akanealw
eec8c28fb3
Some checks failed
Go Benchmark / Performance Regression Check (push) Has been cancelled
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Quality Checks / Backend (Go) (push) Has been cancelled
Quality Checks / Frontend (React) (push) Has been cancelled
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
WAF integration / Coraza WAF Integration (push) Has been cancelled
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Repo Health Check / Repo health (push) Has been cancelled
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Prune Renovate Branches / prune (push) Has been cancelled
Renovate / renovate (push) Has been cancelled
Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled
Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled
Nightly Build & Package / build-and-push-nightly (push) Has been cancelled
Nightly Build & Package / test-nightly-image (push) Has been cancelled
Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled
Update GeoLite2 Checksum / update-checksum (push) Has been cancelled
Container Registry Prune / prune-ghcr (push) Has been cancelled
Container Registry Prune / prune-dockerhub (push) Has been cancelled
Container Registry Prune / summarize (push) Has been cancelled
Supply Chain Verification / Verify SBOM (push) Has been cancelled
Supply Chain Verification / Verify Release Artifacts (push) Has been cancelled
Supply Chain Verification / Verify Docker Image Supply Chain (push) Has been cancelled
Monitor Caddy Major Release / check-caddy-major (push) Has been cancelled
Weekly Nightly to Main Promotion / Verify Nightly Branch Health (push) Has been cancelled
Weekly Nightly to Main Promotion / Create Promotion PR (push) Has been cancelled
Weekly Nightly to Main Promotion / Trigger Missing Required Checks (push) Has been cancelled
Weekly Nightly to Main Promotion / Notify on Failure (push) Has been cancelled
Weekly Nightly to Main Promotion / Workflow Summary (push) Has been cancelled
Weekly Security Rebuild / Security Rebuild & Scan (push) Has been cancelled
85 lines
2.4 KiB
Go
Executable File
85 lines
2.4 KiB
Go
Executable File
package handlers
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/Wikid82/charon/backend/internal/models"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestFlattenConfig_NestedAndScalars(t *testing.T) {
|
|
result := map[string]string{}
|
|
input := map[string]interface{}{
|
|
"security": map[string]interface{}{
|
|
"acl": map[string]interface{}{
|
|
"enabled": true,
|
|
},
|
|
"admin_whitelist": "192.0.2.0/24",
|
|
},
|
|
"port": 8080,
|
|
}
|
|
|
|
flattenConfig(input, "", result)
|
|
|
|
require.Equal(t, "true", result["security.acl.enabled"])
|
|
require.Equal(t, "192.0.2.0/24", result["security.admin_whitelist"])
|
|
require.Equal(t, "8080", result["port"])
|
|
}
|
|
|
|
func TestValidateAdminWhitelist(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
whitelist string
|
|
wantErr bool
|
|
}{
|
|
{name: "empty valid", whitelist: "", wantErr: false},
|
|
{name: "single valid cidr", whitelist: "192.0.2.0/24", wantErr: false},
|
|
{name: "multiple with spaces", whitelist: "192.0.2.0/24, 203.0.113.1/32", wantErr: false},
|
|
{name: "blank entries ignored", whitelist: "192.0.2.0/24, ,", wantErr: false},
|
|
{name: "invalid no slash", whitelist: "192.0.2.1", wantErr: true},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
err := validateAdminWhitelist(tt.whitelist)
|
|
if tt.wantErr {
|
|
require.Error(t, err)
|
|
return
|
|
}
|
|
require.NoError(t, err)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestSettingsHandler_EnsureSecurityConfigEnabledWithDB(t *testing.T) {
|
|
db := OpenTestDBWithMigrations(t)
|
|
h := NewSettingsHandler(db)
|
|
|
|
require.NoError(t, h.ensureSecurityConfigEnabledWithDB(db))
|
|
|
|
var cfg models.SecurityConfig
|
|
require.NoError(t, db.Where("name = ?", "default").First(&cfg).Error)
|
|
require.True(t, cfg.Enabled)
|
|
|
|
cfg.Enabled = false
|
|
require.NoError(t, db.Save(&cfg).Error)
|
|
require.NoError(t, h.ensureSecurityConfigEnabledWithDB(db))
|
|
require.NoError(t, db.Where("name = ?", "default").First(&cfg).Error)
|
|
require.True(t, cfg.Enabled)
|
|
}
|
|
|
|
func TestSettingsHandler_SyncAdminWhitelistWithDB(t *testing.T) {
|
|
db := OpenTestDBWithMigrations(t)
|
|
h := NewSettingsHandler(db)
|
|
|
|
require.NoError(t, h.syncAdminWhitelistWithDB(db, "198.51.100.0/24"))
|
|
|
|
var cfg models.SecurityConfig
|
|
require.NoError(t, db.Where("name = ?", "default").First(&cfg).Error)
|
|
require.Equal(t, "198.51.100.0/24", cfg.AdminWhitelist)
|
|
|
|
require.NoError(t, h.syncAdminWhitelistWithDB(db, "203.0.113.0/24"))
|
|
require.NoError(t, db.Where("name = ?", "default").First(&cfg).Error)
|
|
require.Equal(t, "203.0.113.0/24", cfg.AdminWhitelist)
|
|
}
|