context.Context, id uint) ( } func setupChallengeTestRouter() *gin.Engine { - gin.SetMode(gin.TestMode) return gin.New() } @@ -507,7 +506,6 @@ func TestGetUserIDFromContext(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) c, _ := gin.CreateTestContext(httptest.NewRecorder()) if tt.value != nil { c.Set("user_id", tt.value) diff --git a/backend/internal/api/handlers/misc_coverage_test.go b/backend/internal/api/handlers/misc_coverage_test.go index 0b2a5939..3f836efe 100644 --- a/backend/internal/api/handlers/misc_coverage_test.go +++ b/backend/internal/api/handlers/misc_coverage_test.go @@ -23,7 +23,6 @@ func setupDomainCoverageDB(t *testing.T) *gorm.DB { } func TestDomainHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupDomainCoverageDB(t) h := NewDomainHandler(db, nil) @@ -40,7 +39,6 @@ func TestDomainHandler_List_Error(t *testing.T) { } func TestDomainHandler_Create_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupDomainCoverageDB(t) h := NewDomainHandler(db, nil) @@ -55,7 +53,6 @@ func TestDomainHandler_Create_InvalidJSON(t *testing.T) { } func TestDomainHandler_Create_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupDomainCoverageDB(t) h := NewDomainHandler(db, nil) @@ -76,7 +73,6 @@ func TestDomainHandler_Create_DBError(t *testing.T) { } func TestDomainHandler_Delete_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupDomainCoverageDB(t) h := NewDomainHandler(db, nil) @@ -103,7 +99,6 @@ func setupRemoteServerCoverageDB(t *testing.T) *gorm.DB { } func TestRemoteServerHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -121,7 +116,6 @@ func TestRemoteServerHandler_List_Error(t *testing.T) { } func TestRemoteServerHandler_List_EnabledOnly(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -140,7 +134,6 @@ func TestRemoteServerHandler_List_EnabledOnly(t *testing.T) { } func TestRemoteServerHandler_Update_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -155,7 +148,6 @@ func TestRemoteServerHandler_Update_NotFound(t *testing.T) { } func TestRemoteServerHandler_Update_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -176,7 +168,6 @@ func TestRemoteServerHandler_Update_InvalidJSON(t *testing.T) { } func TestRemoteServerHandler_TestConnection_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -191,7 +182,6 @@ func TestRemoteServerHandler_TestConnection_NotFound(t *testing.T) { } func TestRemoteServerHandler_TestConnectionCustom_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -207,7 +197,6 @@ func TestRemoteServerHandler_TestConnectionCustom_InvalidJSON(t *testing.T) { } func TestRemoteServerHandler_TestConnectionCustom_Unreachable(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupRemoteServerCoverageDB(t) svc := services.NewRemoteServerService(db) h := NewRemoteServerHandler(svc, nil) @@ -239,7 +228,6 @@ func setupUptimeCoverageDB(t *testing.T) *gorm.DB { } func TestUptimeHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) @@ -257,7 +245,6 @@ func TestUptimeHandler_List_Error(t *testing.T) { } func TestUptimeHandler_GetHistory_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) @@ -276,7 +263,6 @@ func TestUptimeHandler_GetHistory_Error(t *testing.T) { } func TestUptimeHandler_Update_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) @@ -293,7 +279,6 @@ func TestUptimeHandler_Update_InvalidJSON(t *testing.T) { } func TestUptimeHandler_Sync_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) @@ -311,7 +296,6 @@ func TestUptimeHandler_Sync_Error(t *testing.T) { } func TestUptimeHandler_Delete_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) @@ -330,7 +314,6 @@ func TestUptimeHandler_Delete_Error(t *testing.T) { } func TestUptimeHandler_CheckMonitor_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUptimeCoverageDB(t) svc := services.NewUptimeService(db, nil) h := NewUptimeHandler(svc) diff --git a/backend/internal/api/handlers/notification_coverage_test.go b/backend/internal/api/handlers/notification_coverage_test.go index 7ddc0c28..7f2b5156 100644 --- a/backend/internal/api/handlers/notification_coverage_test.go +++ b/backend/internal/api/handlers/notification_coverage_test.go @@ -33,7 +33,6 @@ func setAdminContext(c *gin.Context) { // Notification Handler Tests func TestNotificationHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationHandler(svc) @@ -55,7 +54,6 @@ func TestNotificationHandler_List_Error(t *testing.T) { } func TestNotificationHandler_List_UnreadOnly(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationHandler(svc) @@ -75,7 +73,6 @@ func TestNotificationHandler_List_UnreadOnly(t *testing.T) { } func TestNotificationHandler_MarkAsRead_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationHandler(svc) @@ -95,7 +92,6 @@ func TestNotificationHandler_MarkAsRead_Error(t *testing.T) { } func TestNotificationHandler_MarkAllAsRead_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationHandler(svc) @@ -116,7 +112,6 @@ func TestNotificationHandler_MarkAllAsRead_Error(t *testing.T) { // Notification Provider Handler Tests func TestNotificationProviderHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -135,7 +130,6 @@ func TestNotificationProviderHandler_List_Error(t *testing.T) { } func TestNotificationProviderHandler_Create_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -152,7 +146,6 @@ func TestNotificationProviderHandler_Create_InvalidJSON(t *testing.T) { } func TestNotificationProviderHandler_Create_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -180,7 +173,6 @@ func TestNotificationProviderHandler_Create_DBError(t *testing.T) { } func TestNotificationProviderHandler_Create_InvalidTemplate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -206,7 +198,6 @@ func TestNotificationProviderHandler_Create_InvalidTemplate(t *testing.T) { } func TestNotificationProviderHandler_Update_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -224,7 +215,6 @@ func TestNotificationProviderHandler_Update_InvalidJSON(t *testing.T) { } func TestNotificationProviderHandler_Update_InvalidTemplate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -256,7 +246,6 @@ func TestNotificationProviderHandler_Update_InvalidTemplate(t *testing.T) { } func TestNotificationProviderHandler_Update_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -285,7 +274,6 @@ func TestNotificationProviderHandler_Update_DBError(t *testing.T) { } func TestNotificationProviderHandler_Delete_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -305,7 +293,6 @@ func TestNotificationProviderHandler_Delete_Error(t *testing.T) { } func TestNotificationProviderHandler_Test_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -322,7 +309,6 @@ func TestNotificationProviderHandler_Test_InvalidJSON(t *testing.T) { } func TestNotificationProviderHandler_Test_RejectsClientSuppliedGotifyToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -354,7 +340,6 @@ func TestNotificationProviderHandler_Test_RejectsClientSuppliedGotifyToken(t *te } func TestNotificationProviderHandler_Test_RejectsGotifyTokenWithWhitespace(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -499,7 +484,6 @@ func TestClassifyProviderTestFailure_SlackNoService(t *testing.T) { } func TestNotificationProviderHandler_Test_RejectsSlackTokenInTestRequest(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -530,7 +514,6 @@ func TestNotificationProviderHandler_Test_RejectsSlackTokenInTestRequest(t *test } func TestNotificationProviderHandler_Templates(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -548,7 +531,6 @@ func TestNotificationProviderHandler_Templates(t *testing.T) { } func TestNotificationProviderHandler_Preview_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -565,7 +547,6 @@ func TestNotificationProviderHandler_Preview_InvalidJSON(t *testing.T) { } func TestNotificationProviderHandler_Preview_WithData(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -591,7 +572,6 @@ func TestNotificationProviderHandler_Preview_WithData(t *testing.T) { } func TestNotificationProviderHandler_Preview_InvalidTemplate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -616,7 +596,6 @@ func TestNotificationProviderHandler_Preview_InvalidTemplate(t *testing.T) { // Notification Template Handler Tests func TestNotificationTemplateHandler_List_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -635,7 +614,6 @@ func TestNotificationTemplateHandler_List_Error(t *testing.T) { } func TestNotificationTemplateHandler_Create_BadJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -652,7 +630,6 @@ func TestNotificationTemplateHandler_Create_BadJSON(t *testing.T) { } func TestNotificationTemplateHandler_Create_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -678,7 +655,6 @@ func TestNotificationTemplateHandler_Create_DBError(t *testing.T) { } func TestNotificationTemplateHandler_Update_BadJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -696,7 +672,6 @@ func TestNotificationTemplateHandler_Update_BadJSON(t *testing.T) { } func TestNotificationTemplateHandler_Update_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -723,7 +698,6 @@ func TestNotificationTemplateHandler_Update_DBError(t *testing.T) { } func TestNotificationTemplateHandler_Delete_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -743,7 +717,6 @@ func TestNotificationTemplateHandler_Delete_Error(t *testing.T) { } func TestNotificationTemplateHandler_Preview_BadJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -760,7 +733,6 @@ func TestNotificationTemplateHandler_Preview_BadJSON(t *testing.T) { } func TestNotificationTemplateHandler_Preview_TemplateNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -783,7 +755,6 @@ func TestNotificationTemplateHandler_Preview_TemplateNotFound(t *testing.T) { } func TestNotificationTemplateHandler_Preview_WithStoredTemplate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -815,7 +786,6 @@ func TestNotificationTemplateHandler_Preview_WithStoredTemplate(t *testing.T) { } func TestNotificationTemplateHandler_Preview_InvalidTemplate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationTemplateHandler(svc) @@ -837,7 +807,6 @@ func TestNotificationTemplateHandler_Preview_InvalidTemplate(t *testing.T) { } func TestNotificationProviderHandler_Preview_TokenWriteOnly(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -861,7 +830,6 @@ func TestNotificationProviderHandler_Preview_TokenWriteOnly(t *testing.T) { } func TestNotificationProviderHandler_Update_TypeChangeRejected(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -895,7 +863,6 @@ func TestNotificationProviderHandler_Update_TypeChangeRejected(t *testing.T) { } func TestNotificationProviderHandler_Test_MissingProviderID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -918,7 +885,6 @@ func TestNotificationProviderHandler_Test_MissingProviderID(t *testing.T) { } func TestNotificationProviderHandler_Test_ProviderNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -942,7 +908,6 @@ func TestNotificationProviderHandler_Test_ProviderNotFound(t *testing.T) { } func TestNotificationProviderHandler_Test_EmptyProviderURL(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -995,7 +960,6 @@ func TestIsProviderValidationError_Comprehensive(t *testing.T) { } func TestNotificationProviderHandler_Update_UnsupportedType(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -1028,7 +992,6 @@ func TestNotificationProviderHandler_Update_UnsupportedType(t *testing.T) { } func TestNotificationProviderHandler_Update_GotifyKeepsExistingToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) @@ -1066,7 +1029,6 @@ func TestNotificationProviderHandler_Update_GotifyKeepsExistingToken(t *testing. } func TestNotificationProviderHandler_Test_ReadDBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationCoverageDB(t) svc := services.NewNotificationService(db, nil) h := NewNotificationProviderHandler(svc) diff --git a/backend/internal/api/handlers/notification_handler_test.go b/backend/internal/api/handlers/notification_handler_test.go index 6328acd5..e883536d 100644 --- a/backend/internal/api/handlers/notification_handler_test.go +++ b/backend/internal/api/handlers/notification_handler_test.go @@ -29,7 +29,6 @@ func setupNotificationTestDB(t *testing.T) *gorm.DB { } func TestNotificationHandler_List(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationTestDB(t) // Seed data @@ -65,7 +64,6 @@ func TestNotificationHandler_List(t *testing.T) { } func TestNotificationHandler_MarkAsRead(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationTestDB(t) // Seed data @@ -89,7 +87,6 @@ func TestNotificationHandler_MarkAsRead(t *testing.T) { } func TestNotificationHandler_MarkAllAsRead(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationTestDB(t) // Seed data @@ -113,7 +110,6 @@ func TestNotificationHandler_MarkAllAsRead(t *testing.T) { } func TestNotificationHandler_MarkAllAsRead_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationTestDB(t) service := services.NewNotificationService(db, nil) handler := handlers.NewNotificationHandler(service) @@ -132,7 +128,6 @@ func TestNotificationHandler_MarkAllAsRead_Error(t *testing.T) { } func TestNotificationHandler_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupNotificationTestDB(t) service := services.NewNotificationService(db, nil) handler := handlers.NewNotificationHandler(service) diff --git a/backend/internal/api/handlers/notification_provider_blocker3_test.go b/backend/internal/api/handlers/notification_provider_blocker3_test.go index 5cd6338e..28fa3772 100644 --- a/backend/internal/api/handlers/notification_provider_blocker3_test.go +++ b/backend/internal/api/handlers/notification_provider_blocker3_test.go @@ -17,7 +17,6 @@ import ( // TestBlocker3_CreateProviderValidationWithSecurityEvents verifies supported/unsupported provider handling with security events enabled. func TestBlocker3_CreateProviderRejectsNonDiscordWithSecurityEvents(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -89,7 +88,6 @@ func TestBlocker3_CreateProviderRejectsNonDiscordWithSecurityEvents(t *testing.T // TestBlocker3_CreateProviderAcceptsDiscordWithSecurityEvents tests that create accepts Discord providers with security events. func TestBlocker3_CreateProviderAcceptsDiscordWithSecurityEvents(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -137,7 +135,6 @@ func TestBlocker3_CreateProviderAcceptsDiscordWithSecurityEvents(t *testing.T) { // TestBlocker3_CreateProviderAcceptsNonDiscordWithoutSecurityEvents verifies webhook create without security events remains accepted. func TestBlocker3_CreateProviderAcceptsNonDiscordWithoutSecurityEvents(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -182,7 +179,6 @@ func TestBlocker3_CreateProviderAcceptsNonDiscordWithoutSecurityEvents(t *testin // TestBlocker3_UpdateProviderRejectsNonDiscordWithSecurityEvents verifies webhook update with security events is allowed in PR-1 scope. func TestBlocker3_UpdateProviderRejectsNonDiscordWithSecurityEvents(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -238,7 +234,6 @@ func TestBlocker3_UpdateProviderRejectsNonDiscordWithSecurityEvents(t *testing.T // TestBlocker3_UpdateProviderAcceptsDiscordWithSecurityEvents tests that update accepts Discord providers with security events. func TestBlocker3_UpdateProviderAcceptsDiscordWithSecurityEvents(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -295,7 +290,6 @@ func TestBlocker3_UpdateProviderAcceptsDiscordWithSecurityEvents(t *testing.T) { // TestBlocker3_MultipleSecurityEventsEnforcesDiscordOnly tests webhook remains accepted with security flags in PR-1 scope. func TestBlocker3_MultipleSecurityEventsEnforcesDiscordOnly(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) @@ -352,7 +346,6 @@ func TestBlocker3_MultipleSecurityEventsEnforcesDiscordOnly(t *testing.T) { // TestBlocker3_UpdateProvider_DatabaseError tests database error handling when fetching existing provider (lines 137-139). func TestBlocker3_UpdateProvider_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) // Setup test database db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) diff --git a/backend/internal/api/handlers/notification_provider_discord_only_test.go b/backend/internal/api/handlers/notification_provider_discord_only_test.go index 0a91d9f3..77baed82 100644 --- a/backend/internal/api/handlers/notification_provider_discord_only_test.go +++ b/backend/internal/api/handlers/notification_provider_discord_only_test.go @@ -18,7 +18,6 @@ import ( // TestDiscordOnly_CreateRejectsNonDiscord verifies unsupported provider types are rejected while supported types are accepted. func TestDiscordOnly_CreateRejectsNonDiscord(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -81,7 +80,6 @@ func TestDiscordOnly_CreateRejectsNonDiscord(t *testing.T) { // TestDiscordOnly_CreateAcceptsDiscord tests that create accepts Discord providers. func TestDiscordOnly_CreateAcceptsDiscord(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -115,7 +113,6 @@ func TestDiscordOnly_CreateAcceptsDiscord(t *testing.T) { // TestDiscordOnly_UpdateRejectsTypeMutation tests that update blocks type mutation for deprecated providers. func TestDiscordOnly_UpdateRejectsTypeMutation(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -169,7 +166,6 @@ func TestDiscordOnly_UpdateRejectsTypeMutation(t *testing.T) { // TestDiscordOnly_UpdateRejectsEnable tests that update blocks enabling deprecated providers. func TestDiscordOnly_UpdateRejectsEnable(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -217,7 +213,6 @@ func TestDiscordOnly_UpdateRejectsEnable(t *testing.T) { // TestDiscordOnly_UpdateAllowsDisabledDeprecated tests that update allows updating disabled deprecated providers (except type/enable). func TestDiscordOnly_UpdateAllowsDisabledDeprecated(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -265,7 +260,6 @@ func TestDiscordOnly_UpdateAllowsDisabledDeprecated(t *testing.T) { // TestDiscordOnly_UpdateAcceptsDiscord tests that update accepts Discord provider updates. func TestDiscordOnly_UpdateAcceptsDiscord(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -313,7 +307,6 @@ func TestDiscordOnly_UpdateAcceptsDiscord(t *testing.T) { // TestDiscordOnly_DeleteAllowsDeprecated tests that delete works for deprecated providers. func TestDiscordOnly_DeleteAllowsDeprecated(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) @@ -405,7 +398,6 @@ func TestDiscordOnly_ErrorCodes(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) require.NoError(t, err) diff --git a/backend/internal/api/handlers/notification_provider_patch_coverage_test.go b/backend/internal/api/handlers/notification_provider_patch_coverage_test.go index 37be8467..94f3876b 100644 --- a/backend/internal/api/handlers/notification_provider_patch_coverage_test.go +++ b/backend/internal/api/handlers/notification_provider_patch_coverage_test.go @@ -36,7 +36,6 @@ func TestUpdate_BlockTypeMutationForNonDiscord(t *testing.T) { service := services.NewNotificationService(db, nil) handler := NewNotificationProviderHandler(service) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -88,7 +87,6 @@ func TestUpdate_AllowTypeMutationForDiscord(t *testing.T) { service := services.NewNotificationService(db, nil) handler := NewNotificationProviderHandler(service) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") diff --git a/backend/internal/api/handlers/npm_import_handler_test.go b/backend/internal/api/handlers/npm_import_handler_test.go index e9fcc9aa..ca7d9670 100644 --- a/backend/internal/api/handlers/npm_import_handler_test.go +++ b/backend/internal/api/handlers/npm_import_handler_test.go @@ -39,7 +39,6 @@ func TestNPMImportHandler_RegisterRoutes(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -59,7 +58,6 @@ func TestNPMImportHandler_Upload_ValidNPMExport(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -121,7 +119,6 @@ func TestNPMImportHandler_Upload_EmptyExport(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -146,7 +143,6 @@ func TestNPMImportHandler_Upload_InvalidJSON(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -177,7 +173,6 @@ func TestNPMImportHandler_Upload_ConflictDetection(t *testing.T) { handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -219,7 +214,6 @@ func TestNPMImportHandler_Commit_CreateNew(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -288,7 +282,6 @@ func TestNPMImportHandler_Commit_SkipAction(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -351,7 +344,6 @@ func TestNPMImportHandler_Commit_SessionNotFound(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -382,7 +374,6 @@ func TestNPMImportHandler_Cancel(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) @@ -457,7 +448,6 @@ func TestNPMImportHandler_Cancel_RequiresValidJSONBody(t *testing.T) { db := setupNPMTestDB(t) handler := NewNPMImportHandler(db) - gin.SetMode(gin.TestMode) router := gin.New() api := router.Group("/api/v1") handler.RegisterRoutes(api) diff --git a/backend/internal/api/handlers/plugin_handler_test.go b/backend/internal/api/handlers/plugin_handler_test.go index 2a00812f..fab63f43 100644 --- a/backend/internal/api/handlers/plugin_handler_test.go +++ b/backend/internal/api/handlers/plugin_handler_test.go @@ -32,7 +32,6 @@ func TestPluginHandler_NewPluginHandler(t *testing.T) { } func TestPluginHandler_ListPlugins(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -82,7 +81,6 @@ func TestPluginHandler_ListPlugins(t *testing.T) { } func TestPluginHandler_GetPlugin_InvalidID(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -99,7 +97,6 @@ func TestPluginHandler_GetPlugin_InvalidID(t *testing.T) { } func TestPluginHandler_GetPlugin_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -116,7 +113,6 @@ func TestPluginHandler_GetPlugin_NotFound(t *testing.T) { } func TestPluginHandler_GetPlugin_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -152,7 +148,6 @@ func TestPluginHandler_GetPlugin_Success(t *testing.T) { } func TestPluginHandler_EnablePlugin_InvalidID(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -168,7 +163,6 @@ func TestPluginHandler_EnablePlugin_InvalidID(t *testing.T) { } func TestPluginHandler_EnablePlugin_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -184,7 +178,6 @@ func TestPluginHandler_EnablePlugin_NotFound(t *testing.T) { } func TestPluginHandler_EnablePlugin_AlreadyEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -212,7 +205,6 @@ func TestPluginHandler_EnablePlugin_AlreadyEnabled(t *testing.T) { } func TestPluginHandler_EnablePlugin_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -245,7 +237,6 @@ func TestPluginHandler_EnablePlugin_Success(t *testing.T) { } func TestPluginHandler_DisablePlugin_InvalidID(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -261,7 +252,6 @@ func TestPluginHandler_DisablePlugin_InvalidID(t *testing.T) { } func TestPluginHandler_DisablePlugin_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -277,7 +267,6 @@ func TestPluginHandler_DisablePlugin_NotFound(t *testing.T) { } func TestPluginHandler_DisablePlugin_AlreadyDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -309,7 +298,6 @@ func TestPluginHandler_DisablePlugin_AlreadyDisabled(t *testing.T) { } func TestPluginHandler_DisablePlugin_InUse(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -346,7 +334,6 @@ func TestPluginHandler_DisablePlugin_InUse(t *testing.T) { } func TestPluginHandler_DisablePlugin_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -378,7 +365,6 @@ func TestPluginHandler_DisablePlugin_Success(t *testing.T) { } func TestPluginHandler_ReloadPlugins_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) pluginLoader := services.NewPluginLoaderService(db, "/nonexistent/plugins", nil) handler := NewPluginHandler(db, pluginLoader) @@ -397,7 +383,6 @@ func TestPluginHandler_ReloadPlugins_Success(t *testing.T) { // TestPluginHandler_ListPlugins_WithBuiltInProviders tests listing when built-in providers are registered func TestPluginHandler_ListPlugins_WithBuiltInProviders(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -502,7 +487,6 @@ func (m *mockDNSProvider) PollingInterval() time.Duration { // ============================================================================= func TestPluginHandler_ListPlugins_ExternalLoadedPlugin(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -570,7 +554,6 @@ func TestPluginHandler_ListPlugins_ExternalLoadedPlugin(t *testing.T) { } func TestPluginHandler_GetPlugin_WithProvider(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -619,7 +602,6 @@ func TestPluginHandler_GetPlugin_WithProvider(t *testing.T) { } func TestPluginHandler_EnablePlugin_WithLoadError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/nonexistent/plugins", nil) @@ -663,7 +645,6 @@ func TestPluginHandler_EnablePlugin_WithLoadError(t *testing.T) { } func TestPluginHandler_DisablePlugin_WithUnloadError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -698,7 +679,6 @@ func TestPluginHandler_DisablePlugin_WithUnloadError(t *testing.T) { } func TestPluginHandler_DisablePlugin_MultipleProviders(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -741,7 +721,6 @@ func TestPluginHandler_DisablePlugin_MultipleProviders(t *testing.T) { } func TestPluginHandler_ReloadPlugins_WithErrors(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) // Create a regular file and use it as pluginDir to force os.ReadDir error deterministically. @@ -763,7 +742,6 @@ func TestPluginHandler_ReloadPlugins_WithErrors(t *testing.T) { } func TestPluginHandler_ListPlugins_FailedPluginWithLoadedAt(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -813,7 +791,6 @@ func TestPluginHandler_ListPlugins_FailedPluginWithLoadedAt(t *testing.T) { } func TestPluginHandler_GetPlugin_WithLoadedAt(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -868,7 +845,6 @@ func TestPluginHandler_Count(t *testing.T) { // TestPluginHandler_EnablePlugin_DBUpdateError tests DB error when updating plugin enabled status func TestPluginHandler_EnablePlugin_DBUpdateError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -901,7 +877,6 @@ func TestPluginHandler_EnablePlugin_DBUpdateError(t *testing.T) { // TestPluginHandler_DisablePlugin_DBUpdateError tests DB error when updating plugin disabled status func TestPluginHandler_DisablePlugin_DBUpdateError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -934,7 +909,6 @@ func TestPluginHandler_DisablePlugin_DBUpdateError(t *testing.T) { // TestPluginHandler_GetPlugin_DBInternalError tests DB internal error when getting a plugin func TestPluginHandler_GetPlugin_DBInternalError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -968,7 +942,6 @@ func TestPluginHandler_GetPlugin_DBInternalError(t *testing.T) { // TestPluginHandler_EnablePlugin_FirstDBLookupError tests DB error in first plugin lookup func TestPluginHandler_EnablePlugin_FirstDBLookupError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -1002,7 +975,6 @@ func TestPluginHandler_EnablePlugin_FirstDBLookupError(t *testing.T) { // TestPluginHandler_DisablePlugin_FirstDBLookupError tests DB error in first plugin lookup during disable func TestPluginHandler_DisablePlugin_FirstDBLookupError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) diff --git a/backend/internal/api/handlers/pr_coverage_test.go b/backend/internal/api/handlers/pr_coverage_test.go index 62a195c2..8770ded5 100644 --- a/backend/internal/api/handlers/pr_coverage_test.go +++ b/backend/internal/api/handlers/pr_coverage_test.go @@ -26,7 +26,6 @@ import ( // ============================================================================= func TestPluginHandler_EnablePlugin_DatabaseUpdateError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -58,7 +57,6 @@ func TestPluginHandler_EnablePlugin_DatabaseUpdateError(t *testing.T) { } func TestPluginHandler_DisablePlugin_DatabaseUpdateError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -90,7 +88,6 @@ func TestPluginHandler_DisablePlugin_DatabaseUpdateError(t *testing.T) { } func TestPluginHandler_GetPlugin_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -122,7 +119,6 @@ func TestPluginHandler_GetPlugin_DatabaseError(t *testing.T) { } func TestPluginHandler_EnablePlugin_DatabaseFirstError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -144,7 +140,6 @@ func TestPluginHandler_EnablePlugin_DatabaseFirstError(t *testing.T) { } func TestPluginHandler_DisablePlugin_DatabaseFirstError(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) pluginLoader := services.NewPluginLoaderService(db, "/tmp/plugins", nil) @@ -170,7 +165,6 @@ func TestPluginHandler_DisablePlugin_DatabaseFirstError(t *testing.T) { // ============================================================================= func TestEncryptionHandler_Validate_NonAdminAccess(t *testing.T) { - gin.SetMode(gin.TestMode) currentKey, _ := crypto.GenerateNewKey() require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", currentKey)) @@ -192,7 +186,6 @@ func TestEncryptionHandler_Validate_NonAdminAccess(t *testing.T) { } func TestEncryptionHandler_GetHistory_PaginationBoundary(t *testing.T) { - gin.SetMode(gin.TestMode) currentKey, _ := crypto.GenerateNewKey() require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", currentKey)) @@ -227,7 +220,6 @@ func TestEncryptionHandler_GetHistory_PaginationBoundary(t *testing.T) { } func TestEncryptionHandler_GetStatus_VersionInfo(t *testing.T) { - gin.SetMode(gin.TestMode) currentKey, _ := crypto.GenerateNewKey() require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", currentKey)) @@ -261,7 +253,6 @@ func TestEncryptionHandler_GetStatus_VersionInfo(t *testing.T) { // ============================================================================= func TestSettingsHandler_TestPublicURL_RoleNotExists(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name())), &gorm.Config{}) require.NoError(t, err) @@ -282,7 +273,6 @@ func TestSettingsHandler_TestPublicURL_RoleNotExists(t *testing.T) { } func TestSettingsHandler_TestPublicURL_InvalidURLFormat(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name())), &gorm.Config{}) require.NoError(t, err) @@ -306,7 +296,6 @@ func TestSettingsHandler_TestPublicURL_InvalidURLFormat(t *testing.T) { } func TestSettingsHandler_TestPublicURL_PrivateIPBlocked_Coverage(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name())), &gorm.Config{}) require.NoError(t, err) @@ -335,7 +324,6 @@ func TestSettingsHandler_TestPublicURL_PrivateIPBlocked_Coverage(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_WithTrailingSlash(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name())), &gorm.Config{}) require.NoError(t, err) @@ -363,7 +351,6 @@ func TestSettingsHandler_ValidatePublicURL_WithTrailingSlash(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_MissingScheme(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name())), &gorm.Config{}) require.NoError(t, err) @@ -395,7 +382,6 @@ func TestSettingsHandler_ValidatePublicURL_MissingScheme(t *testing.T) { // ============================================================================= func TestAuditLogHandler_List_PaginationEdgeCases(t *testing.T) { - gin.SetMode(gin.TestMode) dbPath := fmt.Sprintf("/tmp/test_audit_pagination_%d.db", time.Now().UnixNano()) t.Cleanup(func() { _ = os.Remove(dbPath) }) @@ -429,7 +415,6 @@ func TestAuditLogHandler_List_PaginationEdgeCases(t *testing.T) { } func TestAuditLogHandler_List_CategoryFilter(t *testing.T) { - gin.SetMode(gin.TestMode) dbPath := fmt.Sprintf("/tmp/test_audit_category_%d.db", time.Now().UnixNano()) t.Cleanup(func() { _ = os.Remove(dbPath) }) @@ -467,7 +452,6 @@ func TestAuditLogHandler_List_CategoryFilter(t *testing.T) { } func TestAuditLogHandler_ListByProvider_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) dbPath := fmt.Sprintf("/tmp/test_audit_db_error_%d.db", time.Now().UnixNano()) t.Cleanup(func() { _ = os.Remove(dbPath) }) @@ -494,7 +478,6 @@ func TestAuditLogHandler_ListByProvider_DatabaseError(t *testing.T) { } func TestAuditLogHandler_ListByProvider_InvalidProviderID(t *testing.T) { - gin.SetMode(gin.TestMode) dbPath := fmt.Sprintf("/tmp/test_audit_invalid_id_%d.db", time.Now().UnixNano()) t.Cleanup(func() { _ = os.Remove(dbPath) }) @@ -521,7 +504,6 @@ func TestAuditLogHandler_ListByProvider_InvalidProviderID(t *testing.T) { // ============================================================================= func TestGetActorFromGinContext_InvalidUserIDType(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() var capturedActor string @@ -547,7 +529,6 @@ func TestGetActorFromGinContext_InvalidUserIDType(t *testing.T) { // ============================================================================= func TestIsAdmin_NonAdminRole(t *testing.T) { - gin.SetMode(gin.TestMode) router := gin.New() router.Use(func(c *gin.Context) { @@ -577,7 +558,6 @@ func setupCredentialHandlerTestWithCtx(t *testing.T) (*gin.Engine, *gorm.DB, *mo require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", "MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY=")) t.Cleanup(func() { require.NoError(t, os.Unsetenv("CHARON_ENCRYPTION_KEY")) }) - gin.SetMode(gin.TestMode) router := gin.New() dbName := fmt.Sprintf("file:%s?mode=memory&cache=shared&_journal_mode=WAL", t.Name()) @@ -679,7 +659,6 @@ func TestCredentialHandler_List_DatabaseClosed(t *testing.T) { require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", "MDEyMzQ1Njc4OWFiY2RlZjAxMjM0NTY3ODlhYmNkZWY=")) defer func() { require.NoError(t, os.Unsetenv("CHARON_ENCRYPTION_KEY")) }() - gin.SetMode(gin.TestMode) router := gin.New() dbName := fmt.Sprintf("file:%s?mode=memory&cache=shared", t.Name()) @@ -820,7 +799,6 @@ func TestCredentialHandler_EnableMultiCredentials_BadProviderID(t *testing.T) { // ============================================================================= func TestEncryptionHandler_Validate_AdminSuccess(t *testing.T) { - gin.SetMode(gin.TestMode) currentKey, _ := crypto.GenerateNewKey() require.NoError(t, os.Setenv("CHARON_ENCRYPTION_KEY", currentKey)) diff --git a/backend/internal/api/handlers/proxy_host_handler_update_test.go b/backend/internal/api/handlers/proxy_host_handler_update_test.go index 3282ee17..d6d692ee 100644 --- a/backend/internal/api/handlers/proxy_host_handler_update_test.go +++ b/backend/internal/api/handlers/proxy_host_handler_update_test.go @@ -23,7 +23,6 @@ import ( // Uses a dedicated in-memory SQLite database with all required models migrated. func setupUpdateTestRouter(t *testing.T) (*gin.Engine, *gorm.DB) { t.Helper() - gin.SetMode(gin.TestMode) dsn := "file:" + t.Name() + "?mode=memory&cache=shared" db, err := gorm.Open(sqlite.Open(dsn), &gorm.Config{}) @@ -951,7 +950,6 @@ func TestProxyHostUpdate_SecurityHeaderProfileID_SetToNull(t *testing.T) { // (other than not found) during profile lookup returns a 500 Internal Server Error. func TestBulkUpdateSecurityHeaders_DBError_NonNotFound(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) dsn := "file:" + t.Name() + "?mode=memory&cache=shared" db, err := gorm.Open(sqlite.Open(dsn), &gorm.Config{}) diff --git a/backend/internal/api/handlers/security_event_intake_test.go b/backend/internal/api/handlers/security_event_intake_test.go index 010a530c..0a65f4cf 100644 --- a/backend/internal/api/handlers/security_event_intake_test.go +++ b/backend/internal/api/handlers/security_event_intake_test.go @@ -59,7 +59,6 @@ func TestSecurityEventIntakeAuthLocalhost(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -100,7 +99,6 @@ func TestSecurityEventIntakeAuthManagementCIDR(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -141,7 +139,6 @@ func TestSecurityEventIntakeAuthUnauthorizedIP(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -187,7 +184,6 @@ func TestSecurityEventIntakeAuthInvalidIP(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -246,7 +242,6 @@ func TestSecurityEventIntakeDispatchInvoked(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -315,7 +310,6 @@ func TestSecurityEventIntakeR6Intact(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) router := gin.New() // Add auth middleware that sets user context @@ -386,7 +380,6 @@ func TestSecurityEventIntakeDiscordOnly(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -431,7 +424,6 @@ func TestSecurityEventIntakeMalformedPayload(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -466,7 +458,6 @@ func TestSecurityEventIntakeIPv6Localhost(t *testing.T) { managementCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) diff --git a/backend/internal/api/handlers/security_geoip_endpoints_test.go b/backend/internal/api/handlers/security_geoip_endpoints_test.go index 7d79f2af..b29f5d1c 100644 --- a/backend/internal/api/handlers/security_geoip_endpoints_test.go +++ b/backend/internal/api/handlers/security_geoip_endpoints_test.go @@ -15,7 +15,6 @@ import ( ) func TestSecurityHandler_GetGeoIPStatus_NotInitialized(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) r := gin.New() @@ -34,7 +33,6 @@ func TestSecurityHandler_GetGeoIPStatus_NotInitialized(t *testing.T) { } func TestSecurityHandler_GetGeoIPStatus_Initialized_NotLoaded(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) h.SetGeoIPService(&services.GeoIPService{}) @@ -55,7 +53,6 @@ func TestSecurityHandler_GetGeoIPStatus_Initialized_NotLoaded(t *testing.T) { } func TestSecurityHandler_ReloadGeoIP_NotInitialized(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) r := gin.New() @@ -73,7 +70,6 @@ func TestSecurityHandler_ReloadGeoIP_NotInitialized(t *testing.T) { } func TestSecurityHandler_ReloadGeoIP_LoadError(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) h.SetGeoIPService(&services.GeoIPService{}) // dbPath empty => Load() will error @@ -94,7 +90,6 @@ func TestSecurityHandler_ReloadGeoIP_LoadError(t *testing.T) { } func TestSecurityHandler_LookupGeoIP_MissingIPAddress(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) r := gin.New() @@ -115,7 +110,6 @@ func TestSecurityHandler_LookupGeoIP_MissingIPAddress(t *testing.T) { } func TestSecurityHandler_LookupGeoIP_ServiceUnavailable(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSecurityHandler(config.SecurityConfig{}, nil, nil) h.SetGeoIPService(&services.GeoIPService{}) // present but not loaded diff --git a/backend/internal/api/handlers/security_handler_audit_test.go b/backend/internal/api/handlers/security_handler_audit_test.go index 47d13c2f..e2182de9 100644 --- a/backend/internal/api/handlers/security_handler_audit_test.go +++ b/backend/internal/api/handlers/security_handler_audit_test.go @@ -56,7 +56,6 @@ func setupAuditTestDB(t *testing.T) *gorm.DB { // ============================================================================= func TestSecurityHandler_GetStatus_SQLInjection(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Seed malicious setting keys that could be used in SQL injection @@ -93,7 +92,6 @@ func TestSecurityHandler_GetStatus_SQLInjection(t *testing.T) { } func TestSecurityHandler_CreateDecision_SQLInjection(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -140,7 +138,6 @@ func TestSecurityHandler_CreateDecision_SQLInjection(t *testing.T) { // ============================================================================= func TestSecurityHandler_UpsertRuleSet_MassivePayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -176,7 +173,6 @@ func TestSecurityHandler_UpsertRuleSet_MassivePayload(t *testing.T) { } func TestSecurityHandler_UpsertRuleSet_EmptyName(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -208,7 +204,6 @@ func TestSecurityHandler_UpsertRuleSet_EmptyName(t *testing.T) { } func TestSecurityHandler_CreateDecision_EmptyFields(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -250,7 +245,6 @@ func TestSecurityHandler_CreateDecision_EmptyFields(t *testing.T) { // ============================================================================= func TestSecurityHandler_GetStatus_SettingsOverride(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Create SecurityConfig with all security features enabled (DB priority) @@ -308,7 +302,6 @@ func TestSecurityHandler_GetStatus_SettingsOverride(t *testing.T) { } func TestSecurityHandler_GetStatus_DisabledViaSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Seed settings that disable everything @@ -356,7 +349,6 @@ func TestSecurityHandler_GetStatus_DisabledViaSettings(t *testing.T) { // ============================================================================= func TestSecurityAudit_DeleteRuleSet_InvalidID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -401,7 +393,6 @@ func TestSecurityAudit_DeleteRuleSet_InvalidID(t *testing.T) { // ============================================================================= func TestSecurityHandler_UpsertRuleSet_XSSInContent(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -450,7 +441,6 @@ func TestSecurityHandler_UpsertRuleSet_XSSInContent(t *testing.T) { // ============================================================================= func TestSecurityHandler_UpdateConfig_RateLimitBounds(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) cfg := config.SecurityConfig{} @@ -512,7 +502,6 @@ func TestSecurityHandler_UpdateConfig_RateLimitBounds(t *testing.T) { // ============================================================================= func TestSecurityHandler_GetStatus_NilDB(t *testing.T) { - gin.SetMode(gin.TestMode) // Handler with nil DB should not panic cfg := config.SecurityConfig{CerberusEnabled: true} @@ -537,7 +526,6 @@ func TestSecurityHandler_GetStatus_NilDB(t *testing.T) { // ============================================================================= func TestSecurityHandler_Enable_WithoutWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Create config without whitelist @@ -564,7 +552,6 @@ func TestSecurityHandler_Enable_WithoutWhitelist(t *testing.T) { } func TestSecurityHandler_Disable_RequiresToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Create config with break-glass hash @@ -592,7 +579,6 @@ func TestSecurityHandler_Disable_RequiresToken(t *testing.T) { // ============================================================================= func TestSecurityHandler_GetStatus_CrowdSecModeValidation(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupAuditTestDB(t) // Try to set invalid CrowdSec modes via settings diff --git a/backend/internal/api/handlers/security_handler_authz_test.go b/backend/internal/api/handlers/security_handler_authz_test.go index 32c6bf8a..4e1d314c 100644 --- a/backend/internal/api/handlers/security_handler_authz_test.go +++ b/backend/internal/api/handlers/security_handler_authz_test.go @@ -15,7 +15,6 @@ import ( ) func TestSecurityHandler_MutatorsRequireAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityRuleSet{}, &models.SecurityDecision{}, &models.SecurityAudit{})) diff --git a/backend/internal/api/handlers/security_handler_cache_test.go b/backend/internal/api/handlers/security_handler_cache_test.go index 96bbe96b..44a8c113 100644 --- a/backend/internal/api/handlers/security_handler_cache_test.go +++ b/backend/internal/api/handlers/security_handler_cache_test.go @@ -21,7 +21,6 @@ func (t *testCacheInvalidator) InvalidateCache() { } func TestSecurityHandler_ToggleSecurityModule_InvalidatesCache(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) diff --git a/backend/internal/api/handlers/security_handler_clean_test.go b/backend/internal/api/handlers/security_handler_clean_test.go index 5019a34b..771a66ac 100644 --- a/backend/internal/api/handlers/security_handler_clean_test.go +++ b/backend/internal/api/handlers/security_handler_clean_test.go @@ -28,7 +28,6 @@ func setupTestDB(t *testing.T) *gorm.DB { } func TestSecurityHandler_GetStatus_Clean(t *testing.T) { - gin.SetMode(gin.TestMode) // Basic disabled scenario cfg := config.SecurityConfig{ @@ -54,7 +53,6 @@ func TestSecurityHandler_GetStatus_Clean(t *testing.T) { } func TestSecurityHandler_Cerberus_DBOverride(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // set DB to enable cerberus @@ -80,7 +78,6 @@ func TestSecurityHandler_Cerberus_DBOverride(t *testing.T) { } func TestSecurityHandler_ACL_DBOverride(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // set DB to enable ACL (override config) @@ -116,7 +113,6 @@ func TestSecurityHandler_ACL_DBOverride(t *testing.T) { } func TestSecurityHandler_GenerateBreakGlass_ReturnsToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) handler := NewSecurityHandler(config.SecurityConfig{}, db, nil) router := gin.New() @@ -139,7 +135,6 @@ func TestSecurityHandler_GenerateBreakGlass_ReturnsToken(t *testing.T) { } func TestSecurityHandler_ACL_DisabledWhenCerberusOff(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // set DB to enable ACL but disable Cerberus @@ -171,7 +166,6 @@ func TestSecurityHandler_ACL_DisabledWhenCerberusOff(t *testing.T) { } func TestSecurityHandler_CrowdSec_Mode_DBOverride(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // set DB to configure crowdsec.mode to local @@ -197,7 +191,6 @@ func TestSecurityHandler_CrowdSec_Mode_DBOverride(t *testing.T) { } func TestSecurityHandler_CrowdSec_ExternalMappedToDisabled_DBOverride(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // set DB to configure crowdsec.mode to external if err := db.Create(&models.Setting{Key: "security.crowdsec.mode", Value: "unknown"}).Error; err != nil { @@ -221,7 +214,6 @@ func TestSecurityHandler_CrowdSec_ExternalMappedToDisabled_DBOverride(t *testing } func TestSecurityHandler_ExternalModeMappedToDisabled(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.SecurityConfig{ CrowdSecMode: "unknown", WAFMode: "disabled", @@ -245,7 +237,6 @@ func TestSecurityHandler_ExternalModeMappedToDisabled(t *testing.T) { } func TestSecurityHandler_Enable_Disable_WithAdminWhitelistAndToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Add SecurityConfig with no admin whitelist - should refuse enable sec := models.SecurityConfig{Name: "default", Enabled: false, AdminWhitelist: ""} diff --git a/backend/internal/api/handlers/security_handler_coverage_test.go b/backend/internal/api/handlers/security_handler_coverage_test.go index 7ab25de7..f3be817d 100644 --- a/backend/internal/api/handlers/security_handler_coverage_test.go +++ b/backend/internal/api/handlers/security_handler_coverage_test.go @@ -21,7 +21,6 @@ import ( // Tests for UpdateConfig handler to improve coverage (currently 46%) func TestSecurityHandler_UpdateConfig_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityRuleSet{}, &models.SecurityDecision{}, &models.SecurityAudit{})) @@ -53,7 +52,6 @@ func TestSecurityHandler_UpdateConfig_Success(t *testing.T) { } func TestSecurityHandler_UpdateConfig_DefaultName(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityRuleSet{}, &models.SecurityDecision{}, &models.SecurityAudit{})) @@ -80,7 +78,6 @@ func TestSecurityHandler_UpdateConfig_DefaultName(t *testing.T) { } func TestSecurityHandler_UpdateConfig_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -102,7 +99,6 @@ func TestSecurityHandler_UpdateConfig_InvalidPayload(t *testing.T) { // Tests for GetConfig handler func TestSecurityHandler_GetConfig_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -126,7 +122,6 @@ func TestSecurityHandler_GetConfig_Success(t *testing.T) { } func TestSecurityHandler_GetConfig_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -147,7 +142,6 @@ func TestSecurityHandler_GetConfig_NotFound(t *testing.T) { // Tests for ListDecisions handler func TestSecurityHandler_ListDecisions_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{})) @@ -172,7 +166,6 @@ func TestSecurityHandler_ListDecisions_Success(t *testing.T) { } func TestSecurityHandler_ListDecisions_WithLimit(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{})) @@ -199,7 +192,6 @@ func TestSecurityHandler_ListDecisions_WithLimit(t *testing.T) { // Tests for CreateDecision handler func TestSecurityHandler_CreateDecision_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{}, &models.SecurityAudit{})) @@ -228,7 +220,6 @@ func TestSecurityHandler_CreateDecision_Success(t *testing.T) { } func TestSecurityHandler_CreateDecision_MissingIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{})) @@ -254,7 +245,6 @@ func TestSecurityHandler_CreateDecision_MissingIP(t *testing.T) { } func TestSecurityHandler_CreateDecision_MissingAction(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{})) @@ -280,7 +270,6 @@ func TestSecurityHandler_CreateDecision_MissingAction(t *testing.T) { } func TestSecurityHandler_CreateDecision_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityDecision{})) @@ -302,7 +291,6 @@ func TestSecurityHandler_CreateDecision_InvalidPayload(t *testing.T) { // Tests for ListRuleSets handler func TestSecurityHandler_ListRuleSets_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -328,7 +316,6 @@ func TestSecurityHandler_ListRuleSets_Success(t *testing.T) { // Tests for UpsertRuleSet handler func TestSecurityHandler_UpsertRuleSet_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{}, &models.SecurityAudit{})) @@ -356,7 +343,6 @@ func TestSecurityHandler_UpsertRuleSet_Success(t *testing.T) { } func TestSecurityHandler_UpsertRuleSet_MissingName(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -383,7 +369,6 @@ func TestSecurityHandler_UpsertRuleSet_MissingName(t *testing.T) { } func TestSecurityHandler_UpsertRuleSet_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -405,7 +390,6 @@ func TestSecurityHandler_UpsertRuleSet_InvalidPayload(t *testing.T) { // Tests for DeleteRuleSet handler (currently 52%) func TestSecurityHandler_DeleteRuleSet_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{}, &models.SecurityAudit{})) @@ -433,7 +417,6 @@ func TestSecurityHandler_DeleteRuleSet_Success(t *testing.T) { } func TestSecurityHandler_DeleteRuleSet_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -453,7 +436,6 @@ func TestSecurityHandler_DeleteRuleSet_NotFound(t *testing.T) { } func TestSecurityHandler_DeleteRuleSet_InvalidID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -473,7 +455,6 @@ func TestSecurityHandler_DeleteRuleSet_InvalidID(t *testing.T) { } func TestSecurityHandler_DeleteRuleSet_EmptyID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityRuleSet{})) @@ -497,7 +478,6 @@ func TestSecurityHandler_DeleteRuleSet_EmptyID(t *testing.T) { // Tests for Enable handler func TestSecurityHandler_Enable_NoConfigNoWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -515,7 +495,6 @@ func TestSecurityHandler_Enable_NoConfigNoWhitelist(t *testing.T) { } func TestSecurityHandler_Enable_WithWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -537,7 +516,6 @@ func TestSecurityHandler_Enable_WithWhitelist(t *testing.T) { } func TestSecurityHandler_Enable_IPNotInWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -559,7 +537,6 @@ func TestSecurityHandler_Enable_IPNotInWhitelist(t *testing.T) { } func TestSecurityHandler_Enable_WithValidBreakGlassToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -600,7 +577,6 @@ func TestSecurityHandler_Enable_WithValidBreakGlassToken(t *testing.T) { } func TestSecurityHandler_Enable_WithInvalidBreakGlassToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -625,7 +601,6 @@ func TestSecurityHandler_Enable_WithInvalidBreakGlassToken(t *testing.T) { // Tests for Disable handler (currently 44%) func TestSecurityHandler_Disable_FromLocalhost(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -654,7 +629,6 @@ func TestSecurityHandler_Disable_FromLocalhost(t *testing.T) { } func TestSecurityHandler_Disable_FromRemoteWithToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -695,7 +669,6 @@ func TestSecurityHandler_Disable_FromRemoteWithToken(t *testing.T) { } func TestSecurityHandler_Disable_FromRemoteNoToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -719,7 +692,6 @@ func TestSecurityHandler_Disable_FromRemoteNoToken(t *testing.T) { } func TestSecurityHandler_Disable_FromRemoteInvalidToken(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -747,7 +719,6 @@ func TestSecurityHandler_Disable_FromRemoteInvalidToken(t *testing.T) { // Tests for GenerateBreakGlass handler func TestSecurityHandler_GenerateBreakGlass_NoConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -773,7 +744,6 @@ func TestSecurityHandler_GenerateBreakGlass_NoConfig(t *testing.T) { // Test Enable with IPv6 localhost func TestSecurityHandler_Disable_FromIPv6Localhost(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -798,7 +768,6 @@ func TestSecurityHandler_Disable_FromIPv6Localhost(t *testing.T) { // Test Enable with CIDR whitelist matching func TestSecurityHandler_Enable_WithCIDRWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -821,7 +790,6 @@ func TestSecurityHandler_Enable_WithCIDRWhitelist(t *testing.T) { // Test Enable with exact IP in whitelist func TestSecurityHandler_Enable_WithExactIPWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -843,7 +811,6 @@ func TestSecurityHandler_Enable_WithExactIPWhitelist(t *testing.T) { } func TestSecurityHandler_GetStatus_BackwardCompatibilityOverrides(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.Setting{}, &models.CaddyConfig{})) @@ -887,7 +854,6 @@ func TestSecurityHandler_GetStatus_BackwardCompatibilityOverrides(t *testing.T) } func TestSecurityHandler_AddWAFExclusion_InvalidExistingJSONStillAdds(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) require.NoError(t, db.Create(&models.SecurityConfig{Name: "default", WAFExclusions: "{"}).Error) @@ -910,7 +876,6 @@ func TestSecurityHandler_AddWAFExclusion_InvalidExistingJSONStillAdds(t *testing } func TestSecurityHandler_ToggleSecurityModule_SnapshotSettingsError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) @@ -935,7 +900,6 @@ func TestSecurityHandler_ToggleSecurityModule_SnapshotSettingsError(t *testing.T } func TestSecurityHandler_ToggleSecurityModule_SnapshotSecurityConfigError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) require.NoError(t, db.Exec("DROP TABLE security_configs").Error) @@ -957,7 +921,6 @@ func TestSecurityHandler_ToggleSecurityModule_SnapshotSecurityConfigError(t *tes } func TestSecurityHandler_SnapshotAndRestoreHelpers(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) @@ -983,7 +946,6 @@ func TestSecurityHandler_SnapshotAndRestoreHelpers(t *testing.T) { } func TestSecurityHandler_DefaultSecurityConfigStateHelpers(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) diff --git a/backend/internal/api/handlers/security_handler_fixed_test.go b/backend/internal/api/handlers/security_handler_fixed_test.go index 6148e992..44fe8d0a 100644 --- a/backend/internal/api/handlers/security_handler_fixed_test.go +++ b/backend/internal/api/handlers/security_handler_fixed_test.go @@ -13,7 +13,6 @@ import ( ) func TestSecurityHandler_GetStatus_Fixed(t *testing.T) { - gin.SetMode(gin.TestMode) tests := []struct { name string diff --git a/backend/internal/api/handlers/security_handler_settings_test.go b/backend/internal/api/handlers/security_handler_settings_test.go index c351daf8..2c61f8bf 100644 --- a/backend/internal/api/handlers/security_handler_settings_test.go +++ b/backend/internal/api/handlers/security_handler_settings_test.go @@ -21,7 +21,6 @@ import ( // reads WAF, Rate Limit, and CrowdSec enabled states from the settings table, // overriding the static config values. func TestSecurityHandler_GetStatus_RespectsSettingsTable(t *testing.T) { - gin.SetMode(gin.TestMode) tests := []struct { name string @@ -167,7 +166,6 @@ func TestSecurityHandler_GetStatus_RespectsSettingsTable(t *testing.T) { // TestSecurityHandler_GetStatus_WAFModeFromSettings verifies that WAF mode // is properly reflected when enabled via settings. func TestSecurityHandler_GetStatus_WAFModeFromSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) @@ -200,7 +198,6 @@ func TestSecurityHandler_GetStatus_WAFModeFromSettings(t *testing.T) { // TestSecurityHandler_GetStatus_RateLimitModeFromSettings verifies that Rate Limit mode // is properly reflected when enabled via settings. func TestSecurityHandler_GetStatus_RateLimitModeFromSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{})) @@ -234,7 +231,6 @@ func TestSecurityHandler_GetStatus_RateLimitModeFromSettings(t *testing.T) { } func TestSecurityHandler_GetStatus_IncludesLatestConfigApplyState(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.CaddyConfig{})) @@ -261,7 +257,6 @@ func TestSecurityHandler_GetStatus_IncludesLatestConfigApplyState(t *testing.T) } func TestSecurityHandler_PatchACL_RequiresAdminWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) require.NoError(t, db.Create(&models.SecurityConfig{Name: "default", AdminWhitelist: "192.0.2.1/32"}).Error) @@ -283,7 +278,6 @@ func TestSecurityHandler_PatchACL_RequiresAdminWhitelist(t *testing.T) { } func TestSecurityHandler_PatchACL_AllowsWhitelistedIP(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDBWithMigrations(t) require.NoError(t, db.Create(&models.SecurityConfig{Name: "default", AdminWhitelist: "203.0.113.0/24"}).Error) @@ -315,7 +309,6 @@ func TestSecurityHandler_PatchACL_AllowsWhitelistedIP(t *testing.T) { } func TestSecurityHandler_PatchACL_SetsACLAndCerberusSettings(t *testing.T) { - gin.SetMode(gin.TestMode) dsn := "file:TestSecurityHandler_PatchACL_SetsACLAndCerberusSettings?mode=memory&cache=shared" db, err := gorm.Open(sqlite.Open(dsn), &gorm.Config{}) @@ -352,7 +345,6 @@ func TestSecurityHandler_PatchACL_SetsACLAndCerberusSettings(t *testing.T) { } func TestSecurityHandler_EnsureSecurityConfigEnabled_CreatesWhenMissing(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) @@ -368,7 +360,6 @@ func TestSecurityHandler_EnsureSecurityConfigEnabled_CreatesWhenMissing(t *testi } func TestSecurityHandler_PatchACL_AllowsEmergencyBypass(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) require.NoError(t, db.Create(&models.SecurityConfig{Name: "default", AdminWhitelist: "192.0.2.1/32"}).Error) diff --git a/backend/internal/api/handlers/security_handler_waf_test.go b/backend/internal/api/handlers/security_handler_waf_test.go index 9f338b06..c02a040c 100644 --- a/backend/internal/api/handlers/security_handler_waf_test.go +++ b/backend/internal/api/handlers/security_handler_waf_test.go @@ -25,7 +25,6 @@ import ( // Tests for GetWAFExclusions handler func TestSecurityHandler_GetWAFExclusions_Empty(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -46,7 +45,6 @@ func TestSecurityHandler_GetWAFExclusions_Empty(t *testing.T) { } func TestSecurityHandler_GetWAFExclusions_WithExclusions(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -77,7 +75,6 @@ func TestSecurityHandler_GetWAFExclusions_WithExclusions(t *testing.T) { } func TestSecurityHandler_GetWAFExclusions_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -104,7 +101,6 @@ func TestSecurityHandler_GetWAFExclusions_InvalidJSON(t *testing.T) { // Tests for AddWAFExclusion handler func TestSecurityHandler_AddWAFExclusion_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -138,7 +134,6 @@ func TestSecurityHandler_AddWAFExclusion_Success(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_WithTarget(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -172,7 +167,6 @@ func TestSecurityHandler_AddWAFExclusion_WithTarget(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_ToExistingConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -216,7 +210,6 @@ func TestSecurityHandler_AddWAFExclusion_ToExistingConfig(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_Duplicate(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -249,7 +242,6 @@ func TestSecurityHandler_AddWAFExclusion_Duplicate(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_DuplicateWithDifferentTarget(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -282,7 +274,6 @@ func TestSecurityHandler_AddWAFExclusion_DuplicateWithDifferentTarget(t *testing } func TestSecurityHandler_AddWAFExclusion_MissingRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -308,7 +299,6 @@ func TestSecurityHandler_AddWAFExclusion_MissingRuleID(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_InvalidRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -335,7 +325,6 @@ func TestSecurityHandler_AddWAFExclusion_InvalidRuleID(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_NegativeRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -361,7 +350,6 @@ func TestSecurityHandler_AddWAFExclusion_NegativeRuleID(t *testing.T) { } func TestSecurityHandler_AddWAFExclusion_InvalidPayload(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -383,7 +371,6 @@ func TestSecurityHandler_AddWAFExclusion_InvalidPayload(t *testing.T) { // Tests for DeleteWAFExclusion handler func TestSecurityHandler_DeleteWAFExclusion_Success(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -423,7 +410,6 @@ func TestSecurityHandler_DeleteWAFExclusion_Success(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_WithTarget(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}, &models.SecurityAudit{})) @@ -463,7 +449,6 @@ func TestSecurityHandler_DeleteWAFExclusion_WithTarget(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -488,7 +473,6 @@ func TestSecurityHandler_DeleteWAFExclusion_NotFound(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_NoConfig(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -508,7 +492,6 @@ func TestSecurityHandler_DeleteWAFExclusion_NoConfig(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_InvalidRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -528,7 +511,6 @@ func TestSecurityHandler_DeleteWAFExclusion_InvalidRuleID(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_ZeroRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -548,7 +530,6 @@ func TestSecurityHandler_DeleteWAFExclusion_ZeroRuleID(t *testing.T) { } func TestSecurityHandler_DeleteWAFExclusion_NegativeRuleID(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -569,7 +550,6 @@ func TestSecurityHandler_DeleteWAFExclusion_NegativeRuleID(t *testing.T) { // Integration test: Full WAF exclusion workflow func TestSecurityHandler_WAFExclusion_FullWorkflow(t *testing.T) { - gin.SetMode(gin.TestMode) // Create a temporary file-based SQLite database for complete isolation // This avoids all the shared memory locking issues with in-memory databases @@ -673,7 +653,6 @@ func TestSecurityHandler_WAFExclusion_FullWorkflow(t *testing.T) { // Test WAFDisabled field on ProxyHost func TestProxyHost_WAFDisabled_DefaultFalse(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.ProxyHost{})) @@ -693,7 +672,6 @@ func TestProxyHost_WAFDisabled_DefaultFalse(t *testing.T) { } func TestProxyHost_WAFDisabled_SetTrue(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.ProxyHost{})) @@ -715,7 +693,6 @@ func TestProxyHost_WAFDisabled_SetTrue(t *testing.T) { // Test WAFParanoiaLevel field on SecurityConfig func TestSecurityConfig_WAFParanoiaLevel_Default(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -733,7 +710,6 @@ func TestSecurityConfig_WAFParanoiaLevel_Default(t *testing.T) { } func TestSecurityConfig_WAFParanoiaLevel_CustomValue(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -752,7 +728,6 @@ func TestSecurityConfig_WAFParanoiaLevel_CustomValue(t *testing.T) { // Test WAFExclusions field on SecurityConfig func TestSecurityConfig_WAFExclusions_Empty(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) @@ -769,7 +744,6 @@ func TestSecurityConfig_WAFExclusions_Empty(t *testing.T) { } func TestSecurityConfig_WAFExclusions_JSONArray(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.SecurityConfig{})) diff --git a/backend/internal/api/handlers/security_headers_handler_test.go b/backend/internal/api/handlers/security_headers_handler_test.go index da30ab3c..441be079 100644 --- a/backend/internal/api/handlers/security_headers_handler_test.go +++ b/backend/internal/api/handlers/security_headers_handler_test.go @@ -23,7 +23,6 @@ func setupSecurityHeadersTestRouter(t *testing.T) (*gin.Engine, *gorm.DB) { err = db.AutoMigrate(&models.SecurityHeaderProfile{}, &models.ProxyHost{}) assert.NoError(t, err) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -638,7 +637,6 @@ func TestUpdateProfile_LookupDBError(t *testing.T) { err = db.AutoMigrate(&models.SecurityHeaderProfile{}, &models.ProxyHost{}) assert.NoError(t, err) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -685,7 +683,6 @@ func TestDeleteProfile_LookupDBError(t *testing.T) { err = db.AutoMigrate(&models.SecurityHeaderProfile{}, &models.ProxyHost{}) assert.NoError(t, err) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -716,7 +713,6 @@ func TestDeleteProfile_CountDBError(t *testing.T) { } db.Create(&profile) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -742,7 +738,6 @@ func TestDeleteProfile_DeleteDBError(t *testing.T) { } db.Create(&profile) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -852,7 +847,6 @@ func TestGetProfile_UUID_DBError_NonNotFound(t *testing.T) { err = db.AutoMigrate(&models.SecurityHeaderProfile{}, &models.ProxyHost{}) assert.NoError(t, err) - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) @@ -902,7 +896,6 @@ func TestUpdateProfile_SaveError(t *testing.T) { db.Create(&profile) profileID := profile.ID - gin.SetMode(gin.TestMode) router := gin.New() handler := NewSecurityHeadersHandler(db, nil) diff --git a/backend/internal/api/handlers/security_notifications_compatibility_test.go b/backend/internal/api/handlers/security_notifications_compatibility_test.go index 39664c0d..c53e3b97 100644 --- a/backend/internal/api/handlers/security_notifications_compatibility_test.go +++ b/backend/internal/api/handlers/security_notifications_compatibility_test.go @@ -67,7 +67,6 @@ func TestCompatibilityGET_ORAggregation(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -104,7 +103,6 @@ func TestCompatibilityGET_AllFalse(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -145,7 +143,6 @@ func TestCompatibilityGET_DisabledProvidersIgnored(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -182,7 +179,6 @@ func TestCompatibilityPUT_DeterministicTargetSet(t *testing.T) { "security_rate_limit_enabled": true }`) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) setAdminContext(c) @@ -216,7 +212,6 @@ func TestCompatibilityPUT_CreatesManagedProviderIfNone(t *testing.T) { "webhook_url": "https://example.com/webhook" }`) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) setAdminContext(c) @@ -259,7 +254,6 @@ func TestCompatibilityPUT_Idempotency(t *testing.T) { }`) // First PUT - gin.SetMode(gin.TestMode) w1 := httptest.NewRecorder() c1, _ := gin.CreateTestContext(w1) setAdminContext(c1) @@ -305,7 +299,6 @@ func TestCompatibilityPUT_WebhookMapping(t *testing.T) { "webhook_url": "https://example.com/webhook" }`) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) setAdminContext(c) @@ -336,7 +329,6 @@ func TestCompatibilityPUT_MultipleDestinations422(t *testing.T) { "discord_webhook_url": "https://discord.com/webhook" }`) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) setAdminContext(c) @@ -432,7 +424,6 @@ func TestCompatibilityPUT_MultipleManagedProviders_UpdatesAll(t *testing.T) { "security_rate_limit_enabled": true }`) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) setAdminContext(c) @@ -547,7 +538,6 @@ func TestFeatureFlag_Disabled(t *testing.T) { handler := NewSecurityNotificationHandler(service) // GET should still work via compatibility path - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) diff --git a/backend/internal/api/handlers/security_notifications_final_blockers_test.go b/backend/internal/api/handlers/security_notifications_final_blockers_test.go index ff924c42..cd5240d1 100644 --- a/backend/internal/api/handlers/security_notifications_final_blockers_test.go +++ b/backend/internal/api/handlers/security_notifications_final_blockers_test.go @@ -31,7 +31,6 @@ func TestFinalBlocker1_DestinationAmbiguous_ZeroManagedProviders(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -67,7 +66,6 @@ func TestFinalBlocker1_DestinationAmbiguous_OneManagedProvider(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -112,7 +110,6 @@ func TestFinalBlocker1_DestinationAmbiguous_MultipleManagedProviders(t *testing. service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -201,7 +198,6 @@ func TestFinalBlocker3_SupportedProviderTypes_WebhookDiscordSlackGotifyOnly(t *t service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -240,7 +236,6 @@ func TestFinalBlocker3_SupportedProviderTypes_UnsupportedTypesIgnored(t *testing service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -277,7 +272,6 @@ func TestBlocker2_GETReturnsSecurityFields(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -320,7 +314,6 @@ func TestBlocker2_GotifyTokenNeverExposed_Legacy(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) diff --git a/backend/internal/api/handlers/security_notifications_patch_coverage_test.go b/backend/internal/api/handlers/security_notifications_patch_coverage_test.go index 4dc26711..4e63c9f6 100644 --- a/backend/internal/api/handlers/security_notifications_patch_coverage_test.go +++ b/backend/internal/api/handlers/security_notifications_patch_coverage_test.go @@ -27,7 +27,6 @@ func TestDeprecatedGetSettings_HeadersSet(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/legacy/security", http.NoBody) @@ -59,7 +58,6 @@ func TestHandleSecurityEvent_InvalidCIDRWarning(t *testing.T) { invalidCIDRs, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -98,7 +96,6 @@ func TestHandleSecurityEvent_SeveritySet(t *testing.T) { []string{}, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) @@ -159,7 +156,6 @@ func TestHandleSecurityEvent_DispatchError(t *testing.T) { []string{}, ) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) diff --git a/backend/internal/api/handlers/security_notifications_single_source_test.go b/backend/internal/api/handlers/security_notifications_single_source_test.go index fbf05729..405161eb 100644 --- a/backend/internal/api/handlers/security_notifications_single_source_test.go +++ b/backend/internal/api/handlers/security_notifications_single_source_test.go @@ -60,7 +60,6 @@ func TestR2_ProviderSecurityEventsCrowdSecDecisions(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -103,7 +102,6 @@ func TestR2_ProviderSecurityEventsCrowdSecDecisionsORSemantics(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) @@ -127,7 +125,6 @@ func TestR6_LegacySecuritySettingsWrite410Gone(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) // Test canonical endpoint: PUT /api/v1/notifications/settings/security t.Run("CanonicalEndpoint", func(t *testing.T) { @@ -206,7 +203,6 @@ func TestR6_LegacyWrite410GoneNoMutation(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) // Attempt PUT to canonical endpoint reqBody := map[string]interface{}{ @@ -241,7 +237,6 @@ func TestProviderCRUD_SecurityEventsIncludeCrowdSec(t *testing.T) { service := services.NewNotificationService(db, nil) handler := NewNotificationProviderHandler(service) - gin.SetMode(gin.TestMode) // Test CREATE t.Run("CreatePersistsCrowdSec", func(t *testing.T) { @@ -329,7 +324,6 @@ func TestR2_CompatibilityGETIncludesCrowdSec(t *testing.T) { service := services.NewEnhancedSecurityNotificationService(db) handler := NewSecurityNotificationHandler(service) - gin.SetMode(gin.TestMode) w := httptest.NewRecorder() c, _ := gin.CreateTestContext(w) c.Request = httptest.NewRequest("GET", "/api/v1/notifications/settings/security", http.NoBody) diff --git a/backend/internal/api/handlers/security_notifications_test.go b/backend/internal/api/handlers/security_notifications_test.go index 8e9f0494..f401a047 100644 --- a/backend/internal/api/handlers/security_notifications_test.go +++ b/backend/internal/api/handlers/security_notifications_test.go @@ -21,7 +21,6 @@ import ( // TestHandleSecurityEvent_TimestampZero covers line 146 func TestHandleSecurityEvent_TimestampZero(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) assert.NoError(t, err) @@ -76,7 +75,6 @@ func (m *mockFailingService) SendViaProviders(ctx context.Context, event models. // TestHandleSecurityEvent_SendViaProvidersError covers lines 163-164 func TestHandleSecurityEvent_SendViaProvidersError(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{}) assert.NoError(t, err) diff --git a/backend/internal/api/handlers/security_priority_test.go b/backend/internal/api/handlers/security_priority_test.go index 6b29d0d2..50b05bc7 100644 --- a/backend/internal/api/handlers/security_priority_test.go +++ b/backend/internal/api/handlers/security_priority_test.go @@ -19,7 +19,6 @@ import ( // 2. SecurityConfig DB (middle) // 3. Static config (lowest) func TestSecurityHandler_Priority_SettingsOverSecurityConfig(t *testing.T) { - gin.SetMode(gin.TestMode) tests := []struct { name string @@ -112,7 +111,6 @@ func TestSecurityHandler_Priority_SettingsOverSecurityConfig(t *testing.T) { // TestSecurityHandler_Priority_AllModules verifies priority system works for all security modules func TestSecurityHandler_Priority_AllModules(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) diff --git a/backend/internal/api/handlers/security_ratelimit_test.go b/backend/internal/api/handlers/security_ratelimit_test.go index 8b437409..f1561761 100644 --- a/backend/internal/api/handlers/security_ratelimit_test.go +++ b/backend/internal/api/handlers/security_ratelimit_test.go @@ -14,7 +14,6 @@ import ( ) func TestSecurityHandler_GetRateLimitPresets(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.SecurityConfig{} handler := NewSecurityHandler(cfg, nil, nil) @@ -49,7 +48,6 @@ func TestSecurityHandler_GetRateLimitPresets(t *testing.T) { } func TestSecurityHandler_GetRateLimitPresets_StandardPreset(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.SecurityConfig{} handler := NewSecurityHandler(cfg, nil, nil) @@ -75,7 +73,6 @@ func TestSecurityHandler_GetRateLimitPresets_StandardPreset(t *testing.T) { } func TestSecurityHandler_GetRateLimitPresets_LoginPreset(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.SecurityConfig{} handler := NewSecurityHandler(cfg, nil, nil) diff --git a/backend/internal/api/handlers/security_toggles_test.go b/backend/internal/api/handlers/security_toggles_test.go index 929ad3fe..e167fac4 100644 --- a/backend/internal/api/handlers/security_toggles_test.go +++ b/backend/internal/api/handlers/security_toggles_test.go @@ -17,7 +17,6 @@ import ( ) func setupToggleTest(t *testing.T) (*SecurityHandler, *gorm.DB) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) @@ -213,7 +212,6 @@ func TestACLEnabledIfIPWhitelisted(t *testing.T) { } func TestSecurityToggles_RollbackSettingWhenApplyFails(t *testing.T) { - gin.SetMode(gin.TestMode) db := OpenTestDB(t) require.NoError(t, db.AutoMigrate(&models.Setting{}, &models.SecurityConfig{})) require.NoError(t, db.Create(&models.SecurityConfig{Name: "default", Enabled: true}).Error) diff --git a/backend/internal/api/handlers/settings_handler_test.go b/backend/internal/api/handlers/settings_handler_test.go index 708c1758..11b4db2b 100644 --- a/backend/internal/api/handlers/settings_handler_test.go +++ b/backend/internal/api/handlers/settings_handler_test.go @@ -160,7 +160,6 @@ func newAdminRouter() *gin.Engine { } func TestSettingsHandler_GetSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) // Seed data @@ -183,7 +182,6 @@ func TestSettingsHandler_GetSettings(t *testing.T) { } func TestSettingsHandler_GetSettings_MasksSensitiveValues(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) db.Create(&models.Setting{Key: "smtp_password", Value: "super-secret-password", Category: "smtp", Type: "string"}) @@ -208,7 +206,6 @@ func TestSettingsHandler_GetSettings_MasksSensitiveValues(t *testing.T) { } func TestSettingsHandler_GetSettings_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) // Close the database to force an error @@ -231,7 +228,6 @@ func TestSettingsHandler_GetSettings_DatabaseError(t *testing.T) { } func TestSettingsHandler_UpdateSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -274,7 +270,6 @@ func TestSettingsHandler_UpdateSettings(t *testing.T) { } func TestSettingsHandler_UpdateSetting_SyncsAdminWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -301,7 +296,6 @@ func TestSettingsHandler_UpdateSetting_SyncsAdminWhitelist(t *testing.T) { } func TestSettingsHandler_UpdateSetting_EnablesCerberusWhenACLEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -343,7 +337,6 @@ func TestSettingsHandler_UpdateSetting_EnablesCerberusWhenACLEnabled(t *testing. } func TestSettingsHandler_UpdateSetting_SecurityKeyAppliesConfigSynchronously(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) mgr := &mockCaddyConfigManager{} @@ -367,7 +360,6 @@ func TestSettingsHandler_UpdateSetting_SecurityKeyAppliesConfigSynchronously(t * } func TestSettingsHandler_UpdateSetting_SecurityKeyApplyFailureReturnsError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) mgr := &mockCaddyConfigManager{applyFunc: func(context.Context) error { @@ -393,7 +385,6 @@ func TestSettingsHandler_UpdateSetting_SecurityKeyApplyFailureReturnsError(t *te } func TestSettingsHandler_UpdateSetting_NonAdminForbidden(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -416,7 +407,6 @@ func TestSettingsHandler_UpdateSetting_NonAdminForbidden(t *testing.T) { } func TestSettingsHandler_UpdateSetting_InvalidAdminWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -439,7 +429,6 @@ func TestSettingsHandler_UpdateSetting_InvalidAdminWhitelist(t *testing.T) { } func TestSettingsHandler_UpdateSetting_EmptyValueAccepted(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -466,7 +455,6 @@ func TestSettingsHandler_UpdateSetting_EmptyValueAccepted(t *testing.T) { } func TestSettingsHandler_UpdateSetting_MissingKeyRejected(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -488,7 +476,6 @@ func TestSettingsHandler_UpdateSetting_MissingKeyRejected(t *testing.T) { } func TestSettingsHandler_UpdateSetting_InvalidKeepaliveIdle(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -511,7 +498,6 @@ func TestSettingsHandler_UpdateSetting_InvalidKeepaliveIdle(t *testing.T) { } func TestSettingsHandler_UpdateSetting_ValidKeepaliveCount(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -540,7 +526,6 @@ func TestSettingsHandler_UpdateSetting_ValidKeepaliveCount(t *testing.T) { } func TestSettingsHandler_UpdateSetting_SecurityKeyInvalidatesCache(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) mgr := &mockCaddyConfigManager{} @@ -566,7 +551,6 @@ func TestSettingsHandler_UpdateSetting_SecurityKeyInvalidatesCache(t *testing.T) } func TestSettingsHandler_PatchConfig_InvalidAdminWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -590,7 +574,6 @@ func TestSettingsHandler_PatchConfig_InvalidAdminWhitelist(t *testing.T) { } func TestSettingsHandler_PatchConfig_InvalidKeepaliveCount(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -614,7 +597,6 @@ func TestSettingsHandler_PatchConfig_InvalidKeepaliveCount(t *testing.T) { } func TestSettingsHandler_PatchConfig_ValidKeepaliveSettings(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -648,7 +630,6 @@ func TestSettingsHandler_PatchConfig_ValidKeepaliveSettings(t *testing.T) { } func TestSettingsHandler_PatchConfig_ReloadFailureReturns500(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) mgr := &mockCaddyConfigManager{applyFunc: func(context.Context) error { @@ -678,7 +659,6 @@ func TestSettingsHandler_PatchConfig_ReloadFailureReturns500(t *testing.T) { } func TestSettingsHandler_PatchConfig_SyncsAdminWhitelist(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -710,7 +690,6 @@ func TestSettingsHandler_PatchConfig_SyncsAdminWhitelist(t *testing.T) { } func TestSettingsHandler_PatchConfig_EnablesCerberusWhenACLEnabled(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -749,7 +728,6 @@ func TestSettingsHandler_PatchConfig_EnablesCerberusWhenACLEnabled(t *testing.T) } func TestSettingsHandler_UpdateSetting_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -779,7 +757,6 @@ func TestSettingsHandler_UpdateSetting_DatabaseError(t *testing.T) { } func TestSettingsHandler_Errors(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -830,7 +807,6 @@ func setupSettingsHandlerWithMail(t *testing.T) (*handlers.SettingsHandler, *gor } func TestSettingsHandler_GetSMTPConfig(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) // Seed SMTP config @@ -859,7 +835,6 @@ func TestSettingsHandler_GetSMTPConfig(t *testing.T) { } func TestSettingsHandler_GetSMTPConfig_Empty(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -877,7 +852,6 @@ func TestSettingsHandler_GetSMTPConfig_Empty(t *testing.T) { } func TestSettingsHandler_GetSMTPConfig_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) sqlDB, _ := db.DB() _ = sqlDB.Close() @@ -893,7 +867,6 @@ func TestSettingsHandler_GetSMTPConfig_DatabaseError(t *testing.T) { } func TestSettingsHandler_GetSMTPConfig_NonAdminForbidden(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := gin.New() @@ -912,7 +885,6 @@ func TestSettingsHandler_GetSMTPConfig_NonAdminForbidden(t *testing.T) { } func TestSettingsHandler_UpdateSMTPConfig_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -938,7 +910,6 @@ func TestSettingsHandler_UpdateSMTPConfig_NonAdmin(t *testing.T) { } func TestSettingsHandler_UpdateSMTPConfig_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -957,7 +928,6 @@ func TestSettingsHandler_UpdateSMTPConfig_InvalidJSON(t *testing.T) { } func TestSettingsHandler_UpdateSMTPConfig_Success(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -985,7 +955,6 @@ func TestSettingsHandler_UpdateSMTPConfig_Success(t *testing.T) { } func TestSettingsHandler_UpdateSMTPConfig_KeepExistingPassword(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) // Seed existing password @@ -1025,7 +994,6 @@ func TestSettingsHandler_UpdateSMTPConfig_KeepExistingPassword(t *testing.T) { } func TestSettingsHandler_TestSMTPConfig_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1043,7 +1011,6 @@ func TestSettingsHandler_TestSMTPConfig_NonAdmin(t *testing.T) { } func TestSettingsHandler_TestSMTPConfig_NotConfigured(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1064,7 +1031,6 @@ func TestSettingsHandler_TestSMTPConfig_NotConfigured(t *testing.T) { } func TestSettingsHandler_TestSMTPConfig_Success(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) host, port := startTestSMTPServer(t) @@ -1093,7 +1059,6 @@ func TestSettingsHandler_TestSMTPConfig_Success(t *testing.T) { } func TestSettingsHandler_SendTestEmail_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1114,7 +1079,6 @@ func TestSettingsHandler_SendTestEmail_NonAdmin(t *testing.T) { } func TestSettingsHandler_SendTestEmail_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1133,7 +1097,6 @@ func TestSettingsHandler_SendTestEmail_InvalidJSON(t *testing.T) { } func TestSettingsHandler_SendTestEmail_NotConfigured(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1157,7 +1120,6 @@ func TestSettingsHandler_SendTestEmail_NotConfigured(t *testing.T) { } func TestSettingsHandler_SendTestEmail_Success(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) host, port := startTestSMTPServer(t) @@ -1199,7 +1161,6 @@ func TestMaskPassword(t *testing.T) { // ============= URL Testing Tests ============= func TestSettingsHandler_ValidatePublicURL_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1220,7 +1181,6 @@ func TestSettingsHandler_ValidatePublicURL_NonAdmin(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_InvalidFormat(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1257,7 +1217,6 @@ func TestSettingsHandler_ValidatePublicURL_InvalidFormat(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_Success(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1297,7 +1256,6 @@ func TestSettingsHandler_ValidatePublicURL_Success(t *testing.T) { } func TestSettingsHandler_TestPublicURL_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1318,7 +1276,6 @@ func TestSettingsHandler_TestPublicURL_NonAdmin(t *testing.T) { } func TestSettingsHandler_TestPublicURL_NoRole(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := gin.New() @@ -1336,7 +1293,6 @@ func TestSettingsHandler_TestPublicURL_NoRole(t *testing.T) { } func TestSettingsHandler_TestPublicURL_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1355,7 +1311,6 @@ func TestSettingsHandler_TestPublicURL_InvalidJSON(t *testing.T) { } func TestSettingsHandler_TestPublicURL_InvalidURL(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1380,7 +1335,6 @@ func TestSettingsHandler_TestPublicURL_InvalidURL(t *testing.T) { } func TestSettingsHandler_TestPublicURL_PrivateIPBlocked(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1430,7 +1384,6 @@ func contains(s, substr string) bool { } func TestSettingsHandler_TestPublicURL_Success(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) // NOTE: Using a real public URL instead of httptest.NewServer() because @@ -1464,7 +1417,6 @@ func TestSettingsHandler_TestPublicURL_Success(t *testing.T) { } func TestSettingsHandler_TestPublicURL_DNSFailure(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1493,7 +1445,6 @@ func TestSettingsHandler_TestPublicURL_DNSFailure(t *testing.T) { } func TestSettingsHandler_TestPublicURL_ConnectivityError(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1584,7 +1535,6 @@ func TestSettingsHandler_TestPublicURL_SSRFProtection(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1619,7 +1569,6 @@ func TestSettingsHandler_TestPublicURL_SSRFProtection(t *testing.T) { } func TestSettingsHandler_TestPublicURL_EmbeddedCredentials(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1647,7 +1596,6 @@ func TestSettingsHandler_TestPublicURL_EmbeddedCredentials(t *testing.T) { } func TestSettingsHandler_TestPublicURL_EmptyURL(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1679,7 +1627,6 @@ func TestSettingsHandler_TestPublicURL_EmptyURL(t *testing.T) { } func TestSettingsHandler_TestPublicURL_InvalidScheme(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1719,7 +1666,6 @@ func TestSettingsHandler_TestPublicURL_InvalidScheme(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1738,7 +1684,6 @@ func TestSettingsHandler_ValidatePublicURL_InvalidJSON(t *testing.T) { } func TestSettingsHandler_ValidatePublicURL_URLWithWarning(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1765,7 +1710,6 @@ func TestSettingsHandler_ValidatePublicURL_URLWithWarning(t *testing.T) { } func TestSettingsHandler_UpdateSMTPConfig_DatabaseError(t *testing.T) { - gin.SetMode(gin.TestMode) handler, db := setupSettingsHandlerWithMail(t) // Close the database to force an error @@ -1798,7 +1742,6 @@ func TestSettingsHandler_UpdateSMTPConfig_DatabaseError(t *testing.T) { } func TestSettingsHandler_TestPublicURL_IPv6LocalhostBlocked(t *testing.T) { - gin.SetMode(gin.TestMode) handler, _ := setupSettingsHandlerWithMail(t) router := newAdminRouter() @@ -1829,7 +1772,6 @@ func TestSettingsHandler_TestPublicURL_IPv6LocalhostBlocked(t *testing.T) { // the tag is present. Re-adding the tag would silently regress the CrowdSec enable // flow (which sends value="" to clear the setting). func TestUpdateSetting_EmptyValueIsAccepted(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) @@ -1853,7 +1795,6 @@ func TestUpdateSetting_EmptyValueIsAccepted(t *testing.T) { // from Value and not accidentally also from Key. A request with no "key" field must // still return 400. func TestUpdateSetting_MissingKeyRejected(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupSettingsTestDB(t) handler := handlers.NewSettingsHandler(db) diff --git a/backend/internal/api/handlers/system_handler_test.go b/backend/internal/api/handlers/system_handler_test.go index 4c8c6b17..3e873ecf 100644 --- a/backend/internal/api/handlers/system_handler_test.go +++ b/backend/internal/api/handlers/system_handler_test.go @@ -44,7 +44,6 @@ func TestGetClientIPHeadersAndRemoteAddr(t *testing.T) { } func TestGetMyIPHandler(t *testing.T) { - gin.SetMode(gin.TestMode) r := gin.New() handler := NewSystemHandler() r.GET("/myip", handler.GetMyIP) diff --git a/backend/internal/api/handlers/system_permissions_handler_test.go b/backend/internal/api/handlers/system_permissions_handler_test.go index 5a8f4e2a..843a6dd1 100644 --- a/backend/internal/api/handlers/system_permissions_handler_test.go +++ b/backend/internal/api/handlers/system_permissions_handler_test.go @@ -47,7 +47,6 @@ func (stubPermissionChecker) Check(path, required string) util.PermissionCheck { } func TestSystemPermissionsHandler_GetPermissions_Admin(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.Config{ DatabasePath: "/app/data/charon.db", @@ -81,7 +80,6 @@ func TestSystemPermissionsHandler_GetPermissions_Admin(t *testing.T) { } func TestSystemPermissionsHandler_GetPermissions_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) cfg := config.Config{} h := NewSystemPermissionsHandler(cfg, nil, stubPermissionChecker{}) @@ -105,7 +103,6 @@ func TestSystemPermissionsHandler_RepairPermissions_NonRoot(t *testing.T) { t.Skip("test requires non-root execution") } - gin.SetMode(gin.TestMode) cfg := config.Config{SingleContainer: true} h := NewSystemPermissionsHandler(cfg, nil, stubPermissionChecker{}) @@ -213,7 +210,6 @@ func TestSystemPermissionsHandler_NewDefaultsCheckerToOSChecker(t *testing.T) { } func TestSystemPermissionsHandler_RepairPermissions_DisabledWhenNotSingleContainer(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSystemPermissionsHandler(config.Config{SingleContainer: false}, nil, stubPermissionChecker{}) @@ -236,7 +232,6 @@ func TestSystemPermissionsHandler_RepairPermissions_InvalidJSON(t *testing.T) { t.Skip("test requires root execution") } - gin.SetMode(gin.TestMode) root := t.TempDir() dataDir := filepath.Join(root, "data") @@ -269,7 +264,6 @@ func TestSystemPermissionsHandler_RepairPermissions_Success(t *testing.T) { t.Skip("test requires root execution") } - gin.SetMode(gin.TestMode) root := t.TempDir() dataDir := filepath.Join(root, "data") @@ -310,7 +304,6 @@ func TestSystemPermissionsHandler_RepairPermissions_Success(t *testing.T) { } func TestSystemPermissionsHandler_RepairPermissions_NonAdmin(t *testing.T) { - gin.SetMode(gin.TestMode) h := NewSystemPermissionsHandler(config.Config{SingleContainer: true}, nil, stubPermissionChecker{}) @@ -330,7 +323,6 @@ func TestSystemPermissionsHandler_RepairPermissions_InvalidJSONWhenRoot(t *testi t.Skip("test requires root execution") } - gin.SetMode(gin.TestMode) root := t.TempDir() dataDir := filepath.Join(root, "data") require.NoError(t, os.MkdirAll(dataDir, 0o750)) @@ -395,7 +387,6 @@ func TestSystemPermissionsHandler_IsWithinAllowlist_AllRelErrorsReturnFalse(t *t } func TestSystemPermissionsHandler_LogAudit_PersistsAuditWithUserID(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{}) require.NoError(t, err) @@ -416,7 +407,6 @@ func TestSystemPermissionsHandler_LogAudit_PersistsAuditWithUserID(t *testing.T) } func TestSystemPermissionsHandler_LogAudit_PersistsAuditWithUnknownActor(t *testing.T) { - gin.SetMode(gin.TestMode) db, err := gorm.Open(sqlite.Open("file::memory:?cache=shared"), &gorm.Config{}) require.NoError(t, err) @@ -536,7 +526,6 @@ func TestSystemPermissionsHandler_RepairPermissions_InvalidRequestBody_Root(t *t t.Skip("test requires root execution") } - gin.SetMode(gin.TestMode) tmp := t.TempDir() dataDir := filepath.Join(tmp, "data") diff --git a/backend/internal/api/handlers/system_permissions_wave6_test.go b/backend/internal/api/handlers/system_permissions_wave6_test.go index ad2d7e63..09d34c93 100644 --- a/backend/internal/api/handlers/system_permissions_wave6_test.go +++ b/backend/internal/api/handlers/system_permissions_wave6_test.go @@ -28,7 +28,6 @@ func TestSystemPermissionsWave6_RepairPermissions_NonRootBranchViaSeteuid(t *tes require.NoError(t, restoreErr) }() - gin.SetMode(gin.TestMode) root := t.TempDir() dataDir := filepath.Join(root, "data") diff --git a/backend/internal/api/handlers/testmain_test.go b/backend/internal/api/handlers/testmain_test.go new file mode 100644 index 00000000..2e26b3db --- /dev/null +++ b/backend/internal/api/handlers/testmain_test.go @@ -0,0 +1,13 @@ +package handlers + +import ( + "os" + "testing" + + "github.com/gin-gonic/gin" +) + +func TestMain(m *testing.M) { + gin.SetMode(gin.TestMode) + os.Exit(m.Run()) +} diff --git a/backend/internal/api/handlers/update_handler_test.go b/backend/internal/api/handlers/update_handler_test.go index 52c5693c..3e70837d 100644 --- a/backend/internal/api/handlers/update_handler_test.go +++ b/backend/internal/api/handlers/update_handler_test.go @@ -33,7 +33,6 @@ func TestUpdateHandler_Check(t *testing.T) { h := NewUpdateHandler(svc) // Setup Router - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/api/v1/update", h.Check) diff --git a/backend/internal/api/handlers/uptime_monitor_initial_state_test.go b/backend/internal/api/handlers/uptime_monitor_initial_state_test.go index 61ab01bc..f0025bab 100644 --- a/backend/internal/api/handlers/uptime_monitor_initial_state_test.go +++ b/backend/internal/api/handlers/uptime_monitor_initial_state_test.go @@ -19,7 +19,6 @@ import ( // Verifies that newly created monitors start in "pending" state, not "down" func TestUptimeMonitorInitialStatePending(t *testing.T) { t.Parallel() - gin.SetMode(gin.TestMode) db := setupTestDB(t) // Migrate UptimeMonitor model diff --git a/backend/internal/api/handlers/user_handler_coverage_test.go b/backend/internal/api/handlers/user_handler_coverage_test.go index db0133a8..f16c5395 100644 --- a/backend/internal/api/handlers/user_handler_coverage_test.go +++ b/backend/internal/api/handlers/user_handler_coverage_test.go @@ -21,7 +21,6 @@ func setupUserCoverageDB(t *testing.T) *gorm.DB { } func TestUserHandler_GetSetupStatus_Error(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -38,7 +37,6 @@ func TestUserHandler_GetSetupStatus_Error(t *testing.T) { } func TestUserHandler_Setup_CheckStatusError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -55,7 +53,6 @@ func TestUserHandler_Setup_CheckStatusError(t *testing.T) { } func TestUserHandler_Setup_AlreadyCompleted(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -74,7 +71,6 @@ func TestUserHandler_Setup_AlreadyCompleted(t *testing.T) { } func TestUserHandler_Setup_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -89,7 +85,6 @@ func TestUserHandler_Setup_InvalidJSON(t *testing.T) { } func TestUserHandler_RegenerateAPIKey_Unauthorized(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -103,7 +98,6 @@ func TestUserHandler_RegenerateAPIKey_Unauthorized(t *testing.T) { } func TestUserHandler_RegenerateAPIKey_DBError(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -121,7 +115,6 @@ func TestUserHandler_RegenerateAPIKey_DBError(t *testing.T) { } func TestUserHandler_GetProfile_Unauthorized(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -135,7 +128,6 @@ func TestUserHandler_GetProfile_Unauthorized(t *testing.T) { } func TestUserHandler_GetProfile_NotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -150,7 +142,6 @@ func TestUserHandler_GetProfile_NotFound(t *testing.T) { } func TestUserHandler_UpdateProfile_Unauthorized(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -164,7 +155,6 @@ func TestUserHandler_UpdateProfile_Unauthorized(t *testing.T) { } func TestUserHandler_UpdateProfile_InvalidJSON(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -180,7 +170,6 @@ func TestUserHandler_UpdateProfile_InvalidJSON(t *testing.T) { } func TestUserHandler_UpdateProfile_UserNotFound(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -201,7 +190,6 @@ func TestUserHandler_UpdateProfile_UserNotFound(t *testing.T) { } func TestUserHandler_UpdateProfile_EmailConflict(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -234,7 +222,6 @@ func TestUserHandler_UpdateProfile_EmailConflict(t *testing.T) { } func TestUserHandler_UpdateProfile_EmailChangeNoPassword(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) @@ -261,7 +248,6 @@ func TestUserHandler_UpdateProfile_EmailChangeNoPassword(t *testing.T) { } func TestUserHandler_UpdateProfile_WrongPassword(t *testing.T) { - gin.SetMode(gin.TestMode) db := setupUserCoverageDB(t) h := NewUserHandler(db, nil) diff --git a/backend/internal/api/handlers/user_handler_test.go b/backend/internal/api/handlers/user_handler_test.go index ab2dee9f..edf146ef 100644 --- a/backend/internal/api/handlers/user_handler_test.go +++ b/backend/internal/api/handlers/user_handler_test.go @@ -76,7 +76,6 @@ func TestUserHandler_logUserAudit_NoOpBranches(t *testing.T) { func TestUserHandler_GetSetupStatus(t *testing.T) { handler, db := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/setup", handler.GetSetupStatus) @@ -97,7 +96,6 @@ func TestUserHandler_GetSetupStatus(t *testing.T) { func TestUserHandler_Setup(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/setup", handler.Setup) @@ -133,7 +131,6 @@ func TestUserHandler_Setup(t *testing.T) { func TestUserHandler_Setup_OneWayInvariant_ReentryRejectedAndSingleUser(t *testing.T) { handler, db := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/setup", handler.Setup) @@ -170,7 +167,6 @@ func TestUserHandler_Setup_OneWayInvariant_ReentryRejectedAndSingleUser(t *testi func TestUserHandler_Setup_ConcurrentAttemptInvariant(t *testing.T) { handler, db := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/setup", handler.Setup) @@ -230,7 +226,6 @@ func TestUserHandler_Setup_ConcurrentAttemptInvariant(t *testing.T) { func TestUserHandler_Setup_ResponseSecretEchoContract(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/setup", handler.Setup) @@ -279,7 +274,6 @@ func TestUserHandler_GetProfile_SecretEchoContract(t *testing.T) { } require.NoError(t, db.Create(user).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -321,7 +315,6 @@ func TestUserHandler_ListUsers_SecretEchoContract(t *testing.T) { } require.NoError(t, db.Create(user).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -367,7 +360,6 @@ func TestUserHandler_RegenerateAPIKey(t *testing.T) { user := &models.User{Email: "api@example.com"} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -402,7 +394,6 @@ func TestUserHandler_GetProfile(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -425,7 +416,6 @@ func TestUserHandler_GetProfile(t *testing.T) { func TestUserHandler_RegisterRoutes(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() api := r.Group("/api") handler.RegisterRoutes(api) @@ -451,7 +441,6 @@ func TestUserHandler_RegisterRoutes(t *testing.T) { func TestUserHandler_Errors(t *testing.T) { handler, db := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() // Middleware to simulate missing userID @@ -518,7 +507,6 @@ func TestUserHandler_UpdateProfile(t *testing.T) { _ = user.SetPassword("password123") db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("userID", user.ID) @@ -624,7 +612,6 @@ func TestUserHandler_UpdateProfile(t *testing.T) { func TestUserHandler_UpdateProfile_Errors(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() // 1. Unauthorized (no userID) @@ -668,7 +655,6 @@ func setupUserHandlerWithProxyHosts(t *testing.T) (*UserHandler, *gorm.DB) { func TestUserHandler_ListUsers_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -692,7 +678,6 @@ func TestUserHandler_ListUsers_Admin(t *testing.T) { db.Create(user1) db.Create(user2) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -713,7 +698,6 @@ func TestUserHandler_ListUsers_Admin(t *testing.T) { func TestUserHandler_CreateUser_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -737,7 +721,6 @@ func TestUserHandler_CreateUser_NonAdmin(t *testing.T) { func TestUserHandler_CreateUser_Admin(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -767,7 +750,6 @@ func TestUserHandler_CreateUser_Admin(t *testing.T) { func TestUserHandler_CreateUser_InvalidJSON(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -789,7 +771,6 @@ func TestUserHandler_CreateUser_DuplicateEmail(t *testing.T) { existing := &models.User{UUID: uuid.NewString(), Email: "existing@example.com", Name: "Existing"} db.Create(existing) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -817,7 +798,6 @@ func TestUserHandler_CreateUser_WithPermittedHosts(t *testing.T) { host := &models.ProxyHost{Name: "Host 1", DomainNames: "host1.example.com", Enabled: true} db.Create(host) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -843,7 +823,6 @@ func TestUserHandler_CreateUser_WithPermittedHosts(t *testing.T) { func TestUserHandler_GetUser_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -860,7 +839,6 @@ func TestUserHandler_GetUser_NonAdmin(t *testing.T) { func TestUserHandler_GetUser_InvalidID(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -877,7 +855,6 @@ func TestUserHandler_GetUser_InvalidID(t *testing.T) { func TestUserHandler_GetUser_NotFound(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -898,7 +875,6 @@ func TestUserHandler_GetUser_Success(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "getuser@example.com", Name: "Get User"} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -920,7 +896,6 @@ func TestUserHandler_UpdateUser_NonAdmin(t *testing.T) { target := &models.User{UUID: uuid.NewString(), Email: "target@example.com", Name: "Target", APIKey: uuid.NewString(), Role: models.RoleUser} db.Create(target) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -941,7 +916,6 @@ func TestUserHandler_UpdateUser_NonAdmin(t *testing.T) { func TestUserHandler_UpdateUser_InvalidID(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -967,7 +941,6 @@ func TestUserHandler_UpdateUser_InvalidJSON(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "toupdate@example.com", Name: "To Update", APIKey: uuid.NewString()} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -986,7 +959,6 @@ func TestUserHandler_UpdateUser_InvalidJSON(t *testing.T) { func TestUserHandler_UpdateUser_NotFound(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1011,7 +983,6 @@ func TestUserHandler_UpdateUser_Success(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "update@example.com", Name: "Original", Role: models.RoleUser} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1048,7 +1019,6 @@ func TestUserHandler_UpdateUser_PasswordReset(t *testing.T) { user.LockedUntil = &lockUntil db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1078,7 +1048,6 @@ func TestUserHandler_UpdateUser_PasswordReset(t *testing.T) { func TestUserHandler_DeleteUser_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -1095,7 +1064,6 @@ func TestUserHandler_DeleteUser_NonAdmin(t *testing.T) { func TestUserHandler_DeleteUser_InvalidID(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1112,7 +1080,6 @@ func TestUserHandler_DeleteUser_InvalidID(t *testing.T) { func TestUserHandler_DeleteUser_NotFound(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1134,7 +1101,6 @@ func TestUserHandler_DeleteUser_Success(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "delete@example.com", Name: "Delete Me"} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1161,7 +1127,6 @@ func TestUserHandler_DeleteUser_CannotDeleteSelf(t *testing.T) { user := &models.User{UUID: uuid.NewString(), Email: "self@example.com", Name: "Self"} db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1179,7 +1144,6 @@ func TestUserHandler_DeleteUser_CannotDeleteSelf(t *testing.T) { func TestUserHandler_UpdateUserPermissions_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -1199,7 +1163,6 @@ func TestUserHandler_UpdateUserPermissions_NonAdmin(t *testing.T) { func TestUserHandler_UpdateUserPermissions_InvalidID(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1231,7 +1194,6 @@ func TestUserHandler_UpdateUserPermissions_InvalidJSON(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1249,7 +1211,6 @@ func TestUserHandler_UpdateUserPermissions_InvalidJSON(t *testing.T) { func TestUserHandler_UpdateUserPermissions_NotFound(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1281,7 +1242,6 @@ func TestUserHandler_UpdateUserPermissions_Success(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1304,7 +1264,6 @@ func TestUserHandler_UpdateUserPermissions_Success(t *testing.T) { func TestUserHandler_ValidateInvite_MissingToken(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/invite/validate", handler.ValidateInvite) @@ -1317,7 +1276,6 @@ func TestUserHandler_ValidateInvite_MissingToken(t *testing.T) { func TestUserHandler_ValidateInvite_InvalidToken(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/invite/validate", handler.ValidateInvite) @@ -1342,7 +1300,6 @@ func TestUserHandler_ValidateInvite_ExpiredToken(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/invite/validate", handler.ValidateInvite) @@ -1367,7 +1324,6 @@ func TestUserHandler_ValidateInvite_AlreadyAccepted(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/invite/validate", handler.ValidateInvite) @@ -1392,7 +1348,6 @@ func TestUserHandler_ValidateInvite_Success(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.GET("/invite/validate", handler.ValidateInvite) @@ -1409,7 +1364,6 @@ func TestUserHandler_ValidateInvite_Success(t *testing.T) { func TestUserHandler_AcceptInvite_InvalidJSON(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/invite/accept", handler.AcceptInvite) @@ -1423,7 +1377,6 @@ func TestUserHandler_AcceptInvite_InvalidJSON(t *testing.T) { func TestUserHandler_AcceptInvite_InvalidToken(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/invite/accept", handler.AcceptInvite) @@ -1455,7 +1408,6 @@ func TestUserHandler_AcceptInvite_Success(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/invite/accept", handler.AcceptInvite) @@ -1498,7 +1450,6 @@ func TestGenerateSecureToken(t *testing.T) { func TestUserHandler_InviteUser_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -1519,7 +1470,6 @@ func TestUserHandler_InviteUser_NonAdmin(t *testing.T) { func TestUserHandler_InviteUser_InvalidJSON(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1547,7 +1497,6 @@ func TestUserHandler_InviteUser_DuplicateEmail(t *testing.T) { } db.Create(existingUser) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1578,7 +1527,6 @@ func TestUserHandler_InviteUser_Success(t *testing.T) { } db.Create(admin) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1639,7 +1587,6 @@ func TestUserHandler_InviteUser_WithPermittedHosts(t *testing.T) { } db.Create(host) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1696,7 +1643,6 @@ func TestUserHandler_InviteUser_WithSMTPConfigured(t *testing.T) { // Reinitialize mail service to pick up new settings handler.MailService = services.NewMailService(db) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1757,7 +1703,6 @@ func TestUserHandler_InviteUser_WithSMTPAndConfiguredPublicURL_IncludesInviteURL handler.MailService = services.NewMailService(db) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1810,7 +1755,6 @@ func TestUserHandler_InviteUser_WithSMTPAndMalformedPublicURL_DoesNotExposeInvit handler.MailService = services.NewMailService(db) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1866,7 +1810,6 @@ func TestUserHandler_InviteUser_WithSMTPConfigured_DefaultAppName(t *testing.T) // Reinitialize mail service to pick up new settings handler.MailService = services.NewMailService(db) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -1917,7 +1860,6 @@ func TestUserHandler_AcceptInvite_ExpiredToken(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/invite/accept", handler.AcceptInvite) @@ -1949,7 +1891,6 @@ func TestUserHandler_AcceptInvite_AlreadyAccepted(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.POST("/invite/accept", handler.AcceptInvite) @@ -1972,7 +1913,6 @@ func TestUserHandler_AcceptInvite_AlreadyAccepted(t *testing.T) { // PreviewInviteURL Tests func TestUserHandler_PreviewInviteURL_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -1993,7 +1933,6 @@ func TestUserHandler_PreviewInviteURL_NonAdmin(t *testing.T) { func TestUserHandler_PreviewInviteURL_InvalidJSON(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2011,7 +1950,6 @@ func TestUserHandler_PreviewInviteURL_InvalidJSON(t *testing.T) { func TestUserHandler_PreviewInviteURL_Success_Unconfigured(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2052,7 +1990,6 @@ func TestUserHandler_PreviewInviteURL_Success_Configured(t *testing.T) { } db.Create(publicURLSetting) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2145,7 +2082,6 @@ func TestUserHandler_UpdateUser_EmailConflict(t *testing.T) { db.Create(user1) db.Create(user2) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2172,7 +2108,6 @@ func TestUserHandler_UpdateUser_EmailConflict(t *testing.T) { func TestUserHandler_CreateUser_EmailNormalization(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2212,7 +2147,6 @@ func TestUserHandler_InviteUser_EmailNormalization(t *testing.T) { } db.Create(admin) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2241,7 +2175,6 @@ func TestUserHandler_InviteUser_EmailNormalization(t *testing.T) { func TestUserHandler_CreateUser_DefaultPermissionMode(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2281,7 +2214,6 @@ func TestUserHandler_InviteUser_DefaultPermissionMode(t *testing.T) { } db.Create(admin) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2310,7 +2242,6 @@ func TestUserHandler_InviteUser_DefaultPermissionMode(t *testing.T) { func TestUserHandler_CreateUser_DefaultRole(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2350,7 +2281,6 @@ func TestUserHandler_InviteUser_DefaultRole(t *testing.T) { } db.Create(admin) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2382,7 +2312,6 @@ func TestUserHandler_InviteUser_DefaultRole(t *testing.T) { // This prevents host header injection attacks (CodeQL go/email-injection remediation). func TestUserHandler_PreviewInviteURL_Unconfigured_DoesNotUseRequestHost(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2417,7 +2346,6 @@ func TestUserHandler_PreviewInviteURL_Unconfigured_DoesNotUseRequestHost(t *test func TestUserHandler_CreateUser_EmptyPermittedHosts(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2450,7 +2378,6 @@ func TestUserHandler_CreateUser_EmptyPermittedHosts(t *testing.T) { func TestUserHandler_CreateUser_NonExistentPermittedHosts(t *testing.T) { handler, db := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2484,7 +2411,6 @@ func TestUserHandler_CreateUser_NonExistentPermittedHosts(t *testing.T) { func TestResendInvite_NonAdmin(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") @@ -2502,7 +2428,6 @@ func TestResendInvite_NonAdmin(t *testing.T) { func TestResendInvite_InvalidID(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2520,7 +2445,6 @@ func TestResendInvite_InvalidID(t *testing.T) { func TestResendInvite_UserNotFound(t *testing.T) { handler, _ := setupUserHandlerWithProxyHosts(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2550,7 +2474,6 @@ func TestResendInvite_UserNotPending(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2583,7 +2506,6 @@ func TestResendInvite_Success(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2628,7 +2550,6 @@ func TestResendInvite_WithExpiredInvite(t *testing.T) { } db.Create(user) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2722,7 +2643,6 @@ func TestRedactInviteURL(t *testing.T) { // --- Passthrough rejection tests --- func setupPassthroughRouter(handler *UserHandler) *gin.Engine { - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", string(models.RolePassthrough)) @@ -2777,7 +2697,6 @@ func TestUserHandler_UpdateProfile_PassthroughRejected(t *testing.T) { func TestUserHandler_CreateUser_InvalidRole(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2803,7 +2722,6 @@ func TestUserHandler_CreateUser_InvalidRole(t *testing.T) { func TestUserHandler_InviteUser_InvalidRole(t *testing.T) { handler, _ := setupUserHandler(t) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2833,7 +2751,6 @@ func TestUserHandler_UpdateUser_MissingUserID(t *testing.T) { user := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "target@example.com", Role: models.RoleUser, Enabled: true} require.NoError(t, db.Create(&user).Error) - gin.SetMode(gin.TestMode) r := gin.New() // No userID set in context r.Use(func(c *gin.Context) { @@ -2858,7 +2775,6 @@ func TestUserHandler_UpdateUser_InvalidSessionType(t *testing.T) { user := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "target2@example.com", Role: models.RoleUser, Enabled: true} require.NoError(t, db.Create(&user).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2885,7 +2801,6 @@ func TestUserHandler_UpdateUser_NonAdminSelfRoleChange(t *testing.T) { user := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "self@example.com", Role: models.RoleUser, Enabled: true} require.NoError(t, db.Create(&user).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "user") // non-admin @@ -2912,7 +2827,6 @@ func TestUserHandler_UpdateUser_InvalidRole(t *testing.T) { target := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "target3@example.com", Role: models.RoleUser, Enabled: true} require.NoError(t, db.Create(&target).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2939,7 +2853,6 @@ func TestUserHandler_UpdateUser_SelfDemotion(t *testing.T) { admin := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "admin@self.example.com", Role: models.RoleAdmin, Enabled: true} require.NoError(t, db.Create(&admin).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2966,7 +2879,6 @@ func TestUserHandler_UpdateUser_SelfDisable(t *testing.T) { disabled := false - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -2994,7 +2906,6 @@ func TestUserHandler_UpdateUser_LastAdminDemotion(t *testing.T) { target := models.User{UUID: uuid.NewString(), APIKey: uuid.NewString(), Email: "last-admin@example.com", Role: models.RoleAdmin, Enabled: true} require.NoError(t, db.Create(&target).Error) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -3021,7 +2932,6 @@ func TestUserHandler_UpdateUser_LastAdminDisable(t *testing.T) { disabled := false - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -3055,7 +2965,6 @@ func TestUserHandler_UpdateUser_WithSessionInvalidation(t *testing.T) { handler := NewUserHandler(db, authSvc) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") @@ -3091,7 +3000,6 @@ func TestUserHandler_UpdateUser_SessionInvalidationError(t *testing.T) { handler := NewUserHandler(mainDB, authSvc) - gin.SetMode(gin.TestMode) r := gin.New() r.Use(func(c *gin.Context) { c.Set("role", "admin") diff --git a/backend/internal/api/handlers/user_integration_test.go b/backend/internal/api/handlers/user_integration_test.go index 7eed110f..db246759 100644 --- a/backend/internal/api/handlers/user_integration_test.go +++ b/backend/internal/api/handlers/user_integration_test.go @@ -31,7 +31,6 @@ func TestUserLoginAfterEmailChange(t *testing.T) { userHandler := NewUserHandler(db, nil) // Setup Router - gin.SetMode(gin.TestMode) r := gin.New() // Register Routes diff --git a/backend/internal/api/handlers/websocket_status_handler_test.go b/backend/internal/api/handlers/websocket_status_handler_test.go index 6f4cc8a2..f9274c5f 100644 --- a/backend/internal/api/handlers/websocket_status_handler_test.go +++ b/backend/internal/api/handlers/websocket_status_handler_test.go @@ -15,7 +15,6 @@ import ( ) func TestWebSocketStatusHandler_GetConnections(t *testing.T) { - gin.SetMode(gin.TestMode) tracker := services.NewWebSocketTracker() handler := NewWebSocketStatusHandler(tracker) @@ -65,7 +64,6 @@ func TestWebSocketStatusHandler_GetConnections(t *testing.T) { } func TestWebSocketStatusHandler_GetConnectionsEmpty(t *testing.T) { - gin.SetMode(gin.TestMode) tracker := services.NewWebSocketTracker() handler := NewWebSocketStatusHandler(tracker) @@ -92,7 +90,6 @@ func TestWebSocketStatusHandler_GetConnectionsEmpty(t *testing.T) { } func TestWebSocketStatusHandler_GetStats(t *testing.T) { - gin.SetMode(gin.TestMode) tracker := services.NewWebSocketTracker() handler := NewWebSocketStatusHandler(tracker) @@ -141,7 +138,6 @@ func TestWebSocketStatusHandler_GetStats(t *testing.T) { } func TestWebSocketStatusHandler_GetStatsEmpty(t *testing.T) { - gin.SetMode(gin.TestMode) tracker := services.NewWebSocketTracker() handler := NewWebSocketStatusHandler(tracker)