handle-nip86_minimal_test.go raw
1 package app
2
3 import (
4 "bytes"
5 "context"
6 "encoding/json"
7 "net/http/httptest"
8 "testing"
9
10 "next.orly.dev/app/config"
11 "next.orly.dev/pkg/database"
12 )
13
14 func TestHandleNIP86Management_Basic(t *testing.T) {
15 // Setup test database
16 ctx, cancel := context.WithCancel(context.Background())
17 defer cancel()
18
19 // Use a temporary directory for the test database
20 tmpDir := t.TempDir()
21 db, err := database.New(ctx, cancel, tmpDir, "test.db")
22 if err != nil {
23 t.Fatalf("Failed to create test database: %v", err)
24 }
25 defer db.Close()
26
27 // Setup non-managed ACL
28 cfg := &config.C{
29 AuthRequired: false,
30 Owners: []string{"owner1"},
31 Admins: []string{"admin1"},
32 ACLMode: "none",
33 }
34
35 // Setup server
36 server := &Server{
37 Config: cfg,
38 DB: db,
39 Admins: [][]byte{[]byte("admin1")},
40 Owners: [][]byte{[]byte("owner1")},
41 }
42
43 t.Run("non-managed mode should reject management API", func(t *testing.T) {
44 // Create request body
45 body := map[string]interface{}{"method": "banpubkey", "params": []string{"user1", "test ban"}}
46 bodyBytes, err := json.Marshal(body)
47 if err != nil {
48 t.Fatalf("Failed to marshal request body: %v", err)
49 }
50
51 // Create HTTP request without authentication to test the managed mode check
52 req := httptest.NewRequest("POST", "/api/nip86", bytes.NewReader(bodyBytes))
53 req.Header.Set("Content-Type", "application/nostr+json+rpc")
54
55 // Create response recorder
56 rr := httptest.NewRecorder()
57
58 // Call the handler
59 server.handleNIP86Management(rr, req)
60
61 // Check status code (should be 401 due to authentication failure, not 400)
62 if rr.Code != 401 {
63 t.Errorf("handleNIP86Management() status = %v, want 401", rr.Code)
64 }
65
66 // The test verifies that the handler runs and returns an error
67 if rr.Body.String() == "" {
68 t.Errorf("handleNIP86Management() body should not be empty")
69 }
70 })
71
72 t.Run("GET method should not be allowed", func(t *testing.T) {
73 // Create HTTP request
74 req := httptest.NewRequest("GET", "/api/nip86", nil)
75
76 // Create response recorder
77 rr := httptest.NewRecorder()
78
79 // Call the handler
80 server.handleNIP86Management(rr, req)
81
82 // Check status code
83 if rr.Code != 405 {
84 t.Errorf("handleNIP86Management() status = %v, want 405", rr.Code)
85 }
86
87 // Check error message (should contain "Method not allowed")
88 if rr.Body.String() == "" {
89 t.Errorf("handleNIP86Management() body should not be empty")
90 }
91 })
92
93 t.Run("unauthenticated request should be rejected", func(t *testing.T) {
94 // Create request body
95 body := map[string]interface{}{"method": "banpubkey", "params": []string{"user1", "test ban"}}
96 bodyBytes, err := json.Marshal(body)
97 if err != nil {
98 t.Fatalf("Failed to marshal request body: %v", err)
99 }
100
101 // Create HTTP request without authentication
102 req := httptest.NewRequest("POST", "/api/nip86", bytes.NewReader(bodyBytes))
103 req.Header.Set("Content-Type", "application/nostr+json+rpc")
104
105 // Create response recorder
106 rr := httptest.NewRecorder()
107
108 // Call the handler
109 server.handleNIP86Management(rr, req)
110
111 // Check status code
112 if rr.Code != 401 {
113 t.Errorf("handleNIP86Management() status = %v, want 401", rr.Code)
114 }
115
116 // Check error message (should be about missing authorization header)
117 if rr.Body.String() == "" {
118 t.Errorf("handleNIP86Management() body should not be empty")
119 }
120 })
121 }
122