feat: late-night brainless tests and coverage

Author: bitfl0wer

src/api/auth/mod.rs

@@ -3,6 +3,7 @@ use poem::Route;
 mod login;
 mod register;
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 pub fn setup_routes() -> Route {
 	Route::new()
 }

src/api/auth/register.rs

@@ -1,6 +1,6 @@
 use argon2::{
 	Argon2,
-	password_hash::{PasswordHash, PasswordHasher, SaltString, rand_core::OsRng},
+	password_hash::{PasswordHasher, SaltString, rand_core::OsRng},
 };
 use poem::{
 	IntoResponse, handler,
@@ -14,6 +14,7 @@ use crate::{
 	errors::{Context, Errcode, Error, SonataApiError},
 };
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 #[handler]
 pub async fn register(
 	Json(payload): Json<RegisterSchema>,

src/api/middlewares/mod.rs

@@ -10,6 +10,7 @@ use crate::database::tokens::{TokenStore, hash_auth_token};
 /// [AuthenticationMiddlewareImpl]
 pub struct AuthenticationMiddleware;
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 impl<E: Endpoint> Middleware<E> for AuthenticationMiddleware {
 	type Output = AuthenticationMiddlewareImpl<E>;
 
@@ -25,6 +26,7 @@ pub struct AuthenticationMiddlewareImpl<E> {
 	ep: E,
 }
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 impl<E: Endpoint> Endpoint for AuthenticationMiddlewareImpl<E> {
 	type Output = E::Output;
 

src/api/mod.rs

@@ -62,6 +62,7 @@ pub(super) fn start_api(
 	handle
 }
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 /// Catch-all fallback error.
 async fn custom_error(err: poem::Error) -> impl IntoResponse {
 	Json(json! ({
@@ -71,11 +72,13 @@ async fn custom_error(err: poem::Error) -> impl IntoResponse {
 	.with_status(err.status())
 }
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 #[handler]
 fn healthz() -> impl IntoResponse {
 	Response::builder().status(StatusCode::OK).finish()
 }
 
+#[cfg_attr(coverage_nightly, coverage(off))]
 /// All routes under `/.p2/core/`.
 fn setup_p2_core_routes() -> Route {
 	Route::new()

src/api/models/mod.rs

@@ -68,3 +68,168 @@ impl PasswordRequirements for NISTPasswordRequirements {
 		Ok(password.to_owned())
 	}
 }
+
+#[cfg(test)]
+mod tests {
+	use serde_json::json;
+
+	use super::*;
+
+	#[test]
+	fn test_register_schema_serialization() {
+		let schema = RegisterSchema {
+			tos_consent: true,
+			local_name: "testuser".to_string(),
+			password: "testpassword123".to_string(),
+			invite: Some("invite123".to_string()),
+		};
+
+		let serialized = serde_json::to_string(&schema).unwrap();
+		let parsed: serde_json::Value = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(parsed["tosConsent"], true);
+		assert_eq!(parsed["localName"], "testuser");
+		assert_eq!(parsed["password"], "testpassword123");
+		assert_eq!(parsed["invite"], "invite123");
+	}
+
+	#[test]
+	fn test_register_schema_deserialization() {
+		let json_str = r#"{"tosConsent":true,"localName":"testuser","password":"testpassword123","invite":"invite123"}"#;
+		let schema: RegisterSchema = serde_json::from_str(json_str).unwrap();
+
+		assert_eq!(schema.tos_consent, true);
+		assert_eq!(schema.local_name, "testuser");
+		assert_eq!(schema.password, "testpassword123");
+		assert_eq!(schema.invite, Some("invite123".to_string()));
+	}
+
+	#[test]
+	fn test_nist_password_requirements_valid_password() {
+		let result = NISTPasswordRequirements::verify_requirements("password123");
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), "password123");
+	}
+
+	#[test]
+	fn test_nist_password_requirements_minimum_length() {
+		let result = NISTPasswordRequirements::verify_requirements("12345678");
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), "12345678");
+	}
+
+	#[test]
+	fn test_nist_password_requirements_maximum_length() {
+		let long_password = "a".repeat(64);
+		let result = NISTPasswordRequirements::verify_requirements(&long_password);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), long_password);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_too_short() {
+		let result = NISTPasswordRequirements::verify_requirements("1234567");
+		assert!(result.is_err());
+		let error = result.unwrap_err();
+		assert_eq!(error.code, crate::errors::Errcode::IllegalInput);
+		assert!(error.context.is_some());
+		let context = error.context.unwrap();
+		assert_eq!(context.field_name, "password");
+		assert_eq!(context.found, "7 characters");
+		assert_eq!(context.expected, "More than 7 and less than 65 characters");
+	}
+
+	#[test]
+	fn test_nist_password_requirements_too_long() {
+		let long_password = "a".repeat(65);
+		let result = NISTPasswordRequirements::verify_requirements(&long_password);
+		assert!(result.is_err());
+		let error = result.unwrap_err();
+		assert_eq!(error.code, crate::errors::Errcode::IllegalInput);
+		assert!(error.context.is_some());
+		let context = error.context.unwrap();
+		assert_eq!(context.field_name, "password");
+		assert_eq!(context.found, "65 characters");
+		assert_eq!(context.expected, "More than 7 and less than 65 characters");
+	}
+
+	#[test]
+	fn test_nist_password_requirements_empty_password() {
+		let result = NISTPasswordRequirements::verify_requirements("");
+		assert!(result.is_err());
+		let error = result.unwrap_err();
+		assert_eq!(error.code, crate::errors::Errcode::IllegalInput);
+		assert!(error.context.is_some());
+		let context = error.context.unwrap();
+		assert_eq!(context.field_name, "password");
+		assert_eq!(context.found, "0 characters");
+		assert_eq!(context.expected, "More than 7 and less than 65 characters");
+	}
+
+	#[test]
+	fn test_nist_password_requirements_unicode_characters() {
+		let unicode_password = "пароль123🔐";
+		let result = NISTPasswordRequirements::verify_requirements(unicode_password);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), unicode_password);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_spaces_allowed() {
+		let password_with_spaces = "password with spaces";
+		let result = NISTPasswordRequirements::verify_requirements(password_with_spaces);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), password_with_spaces);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_special_characters() {
+		let special_password = "!@#$%^&*()_+-=[]{}|;':\",./<>?";
+		let result = NISTPasswordRequirements::verify_requirements(special_password);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), special_password);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_mixed_case() {
+		let mixed_case_password = "AbCdEfGhIjKl";
+		let result = NISTPasswordRequirements::verify_requirements(mixed_case_password);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), mixed_case_password);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_numbers_only() {
+		let numbers_only = "12345678";
+		let result = NISTPasswordRequirements::verify_requirements(numbers_only);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), numbers_only);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_letters_only() {
+		let letters_only = "abcdefgh";
+		let result = NISTPasswordRequirements::verify_requirements(letters_only);
+		assert!(result.is_ok());
+		assert_eq!(result.unwrap(), letters_only);
+	}
+
+	#[test]
+	fn test_nist_password_requirements_boundary_values() {
+		// Test exactly 8 characters
+		let min_valid = "12345678";
+		assert!(NISTPasswordRequirements::verify_requirements(min_valid).is_ok());
+
+		// Test exactly 64 characters
+		let max_valid = "a".repeat(64);
+		assert!(NISTPasswordRequirements::verify_requirements(&max_valid).is_ok());
+
+		// Test exactly 7 characters (should fail)
+		let too_short = "1234567";
+		assert!(NISTPasswordRequirements::verify_requirements(too_short).is_err());
+
+		// Test exactly 65 characters (should fail)
+		let too_long = "a".repeat(65);
+		assert!(NISTPasswordRequirements::verify_requirements(&too_long).is_err());
+	}
+}

src/config/mod.rs

@@ -135,7 +135,7 @@ impl SonataConfig {
 	}
 }
 
-#[derive(Debug, Deserialize, Default, Clone)]
+#[derive(Debug, Deserialize, Default, Clone, PartialEq)]
 /// TLS configuration modes. Also called `sslconfig` by PostgreSQL. See <https://www.postgresql.org/docs/current/libpq-ssl.html#:~:text=32.1.%C2%A0SSL%20Mode-,descriptions,-sslmode>
 /// for the security implications of this choice.
 pub enum TlsConfig {

src/database/mod.rs

@@ -96,7 +96,24 @@ mod tests {
 		assert!(result.is_err());
 	}
 
-	// Note: Testing actual database connections and migrations would require
-	// either a test database or mocking, which is typically done in integration
-	// tests
+	#[tokio::test]
+	async fn test_connect_with_config_zero_max_connections() {
+		let config = DatabaseConfig {
+			max_connections: 0, // Zero connections should cause a panic during pool creation
+			database: "test".to_owned(),
+			username: "test".to_owned(),
+			password: "test".to_owned(),
+			port: 5432,
+			host: "localhost".to_owned(),
+			tls: TlsConfig::Disable,
+		};
+
+		// This should panic or error due to zero max_connections
+		let result = std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| {
+			tokio::runtime::Runtime::new()
+				.unwrap()
+				.block_on(async { Database::connect_with_config(&config).await })
+		}));
+		assert!(result.is_err());
+	}
 }

src/database/models/mod.rs

@@ -158,3 +158,23 @@ pub struct Invite {
 	pub invite_code: String,
 	pub invalid: bool,
 }
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+
+	#[test]
+	fn test_algorithm_identifier_creation() {
+		let algo_id = AlgorithmIdentifier {
+			id: 1,
+			algorithm_identifier_oid: "1.2.840.113549.1.1.11".to_string(),
+			common_name: Some("SHA256withRSA".to_string()),
+			parameters: Some("null".to_string()),
+		};
+
+		assert_eq!(algo_id.id, 1);
+		assert_eq!(algo_id.algorithm_identifier_oid, "1.2.840.113549.1.1.11");
+		assert_eq!(algo_id.common_name, Some("SHA256withRSA".to_string()));
+		assert_eq!(algo_id.parameters, Some("null".to_string()));
+	}
+}

src/errors.rs

@@ -64,7 +64,7 @@ impl Error {
 	}
 }
 
-#[derive(Debug, Clone, Copy, Display, Serialize, Deserialize)]
+#[derive(Debug, Clone, Copy, Display, Serialize, Deserialize, PartialEq)]
 /// Standardized polyproto core error codes, giving a rough idea of what went
 /// wrong.
 pub enum Errcode {
@@ -191,7 +191,6 @@ pub(crate) enum SonataDbError {
 	Sqlx(#[from] sqlx::Error),
 }
 
-#[cfg_attr(coverage_nightly, coverage(off))]
 impl ResponseError for SonataApiError {
 	fn status(&self) -> poem::http::StatusCode {
 		match self {
@@ -212,7 +211,6 @@ impl IntoResponse for SonataApiError {
 	}
 }
 
-#[cfg_attr(coverage_nightly, coverage(off))]
 impl ResponseError for SonataDbError {
 	fn status(&self) -> poem::http::StatusCode {
 		match self {
@@ -221,3 +219,29 @@ impl ResponseError for SonataDbError {
 		}
 	}
 }
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+
+	#[test]
+	fn test_error_serialization() {
+		let context = Context::new(Some("field"), Some("value"), Some("expected"));
+		let error = Error {
+			code: Errcode::IllegalInput,
+			message: "Test message".to_string(),
+			context: Some(context),
+		};
+
+		let serialized = serde_json::to_string(&error).unwrap();
+		let deserialized: Error = serde_json::from_str(&serialized).unwrap();
+
+		assert_eq!(deserialized.code, error.code);
+		assert_eq!(deserialized.message, error.message);
+		assert!(deserialized.context.is_some());
+		let ctx = deserialized.context.unwrap();
+		assert_eq!(ctx.field_name, "field");
+		assert_eq!(ctx.found, "value");
+		assert_eq!(ctx.expected, "expected");
+	}
+}