4d00af75b6
fix(tests): enhance database setup for unit tests and address CI failures
...
- Implemented a function to create a valid SQLite database for testing in db_health_handler_test.go.
- Replaced dummy database file creation with a proper SQLite setup to ensure tests run against a valid database.
- Set CHARON_ENCRYPTION_KEY environment variable in dns_provider_service_test.go to prevent RotationService initialization warnings.
- Added detailed remediation plan for CI Codecov backend test failures, addressing encryption key requirements and database record not found errors.
2026-02-16 21:20:34 +00:00
716ec91f8f
chore: Enhance test coverage across various handlers and services
...
- Added tests for transient SQLite errors in emergency_handler_test.go.
- Introduced validation tests for provider errors in notification_provider_handler_validation_test.go.
- Implemented helper tests for settings handling in settings_handler_helpers_test.go.
- Expanded backup_handler_test.go to include SQLite database setup and validation.
- Improved system_permissions_handler_test.go with additional path repair tests.
- Updated backup_service_test.go to ensure proper database handling and error checks during backup operations.
- Refined import_handler_test.go with additional session validation tests.
2026-02-16 20:32:16 +00:00
ec36ce32b6
chore: add unit tests for email recipient normalization and SQLite error detection
2026-02-16 18:28:38 +00:00
4d3962e05a
test: add tests for production environment detection and request scheme handling
2026-02-16 17:31:10 +00:00
24c8deff7a
fix: increase memory limit for vitest and improve test stability
...
- Updated test scripts in package.json to set NODE_OPTIONS for increased memory limit.
- Added safety checks for remote servers and domains in ProxyHostForm component to prevent errors.
- Refactored Notifications tests to remove unnecessary use of fake timers and improve clarity.
- Updated ProxyHosts extra tests to specify button names for better accessibility.
- Enhanced Security functional tests by centralizing translation strings and improving mock implementations.
- Adjusted test setup to suppress specific console errors related to act() warnings.
- Modified vitest configuration to limit worker usage and prevent memory issues during testing.
2026-02-16 09:24:52 +00:00
e0181deb66
chore: add unit tests for LogsWebSocketHandler and streaming with filters
2026-02-16 06:57:12 +00:00
2e80733028
chore: add unit tests for auth handler, permission helpers, and mail service error handling
2026-02-16 06:48:49 +00:00
21b0f7908f
chore: enhance coverage with new unit tests for various handlers and services
2026-02-16 06:06:45 +00:00
3a25782a11
chore: add unit tests for system permissions handler and proxy host service validation
2026-02-16 05:41:49 +00:00
5a46ef4219
fix: include invite URL in user invitation response and update related tests
2026-02-16 03:39:28 +00:00
43c6317f82
fix: trim whitespace for domain names and forward host, enforce DNS provider requirement for DNS challenge
2026-02-15 20:11:53 +00:00
cd8f5f9608
fix: add parsing functions for nullable uint fields and forward port validation in proxy host updates
2026-02-15 20:11:03 +00:00
f4fafde161
fix: enforce validation for empty domain names in proxy host updates and update related tests
2026-02-15 18:31:46 +00:00
ee72fc8f65
fix: enhance Discord webhook validation and improve error handling for IP address hosts
2026-02-14 15:15:34 +00:00
380a0ab60f
fix: implement canonicalization for Discord webhook URLs and enhance payload validation
2026-02-14 06:41:57 +00:00
f906f4a21f
fix: improve error handling and session management in various handlers and middleware
2026-02-14 00:52:40 +00:00
a88dd24de9
fix: enhance authentication flow and session management in AuthHandler and middleware
2026-02-13 23:43:17 +00:00
6e83a3281a
fix: remove unused TimeRemaining field from TestVerifyResult_Fields
2026-02-13 20:04:54 +00:00
a4b4c0fc83
fix: remove unused parameter from email address parsing functions
2026-02-13 20:03:55 +00:00
a44530a682
fix: change Caddy config reload from async to sync for deterministic applied state
2026-02-13 18:50:04 +00:00
0024b81e39
fix: add latest config apply state retrieval; enhance status response with configuration details
2026-02-13 18:49:28 +00:00
d8c08c4b5d
fix: enhance local request detection; add functions to normalize host and check local requests
2026-02-13 18:19:21 +00:00
26970e43d3
fix: update auth token extraction logic; prioritize cookie-based authentication and streamline header retrieval
2026-02-13 18:18:32 +00:00
7517ad4f31
fix: enhance auth middleware tests; add cases for rejecting disabled and deleted user tokens
2026-02-13 08:43:28 +00:00
4d191e364a
fix: streamline CreateBackup and RestoreBackup methods; improve snapshot handling and add skip logic for database files during restore
2026-02-13 08:43:11 +00:00
75b65d9163
fix: enable Cerberus feature when security module is activated and update related tests
2026-02-13 08:39:58 +00:00
709f9ba0a6
fix: increase max attempts for upsertSettingWithRetry and improve transient error handling
2026-02-13 08:23:32 +00:00
a73ae35de1
fix: enhance Validate method to support environment token as fallback for emergency token validation
2026-02-13 08:21:43 +00:00
954eef893d
fix: enhance Restore method to retry database rehydration on transient errors
2026-02-13 08:21:01 +00:00
aa06aa81c8
fix: update OptionalAuth to retrieve user details from authService and ensure user is enabled
2026-02-13 08:20:11 +00:00
f4f7194550
fix: improve AuthMiddleware to handle nil authService and validate user role
2026-02-13 08:18:48 +00:00
d0334ddd40
fix: enhance backup service to support restoration from WAL files and add corresponding tests
2026-02-13 08:06:59 +00:00
a572a68537
fix: enhance admin security control plane request validation and add test for bearer token bypass
2026-02-13 08:05:30 +00:00
9628c305bc
fix: update admin security control plane request check to include settings and config paths
2026-02-13 07:55:22 +00:00
7308c03a99
fix: implement SQLite snapshot creation for safer backups and restore operations
2026-02-13 07:54:18 +00:00
1f14557b7f
fix: add checkpointing for SQLite database before backup and restore operations
2026-02-13 07:45:13 +00:00
7fd88297f4
fix: simplify rate limit enabled status check in middleware
2026-02-13 07:44:49 +00:00
f59dad516b
fix: update health and metrics routes to include rate limiting middleware
2026-02-13 07:44:24 +00:00
cd6ad51ae7
fix: clear block security decisions during emergency reset
2026-02-13 07:43:45 +00:00
5db0e9453a
fix: enhance RehydrateLiveDatabase to use a temporary file for restoring database
2026-02-13 07:14:08 +00:00
8616c52da0
fix: implement retry logic for upserting settings to handle transient database errors
2026-02-13 07:09:35 +00:00
e1b648acb1
fix: implement retry logic for persisting audit logs to handle transient database errors
2026-02-13 07:07:05 +00:00
7dfed7cad7
fix: refactor RehydrateLiveDatabase for improved error handling and clarity
2026-02-13 07:04:44 +00:00
6416e20515
fix: improve error handling in RehydrateLiveDatabase for locked or busy states
2026-02-13 07:03:47 +00:00
9c2ac3050f
chore: enhance user lifecycle tests with API interactions and improved assertions
...
- Replaced dialog-based user creation with API calls for better reliability and speed.
- Added functions for resetting security state and retrieving authentication tokens.
- Improved audit log checks by implementing polling for asynchronous data retrieval.
- Enhanced role assignment and user management tests to utilize API endpoints.
- Streamlined login processes and error handling for failed login attempts.
- Ensured unique user data generation for test isolation.
2026-02-13 07:01:46 +00:00
1a06a46700
chore: implement user audit logging for create, invite, update, and delete actions
2026-02-13 06:15:41 +00:00
aefebe9372
fix: add route aliases for security notification settings to resolve 404 errors
2026-02-11 07:03:20 +00:00
9ef8a1ce21
fix: add system permissions handler for diagnostics and repair
...
- Implemented SystemPermissionsHandler to check and repair file permissions.
- Added endpoints for retrieving and repairing permissions.
- Introduced utility functions for permission checks and error mapping.
- Created tests for the new handler and utility functions.
- Updated routes to include the new permissions endpoints.
- Enhanced configuration to support new logging and plugin directories.
2026-02-11 05:33:19 +00:00
a14f6ee41f
fix: add refresh token endpoint to authentication routes
2026-02-10 00:18:05 +00:00
028189ece0
feat: complete Phase 2 testing infrastructure remediation and discovery
...
## Summary
- Phase 2.1 critical fixes implemented and verified:
* Uptime monitor initial state logic validated (no code change needed)
* Backups guest authorization check added (frontend role gating)
* Docker integration element IDs fixed for test selector reliability
- Phase 2.2 discovery completed with root cause analysis:
* User management invite endpoint identified: blocking email send (SMTP blocking)
* Docker integration code quality verified as sound
* Async email pattern recommended for Phase 2.3 implementation
- Comprehensive QA verification executed:
* Full Phase 2 E2E suite run in headless mode (90%+ pass rate)
* GORM security scanner passed (0 CRITICAL/HIGH app code issues)
* Infrastructure validation complete (Docker, ports, containers operational)
## Critical Findings
- CVE-2024-45337 in golang.org/x/crypto/ssh (dependency update required)
- InviteUser handler blocks on SMTP (design pattern issue, documented for async refactor)
- Test authentication token refresh needed for Phase 3
## Artifacts Created
- Phase 2 discovery documents (user management, Docker integration)
- Uptime monitor contract test validating initial state behavior
- Comprehensive security and quality reports in docs/reports/ and docs/security/
## Next Steps
1. Update crypto dependency (1 hour) - CRITICAL
2. Implement async email queuing for invites (2-3 hours) - HIGH
3. Add test auth token refresh mechanism (30 min) - MEDIUM
4. Phase 3 security enforcement testing can proceed in parallel
2026-02-09 23:31:00 +00:00
GitHub Actions