mukimovd/turash
1
0
Fork 0
mirror of https://github.com/SamyRai/turash.git synced 2025-12-26 23:01:33 +00:00
Code Issues 1 Actions Packages Projects Releases Wiki Activity
0df4812c82
turash/bugulma/backend/internal/middleware/auth_test.go
Damir Mukimov 000eab4740
Major repository reorganization and missing backend endpoints implementation 
Repository Structure:
- Move files from cluttered root directory into organized structure
- Create archive/ for archived data and scraper results
- Create bugulma/ for the complete application (frontend + backend)
- Create data/ for sample datasets and reference materials
- Create docs/ for comprehensive documentation structure
- Create scripts/ for utility scripts and API tools

Backend Implementation:
- Implement 3 missing backend endpoints identified in gap analysis:
  * GET /api/v1/organizations/{id}/matching/direct - Direct symbiosis matches
  * GET /api/v1/users/me/organizations - User organizations
  * POST /api/v1/proposals/{id}/status - Update proposal status
- Add complete proposal domain model, repository, and service layers
- Create database migration for proposals table
- Fix CLI server command registration issue

API Documentation:
- Add comprehensive proposals.md API documentation
- Update README.md with Users and Proposals API sections
- Document all request/response formats, error codes, and business rules

Code Quality:
- Follow existing Go backend architecture patterns
- Add proper error handling and validation
- Match frontend expected response schemas
- Maintain clean separation of concerns (handler -> service -> repository)
2025-11-25 06:01:16 +01:00

133 lines
3.2 KiB
Go
Raw Blame History

package middleware
import (
"context"
"errors"
"net/http"
"net/http/httptest"
"testing"
"bugulma/backend/internal/domain"
"bugulma/backend/internal/service"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/assert"
)
// MockUserRepository for testing
type MockUserRepository struct {
getByIDFunc func(id string) (*domain.User, error)
}
func (m *MockUserRepository) GetByEmail(ctx context.Context, email string) (*domain.User, error) {
return nil, errors.New("not implemented")
}
func (m *MockUserRepository) GetByID(ctx context.Context, id string) (*domain.User, error) {
if m.getByIDFunc != nil {
return m.getByIDFunc(id)
}
return nil, errors.New("mock not configured")
}
func (m *MockUserRepository) Create(ctx context.Context, user *domain.User) error {
return errors.New("not implemented")
}
func TestAuthMiddleware(t *testing.T) {
gin.SetMode(gin.TestMode)
t.Run("missing authorization header", func(t *testing.T) {
mockRepo := &MockUserRepository{}
authService := service.NewAuthService(mockRepo, "test-secret")
middleware := AuthMiddleware(authService)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request, _ = http.NewRequest("GET", "/test", nil)
middleware(c)
assert.True(t, c.IsAborted())
assert.Equal(t, http.StatusUnauthorized, w.Code)
})
t.Run("invalid authorization format", func(t *testing.T) {
mockRepo := &MockUserRepository{}
authService := service.NewAuthService(mockRepo, "test-secret")
middleware := AuthMiddleware(authService)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request, _ = http.NewRequest("GET", "/test", nil)
c.Request.Header.Set("Authorization", "InvalidFormat")
middleware(c)
assert.True(t, c.IsAborted())
assert.Equal(t, http.StatusUnauthorized, w.Code)
})
t.Run("invalid token", func(t *testing.T) {
mockRepo := &MockUserRepository{
getByIDFunc: func(id string) (*domain.User, error) {
return nil, errors.New("invalid token")
},
}
authService := service.NewAuthService(mockRepo, "test-secret")
middleware := AuthMiddleware(authService)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request, _ = http.NewRequest("GET", "/test", nil)
c.Request.Header.Set("Authorization", "Bearer invalid-token")
middleware(c)
assert.True(t, c.IsAborted())
assert.Equal(t, http.StatusUnauthorized, w.Code)
})
}
func TestRequireRole(t *testing.T) {
gin.SetMode(gin.TestMode)
t.Run("user has required role", func(t *testing.T) {
middleware := RequireRole("admin")
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("user_role", "admin")
middleware(c)
assert.False(t, c.IsAborted())
})
t.Run("user has insufficient permissions", func(t *testing.T) {
middleware := RequireRole("admin")
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Set("user_role", "user")
middleware(c)
assert.True(t, c.IsAborted())
assert.Equal(t, http.StatusForbidden, w.Code)
})
t.Run("no role found", func(t *testing.T) {
middleware := RequireRole("admin")
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
// No user_role set
middleware(c)
assert.True(t, c.IsAborted())
assert.Equal(t, http.StatusForbidden, w.Code)
})
}
Reference in New Issue View Git Blame Copy Permalink