Update handler integration tests

2025-11-06 07:54:22 +00:00 · 2024-12-07 23:09:57 +01:00
parent ad4af2f82d
commit 5633406f5c
7 changed files with 427 additions and 244 deletions
--- a/server/internal/handlers/admin_handlers_integration_test.go
+++ b/server/internal/handlers/admin_handlers_integration_test.go
@@ -34,8 +34,8 @@ func TestAdminHandlers_Integration(t *testing.T) {

 	t.Run("user management", func(t *testing.T) {
 		t.Run("list users", func(t *testing.T) {
-			// Test with admin token
-			rr := h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, h.AdminToken, nil)
+			// Test with admin session
+			rr := h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var users []*models.User
@@ -47,12 +47,12 @@ func TestAdminHandlers_Integration(t *testing.T) {
 			assert.True(t, containsUser(users, h.AdminUser), "Admin user not found in users list")
 			assert.True(t, containsUser(users, h.RegularUser), "Regular user not found in users list")

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)

-			// Test without token
-			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, "", nil)
+			// Test without session
+			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users", nil, nil, nil)
 			assert.Equal(t, http.StatusUnauthorized, rr.Code)
 		})

@@ -64,8 +64,8 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				Role:        models.RoleEditor,
 			}

-			// Test with admin token
-			rr := h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminToken, nil)
+			// Test with admin session
+			rr := h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var createdUser models.User
@@ -77,7 +77,7 @@ func TestAdminHandlers_Integration(t *testing.T) {
 			assert.NotZero(t, createdUser.LastWorkspaceID)

 			// Test duplicate email
-			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminToken, nil)
+			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminSession, nil)
 			assert.Equal(t, http.StatusConflict, rr.Code)

 			// Test invalid request (missing required fields)
@@ -85,19 +85,19 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				Email: "invalid@test.com",
 				// Missing password and role
 			}
-			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", invalidReq, h.AdminToken, nil)
+			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", invalidReq, h.AdminSession, nil)
 			assert.Equal(t, http.StatusBadRequest, rr.Code)

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)
 		})

 		t.Run("get user", func(t *testing.T) {
 			path := fmt.Sprintf("/api/v1/admin/users/%d", h.RegularUser.ID)

-			// Test with admin token
-			rr := h.makeRequest(t, http.MethodGet, path, nil, h.AdminToken, nil)
+			// Test with admin session
+			rr := h.makeRequest(t, http.MethodGet, path, nil, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var user models.User
@@ -106,11 +106,11 @@ func TestAdminHandlers_Integration(t *testing.T) {
 			assert.Equal(t, h.RegularUser.ID, user.ID)

 			// Test non-existent user
-			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users/999999", nil, h.AdminToken, nil)
+			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/users/999999", nil, h.AdminSession, nil)
 			assert.Equal(t, http.StatusNotFound, rr.Code)

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodGet, path, nil, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodGet, path, nil, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)
 		})

@@ -121,8 +121,8 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				Role:        models.RoleViewer,
 			}

-			// Test with admin token
-			rr := h.makeRequest(t, http.MethodPut, path, updateReq, h.AdminToken, nil)
+			// Test with admin session
+			rr := h.makeRequest(t, http.MethodPut, path, updateReq, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var updatedUser models.User
@@ -131,8 +131,8 @@ func TestAdminHandlers_Integration(t *testing.T) {
 			assert.Equal(t, updateReq.DisplayName, updatedUser.DisplayName)
 			assert.Equal(t, updateReq.Role, updatedUser.Role)

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodPut, path, updateReq, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodPut, path, updateReq, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)
 		})

@@ -145,7 +145,7 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				Role:        models.RoleEditor,
 			}

-			rr := h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminToken, nil)
+			rr := h.makeRequest(t, http.MethodPost, "/api/v1/admin/users", createReq, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var createdUser models.User
@@ -156,19 +156,19 @@ func TestAdminHandlers_Integration(t *testing.T) {

 			// Test deleting own account (should fail)
 			adminPath := fmt.Sprintf("/api/v1/admin/users/%d", h.AdminUser.ID)
-			rr = h.makeRequest(t, http.MethodDelete, adminPath, nil, h.AdminToken, nil)
+			rr = h.makeRequest(t, http.MethodDelete, adminPath, nil, h.AdminSession, nil)
 			assert.Equal(t, http.StatusBadRequest, rr.Code)

-			// Test with admin token
-			rr = h.makeRequest(t, http.MethodDelete, path, nil, h.AdminToken, nil)
+			// Test with admin session
+			rr = h.makeRequest(t, http.MethodDelete, path, nil, h.AdminSession, nil)
 			assert.Equal(t, http.StatusNoContent, rr.Code)

 			// Verify user is deleted
-			rr = h.makeRequest(t, http.MethodGet, path, nil, h.AdminToken, nil)
+			rr = h.makeRequest(t, http.MethodGet, path, nil, h.AdminSession, nil)
 			assert.Equal(t, http.StatusNotFound, rr.Code)

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodDelete, path, nil, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodDelete, path, nil, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)
 		})
 	})
@@ -181,11 +181,11 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				Name:   "Test Workspace",
 			}

-			rr := h.makeRequest(t, http.MethodPost, "/api/v1/workspaces", workspace, h.RegularToken, nil)
+			rr := h.makeRequest(t, http.MethodPost, "/api/v1/workspaces", workspace, h.RegularSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

-			// Test with admin token
-			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/workspaces", nil, h.AdminToken, nil)
+			// Test with admin session
+			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/workspaces", nil, h.AdminSession, nil)
 			require.Equal(t, http.StatusOK, rr.Code)

 			var workspaces []*handlers.WorkspaceStats
@@ -206,8 +206,8 @@ func TestAdminHandlers_Integration(t *testing.T) {
 				assert.GreaterOrEqual(t, ws.TotalSize, int64(0))
 			}

-			// Test with non-admin token
-			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/workspaces", nil, h.RegularToken, nil)
+			// Test with non-admin session
+			rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/workspaces", nil, h.RegularSession, nil)
 			assert.Equal(t, http.StatusForbidden, rr.Code)
 		})
 	})
@@ -218,11 +218,11 @@ func TestAdminHandlers_Integration(t *testing.T) {
 			UserID: h.RegularUser.ID,
 			Name:   "Stats Test Workspace",
 		}
-		rr := h.makeRequest(t, http.MethodPost, "/api/v1/workspaces", workspace, h.RegularToken, nil)
+		rr := h.makeRequest(t, http.MethodPost, "/api/v1/workspaces", workspace, h.RegularSession, nil)
 		require.Equal(t, http.StatusOK, rr.Code)

-		// Test with admin token
-		rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/stats", nil, h.AdminToken, nil)
+		// Test with admin session
+		rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/stats", nil, h.AdminSession, nil)
 		require.Equal(t, http.StatusOK, rr.Code)

 		var stats handlers.SystemStats
@@ -236,8 +236,8 @@ func TestAdminHandlers_Integration(t *testing.T) {
 		assert.GreaterOrEqual(t, stats.TotalFiles, 0)
 		assert.GreaterOrEqual(t, stats.TotalSize, int64(0))

-		// Test with non-admin token
-		rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/stats", nil, h.RegularToken, nil)
+		// Test with non-admin session
+		rr = h.makeRequest(t, http.MethodGet, "/api/v1/admin/stats", nil, h.RegularSession, nil)
 		assert.Equal(t, http.StatusForbidden, rr.Code)
 	})
 }