8294d6ee49
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests. - Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency. - Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript. - Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches. - Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
70 lines
2.1 KiB
Go
70 lines
2.1 KiB
Go
package handlers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/stretchr/testify/require"
|
|
"gorm.io/driver/sqlite"
|
|
"gorm.io/gorm"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/config"
|
|
"github.com/Wikid82/charon/backend/internal/models"
|
|
)
|
|
|
|
func TestSecurityHandler_GetConfigAndUpdateConfig(t *testing.T) {
|
|
t.Helper()
|
|
// Setup DB and router
|
|
db, err := gorm.Open(sqlite.Open("file::memory:?mode=memory&cache=shared"), &gorm.Config{})
|
|
require.NoError(t, err)
|
|
require.NoError(t, db.AutoMigrate(&models.SecurityConfig{}))
|
|
|
|
cfg := config.SecurityConfig{}
|
|
h := NewSecurityHandler(cfg, db, nil)
|
|
|
|
// Create a gin test context for GetConfig when no config exists
|
|
w := httptest.NewRecorder()
|
|
c, _ := gin.CreateTestContext(w)
|
|
req := httptest.NewRequest("GET", "/security/config", http.NoBody)
|
|
c.Request = req
|
|
h.GetConfig(c)
|
|
require.Equal(t, http.StatusOK, w.Code)
|
|
var body map[string]interface{}
|
|
require.NoError(t, json.Unmarshal(w.Body.Bytes(), &body))
|
|
// Should return config: null
|
|
if _, ok := body["config"]; !ok {
|
|
t.Fatalf("expected 'config' in response, got %v", body)
|
|
}
|
|
|
|
// Now update config
|
|
w = httptest.NewRecorder()
|
|
c, _ = gin.CreateTestContext(w)
|
|
payload := `{"name":"default","admin_whitelist":"127.0.0.1/32"}`
|
|
req = httptest.NewRequest("POST", "/security/config", strings.NewReader(payload))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
c.Request = req
|
|
h.UpdateConfig(c)
|
|
require.Equal(t, http.StatusOK, w.Code)
|
|
|
|
// Now call GetConfig again and ensure config is returned
|
|
w = httptest.NewRecorder()
|
|
c, _ = gin.CreateTestContext(w)
|
|
req = httptest.NewRequest("GET", "/security/config", http.NoBody)
|
|
c.Request = req
|
|
h.GetConfig(c)
|
|
require.Equal(t, http.StatusOK, w.Code)
|
|
var body2 map[string]interface{}
|
|
require.NoError(t, json.Unmarshal(w.Body.Bytes(), &body2))
|
|
cfgVal, ok := body2["config"].(map[string]interface{})
|
|
if !ok {
|
|
t.Fatalf("expected config object, got %v", body2["config"])
|
|
}
|
|
if cfgVal["admin_whitelist"] != "127.0.0.1/32" {
|
|
t.Fatalf("unexpected admin_whitelist: %v", cfgVal["admin_whitelist"])
|
|
}
|
|
}
|