032d475fba
Complete lint remediation addressing errcheck, gosec, and staticcheck violations across backend test files. Tighten pre-commit configuration to prevent future blind spots. Key Changes: - Fix 61 Go linting issues (errcheck, gosec G115/G301/G304/G306, bodyclose) - Add proper error handling for json.Unmarshal, os.Setenv, db.Close(), w.Write() - Fix gosec G115 integer overflow with strconv.FormatUint - Add #nosec annotations with justifications for test fixtures - Fix SecurityService goroutine leaks (add Close() calls) - Fix CrowdSec tar.gz non-deterministic ordering with sorted keys Pre-commit Hardening: - Remove test file exclusion from golangci-lint hook - Add gosec to .golangci-fast.yml with critical checks (G101, G110, G305) - Replace broad .golangci.yml exclusions with targeted path-specific rules - Test files now linted on every commit Test Fixes: - Fix emergency route count assertions (1→2 for dual-port setup) - Fix DNS provider service tests with proper mock setup - Fix certificate service tests with deterministic behavior Backend: 27 packages pass, 83.5% coverage Frontend: 0 lint warnings, 0 TypeScript errors Pre-commit: All 14 hooks pass (~37s)
232 lines
7.4 KiB
Go
232 lines
7.4 KiB
Go
package handlers
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/config"
|
|
"github.com/Wikid82/charon/backend/internal/services"
|
|
)
|
|
|
|
func TestLogsHandler_Read_FilterBySearch(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
_ = os.MkdirAll(logsDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
// Write JSON log lines
|
|
content := `{"level":"info","ts":1600000000,"msg":"request handled","request":{"method":"GET","host":"example.com","uri":"/api/search","remote_ip":"1.2.3.4"},"status":200}
|
|
{"level":"error","ts":1600000060,"msg":"error occurred","request":{"method":"POST","host":"example.com","uri":"/api/submit","remote_ip":"5.6.7.8"},"status":500}
|
|
`
|
|
_ = os.WriteFile(filepath.Join(logsDir, "access.log"), []byte(content), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
// Test with search filter
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log?search=error", http.NoBody)
|
|
|
|
h.Read(c)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
assert.Contains(t, w.Body.String(), "error")
|
|
}
|
|
|
|
func TestLogsHandler_Read_FilterByHost(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
_ = os.MkdirAll(logsDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
content := `{"level":"info","ts":1600000000,"msg":"request handled","request":{"method":"GET","host":"example.com","uri":"/","remote_ip":"1.2.3.4"},"status":200}
|
|
{"level":"info","ts":1600000001,"msg":"request handled","request":{"method":"GET","host":"other.com","uri":"/","remote_ip":"1.2.3.4"},"status":200}
|
|
`
|
|
_ = os.WriteFile(filepath.Join(logsDir, "access.log"), []byte(content), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log?host=example.com", http.NoBody)
|
|
|
|
h.Read(c)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
}
|
|
|
|
func TestLogsHandler_Read_FilterByLevel(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
_ = os.MkdirAll(logsDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
content := `{"level":"info","ts":1600000000,"msg":"info message"}
|
|
{"level":"error","ts":1600000001,"msg":"error message"}
|
|
`
|
|
_ = os.WriteFile(filepath.Join(logsDir, "access.log"), []byte(content), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log?level=error", http.NoBody)
|
|
|
|
h.Read(c)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
}
|
|
|
|
func TestLogsHandler_Read_FilterByStatus(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
_ = os.MkdirAll(logsDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
content := `{"level":"info","ts":1600000000,"msg":"200 OK","request":{"host":"example.com"},"status":200}
|
|
{"level":"error","ts":1600000001,"msg":"500 Error","request":{"host":"example.com"},"status":500}
|
|
`
|
|
_ = os.WriteFile(filepath.Join(logsDir, "access.log"), []byte(content), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log?status=500", http.NoBody)
|
|
|
|
h.Read(c)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
}
|
|
|
|
func TestLogsHandler_Read_SortAsc(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
_ = os.MkdirAll(logsDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
content := `{"level":"info","ts":1600000000,"msg":"first"}
|
|
{"level":"info","ts":1600000001,"msg":"second"}
|
|
`
|
|
_ = os.WriteFile(filepath.Join(logsDir, "access.log"), []byte(content), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log?sort=asc", http.NoBody)
|
|
|
|
h.Read(c)
|
|
|
|
assert.Equal(t, 200, w.Code)
|
|
}
|
|
|
|
func TestLogsHandler_List_DirectoryIsFile(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
_ = os.MkdirAll(dataDir, 0o750) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
|
|
// Create logs dir as a file to cause error
|
|
_ = os.WriteFile(logsDir, []byte("not a dir"), 0o600) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Request = httptest.NewRequest("GET", "/logs", http.NoBody)
|
|
|
|
h.List(c)
|
|
|
|
// Service may handle this gracefully or error
|
|
assert.Contains(t, []int{200, 500}, w.Code)
|
|
}
|
|
|
|
func TestLogsHandler_Download_TempFileError(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
tmpDir := t.TempDir()
|
|
dataDir := filepath.Join(tmpDir, "data")
|
|
logsDir := filepath.Join(dataDir, "logs")
|
|
require.NoError(t, os.MkdirAll(logsDir, 0o750)) // #nosec G301 -- test directory
|
|
|
|
dbPath := filepath.Join(dataDir, "charon.db")
|
|
logPath := filepath.Join(logsDir, "access.log")
|
|
require.NoError(t, os.WriteFile(logPath, []byte("log line"), 0o600)) // #nosec G306 -- test fixture
|
|
|
|
cfg := &config.Config{DatabasePath: dbPath}
|
|
svc := services.NewLogService(cfg)
|
|
h := NewLogsHandler(svc)
|
|
|
|
originalCreateTemp := createTempFile
|
|
createTempFile = func(dir, pattern string) (*os.File, error) {
|
|
return nil, fmt.Errorf("boom")
|
|
}
|
|
t.Cleanup(func() {
|
|
createTempFile = originalCreateTemp
|
|
})
|
|
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
c.Params = gin.Params{{Key: "filename", Value: "access.log"}}
|
|
c.Request = httptest.NewRequest("GET", "/logs/access.log", http.NoBody)
|
|
|
|
h.Download(c)
|
|
|
|
assert.Equal(t, http.StatusInternalServerError, w.Code)
|
|
}
|