| package admin |
|
|
| import ( |
| "bytes" |
| "encoding/json" |
| "net/http" |
| "net/http/httptest" |
| "strings" |
| "testing" |
|
|
| "github.com/go-chi/chi/v5" |
|
|
| "ds2api/internal/account" |
| "ds2api/internal/config" |
| adminshared "ds2api/internal/httpapi/admin/shared" |
| ) |
|
|
| func newHTTPAdminHarness(t *testing.T, rawConfig string, ds adminshared.DeepSeekCaller) http.Handler { |
| t.Helper() |
| t.Setenv("DS2API_CONFIG_JSON", rawConfig) |
| store := config.LoadStore() |
| h := &Handler{ |
| Store: store, |
| Pool: account.NewPool(store), |
| DS: ds, |
| } |
| r := chi.NewRouter() |
| RegisterRoutes(r, h) |
| return r |
| } |
|
|
| func adminReq(method, path string, body []byte) *http.Request { |
| req := httptest.NewRequest(method, path, bytes.NewReader(body)) |
| req.Header.Set("Authorization", "Bearer admin") |
| req.Header.Set("Content-Type", "application/json") |
| return req |
| } |
|
|
| func TestConfigImportIgnoresTokenFieldInPayload(t *testing.T) { |
| ds := &testingDSMock{} |
| router := newHTTPAdminHarness(t, `{"accounts":[]}`, ds) |
|
|
| payload := []byte(`{ |
| "mode":"replace", |
| "config":{ |
| "accounts":[{"email":"u@example.com","password":"pwd","token":"expired-token"}] |
| } |
| }`) |
| rec := httptest.NewRecorder() |
| router.ServeHTTP(rec, adminReq(http.MethodPost, "/config/import", payload)) |
| if rec.Code != http.StatusOK { |
| t.Fatalf("import status=%d body=%s", rec.Code, rec.Body.String()) |
| } |
|
|
| readRec := httptest.NewRecorder() |
| router.ServeHTTP(readRec, adminReq(http.MethodGet, "/config", nil)) |
| if readRec.Code != http.StatusOK { |
| t.Fatalf("get config status=%d body=%s", readRec.Code, readRec.Body.String()) |
| } |
| var data map[string]any |
| if err := json.Unmarshal(readRec.Body.Bytes(), &data); err != nil { |
| t.Fatalf("decode config response: %v", err) |
| } |
| accounts, _ := data["accounts"].([]any) |
| if len(accounts) != 1 { |
| t.Fatalf("expected one account, got %d", len(accounts)) |
| } |
| accountMap, _ := accounts[0].(map[string]any) |
| if hasToken, _ := accountMap["has_token"].(bool); hasToken { |
| t.Fatalf("expected imported token to be ignored, account=%#v", accountMap) |
| } |
| } |
|
|
| func TestAccountTestRefreshesRuntimeTokenButExportOmitsToken(t *testing.T) { |
| ds := &testingDSMock{} |
| router := newHTTPAdminHarness(t, `{ |
| "accounts":[{"email":"batch@example.com","password":"pwd","token":"stale-token"}] |
| }`, ds) |
|
|
| rec := httptest.NewRecorder() |
| router.ServeHTTP(rec, adminReq(http.MethodPost, "/accounts/test", []byte(`{"identifier":"batch@example.com"}`))) |
| if rec.Code != http.StatusOK { |
| t.Fatalf("test account status=%d body=%s", rec.Code, rec.Body.String()) |
| } |
| var testResp map[string]any |
| if err := json.Unmarshal(rec.Body.Bytes(), &testResp); err != nil { |
| t.Fatalf("decode test response: %v", err) |
| } |
| if ok, _ := testResp["success"].(bool); !ok { |
| t.Fatalf("expected test success, got %#v", testResp) |
| } |
| if ds.loginCalls < 1 { |
| t.Fatalf("expected login to be called at least once, got %d", ds.loginCalls) |
| } |
|
|
| exportRec := httptest.NewRecorder() |
| router.ServeHTTP(exportRec, adminReq(http.MethodGet, "/config/export", nil)) |
| if exportRec.Code != http.StatusOK { |
| t.Fatalf("export status=%d body=%s", exportRec.Code, exportRec.Body.String()) |
| } |
| var exportResp map[string]any |
| if err := json.Unmarshal(exportRec.Body.Bytes(), &exportResp); err != nil { |
| t.Fatalf("decode export response: %v", err) |
| } |
| exportJSON, _ := exportResp["json"].(string) |
| if strings.Contains(exportJSON, `"token"`) { |
| t.Fatalf("expected export json to omit tokens, got %s", exportJSON) |
| } |
| } |
|
|
