af8384046c
- Replace Go interface{} with any (Go 1.18+ standard)
- Add database indexes to frequently queried model fields
- Add JSDoc documentation to frontend API client methods
- Remove deprecated docker-compose version keys
- Add concurrency groups to all 25 GitHub Actions workflows
- Add YAML front matter and fix H1→H2 headings in docs
Coverage: Backend 85.5%, Frontend 87.73%
Security: No vulnerabilities detected
Refs: docs/plans/instruction_compliance_spec.md
102 lines
3.0 KiB
Go
102 lines
3.0 KiB
Go
package handlers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/config"
|
|
)
|
|
|
|
func TestSecurityHandler_GetRateLimitPresets(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
cfg := config.SecurityConfig{}
|
|
handler := NewSecurityHandler(cfg, nil, nil)
|
|
router := gin.New()
|
|
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
|
|
|
|
w := httptest.NewRecorder()
|
|
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
|
|
router.ServeHTTP(w, req)
|
|
|
|
assert.Equal(t, http.StatusOK, w.Code)
|
|
|
|
var response map[string]any
|
|
err := json.Unmarshal(w.Body.Bytes(), &response)
|
|
require.NoError(t, err)
|
|
|
|
presets, ok := response["presets"].([]any)
|
|
require.True(t, ok, "presets should be an array")
|
|
require.Len(t, presets, 4, "should have 4 presets")
|
|
|
|
// Verify preset structure
|
|
expectedIDs := []string{"standard", "api", "login", "relaxed"}
|
|
for i, p := range presets {
|
|
preset := p.(map[string]any)
|
|
assert.Equal(t, expectedIDs[i], preset["id"])
|
|
assert.NotEmpty(t, preset["name"])
|
|
assert.NotEmpty(t, preset["description"])
|
|
assert.NotNil(t, preset["requests"])
|
|
assert.NotNil(t, preset["window_sec"])
|
|
assert.NotNil(t, preset["burst"])
|
|
}
|
|
}
|
|
|
|
func TestSecurityHandler_GetRateLimitPresets_StandardPreset(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
cfg := config.SecurityConfig{}
|
|
handler := NewSecurityHandler(cfg, nil, nil)
|
|
router := gin.New()
|
|
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
|
|
|
|
w := httptest.NewRecorder()
|
|
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
|
|
router.ServeHTTP(w, req)
|
|
|
|
var response map[string]any
|
|
err := json.Unmarshal(w.Body.Bytes(), &response)
|
|
require.NoError(t, err)
|
|
|
|
presets := response["presets"].([]any)
|
|
standardPreset := presets[0].(map[string]any)
|
|
|
|
assert.Equal(t, "standard", standardPreset["id"])
|
|
assert.Equal(t, "Standard Web", standardPreset["name"])
|
|
assert.Equal(t, float64(100), standardPreset["requests"])
|
|
assert.Equal(t, float64(60), standardPreset["window_sec"])
|
|
assert.Equal(t, float64(20), standardPreset["burst"])
|
|
}
|
|
|
|
func TestSecurityHandler_GetRateLimitPresets_LoginPreset(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
|
|
cfg := config.SecurityConfig{}
|
|
handler := NewSecurityHandler(cfg, nil, nil)
|
|
router := gin.New()
|
|
router.GET("/security/rate-limit/presets", handler.GetRateLimitPresets)
|
|
|
|
w := httptest.NewRecorder()
|
|
req, _ := http.NewRequest("GET", "/security/rate-limit/presets", http.NoBody)
|
|
router.ServeHTTP(w, req)
|
|
|
|
var response map[string]any
|
|
err := json.Unmarshal(w.Body.Bytes(), &response)
|
|
require.NoError(t, err)
|
|
|
|
presets := response["presets"].([]any)
|
|
loginPreset := presets[2].(map[string]any)
|
|
|
|
assert.Equal(t, "login", loginPreset["id"])
|
|
assert.Equal(t, "Login Protection", loginPreset["name"])
|
|
assert.Equal(t, float64(5), loginPreset["requests"])
|
|
assert.Equal(t, float64(300), loginPreset["window_sec"])
|
|
assert.Equal(t, float64(2), loginPreset["burst"])
|
|
}
|