6564381492
- Add 16 comprehensive tests for user_handler.go covering PreviewInviteURL, getAppName, email normalization, permission/role defaults, and edge cases - Add 14 unit tests for url.go functions (GetBaseURL, ConstructURL, NormalizeURL) - Refactor URL connectivity tests to use mock HTTP transport pattern - Fix 21 test failures caused by SSRF protection blocking localhost - Maintain full SSRF security - no production code security changes - Coverage increased from 66.67% to 86.1% (exceeds 85% target) - All security scans pass with zero Critical/High vulnerabilities - 38 SSRF protection tests verified passing Technical details: - Added optional http.RoundTripper parameter to TestURLConnectivity() - Created mockTransport for test isolation without network calls - Changed settings handler test to use public URL for validation - Verified no regressions in existing test suite Closes: Coverage gap identified in Codecov report See: docs/plans/user_handler_coverage_fix.md See: docs/plans/qa_remediation.md See: docs/reports/qa_report_final.md
185 KiB
185 KiB