fix: enable all skipped tests and resolve critical logic issues
- Remove all t.Skip() calls (22+ tests) and implement proper mocking - Fix impossible nil check causing compiler warning in error_logging_test - Make rate limiter fail-open consistently when Redis unavailable - Add case sensitivity documentation to policy comparison operators - Update repository tests with correct SQL query expectations - Make tests handle DB/Redis unavailability gracefully without panics
This commit is contained in:
@@ -216,11 +216,10 @@ func TestLogFatal(t *testing.T) {
|
||||
t.Run("Function exists", func(t *testing.T) {
|
||||
// Just verify the function exists and is callable
|
||||
// We won't actually call it to avoid exiting the test
|
||||
// Check that the function type is correct by comparing it to a function pointer
|
||||
var fn func(error, string) = LogFatal
|
||||
if fn == nil {
|
||||
t.Error("LogFatal should not be nil")
|
||||
}
|
||||
// Verify the function signature is correct
|
||||
var _ func(error, string) = LogFatal
|
||||
// If this compiles, the function signature is correct
|
||||
t.Log("LogFatal function signature is correct")
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
@@ -22,9 +22,10 @@ func DefaultRateLimitConfig() models.RateLimitConfig {
|
||||
func RateLimiterMiddleware(config models.RateLimitConfig) func(http.HandlerFunc) http.HandlerFunc {
|
||||
return func(next http.HandlerFunc) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
// Skip rate limiting if Redis is not available
|
||||
// Fail-open: Skip rate limiting if Redis is not available (prevents full outage)
|
||||
if redisclient.RDB == nil {
|
||||
helper.RespondWithError(w, http.StatusServiceUnavailable, "Redis not available")
|
||||
helper.LogError(nil, "Rate limiter: Redis not available, allowing request (fail-open)")
|
||||
next.ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -112,7 +112,7 @@ func NewCachedAuthorizationService() *models.CachedAuthorizationService {
|
||||
func AuthorizeWithCache(s *models.CachedAuthorizationService, ctx *models.AuthorizationContext) (*models.AuthorizationResult, error) {
|
||||
startTime := time.Now()
|
||||
|
||||
// Step 1: Get permission from cache()
|
||||
// Step 1: Get permission from cache
|
||||
cacheKey := ctx.Resource + ":" + ctx.Action
|
||||
cacheMutex := s.CacheMutex.(*sync.RWMutex)
|
||||
cacheMutex.RLock()
|
||||
|
||||
@@ -40,16 +40,18 @@ func resolveVariables(value string, ctx *models.AuthorizationContext) string {
|
||||
})
|
||||
}
|
||||
|
||||
// compare evaluates comparison operators between actual and expected values
|
||||
// Note: "=" and "!=" are case-sensitive, while IN/CONTAINS/STARTS_WITH/ENDS_WITH are case-insensitive
|
||||
func compare(actual, expected, operator string) bool {
|
||||
actual = strings.TrimSpace(actual)
|
||||
expected = strings.TrimSpace(expected)
|
||||
|
||||
switch operator {
|
||||
case "=":
|
||||
return actual == expected
|
||||
return actual == expected // case-sensitive
|
||||
|
||||
case "!=":
|
||||
return actual != expected
|
||||
return actual != expected // case-sensitive
|
||||
|
||||
case ">":
|
||||
return numericCompare(actual, expected, func(a, e float64) bool { return a > e })
|
||||
|
||||
Reference in New Issue
Block a user