Перенести все админские эндпоинты на порт 8445 и добавить отдельную авторизацию для админов. Часть 1

2026-04-27 15:54:48 +03:00
parent 62bc62f990
commit 4ed6a961ab
40 changed files with 3573 additions and 800 deletions
--- a/test/unit/admin_handler_ticket_by_id_tests.erl
+++ b/test/unit/admin_handler_ticket_by_id_tests.erl
@@ -0,0 +1,187 @@
+-module(admin_handler_ticket_by_id_tests).
+-include_lib("eunit/include/eunit.hrl").
+-include("records.hrl").
+
+setup() ->
+  ok = meck:new(cowboy_req, [non_strict]),
+  ok = meck:new(handler_auth, [non_strict]),
+  ok = meck:new(core_user, [non_strict]),
+  ok = meck:new(core_ticket, [non_strict]),
+  ok = meck:expect(cowboy_req, reply,
+    fun(Code, Headers, Body, Req) ->
+      put(test_reply, {Code, Headers, Body, Req})
+    end),
+  ok.
+
+cleanup(_) ->
+  meck:unload(core_ticket),
+  meck:unload(core_user),
+  meck:unload(handler_auth),
+  meck:unload(cowboy_req).
+
+admin_ticket_by_id_test_() ->
+  {setup, fun setup/0, fun cleanup/1, [
+    {"GET /admin/tickets/:id – success", fun test_get/0},
+    {"GET /admin/tickets/:id – not found", fun test_get_not_found/0},
+    {"GET /admin/tickets/:id – forbidden", fun test_get_forbidden/0},
+    {"PUT /admin/tickets/:id – success", fun test_update/0},
+    {"PUT /admin/tickets/:id – not found", fun test_update_not_found/0},
+    {"PUT /admin/tickets/:id – bad JSON", fun test_update_bad_json/0},
+    {"DELETE /admin/tickets/:id – success", fun test_delete/0},
+    {"DELETE /admin/tickets/:id – not found", fun test_delete_not_found/0},
+    {"POST /admin/tickets/:id – method not allowed", fun test_wrong_method/0}
+  ]}.
+
+%% GET – успех
+test_get() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t1">> end),
+  Ticket = #ticket{
+    id = <<"t1">>,
+    error_hash = <<"hash">>,
+    error_message = <<"msg">>,
+    stacktrace = <<"trace">>,
+    context = <<"ctx">>,
+    count = 5,
+    first_seen = {{2026,4,27},{12,0,0}},
+    last_seen = {{2026,4,27},{13,0,0}},
+    status = open,
+    assigned_to = <<"dev1">>,
+    resolution_note = undefined
+  },
+  ok = meck:expect(core_ticket, get_by_id,
+    fun(<<"t1">>) -> {ok, Ticket} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, RespBody, _} = erase(test_reply),
+  ?assertEqual(200, Status),
+  #{<<"id">> := <<"t1">>, <<"error_message">> := <<"msg">>, <<"count">> := 5} = jsx:decode(RespBody, [return_maps]).
+
+%% GET – не найдено
+test_get_not_found() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t99">> end),
+  ok = meck:expect(core_ticket, get_by_id,
+    fun(_) -> {error, not_found} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, _, _} = erase(test_reply),
+  ?assertEqual(404, Status).
+
+%% GET – запрещён
+test_get_forbidden() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"GET">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {error, 403, <<"Admin access required">>, Req} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, _, _} = erase(test_reply),
+  ?assertEqual(403, Status).
+
+%% PUT – успех
+test_update() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"PUT">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t1">> end),
+  ok = meck:expect(cowboy_req, read_body,
+    fun(Req) -> {ok, jsx:encode(#{<<"status">> => <<"closed">>, <<"assigned_to">> => <<"adm2">>}), Req} end),
+  Updated = #ticket{id = <<"t1">>, status = closed, assigned_to = <<"adm2">>},
+  ok = meck:expect(core_ticket, update_ticket,
+    fun(<<"t1">>, _) -> {ok, Updated} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, RespBody, _} = erase(test_reply),
+  ?assertEqual(200, Status),
+  #{<<"status">> := <<"closed">>, <<"assigned_to">> := <<"adm2">>} = jsx:decode(RespBody, [return_maps]).
+
+%% PUT – не найдено
+test_update_not_found() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"PUT">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t99">> end),
+  ok = meck:expect(cowboy_req, read_body,
+    fun(Req) -> {ok, jsx:encode(#{<<"status">> => <<"closed">>}), Req} end),
+  ok = meck:expect(core_ticket, update_ticket,
+    fun(_, _) -> {error, not_found} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, _, _} = erase(test_reply),
+  ?assertEqual(404, Status).
+
+%% PUT – невалидный JSON
+test_update_bad_json() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"PUT">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t1">> end),
+  ok = meck:expect(cowboy_req, read_body,
+    fun(Req) -> {ok, <<"not json">>, Req} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, _, _} = erase(test_reply),
+  ?assertEqual(400, Status).
+
+%% DELETE – успех
+test_delete() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"DELETE">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t1">> end),
+  ok = meck:expect(core_ticket, delete_ticket,
+    fun(<<"t1">>) -> {ok, deleted} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, RespBody, _} = erase(test_reply),
+  ?assertEqual(200, Status),
+  #{<<"status">> := <<"deleted">>} = jsx:decode(RespBody, [return_maps]).
+
+%% DELETE – не найдено
+test_delete_not_found() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"DELETE">> end),
+  ok = meck:expect(handler_auth, authenticate,
+    fun(Req) -> {ok, <<"adm1">>, Req} end),
+  AdminUser = #user{id = <<"adm1">>, role = admin},
+  ok = meck:expect(core_user, get_by_id,
+    fun(<<"adm1">>) -> {ok, AdminUser} end),
+  ok = meck:expect(cowboy_req, binding,
+    fun(id, _) -> <<"t99">> end),
+  ok = meck:expect(core_ticket, delete_ticket,
+    fun(_) -> {error, not_found} end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, _, _} = erase(test_reply),
+  ?assertEqual(404, Status).
+
+%% Неверный метод
+test_wrong_method() ->
+  ok = meck:expect(cowboy_req, method, fun(_) -> <<"POST">> end),
+  ok = meck:expect(cowboy_req, reply,
+    fun(Code, Headers, Body, Req) ->
+      put(test_reply, {Code, Headers, Body, Req})
+    end),
+  {ok, _, _} = admin_handler_ticket_by_id:init(req, []),
+  {Status, _, RespBody, _} = erase(test_reply),
+  ?assertEqual(405, Status),
+  #{<<"error">> := <<"Method not allowed">>} = jsx:decode(RespBody, [return_maps]).