134 lines
4.2 KiB
Go
134 lines
4.2 KiB
Go
package app
|
|
|
|
import (
|
|
"encoding/json"
|
|
"io"
|
|
"log/slog"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.warky.dev/wdevs/amcs/internal/auth"
|
|
"git.warky.dev/wdevs/amcs/internal/buildinfo"
|
|
"git.warky.dev/wdevs/amcs/internal/config"
|
|
)
|
|
|
|
func TestStatusSnapshotHidesOAuthLinkWhenDisabled(t *testing.T) {
|
|
tracker := auth.NewAccessTracker()
|
|
snapshot := statusSnapshot(buildinfo.Info{Version: "v1.2.3", BuildDate: "2026-04-04", Commit: "abc123"}, tracker, false, time.Date(2026, 4, 4, 12, 0, 0, 0, time.UTC))
|
|
|
|
if snapshot.OAuthEnabled {
|
|
t.Fatal("OAuthEnabled = true, want false")
|
|
}
|
|
if snapshot.ConnectedCount != 0 {
|
|
t.Fatalf("ConnectedCount = %d, want 0", snapshot.ConnectedCount)
|
|
}
|
|
if snapshot.Title == "" {
|
|
t.Fatal("Title = empty, want non-empty")
|
|
}
|
|
}
|
|
|
|
func TestStatusSnapshotShowsTrackedAccess(t *testing.T) {
|
|
tracker := auth.NewAccessTracker()
|
|
now := time.Date(2026, 4, 4, 12, 0, 0, 0, time.UTC)
|
|
tracker.Record("client-a", "/files", "127.0.0.1:1234", "tester", now)
|
|
|
|
snapshot := statusSnapshot(buildinfo.Info{Version: "v1.2.3"}, tracker, true, now)
|
|
|
|
if !snapshot.OAuthEnabled {
|
|
t.Fatal("OAuthEnabled = false, want true")
|
|
}
|
|
if snapshot.ConnectedCount != 1 {
|
|
t.Fatalf("ConnectedCount = %d, want 1", snapshot.ConnectedCount)
|
|
}
|
|
if len(snapshot.Entries) != 1 {
|
|
t.Fatalf("len(Entries) = %d, want 1", len(snapshot.Entries))
|
|
}
|
|
if snapshot.Entries[0].KeyID != "client-a" || snapshot.Entries[0].LastPath != "/files" {
|
|
t.Fatalf("entry = %+v, want keyID client-a and path /files", snapshot.Entries[0])
|
|
}
|
|
}
|
|
|
|
func TestStatusAPIHandlerReturnsJSON(t *testing.T) {
|
|
handler := statusAPIHandler(buildinfo.Info{Version: "v1"}, auth.NewAccessTracker(), true)
|
|
req := httptest.NewRequest(http.MethodGet, "/api/status", nil)
|
|
rec := httptest.NewRecorder()
|
|
|
|
handler.ServeHTTP(rec, req)
|
|
|
|
if rec.Code != http.StatusOK {
|
|
t.Fatalf("status = %d, want %d", rec.Code, http.StatusOK)
|
|
}
|
|
if got := rec.Header().Get("Content-Type"); !strings.Contains(got, "application/json") {
|
|
t.Fatalf("content-type = %q, want application/json", got)
|
|
}
|
|
|
|
var payload statusAPIResponse
|
|
if err := json.Unmarshal(rec.Body.Bytes(), &payload); err != nil {
|
|
t.Fatalf("json.Unmarshal() error = %v", err)
|
|
}
|
|
if payload.Version != "v1" {
|
|
t.Fatalf("version = %q, want %q", payload.Version, "v1")
|
|
}
|
|
}
|
|
|
|
func TestHomeHandlerAllowsHead(t *testing.T) {
|
|
handler := homeHandler(buildinfo.Info{Version: "v1"}, auth.NewAccessTracker(), false)
|
|
req := httptest.NewRequest(http.MethodHead, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
|
|
handler.ServeHTTP(rec, req)
|
|
|
|
if rec.Code != http.StatusOK {
|
|
t.Fatalf("status = %d, want %d", rec.Code, http.StatusOK)
|
|
}
|
|
if body := rec.Body.String(); body != "" {
|
|
t.Fatalf("body = %q, want empty for HEAD", body)
|
|
}
|
|
}
|
|
|
|
func TestHomeHandlerServesIndex(t *testing.T) {
|
|
handler := homeHandler(buildinfo.Info{Version: "v1"}, auth.NewAccessTracker(), false)
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
rec := httptest.NewRecorder()
|
|
|
|
handler.ServeHTTP(rec, req)
|
|
|
|
if rec.Code != http.StatusOK {
|
|
t.Fatalf("status = %d, want %d", rec.Code, http.StatusOK)
|
|
}
|
|
if !strings.Contains(rec.Body.String(), "<div id=\"app\"></div>") {
|
|
t.Fatalf("body = %q, want embedded UI index", rec.Body.String())
|
|
}
|
|
}
|
|
|
|
func TestMiddlewareRecordsAuthenticatedAccess(t *testing.T) {
|
|
keyring, err := auth.NewKeyring([]config.APIKey{{ID: "client-a", Value: "secret"}})
|
|
if err != nil {
|
|
t.Fatalf("NewKeyring() error = %v", err)
|
|
}
|
|
tracker := auth.NewAccessTracker()
|
|
logger := slog.New(slog.NewTextHandler(io.Discard, nil))
|
|
handler := auth.Middleware(config.AuthConfig{HeaderName: "x-brain-key"}, keyring, nil, nil, tracker, logger)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}))
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/files", nil)
|
|
req.Header.Set("x-brain-key", "secret")
|
|
rec := httptest.NewRecorder()
|
|
handler.ServeHTTP(rec, req)
|
|
|
|
if rec.Code != http.StatusNoContent {
|
|
t.Fatalf("status = %d, want %d", rec.Code, http.StatusNoContent)
|
|
}
|
|
snap := tracker.Snapshot()
|
|
if len(snap) != 1 {
|
|
t.Fatalf("len(snapshot) = %d, want 1", len(snap))
|
|
}
|
|
if snap[0].KeyID != "client-a" || snap[0].LastPath != "/files" {
|
|
t.Fatalf("snapshot[0] = %+v, want keyID client-a and path /files", snap[0])
|
|
}
|
|
}
|