test: also test put/delete routes

test: add a test for route parameters
test: verified all routes to exist
2025-12-14 21:06:15 +01:00 · 2025-12-14 21:04:36 +01:00 · 2025-12-14 21:02:25 +01:00
1 changed files with 240 additions and 0 deletions
--- a/internal/server/router_test.go
+++ b/internal/server/router_test.go
@@ -3,6 +3,7 @@ package server
 import (
 	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
 	"goyco/internal/config"
@@ -157,7 +158,16 @@ func TestProtectedRoutesRequireAuth(t *testing.T) {
 		path   string
 	}{
 		{http.MethodGet, "/api/auth/me"},
 		{http.MethodPost, "/api/auth/logout"},
 		{http.MethodPost, "/api/auth/revoke"},
 		{http.MethodPost, "/api/auth/revoke-all"},
 		{http.MethodPut, "/api/auth/email"},
 		{http.MethodPut, "/api/auth/username"},
 		{http.MethodPut, "/api/auth/password"},
 		{http.MethodDelete, "/api/auth/account"},
 		{http.MethodPost, "/api/posts"},
 		{http.MethodPut, "/api/posts/1"},
 		{http.MethodDelete, "/api/posts/1"},
 		{http.MethodPost, "/api/posts/1/vote"},
 		{http.MethodDelete, "/api/posts/1/vote"},
 		{http.MethodGet, "/api/posts/1/vote"},
@@ -513,3 +523,233 @@ func TestRouterMiddlewareIntegration(t *testing.T) {
 		t.Error("Router should return a status code")
 	}
 }
 func TestAllRoutesExist(t *testing.T) {
 	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	publicRoutes := []struct {
 		method      string
 		path        string
 		description string
 	}{
 		{http.MethodGet, "/api", "API info"},
 		{http.MethodGet, "/health", "Health check"},
 		{http.MethodGet, "/metrics", "Metrics"},
 		{http.MethodGet, "/robots.txt", "Robots.txt"},
 		{http.MethodGet, "/api/posts", "Get posts"},
 		{http.MethodGet, "/api/posts/search", "Search posts"},
 		{http.MethodGet, "/api/posts/title", "Fetch title from URL"},
 		{http.MethodGet, "/api/posts/1", "Get post by ID"},
 		{http.MethodPost, "/api/auth/register", "Register"},
 		{http.MethodPost, "/api/auth/login", "Login"},
 		{http.MethodPost, "/api/auth/refresh", "Refresh token"},
 		{http.MethodGet, "/api/auth/confirm", "Confirm email"},
 		{http.MethodPost, "/api/auth/resend-verification", "Resend verification"},
 		{http.MethodPost, "/api/auth/forgot-password", "Forgot password"},
 		{http.MethodPost, "/api/auth/reset-password", "Reset password"},
 		{http.MethodPost, "/api/auth/account/confirm", "Confirm account deletion"},
 	}
 	protectedRoutes := []struct {
 		method      string
 		path        string
 		description string
 	}{
 		{http.MethodGet, "/api/auth/me", "Get current user"},
 		{http.MethodPost, "/api/auth/logout", "Logout"},
 		{http.MethodPost, "/api/auth/revoke", "Revoke token"},
 		{http.MethodPost, "/api/auth/revoke-all", "Revoke all tokens"},
 		{http.MethodPut, "/api/auth/email", "Update email"},
 		{http.MethodPut, "/api/auth/username", "Update username"},
 		{http.MethodPut, "/api/auth/password", "Update password"},
 		{http.MethodDelete, "/api/auth/account", "Delete account"},
 		{http.MethodPost, "/api/posts", "Create post"},
 		{http.MethodPut, "/api/posts/1", "Update post"},
 		{http.MethodDelete, "/api/posts/1", "Delete post"},
 		{http.MethodPost, "/api/posts/1/vote", "Cast vote"},
 		{http.MethodDelete, "/api/posts/1/vote", "Remove vote"},
 		{http.MethodGet, "/api/posts/1/vote", "Get user vote"},
 		{http.MethodGet, "/api/posts/1/votes", "Get post votes"},
 		{http.MethodGet, "/api/users", "Get users"},
 		{http.MethodPost, "/api/users", "Create user"},
 		{http.MethodGet, "/api/users/1", "Get user by ID"},
 		{http.MethodGet, "/api/users/1/posts", "Get user posts"},
 	}
 	for _, route := range publicRoutes {
 		t.Run(route.description+" "+route.method+" "+route.path, func(t *testing.T) {
 			invalidMethod := http.MethodPatch
 			if route.method == http.MethodGet {
 				invalidMethod = http.MethodDelete
 			} else if route.method == http.MethodPost {
 				invalidMethod = http.MethodGet
 			}
 			request := httptest.NewRequest(invalidMethod, route.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			routeExists := recorder.Code == http.StatusMethodNotAllowed || recorder.Code != http.StatusNotFound
 			if !routeExists {
 				request = httptest.NewRequest(route.method, route.path, nil)
 				recorder = httptest.NewRecorder()
 				router.ServeHTTP(recorder, request)
 				if recorder.Code == http.StatusNotFound {
 					t.Errorf("Route %s %s should exist, got 404", route.method, route.path)
 				}
 			}
 		})
 	}
 	for _, route := range protectedRoutes {
 		t.Run(route.description+" "+route.method+" "+route.path, func(t *testing.T) {
 			request := httptest.NewRequest(route.method, route.path, nil)
 			recorder := httptest.NewRecorder()
 			router.ServeHTTP(recorder, request)
 			if recorder.Code == http.StatusNotFound {
 				t.Errorf("Route %s %s should exist, got 404", route.method, route.path)
 			}
 			if recorder.Code != http.StatusUnauthorized {
 				t.Errorf("Protected route %s %s should return 401 without auth, got %d", route.method, route.path, recorder.Code)
 			}
 		})
 	}
 }
 func TestRouteParameters(t *testing.T) {
 	authHandler, postHandler, voteHandler, userHandler, apiHandler, authService := setupTestHandlers()
 	router := NewRouter(RouterConfig{
 		APIHandler:      apiHandler,
 		AuthHandler:     authHandler,
 		PostHandler:     postHandler,
 		VoteHandler:     voteHandler,
 		UserHandler:     userHandler,
 		AuthService:     authService,
 		RateLimitConfig: defaultRateLimitConfig(),
 	})
 	testCases := []struct {
 		name        string
 		method      string
 		pathPattern string
 		testIDs     []string
 		isProtected bool
 	}{
 		{
 			name:        "Get post by ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: false,
 		},
 		{
 			name:        "Update post by ID",
 			method:      http.MethodPut,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Delete post by ID",
 			method:      http.MethodDelete,
 			pathPattern: "/api/posts/{id}",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user by ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/users/{id}",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user posts by user ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/users/{id}/posts",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Cast vote for post ID",
 			method:      http.MethodPost,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Remove vote for post ID",
 			method:      http.MethodDelete,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999"},
 			isProtected: true,
 		},
 		{
 			name:        "Get user vote for post ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}/vote",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 		{
 			name:        "Get post votes by post ID",
 			method:      http.MethodGet,
 			pathPattern: "/api/posts/{id}/votes",
 			testIDs:     []string{"1", "42", "999", "12345"},
 			isProtected: true,
 		},
 	}
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 			for _, id := range tc.testIDs {
 				path := replaceID(tc.pathPattern, id)
 				t.Run("ID_"+id, func(t *testing.T) {
 					request := httptest.NewRequest(http.MethodPatch, path, nil)
 					recorder := httptest.NewRecorder()
 					router.ServeHTTP(recorder, request)
 					routeExists := recorder.Code == http.StatusMethodNotAllowed
 					request = httptest.NewRequest(tc.method, path, nil)
 					recorder = httptest.NewRecorder()
 					router.ServeHTTP(recorder, request)
 					if !routeExists && recorder.Code == http.StatusNotFound {
 						t.Errorf("Route %s %s should exist with ID %s, got 404", tc.method, path, id)
 						return
 					}
 					if tc.isProtected {
 						if recorder.Code != http.StatusUnauthorized {
 							t.Errorf("Protected route %s %s should return 401 without auth, got %d", tc.method, path, recorder.Code)
 						}
 					} else {
 						if !routeExists && recorder.Code == http.StatusNotFound {
 							t.Errorf("Public route %s %s should exist, got 404", tc.method, path)
 						}
 					}
 				})
 			}
 		})
 	}
 }
 func replaceID(pattern, id string) string {
 	return strings.Replace(pattern, "{id}", id, 1)
 }
Author	SHA1	Message	Date
Kharec	33da6503e3	test: also test put/delete routes	2025-12-14 21:06:15 +01:00
Kharec	cafc44ed77	test: add a test for route parameters	2025-12-14 21:04:36 +01:00
Kharec	1480135e75	test: verified all routes to exist	2025-12-14 21:02:25 +01:00