[+] add tests for webserver (#754)

* [+] add tests for `webserver`
* [+] add tests for metric and preset endpoints
* [+] add tests for `handleStatic`
* [+] add tests for source endpoints
* [+] add tests for `/log` endpoint
* [+] synchronize web-socket log reader and writer
* [+] add jwt-related tests

Author: pashagolub

cmd/pgwatch/main.go

@@ -32,11 +32,11 @@ func setupCloseHandler(cancel context.CancelFunc) {
 }
 
 var (
-	exitCode atomic.Int32          // Exit code to be returned to the OS
-	mainCtx  context.Context       // Main context for the application
-	cancel   context.CancelFunc    // Cancel function to stop the main context
-	logger   log.LoggerHookerIface // Logger for the application
-	opts     *cmdopts.Options      // Command line options for the application
+	exitCode atomic.Int32       // Exit code to be returned to the OS
+	mainCtx  context.Context    // Main context for the application
+	cancel   context.CancelFunc // Cancel function to stop the main context
+	logger   log.LoggerHooker   // Logger for the application
+	opts     *cmdopts.Options   // Command line options for the application
 	err      error
 )
 

internal/log/log.go

@@ -11,11 +11,11 @@ import (
 )
 
 type (
-	// LoggerIface is the interface used by all components
-	LoggerIface logrus.FieldLogger
-	//LoggerHookerIface adds AddHook method to LoggerIface for database logging hook
-	LoggerHookerIface interface {
-		LoggerIface
+	// Logger is the interface used by all components
+	Logger logrus.FieldLogger
+	//LoggerHooker adds AddHook method to LoggerIface for database logging hook
+	LoggerHooker interface {
+		Logger
 		AddHook(hook logrus.Hook)
 		AddSubscriber(msgCh MessageChanType)
 		RemoveSubscriber(msgCh MessageChanType)
@@ -54,7 +54,7 @@ func getLogFileFormatter(opts CmdOpts) logrus.Formatter {
 }
 
 // Init creates logging facilities for the application
-func Init(opts CmdOpts) LoggerHookerIface {
+func Init(opts CmdOpts) LoggerHooker {
 	var err error
 	l := logger{logrus.New(), NewBrokerHook(context.Background(), opts.LogLevel)}
 	l.AddHook(l.BrokerHook)
@@ -74,11 +74,11 @@ func Init(opts CmdOpts) LoggerHookerIface {
 
 // PgxLogger is the struct used to log using pgx postgres driver
 type PgxLogger struct {
-	l LoggerIface
+	l Logger
 }
 
 // NewPgxLogger returns a new instance of PgxLogger
-func NewPgxLogger(l LoggerIface) *PgxLogger {
+func NewPgxLogger(l Logger) *PgxLogger {
 	return &PgxLogger{l}
 }
 
@@ -107,7 +107,7 @@ func (pgxlogger *PgxLogger) Log(ctx context.Context, level tracelog.LogLevel, ms
 
 // WithLogger returns a new context with the provided logger. Use in
 // combination with logger.WithField(s) for great effect
-func WithLogger(ctx context.Context, logger LoggerIface) context.Context {
+func WithLogger(ctx context.Context, logger Logger) context.Context {
 	return context.WithValue(ctx, loggerKey{}, logger)
 }
 
@@ -116,10 +116,10 @@ var FallbackLogger = Init(CmdOpts{})
 
 // GetLogger retrieves the current logger from the context. If no logger is
 // available, the default logger is returned
-func GetLogger(ctx context.Context) LoggerIface {
+func GetLogger(ctx context.Context) Logger {
 	logger := ctx.Value(loggerKey{})
 	if logger == nil {
 		return FallbackLogger
 	}
-	return logger.(LoggerIface)
+	return logger.(Logger)
 }

internal/reaper/reaper.go

@@ -26,7 +26,7 @@ type Reaper struct {
 	ready                atomic.Bool
 	measurementCh        chan []metrics.MeasurementEnvelope
 	measurementCache     *InstanceMetricCache
-	logger               log.LoggerIface
+	logger               log.Logger
 	monitoredSources     sources.SourceConns
 	prevLoopMonitoredDBs sources.SourceConns
 	cancelFuncs          map[string]context.CancelFunc
@@ -191,7 +191,7 @@ func (r *Reaper) Reap(ctx context.Context) {
 }
 
 // CreateSourceHelpers creates the extensions and metric helpers for the monitored source
-func (r *Reaper) CreateSourceHelpers(ctx context.Context, srcL log.LoggerIface, monitoredSource *sources.SourceConn) {
+func (r *Reaper) CreateSourceHelpers(ctx context.Context, srcL log.Logger, monitoredSource *sources.SourceConn) {
 	if r.prevLoopMonitoredDBs.GetMonitoredDatabase(monitoredSource.Name) != nil {
 		return // already created
 	}

internal/sources/resolver.go

@@ -56,7 +56,7 @@ type PatroniClusterMember struct {
 	Role    string
 }
 
-var logger log.LoggerIface = log.FallbackLogger
+var logger log.Logger = log.FallbackLogger
 
 var lastFoundClusterMembers = make(map[string][]PatroniClusterMember) // needed for cases where DCS is temporarily down
 // don't want to immediately remove monitoring of DBs

internal/webserver/api.go

@@ -0,0 +1,127 @@
+package webserver
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestIsCorrectPassword(t *testing.T) {
+	ts := &WebUIServer{CmdOpts: CmdOpts{WebUser: "user", WebPassword: "pass"}}
+	assert.True(t, ts.IsCorrectPassword(loginReq{Username: "user", Password: "pass"}))
+	assert.False(t, ts.IsCorrectPassword(loginReq{Username: "user", Password: "wrong"}))
+	assert.True(t, (&WebUIServer{}).IsCorrectPassword(loginReq{})) // empty user/pass disables auth
+}
+
+func TestHandleLogin_POST_Success(t *testing.T) {
+	ts := &WebUIServer{CmdOpts: CmdOpts{WebUser: "user", WebPassword: "pass"}}
+	body, _ := json.Marshal(map[string]string{"user": "user", "password": "pass"})
+	r := httptest.NewRequest(http.MethodPost, "/login", bytes.NewReader(body))
+	w := httptest.NewRecorder()
+	ts.handleLogin(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusOK, resp.StatusCode)
+	token, _ := io.ReadAll(resp.Body)
+	assert.NotEmpty(t, string(token))
+}
+
+func TestHandleLogin_POST_Fail(t *testing.T) {
+	ts := &WebUIServer{CmdOpts: CmdOpts{WebUser: "user", WebPassword: "pass"}}
+	body, _ := json.Marshal(map[string]string{"user": "user", "password": "wrong"})
+	r := httptest.NewRequest(http.MethodPost, "/login", bytes.NewReader(body))
+	w := httptest.NewRecorder()
+	ts.handleLogin(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusUnauthorized, resp.StatusCode)
+}
+
+func TestHandleLogin_POST_BadJSON(t *testing.T) {
+	ts := &WebUIServer{CmdOpts: CmdOpts{WebUser: "user", WebPassword: "pass"}}
+	r := httptest.NewRequest(http.MethodPost, "/login", bytes.NewReader([]byte("notjson")))
+	w := httptest.NewRecorder()
+	ts.handleLogin(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusInternalServerError, resp.StatusCode)
+}
+
+func TestHandleLogin_GET(t *testing.T) {
+	ts := &WebUIServer{}
+	r := httptest.NewRequest(http.MethodGet, "/login", nil)
+	w := httptest.NewRecorder()
+	ts.handleLogin(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusOK, resp.StatusCode)
+	body, _ := io.ReadAll(resp.Body)
+	assert.Equal(t, "only POST methods is allowed.", string(body))
+}
+
+func TestGenerateAndValidateJWT(t *testing.T) {
+	token, err := generateJWT("user1")
+	assert.NoError(t, err)
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	r.Header.Set("Token", token)
+	assert.NoError(t, validateToken(r))
+}
+
+func TestValidateToken_MissingToken(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	err := validateToken(r)
+	assert.Error(t, err)
+	assert.Contains(t, err.Error(), "can not find token")
+}
+
+func TestValidateToken_InvalidToken(t *testing.T) {
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	r.Header.Set("Token", "invalidtoken")
+	err := validateToken(r)
+	assert.Error(t, err)
+}
+
+func TestEnsureAuth_ServeHTTP(t *testing.T) {
+	called := false
+	h := func(w http.ResponseWriter, _ *http.Request) {
+		called = true
+		w.WriteHeader(http.StatusTeapot)
+	}
+	token, _ := generateJWT("user1")
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	r.Header.Set("Token", token)
+	w := httptest.NewRecorder()
+	NewEnsureAuth(h).ServeHTTP(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusTeapot, resp.StatusCode)
+	assert.True(t, called)
+}
+
+func TestEnsureAuth_ServeHTTP_InvalidToken(t *testing.T) {
+	h := func(w http.ResponseWriter, _ *http.Request) {
+		w.WriteHeader(http.StatusTeapot)
+	}
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	r.Header.Set("Token", "invalidtoken")
+	w := httptest.NewRecorder()
+	NewEnsureAuth(h).ServeHTTP(w, r)
+	resp := w.Result()
+	assert.Equal(t, http.StatusUnauthorized, resp.StatusCode)
+}
+
+func TestJWT_Expiration(t *testing.T) {
+	tok := jwt.New(jwt.SigningMethodHS256)
+	claims := tok.Claims.(jwt.MapClaims)
+	claims["authorized"] = true
+	claims["username"] = "user"
+	claims["exp"] = time.Now().Add(-time.Hour).Unix() // expired
+	token, _ := tok.SignedString(sampleSecretKey)
+	r := httptest.NewRequest(http.MethodGet, "/", nil)
+	r.Header.Set("Token", token)
+	err := validateToken(r)
+	assert.Error(t, err)
+	assert.Contains(t, err.Error(), "token is expired")
+}