1
0
forked from baron/baron-sso

Fix audit timeline app names and stabilize backend tests

This commit is contained in:
Lectom C Han
2026-02-06 11:26:59 +09:00
parent 62b5bdba76
commit 66e1ed1e72
8 changed files with 448 additions and 301 deletions

View File

@@ -4,14 +4,13 @@ import (
"context"
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
)
func TestKetoService_CheckPermission(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/relation-tuples/check", r.URL.Path)
assert.Equal(t, "user1", r.URL.Query().Get("subject_id"))
assert.Equal(t, "tenants", r.URL.Query().Get("namespace"))
@@ -19,13 +18,12 @@ func TestKetoService_CheckPermission(t *testing.T) {
assert.Equal(t, "admin", r.URL.Query().Get("relation"))
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(checkResponse{Allowed: true})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(checkResponse{Allowed: true})
})
s := &ketoService{
readURL: server.URL,
client: &http.Client{},
readURL: "http://keto-read.local",
client: clientForHandler(handler),
}
allowed, err := s.CheckPermission(context.Background(), "user1", "tenants", "tenant1", "admin")
@@ -34,24 +32,23 @@ func TestKetoService_CheckPermission(t *testing.T) {
}
func TestKetoService_CreateRelation(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/admin/relation-tuples", r.URL.Path)
assert.Equal(t, "PUT", r.Method)
var body map[string]interface{}
json.NewDecoder(r.Body).Decode(&body)
_ = json.NewDecoder(r.Body).Decode(&body)
assert.Equal(t, "tenants", body["namespace"])
assert.Equal(t, "tenant1", body["object"])
assert.Equal(t, "admin", body["relation"])
assert.Equal(t, "user1", body["subject_id"])
w.WriteHeader(http.StatusCreated)
}))
defer server.Close()
})
s := &ketoService{
writeURL: server.URL,
client: &http.Client{},
writeURL: "http://keto-write.local",
client: clientForHandler(handler),
}
err := s.CreateRelation(context.Background(), "tenants", "tenant1", "admin", "user1")
@@ -59,18 +56,17 @@ func TestKetoService_CreateRelation(t *testing.T) {
}
func TestKetoService_DeleteRelation(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/relation-tuples", r.URL.Path)
assert.Equal(t, "DELETE", r.Method)
assert.Equal(t, "user1", r.URL.Query().Get("subject_id"))
w.WriteHeader(http.StatusNoContent)
}))
defer server.Close()
})
s := &ketoService{
writeURL: server.URL,
client: &http.Client{},
writeURL: "http://keto-write.local",
client: clientForHandler(handler),
}
err := s.DeleteRelation(context.Background(), "tenants", "tenant1", "admin", "user1")
@@ -82,17 +78,16 @@ func TestKetoService_ListRelations(t *testing.T) {
{Namespace: "tenants", Object: "tenant1", Relation: "admin", SubjectID: "user1"},
}
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "/relation-tuples", r.URL.Path)
w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(relationTuplesResponse{RelationTuples: tuples})
}))
defer server.Close()
_ = json.NewEncoder(w).Encode(relationTuplesResponse{RelationTuples: tuples})
})
s := &ketoService{
readURL: server.URL,
client: &http.Client{},
readURL: "http://keto-read.local",
client: clientForHandler(handler),
}
result, err := s.ListRelations(context.Background(), "tenants", "tenant1", "admin", "user1")
@@ -101,21 +96,20 @@ func TestKetoService_ListRelations(t *testing.T) {
}
func TestKetoService_ErrorHandling(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusInternalServerError)
w.Write([]byte("internal error"))
}))
defer server.Close()
_, _ = w.Write([]byte("internal error"))
})
s := &ketoService{
readURL: server.URL,
writeURL: server.URL,
client: &http.Client{},
readURL: "http://keto-read.local",
writeURL: "http://keto-write.local",
client: clientForHandler(handler),
}
_, err := s.CheckPermission(context.Background(), "u", "n", "o", "r")
assert.Error(t, err)
err = s.DeleteRelation(context.Background(), "n", "o", "r", "s")
assert.Error(t, err)
@@ -124,12 +118,14 @@ func TestKetoService_ErrorHandling(t *testing.T) {
}
func TestKetoService_CheckPermission_Forbidden(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusForbidden)
}))
defer server.Close()
})
s := &ketoService{readURL: server.URL, client: &http.Client{}}
s := &ketoService{
readURL: "http://keto-read.local",
client: clientForHandler(handler),
}
allowed, err := s.CheckPermission(context.Background(), "u", "n", "o", "r")
assert.NoError(t, err)
assert.False(t, allowed)
@@ -137,19 +133,18 @@ func TestKetoService_CheckPermission_Forbidden(t *testing.T) {
func TestKetoService_CreateRelation_Retry(t *testing.T) {
attempts := 0
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
attempts++
if attempts < 2 {
w.WriteHeader(http.StatusInternalServerError)
return
}
w.WriteHeader(http.StatusCreated)
}))
defer server.Close()
})
s := &ketoService{
writeURL: server.URL,
client: &http.Client{},
writeURL: "http://keto-write.local",
client: clientForHandler(handler),
}
err := s.CreateRelation(context.Background(), "n", "o", "r", "s")