akanealw
eec8c28fb3
Some checks failed
Go Benchmark / Performance Regression Check (push) Has been cancelled
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Quality Checks / Backend (Go) (push) Has been cancelled
Quality Checks / Frontend (React) (push) Has been cancelled
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
WAF integration / Coraza WAF Integration (push) Has been cancelled
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Repo Health Check / Repo health (push) Has been cancelled
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Prune Renovate Branches / prune (push) Has been cancelled
Renovate / renovate (push) Has been cancelled
Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled
Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled
Nightly Build & Package / build-and-push-nightly (push) Has been cancelled
Nightly Build & Package / test-nightly-image (push) Has been cancelled
Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled
Update GeoLite2 Checksum / update-checksum (push) Has been cancelled
Container Registry Prune / prune-ghcr (push) Has been cancelled
Container Registry Prune / prune-dockerhub (push) Has been cancelled
Container Registry Prune / summarize (push) Has been cancelled
Supply Chain Verification / Verify SBOM (push) Has been cancelled
Supply Chain Verification / Verify Release Artifacts (push) Has been cancelled
Supply Chain Verification / Verify Docker Image Supply Chain (push) Has been cancelled
Monitor Caddy Major Release / check-caddy-major (push) Has been cancelled
Weekly Nightly to Main Promotion / Verify Nightly Branch Health (push) Has been cancelled
Weekly Nightly to Main Promotion / Create Promotion PR (push) Has been cancelled
Weekly Nightly to Main Promotion / Trigger Missing Required Checks (push) Has been cancelled
Weekly Nightly to Main Promotion / Notify on Failure (push) Has been cancelled
Weekly Nightly to Main Promotion / Workflow Summary (push) Has been cancelled
Weekly Security Rebuild / Security Rebuild & Scan (push) Has been cancelled
120 lines
2.8 KiB
Go
Executable File
120 lines
2.8 KiB
Go
Executable File
package handlers
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/config"
|
|
)
|
|
|
|
func TestSecurityHandler_GetStatus_Fixed(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
name string
|
|
cfg config.SecurityConfig
|
|
expectedStatus int
|
|
expectedBody map[string]any
|
|
}{
|
|
{
|
|
name: "All Disabled",
|
|
cfg: config.SecurityConfig{
|
|
CrowdSecMode: "disabled",
|
|
WAFMode: "disabled",
|
|
RateLimitMode: "disabled",
|
|
ACLMode: "disabled",
|
|
},
|
|
expectedStatus: http.StatusOK,
|
|
expectedBody: map[string]any{
|
|
"cerberus": map[string]any{"enabled": false},
|
|
"crowdsec": map[string]any{
|
|
"mode": "disabled",
|
|
"api_url": "",
|
|
"enabled": false,
|
|
},
|
|
"waf": map[string]any{
|
|
"mode": "disabled",
|
|
"enabled": false,
|
|
},
|
|
"rate_limit": map[string]any{
|
|
"mode": "disabled",
|
|
"enabled": false,
|
|
},
|
|
"acl": map[string]any{
|
|
"mode": "disabled",
|
|
"enabled": false,
|
|
},
|
|
"config_apply": map[string]any{
|
|
"available": false,
|
|
"status": "unknown",
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "All Enabled",
|
|
cfg: config.SecurityConfig{
|
|
CerberusEnabled: true, // Required for ACL to be effective
|
|
CrowdSecMode: "local",
|
|
WAFMode: "enabled",
|
|
RateLimitMode: "enabled",
|
|
ACLMode: "enabled",
|
|
},
|
|
expectedStatus: http.StatusOK,
|
|
expectedBody: map[string]any{
|
|
"cerberus": map[string]any{"enabled": true},
|
|
"crowdsec": map[string]any{
|
|
"mode": "local",
|
|
"api_url": "",
|
|
"enabled": true,
|
|
},
|
|
"waf": map[string]any{
|
|
"mode": "enabled",
|
|
"enabled": true,
|
|
},
|
|
"rate_limit": map[string]any{
|
|
"mode": "enabled",
|
|
"enabled": true,
|
|
},
|
|
"acl": map[string]any{
|
|
"mode": "enabled",
|
|
"enabled": true,
|
|
},
|
|
"config_apply": map[string]any{
|
|
"available": false,
|
|
"status": "unknown",
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
handler := NewSecurityHandler(tt.cfg, nil, nil)
|
|
router := gin.New()
|
|
router.GET("/security/status", handler.GetStatus)
|
|
|
|
w := httptest.NewRecorder()
|
|
req, _ := http.NewRequest("GET", "/security/status", http.NoBody)
|
|
router.ServeHTTP(w, req)
|
|
|
|
assert.Equal(t, tt.expectedStatus, w.Code)
|
|
|
|
var response map[string]any
|
|
err := json.Unmarshal(w.Body.Bytes(), &response)
|
|
assert.NoError(t, err)
|
|
|
|
expectedJSON, _ := json.Marshal(tt.expectedBody)
|
|
var expectedNormalized map[string]any
|
|
if err := json.Unmarshal(expectedJSON, &expectedNormalized); err != nil {
|
|
t.Fatalf("failed to unmarshal expected JSON: %v", err)
|
|
}
|
|
|
|
assert.Equal(t, expectedNormalized, response)
|
|
})
|
|
}
|
|
}
|