feat: add tenant and user management with migrations, handlers, and tests
- Implemented tenant and user management features including: - Tenant creation and management with associated migrations. - User creation and management with associated migrations. - Tenant membership management with associated migrations. - Platform user roles management with associated migrations. - Quota management with associated migrations. - Article and template management with associated migrations. - Added HTTP handlers for templates and workspaces. - Created tests for protected and public routes. - Introduced a script to check tenant scope in SQL queries. - Documented task plan for backend completion and frontend foundation.
This commit is contained in:
@@ -0,0 +1,78 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/geo-platform/tenant-api/internal/shared/auth"
|
||||
)
|
||||
|
||||
func init() {
|
||||
gin.SetMode(gin.TestMode)
|
||||
}
|
||||
|
||||
func TestTenantScope_ValidActor(t *testing.T) {
|
||||
r := gin.New()
|
||||
r.Use(func(c *gin.Context) {
|
||||
actor := auth.Actor{UserID: 1, TenantID: 10, Role: "editor"}
|
||||
c.Request = c.Request.WithContext(auth.WithActor(c.Request.Context(), actor))
|
||||
c.Next()
|
||||
})
|
||||
r.Use(TenantScope())
|
||||
|
||||
var gotTenantID int64
|
||||
r.GET("/test", func(c *gin.Context) {
|
||||
gotTenantID = TenantIDFromCtx(c.Request.Context())
|
||||
c.Status(http.StatusOK)
|
||||
})
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
||||
r.ServeHTTP(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusOK, w.Code)
|
||||
assert.Equal(t, int64(10), gotTenantID)
|
||||
}
|
||||
|
||||
func TestTenantScope_MissingActor(t *testing.T) {
|
||||
r := gin.New()
|
||||
r.Use(TenantScope())
|
||||
r.GET("/test", func(c *gin.Context) { c.Status(http.StatusOK) })
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
||||
r.ServeHTTP(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
||||
}
|
||||
|
||||
func TestTenantScope_ZeroTenantID(t *testing.T) {
|
||||
r := gin.New()
|
||||
r.Use(func(c *gin.Context) {
|
||||
actor := auth.Actor{UserID: 1, TenantID: 0, Role: "editor"}
|
||||
c.Request = c.Request.WithContext(auth.WithActor(c.Request.Context(), actor))
|
||||
c.Next()
|
||||
})
|
||||
r.Use(TenantScope())
|
||||
r.GET("/test", func(c *gin.Context) { c.Status(http.StatusOK) })
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
||||
r.ServeHTTP(w, req)
|
||||
|
||||
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
||||
}
|
||||
|
||||
func TestTenantIDFromCtx_RoundTrip(t *testing.T) {
|
||||
ctx := WithTenantID(context.Background(), 42)
|
||||
assert.Equal(t, int64(42), TenantIDFromCtx(ctx))
|
||||
}
|
||||
|
||||
func TestTenantIDFromCtx_Missing(t *testing.T) {
|
||||
assert.Equal(t, int64(0), TenantIDFromCtx(context.Background()))
|
||||
}
|
||||
Reference in New Issue
Block a user