~bigbes/lethe

ref: 96e95ab9e44d2234ab036319836a5087eb4c2a2f lethe/internal/domain/session/handler_test.go -rw-r--r-- 11.5 KiB
96e95ab9 — Eugene Blikh fix: add tool column to search table; remove conversation bleed from comments 23 days ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349

package session_test

import (
	"context"
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/go-chi/chi/v5"

	"sourcecraft.dev/bigbes/lethe/internal/domain/session"
	"sourcecraft.dev/bigbes/lethe/internal/server/auth"
)

// fakeAuthMiddleware injects a fixed Identity onto the request context so
// the handler can call auth.MustIdentity without a real Authenticator.
func fakeAuthMiddleware(id auth.Identity) func(http.Handler) http.Handler {
	return func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			ctx := auth.WithIdentity(r.Context(), id)
			next.ServeHTTP(w, r.WithContext(ctx))
		})
	}
}

// newHandler wires a Repository against a fresh in-memory database and
// returns the Handler. The DB is exposed so each test can seed rows.
func newHandler(t *testing.T) (*session.Handler, *session.Repository) {
	t.Helper()
	repo, _ := newRepo(t)
	h := &session.Handler{Repo: repo}
	if err := h.Init(context.Background()); err != nil {
		t.Fatalf("handler.Init: %v", err)
	}
	return h, repo
}

// mountWithIdentity builds a chi router with the fake auth middleware
// (injecting id) and the session handler mounted under /api/v1.
func mountWithIdentity(h *session.Handler, id auth.Identity) http.Handler {
	r := chi.NewRouter()
	r.Route("/api/v1", func(r chi.Router) {
		r.Use(fakeAuthMiddleware(id))
		h.Mount(r)
	})
	return r
}

// listBody is the decoded JSON of GET /sessions; matches the handler's
// listResponse but lives here so tests don't reach into unexported names.
type listBody struct {
	Sessions []session.Session `json:"sessions"`
	Limit    int               `json:"limit"`
	Offset   int               `json:"offset"`
}

// problemBody captures only the fields tests assert on for RFC 7807 docs.
type problemBody struct {
	Status int    `json:"status"`
	Code   string `json:"code"`
}

func doList(t *testing.T, router http.Handler, query string) (*httptest.ResponseRecorder, listBody) {
	t.Helper()
	req := httptest.NewRequest(http.MethodGet, "/api/v1/sessions"+query, nil)
	rec := httptest.NewRecorder()
	router.ServeHTTP(rec, req)
	var body listBody
	if rec.Code == http.StatusOK {
		if err := json.Unmarshal(rec.Body.Bytes(), &body); err != nil {
			t.Fatalf("unmarshal list body: %v (body=%s)", err, rec.Body.String())
		}
	}
	return rec, body
}

func doGet(t *testing.T, router http.Handler, tool, host, sid string) *httptest.ResponseRecorder {
	t.Helper()
	req := httptest.NewRequest(http.MethodGet, "/api/v1/sessions/"+tool+"/"+host+"/"+sid, nil)
	rec := httptest.NewRecorder()
	router.ServeHTTP(rec, req)
	return rec
}

func TestHandler_List_PaginationDefaults(t *testing.T) {
	h, repo := newHandler(t)
	seedSession(t, repo.Database.DB, "alice", "cc", "phoebe", "s1", 1700000000, 1700000010)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec, body := doList(t, router, "")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if body.Limit != 50 || body.Offset != 0 {
		t.Fatalf("defaults: limit=%d offset=%d; want 50/0", body.Limit, body.Offset)
	}
}

func TestHandler_List_PaginationCaps(t *testing.T) {
	h, _ := newHandler(t)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec, body := doList(t, router, "?limit=999")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if body.Limit != 200 {
		t.Fatalf("expected limit capped to 200; got %d", body.Limit)
	}
}

func TestHandler_List_NegativeClamped(t *testing.T) {
	h, _ := newHandler(t)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec, body := doList(t, router, "?limit=-3&offset=-7")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if body.Limit != 50 {
		t.Fatalf("expected negative limit clamped to default 50; got %d", body.Limit)
	}
	if body.Offset != 0 {
		t.Fatalf("expected negative offset clamped to 0; got %d", body.Offset)
	}
}

func TestHandler_List_SinceGreaterThanUntilReturns400(t *testing.T) {
	h, _ := newHandler(t)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec, _ := doList(t, router, "?since=200&until=100")
	if rec.Code != http.StatusBadRequest {
		t.Fatalf("status=%d; want 400; body=%s", rec.Code, rec.Body.String())
	}
	var p problemBody
	_ = json.Unmarshal(rec.Body.Bytes(), &p)
	if p.Code != "INVALID" {
		t.Fatalf("expected code INVALID; got %q (body=%s)", p.Code, rec.Body.String())
	}
}

func TestHandler_List_BadSinceReturns400(t *testing.T) {
	h, _ := newHandler(t)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec, _ := doList(t, router, "?since=not-a-number")
	if rec.Code != http.StatusBadRequest {
		t.Fatalf("status=%d; want 400; body=%s", rec.Code, rec.Body.String())
	}
	var p problemBody
	_ = json.Unmarshal(rec.Body.Bytes(), &p)
	if p.Code != "INVALID" {
		t.Fatalf("expected INVALID; got %q", p.Code)
	}
}

func TestHandler_List_PerUserIsolation(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "alice", "cc", "phoebe", "sA", 1700000000, 1700000010)
	seedSession(t, db, "bob", "cc", "phoebe", "sB", 1700000100, 1700000110)
	seedSession(t, db, "bob", "cc", "phoebe", "sB2", 1700000200, 1700000210)

	router := mountWithIdentity(h, auth.Identity{User: "alice"})
	// No filter — should still only see alice's row.
	rec, body := doList(t, router, "")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if len(body.Sessions) != 1 || body.Sessions[0].Owner != "alice" {
		t.Fatalf("alice should see only her row; got %#v", body.Sessions)
	}

	// Filter by tool — bob's matching rows still excluded.
	rec, body = doList(t, router, "?tool=cc")
	if rec.Code != http.StatusOK || len(body.Sessions) != 1 || body.Sessions[0].Owner != "alice" {
		t.Fatalf("alice + tool filter should yield 1 alice row; got code=%d %#v", rec.Code, body.Sessions)
	}
}

func TestHandler_List_NonAdminOwnerParamReturns403(t *testing.T) {
	h, repo := newHandler(t)
	seedSession(t, repo.Database.DB, "alice", "cc", "phoebe", "s1", 1700000000, 1700000010)
	router := mountWithIdentity(h, auth.Identity{User: "alice", IsAdmin: false})

	for _, q := range []string{"?owner=alice", "?owner=bob", "?owner=*"} {
		rec, _ := doList(t, router, q)
		if rec.Code != http.StatusForbidden {
			t.Fatalf("query %q: status=%d; want 403; body=%s", q, rec.Code, rec.Body.String())
		}
		var p problemBody
		_ = json.Unmarshal(rec.Body.Bytes(), &p)
		if p.Code != "FORBIDDEN" {
			t.Fatalf("query %q: code=%q; want FORBIDDEN", q, p.Code)
		}
	}
}

func TestHandler_List_AdminOwnerParamHonored(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "alice", "cc", "phoebe", "sA", 1700000000, 1700000010)
	seedSession(t, db, "bob", "cc", "phoebe", "sB", 1700000100, 1700000110)
	router := mountWithIdentity(h, auth.Identity{User: "admin", IsAdmin: true})

	rec, body := doList(t, router, "?owner=bob")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if len(body.Sessions) != 1 || body.Sessions[0].Owner != "bob" {
		t.Fatalf("expected bob's row only; got %#v", body.Sessions)
	}
}

func TestHandler_List_AdminOwnerStarReturnsAllOwners(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "alice", "cc", "phoebe", "sA", 1700000000, 1700000010)
	seedSession(t, db, "bob", "cc", "phoebe", "sB", 1700000100, 1700000110)
	router := mountWithIdentity(h, auth.Identity{User: "admin", IsAdmin: true})

	rec, body := doList(t, router, "?owner=*")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if len(body.Sessions) != 2 {
		t.Fatalf("expected 2 rows; got %d (%#v)", len(body.Sessions), body.Sessions)
	}
}

func TestHandler_List_AdminWithoutOwnerParam_ShowsOnlyOwnRows(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "admin", "cc", "phoebe", "sAdm", 1700000000, 1700000010)
	seedSession(t, db, "bob", "cc", "phoebe", "sB", 1700000100, 1700000110)
	router := mountWithIdentity(h, auth.Identity{User: "admin", IsAdmin: true})

	rec, body := doList(t, router, "")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d body=%s", rec.Code, rec.Body.String())
	}
	if len(body.Sessions) != 1 || body.Sessions[0].Owner != "admin" {
		t.Fatalf("admin without ?owner= should see only own rows; got %#v", body.Sessions)
	}
}

func TestHandler_Get_OtherOwnersSession_ReturnsNotFound404(t *testing.T) {
	h, repo := newHandler(t)
	seedSession(t, repo.Database.DB, "bob", "cc", "phoebe", "sB", 1700000000, 1700000010)
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec := doGet(t, router, "cc", "phoebe", "sB")
	if rec.Code != http.StatusNotFound {
		t.Fatalf("status=%d; want 404; body=%s", rec.Code, rec.Body.String())
	}
	var p problemBody
	_ = json.Unmarshal(rec.Body.Bytes(), &p)
	if p.Code != "NOT_FOUND" {
		t.Fatalf("expected NOT_FOUND; got %q", p.Code)
	}
}

func TestHandler_Get_OwnSession_Returns200(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "alice", "cc", "phoebe", "s1", 1700000000, 1700000010)
	seedTurn(t, db, "alice", "cc", "phoebe", "s1", "tA", 1, 1700000005, "user", "hi")
	router := mountWithIdentity(h, auth.Identity{User: "alice"})

	rec := doGet(t, router, "cc", "phoebe", "s1")
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d; want 200; body=%s", rec.Code, rec.Body.String())
	}
	var got session.SessionWithTurns
	if err := json.Unmarshal(rec.Body.Bytes(), &got); err != nil {
		t.Fatalf("unmarshal: %v", err)
	}
	if got.SessionID != "s1" || got.Owner != "alice" {
		t.Fatalf("unexpected session: %#v", got.Session)
	}
	if len(got.Turns) != 1 || got.Turns[0].TurnID != "tA" {
		t.Fatalf("unexpected turns: %#v", got.Turns)
	}
}

func TestHandler_Get_AdminCanGetAnyOwner(t *testing.T) {
	h, repo := newHandler(t)
	db := repo.Database.DB
	seedSession(t, db, "bob", "cc", "phoebe", "sB", 1700000000, 1700000010)
	router := mountWithIdentity(h, auth.Identity{User: "admin", IsAdmin: true})

	// With ?owner=bob admins fetch any user's session.
	rec := httptest.NewRecorder()
	req := httptest.NewRequest(http.MethodGet, "/api/v1/sessions/cc/phoebe/sB?owner=bob", nil)
	router.ServeHTTP(rec, req)
	if rec.Code != http.StatusOK {
		t.Fatalf("status=%d; body=%s", rec.Code, rec.Body.String())
	}
	var got session.SessionWithTurns
	if err := json.Unmarshal(rec.Body.Bytes(), &got); err != nil {
		t.Fatalf("unmarshal: %v", err)
	}
	if got.Owner != "bob" {
		t.Fatalf("expected bob's session; got %#v", got.Session)
	}

	// And with ?owner=* the admin can also reach across owners.
	rec = httptest.NewRecorder()
	req = httptest.NewRequest(http.MethodGet, "/api/v1/sessions/cc/phoebe/sB?owner=*", nil)
	router.ServeHTTP(rec, req)
	if rec.Code != http.StatusOK {
		t.Fatalf("?owner=*: status=%d; body=%s", rec.Code, rec.Body.String())
	}
}

func TestHandler_Mount_RegistersExpectedRoutes(t *testing.T) {
	h, _ := newHandler(t)
	router := chi.NewRouter()
	router.Route("/api/v1", func(r chi.Router) {
		r.Use(fakeAuthMiddleware(auth.Identity{User: "alice"}))
		h.Mount(r)
	})

	wantPatterns := map[string]bool{
		"/api/v1/sessions": false,
		"/api/v1/sessions/{tool}/{host}/{session_id}": false,
	}
	walkErr := chi.Walk(router, func(method, route string, _ http.Handler, _ ...func(http.Handler) http.Handler) error {
		if method != http.MethodGet {
			return nil
		}
		for k := range wantPatterns {
			if route == k {
				wantPatterns[k] = true
			}
		}
		return nil
	})
	if walkErr != nil {
		t.Fatalf("walk: %v", walkErr)
	}
	for pat, found := range wantPatterns {
		if !found {
			t.Errorf("expected GET %s registered; not found", pat)
		}
	}
}