package api import ( "bytes" "database/sql" "encoding/json" "log" "net/http" "net/http/httptest" "os" "testing" "time" "git.wntrmute.dev/kyle/mcias/data" _ "github.com/mattn/go-sqlite3" ) func setupTestDB(t *testing.T) *sql.DB { db, err := sql.Open("sqlite3", ":memory:") if err != nil { t.Fatalf("Failed to open test database: %v", err) } schema, err := os.ReadFile("../schema.sql") if err != nil { t.Fatalf("Failed to read schema: %v", err) } if _, err := db.Exec(string(schema)); err != nil { t.Fatalf("Failed to initialize test database: %v", err) } return db } func createTestUser(t *testing.T, db *sql.DB) *data.User { user := &data.User{} login := &data.Login{ User: "testuser", Password: "testpassword", } if err := user.Register(login); err != nil { t.Fatalf("Failed to register test user: %v", err) } query := `INSERT INTO users (id, created, user, password, salt) VALUES (?, ?, ?, ?, ?)` _, err := db.Exec(query, user.ID, user.Created, user.User, user.Password, user.Salt) if err != nil { t.Fatalf("Failed to insert test user: %v", err) } return user } func TestPasswordLogin(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestUser(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) loginReq := LoginRequest{ Version: "v1", Login: data.Login{ User: user.User, Password: "testpassword", }, } body, err := json.Marshal(loginReq) if err != nil { t.Fatalf("Failed to marshal request: %v", err) } req := httptest.NewRequest("POST", "/v1/login/password", bytes.NewBuffer(body)) req.Header.Set("Content-Type", "application/json") recorder := httptest.NewRecorder() server.handlePasswordLogin(recorder, req) if recorder.Code != http.StatusOK { t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code) } var response TokenResponse if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil { t.Fatalf("Failed to decode response: %v", err) } if response.Token == "" { t.Error("Expected token in response, got empty string") } now := time.Now().Unix() if response.Expires <= now { t.Errorf("Expected token expiration in the future, got %d (now: %d)", response.Expires, now) } } func TestTokenLogin(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestUser(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) token := "testtoken123456" expires := time.Now().Add(24 * time.Hour).Unix() tokenID := "token123" query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)` _, err := db.Exec(query, tokenID, user.ID, token, expires) if err != nil { t.Fatalf("Failed to insert test token: %v", err) } loginReq := LoginRequest{ Version: "v1", Login: data.Login{ User: user.User, Token: token, }, } body, err := json.Marshal(loginReq) if err != nil { t.Fatalf("Failed to marshal request: %v", err) } req := httptest.NewRequest("POST", "/v1/login/token", bytes.NewBuffer(body)) req.Header.Set("Content-Type", "application/json") recorder := httptest.NewRecorder() server.handleTokenLogin(recorder, req) if recorder.Code != http.StatusOK { t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code) } var response TokenResponse if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil { t.Fatalf("Failed to decode response: %v", err) } if response.Token == "" { t.Error("Expected token in response, got empty string") } now := time.Now().Unix() if response.Expires <= now { t.Errorf("Expected token expiration in the future, got %d (now: %d)", response.Expires, now) } } func TestInvalidPasswordLogin(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestUser(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) loginReq := LoginRequest{ Version: "v1", Login: data.Login{ User: user.User, Password: "wrongpassword", }, } body, err := json.Marshal(loginReq) if err != nil { t.Fatalf("Failed to marshal request: %v", err) } req := httptest.NewRequest("POST", "/v1/login/password", bytes.NewBuffer(body)) req.Header.Set("Content-Type", "application/json") recorder := httptest.NewRecorder() server.handlePasswordLogin(recorder, req) if recorder.Code != http.StatusUnauthorized { t.Errorf("Expected status code %d, got %d", http.StatusUnauthorized, recorder.Code) } } func TestInvalidTokenLogin(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestUser(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) loginReq := LoginRequest{ Version: "v1", Login: data.Login{ User: user.User, Token: "invalidtoken", }, } body, err := json.Marshal(loginReq) if err != nil { t.Fatalf("Failed to marshal request: %v", err) } req := httptest.NewRequest("POST", "/v1/login/token", bytes.NewBuffer(body)) req.Header.Set("Content-Type", "application/json") recorder := httptest.NewRecorder() server.handleTokenLogin(recorder, req) if recorder.Code != http.StatusUnauthorized { t.Errorf("Expected status code %d, got %d", http.StatusUnauthorized, recorder.Code) } } func createTestAdminUser(t *testing.T, db *sql.DB) *data.User { user := createTestUser(t, db) // Add admin role roleID := "role123" _, err := db.Exec("INSERT INTO roles (id, role) VALUES (?, ?)", roleID, "admin") if err != nil { t.Fatalf("Failed to insert admin role: %v", err) } // Assign admin role to user userRoleID := "ur123" _, err = db.Exec("INSERT INTO user_roles (id, uid, rid) VALUES (?, ?, ?)", userRoleID, user.ID, roleID) if err != nil { t.Fatalf("Failed to assign admin role to user: %v", err) } user.Roles = []string{"admin"} return user } func insertTestDatabaseCredentials(t *testing.T, db *sql.DB) { query := `INSERT INTO database (id, host, port, name, user, password) VALUES (?, ?, ?, ?, ?, ?)` _, err := db.Exec(query, "db123", "localhost", 5432, "testdb", "postgres", "securepassword") if err != nil { t.Fatalf("Failed to insert test database credentials: %v", err) } } func TestDatabaseCredentials(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestAdminUser(t, db) insertTestDatabaseCredentials(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) token := "testtoken123456" expires := time.Now().Add(24 * time.Hour).Unix() tokenID := "token123" query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)` _, err := db.Exec(query, tokenID, user.ID, token, expires) if err != nil { t.Fatalf("Failed to insert test token: %v", err) } req := httptest.NewRequest("GET", "/v1/database/credentials?username="+user.User, nil) req.Header.Set("Authorization", "Bearer "+token) recorder := httptest.NewRecorder() server.handleDatabaseCredentials(recorder, req) if recorder.Code != http.StatusOK { t.Errorf("Expected status code %d, got %d", http.StatusOK, recorder.Code) } var response DatabaseCredentials if err := json.NewDecoder(recorder.Body).Decode(&response); err != nil { t.Fatalf("Failed to decode response: %v", err) } if response.Host != "localhost" { t.Errorf("Expected host 'localhost', got '%s'", response.Host) } if response.Port != 5432 { t.Errorf("Expected port 5432, got %d", response.Port) } if response.Name != "testdb" { t.Errorf("Expected database name 'testdb', got '%s'", response.Name) } if response.User != "postgres" { t.Errorf("Expected user 'postgres', got '%s'", response.User) } if response.Password != "securepassword" { t.Errorf("Expected password 'securepassword', got '%s'", response.Password) } } func TestDatabaseCredentialsUnauthorized(t *testing.T) { db := setupTestDB(t) defer db.Close() user := createTestUser(t, db) // Regular user without admin role insertTestDatabaseCredentials(t, db) logger := log.New(os.Stdout, "TEST: ", log.LstdFlags) server := NewServer(db, logger) token := "testtoken123456" expires := time.Now().Add(24 * time.Hour).Unix() tokenID := "token123" query := `INSERT INTO tokens (id, uid, token, expires) VALUES (?, ?, ?, ?)` _, err := db.Exec(query, tokenID, user.ID, token, expires) if err != nil { t.Fatalf("Failed to insert test token: %v", err) } req := httptest.NewRequest("GET", "/v1/database/credentials?username="+user.User, nil) req.Header.Set("Authorization", "Bearer "+token) recorder := httptest.NewRecorder() server.handleDatabaseCredentials(recorder, req) if recorder.Code != http.StatusForbidden { t.Errorf("Expected status code %d, got %d", http.StatusForbidden, recorder.Code) } }