akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 14 Packages Projects Releases Wiki Activity
Files
de999c4dea9d788ae4de491f07b47d6f2fe24d8c
Charon/backend/internal/caddy/config_buildacl_test.go
GitHub Actions f64e3feef8 chore: clean .gitignore cache
2026-01-26 19:22:05 +00:00

64 lines
2.0 KiB
Go
Raw Blame History

package caddy
import (
"encoding/json"
"testing"
"github.com/Wikid82/charon/backend/internal/models"
"github.com/stretchr/testify/require"
)
func TestBuildACLHandler_GeoWhitelist(t *testing.T) {
acl := &models.AccessList{Type: "geo_whitelist", CountryCodes: "US,CA", Enabled: true}
h, err := buildACLHandler(acl, "")
require.NoError(t, err)
require.NotNil(t, h)
// Ensure it contains static_response status_code 403
b, _ := json.Marshal(h)
require.Contains(t, string(b), "Access denied: Geographic restriction")
}
func TestBuildACLHandler_LocalNetwork(t *testing.T) {
acl := &models.AccessList{Type: "whitelist", LocalNetworkOnly: true, Enabled: true}
h, err := buildACLHandler(acl, "")
require.NoError(t, err)
require.NotNil(t, h)
b, _ := json.Marshal(h)
require.Contains(t, string(b), "Access denied: Not a local network IP")
}
func TestBuildACLHandler_IPRules(t *testing.T) {
rules := `[ {"cidr": "192.168.1.0/24", "description": "local"} ]`
acl := &models.AccessList{Type: "blacklist", IPRules: rules, Enabled: true}
h, err := buildACLHandler(acl, "")
require.NoError(t, err)
require.NotNil(t, h)
b, _ := json.Marshal(h)
require.Contains(t, string(b), "Access denied: IP blacklisted")
}
func TestBuildACLHandler_InvalidIPJSON(t *testing.T) {
acl := &models.AccessList{Type: "blacklist", IPRules: `invalid-json`, Enabled: true}
h, err := buildACLHandler(acl, "")
require.Error(t, err)
require.Nil(t, h)
}
func TestBuildACLHandler_NoIPRulesReturnsNil(t *testing.T) {
acl := &models.AccessList{Type: "blacklist", IPRules: `[]`, Enabled: true}
h, err := buildACLHandler(acl, "")
require.NoError(t, err)
require.Nil(t, h)
}
func TestBuildACLHandler_Whitelist(t *testing.T) {
rules := `[ { "cidr": "192.168.1.0/24", "description": "local" } ]`
acl := &models.AccessList{Type: "whitelist", IPRules: rules, Enabled: true}
h, err := buildACLHandler(acl, "")
require.NoError(t, err)
require.NotNil(t, h)
b, _ := json.Marshal(h)
require.Contains(t, string(b), "Access denied: IP not in whitelist")
}
Reference in New Issue View Git Blame Copy Permalink