Kyle Isom
185b68ff6d
Proto definitions for 4 services (RegistryService, PolicyService, AuditService, AdminService) with hand-written Go stubs using JSON codec until protobuf tooling is available. Interceptor chain: logging (method, peer IP, duration, never logs auth metadata) → auth (bearer token via MCIAS, Health bypasses) → admin (role check for GC, policy, delete, audit RPCs). All RPCs share business logic with REST handlers via internal/db and internal/gc packages. TLS 1.3 minimum on gRPC listener. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
96 lines
2.5 KiB
Go
96 lines
2.5 KiB
Go
package grpcserver
|
|
|
|
import (
|
|
"testing"
|
|
|
|
pb "git.wntrmute.dev/kyle/mcr/gen/mcr/v1"
|
|
)
|
|
|
|
func TestListAuditEventsEmpty(t *testing.T) {
|
|
deps := adminDeps(t)
|
|
cc := startTestServer(t, deps)
|
|
client := pb.NewAuditServiceClient(cc)
|
|
|
|
resp, err := client.ListAuditEvents(adminCtx(), &pb.ListAuditEventsRequest{})
|
|
if err != nil {
|
|
t.Fatalf("ListAuditEvents: %v", err)
|
|
}
|
|
if len(resp.GetEvents()) != 0 {
|
|
t.Fatalf("expected 0 events, got %d", len(resp.Events))
|
|
}
|
|
}
|
|
|
|
func TestListAuditEventsWithData(t *testing.T) {
|
|
deps := adminDeps(t)
|
|
|
|
// Write some audit events directly.
|
|
err := deps.DB.WriteAuditEvent("test_event", "actor-1", "repo/test", "", "1.2.3.4", map[string]string{"key": "value"})
|
|
if err != nil {
|
|
t.Fatalf("WriteAuditEvent: %v", err)
|
|
}
|
|
err = deps.DB.WriteAuditEvent("other_event", "actor-2", "", "", "5.6.7.8", nil)
|
|
if err != nil {
|
|
t.Fatalf("WriteAuditEvent: %v", err)
|
|
}
|
|
|
|
cc := startTestServer(t, deps)
|
|
client := pb.NewAuditServiceClient(cc)
|
|
|
|
// List all events.
|
|
resp, err := client.ListAuditEvents(adminCtx(), &pb.ListAuditEventsRequest{})
|
|
if err != nil {
|
|
t.Fatalf("ListAuditEvents: %v", err)
|
|
}
|
|
if len(resp.GetEvents()) != 2 {
|
|
t.Fatalf("expected 2 events, got %d", len(resp.Events))
|
|
}
|
|
|
|
// Filter by event type.
|
|
resp, err = client.ListAuditEvents(adminCtx(), &pb.ListAuditEventsRequest{
|
|
EventType: "test_event",
|
|
})
|
|
if err != nil {
|
|
t.Fatalf("ListAuditEvents with filter: %v", err)
|
|
}
|
|
if len(resp.GetEvents()) != 1 {
|
|
t.Fatalf("expected 1 event, got %d", len(resp.Events))
|
|
}
|
|
if resp.Events[0].EventType != "test_event" {
|
|
t.Fatalf("event_type: got %q, want %q", resp.Events[0].EventType, "test_event")
|
|
}
|
|
if resp.Events[0].ActorId != "actor-1" {
|
|
t.Fatalf("actor_id: got %q, want %q", resp.Events[0].ActorId, "actor-1")
|
|
}
|
|
if resp.Events[0].Details["key"] != "value" {
|
|
t.Fatalf("details: got %v, want key=value", resp.Events[0].Details)
|
|
}
|
|
}
|
|
|
|
func TestListAuditEventsPagination(t *testing.T) {
|
|
deps := adminDeps(t)
|
|
|
|
// Write 5 events.
|
|
for i := range 5 {
|
|
err := deps.DB.WriteAuditEvent("event", "actor", "", "", "", map[string]string{
|
|
"index": string(rune('0' + i)),
|
|
})
|
|
if err != nil {
|
|
t.Fatalf("WriteAuditEvent %d: %v", i, err)
|
|
}
|
|
}
|
|
|
|
cc := startTestServer(t, deps)
|
|
client := pb.NewAuditServiceClient(cc)
|
|
|
|
// Get first 2 events.
|
|
resp, err := client.ListAuditEvents(adminCtx(), &pb.ListAuditEventsRequest{
|
|
Pagination: &pb.PaginationRequest{Limit: 2},
|
|
})
|
|
if err != nil {
|
|
t.Fatalf("ListAuditEvents: %v", err)
|
|
}
|
|
if len(resp.GetEvents()) != 2 {
|
|
t.Fatalf("expected 2 events, got %d", len(resp.Events))
|
|
}
|
|
}
|