akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
Files
852376d597100aaa31fbcb733515aa2b3cfee011
Charon/backend/internal/api/handlers/security_ratelimit_test.go
GitHub Actions 25082778c9 feat(cerberus): integrate Cerberus security features (WAF, ACLs, rate limiting, CrowdSec) 
- Implement GeoIPService for IP-to-country lookups with comprehensive error handling.
- Add tests for GeoIPService covering various scenarios including invalid IPs and database loading.
- Extend AccessListService to handle GeoIP service integration, including graceful degradation when GeoIP service is unavailable.
- Introduce new tests for AccessListService to validate geo ACL behavior and country code parsing.
- Update SecurityService to include new fields for WAF configuration and enhance decision logging functionality.
- Add extensive tests for SecurityService covering rule set management and decision logging.
- Create a detailed Security Coverage QA Plan to ensure 100% code coverage for security-related functionality.
2025-12-12 17:56:30 +00:00

102 lines
3.1 KiB
Go
Raw Blame History

package handlers
import (
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/Wikid82/charon/backend/internal/config"
)
func TestSecurityHandler_GetRateLimitPresets(t *testing.T) {
gin.SetMode(gin.TestMode)
cfg := config.SecurityConfig{}
handler := NewSecurityHandler(cfg, nil, nil)
router := gin.New()
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusOK, w.Code)
var response map[string]interface{}
err := json.Unmarshal(w.Body.Bytes(), &response)
require.NoError(t, err)
presets, ok := response["presets"].([]interface{})
require.True(t, ok, "presets should be an array")
require.Len(t, presets, 4, "should have 4 presets")
// Verify preset structure
expectedIDs := []string{"standard", "api", "login", "relaxed"}
for i, p := range presets {
preset := p.(map[string]interface{})
assert.Equal(t, expectedIDs[i], preset["id"])
assert.NotEmpty(t, preset["name"])
assert.NotEmpty(t, preset["description"])
assert.NotNil(t, preset["requests"])
assert.NotNil(t, preset["window_sec"])
assert.NotNil(t, preset["burst"])
}
}
func TestSecurityHandler_GetRateLimitPresets_StandardPreset(t *testing.T) {
gin.SetMode(gin.TestMode)
cfg := config.SecurityConfig{}
handler := NewSecurityHandler(cfg, nil, nil)
router := gin.New()
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
router.ServeHTTP(w, req)
var response map[string]interface{}
err := json.Unmarshal(w.Body.Bytes(), &response)
require.NoError(t, err)
presets := response["presets"].([]interface{})
standardPreset := presets[0].(map[string]interface{})
assert.Equal(t, "standard", standardPreset["id"])
assert.Equal(t, "Standard Web", standardPreset["name"])
assert.Equal(t, float64(100), standardPreset["requests"])
assert.Equal(t, float64(60), standardPreset["window_sec"])
assert.Equal(t, float64(20), standardPreset["burst"])
}
func TestSecurityHandler_GetRateLimitPresets_LoginPreset(t *testing.T) {
gin.SetMode(gin.TestMode)
cfg := config.SecurityConfig{}
handler := NewSecurityHandler(cfg, nil, nil)
router := gin.New()
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
router.ServeHTTP(w, req)
var response map[string]interface{}
err := json.Unmarshal(w.Body.Bytes(), &response)
require.NoError(t, err)
presets := response["presets"].([]interface{})
loginPreset := presets[2].(map[string]interface{})
assert.Equal(t, "login", loginPreset["id"])
assert.Equal(t, "Login Protection", loginPreset["name"])
assert.Equal(t, float64(5), loginPreset["requests"])
assert.Equal(t, float64(300), loginPreset["window_sec"])
assert.Equal(t, float64(2), loginPreset["burst"])
}
Reference in New Issue View Git Blame Copy Permalink