From 1dede4eb50a449f8f403c4f4b9af35c5f6769f7e Mon Sep 17 00:00:00 2001 From: pasha1coil Date: Mon, 14 Jul 2025 11:26:10 +0300 Subject: [PATCH] - --- tests/main_test.go | 101 ++++++++++++++++++++------------------------- 1 file changed, 44 insertions(+), 57 deletions(-) diff --git a/tests/main_test.go b/tests/main_test.go index f700a70..ea794ec 100644 --- a/tests/main_test.go +++ b/tests/main_test.go @@ -26,6 +26,8 @@ var existingUserIDToken = os.Getenv("EXISTING_USER_ID_JWT_TOKEN") var userIDForDelete = os.Getenv("USER_ID_FOR_DELETE") var existingUserID = os.Getenv("EXISTING_USER_ID") var testUserID = os.Getenv("TEST_USER_ID") +var userWithoutPrivileges = os.Getenv("USER_NO_PRIVILEGES") + var sqlInjectionInput = "'; DROP TABLE accounts; --" var xssInput = "" @@ -407,15 +409,6 @@ func TestCreateAccount(t *testing.T) { assert.Error(t, err) assert.Contains(t, err.Error(), "timeout") }) - // todo need check - t.Run("SpecialCases_TransactionRollback", func(t *testing.T) { - resp := createAccountRequest(t, validToken, map[string]interface{}{ - "user_id": "transaction_test_user", - }) - defer resp.Body.Close() - - assert.True(t, resp.StatusCode == http.StatusOK || resp.StatusCode == http.StatusConflict) - }) } func createAccountRequest(t *testing.T, token string, payload map[string]interface{}) *http.Response { @@ -972,37 +965,37 @@ func TestGetAccounts_SpecialCases(t *testing.T) { }) // todo не имеем этого - t.Run("Caching", func(t *testing.T) { - body := map[string]interface{}{ - "limit": 10, - "page": 1, - } - b, err := json.Marshal(body) - assert.NoError(t, err) - - // Первый запрос - req1, err := http.NewRequest("GET", baseURL+"/accounts", bytes.NewReader(b)) - assert.NoError(t, err) - req1.Header.Set("Authorization", "Bearer "+validAdminToken) - req1.Header.Set("Content-Type", "application/json") - - resp1, err := http.DefaultClient.Do(req1) - assert.NoError(t, err) - defer resp1.Body.Close() - - // Второй запрос (должен быть быстрее из-за кэша) - req2, err := http.NewRequest("GET", baseURL+"/accounts", bytes.NewReader(b)) - assert.NoError(t, err) - req2.Header.Set("Authorization", "Bearer "+validAdminToken) - req2.Header.Set("Content-Type", "application/json") - - resp2, err := http.DefaultClient.Do(req2) - assert.NoError(t, err) - defer resp2.Body.Close() - - assert.Equal(t, http.StatusOK, resp1.StatusCode) - assert.Equal(t, http.StatusOK, resp2.StatusCode) - }) + //t.Run("Caching", func(t *testing.T) { + // body := map[string]interface{}{ + // "limit": 10, + // "page": 1, + // } + // b, err := json.Marshal(body) + // assert.NoError(t, err) + // + // // Первый запрос + // req1, err := http.NewRequest("GET", baseURL+"/accounts", bytes.NewReader(b)) + // assert.NoError(t, err) + // req1.Header.Set("Authorization", "Bearer "+validAdminToken) + // req1.Header.Set("Content-Type", "application/json") + // + // resp1, err := http.DefaultClient.Do(req1) + // assert.NoError(t, err) + // defer resp1.Body.Close() + // + // // Второй запрос (должен быть быстрее из-за кэша) + // req2, err := http.NewRequest("GET", baseURL+"/accounts", bytes.NewReader(b)) + // assert.NoError(t, err) + // req2.Header.Set("Authorization", "Bearer "+validAdminToken) + // req2.Header.Set("Content-Type", "application/json") + // + // resp2, err := http.DefaultClient.Do(req2) + // assert.NoError(t, err) + // defer resp2.Body.Close() + // + // assert.Equal(t, http.StatusOK, resp1.StatusCode) + // assert.Equal(t, http.StatusOK, resp2.StatusCode) + //}) } func TestGetPrivilege_Success(t *testing.T) { @@ -1232,10 +1225,8 @@ func TestGetPrivilege_ErrorHandling(t *testing.T) { }) } -// todo user_without_privileges func TestGetPrivilege_SpecialCases(t *testing.T) { t.Run("UserWithoutPrivileges", func(t *testing.T) { - userWithoutPrivileges := "user_without_privileges" body := map[string]string{"userId": userWithoutPrivileges} data, err := json.Marshal(body) assert.NoError(t, err) @@ -1390,7 +1381,7 @@ func TestDeleteAccountByUserID_Performance(t *testing.T) { wg.Add(1) go func(index int) { defer wg.Done() - // todo + // todo нужно придумать testUserID := fmt.Sprintf("load_test_user_%d", index) resp, err := deleteAccountByUserIDRequest(validAdminToken, map[string]string{"userId": testUserID}) if err == nil && resp != nil { @@ -2004,15 +1995,15 @@ func TestUpdateLeadTarget_InputValidation(t *testing.T) { }) // todo такого нет у нас - t.Run("InvalidTargetFormat", func(t *testing.T) { - resp, err := updateLeadTargetRequest(validToken, map[string]interface{}{ - "id": 123, - "target": "invalid_email", - }) - assert.NoError(t, err) - defer resp.Body.Close() - assert.Equal(t, http.StatusBadRequest, resp.StatusCode) - }) + //t.Run("InvalidTargetFormat", func(t *testing.T) { + // resp, err := updateLeadTargetRequest(validToken, map[string]interface{}{ + // "id": 123, + // "target": "invalid_email", + // }) + // assert.NoError(t, err) + // defer resp.Body.Close() + // assert.Equal(t, http.StatusBadRequest, resp.StatusCode) + //}) t.Run("EmptyBody", func(t *testing.T) { resp, err := updateLeadTargetRequest(validToken, map[string]interface{}{}) @@ -3005,7 +2996,6 @@ func TestGetQuestionList_InputValidation(t *testing.T) { assert.Equal(t, http.StatusBadRequest, resp.StatusCode) }) - // todo check t.Run("InvalidTimeRange", func(t *testing.T) { resp, err := getQuestionListRequest(validToken, map[string]interface{}{ "from": 1000, @@ -3120,7 +3110,6 @@ func TestGetQuestionList_Filters(t *testing.T) { assert.Equal(t, "text", question["type"]) } }) - // todo check t.Run("FilterBySearch", func(t *testing.T) { resp, err := getQuestionListRequest(validToken, map[string]interface{}{ "quiz_id": 12347, @@ -3138,7 +3127,6 @@ func TestGetQuestionList_Filters(t *testing.T) { assert.True(t, ok) assert.NotEmpty(t, items) }) - // todo check t.Run("FilterByRequired", func(t *testing.T) { resp, err := getQuestionListRequest(validToken, map[string]interface{}{ "quiz_id": 12347, @@ -5134,7 +5122,7 @@ func TestGetQuizList_Pagination(t *testing.T) { assert.True(t, ok) assert.LessOrEqual(t, len(items), 5) }) - // todo + // todo со временм бдшка же заполнится t.Run("EmptyPage", func(t *testing.T) { resp, err := getQuizListRequest(validToken, map[string]interface{}{ "limit": 5, @@ -5154,7 +5142,6 @@ func TestGetQuizList_Pagination(t *testing.T) { }) } -// todo check func TestGetQuizList_Filters(t *testing.T) { statuses := []string{"draft", "start", "stop", "template"} for _, status := range statuses {