fix tests

2026-04-21 09:46:40 +00:00 · 2026-02-24 10:32:12 +01:00
parent 33cda4d10c
commit b450fa2cca
9 changed files with 170 additions and 93 deletions
--- a/management/internals/shared/grpc/proxy_group_access_test.go
+++ b/management/internals/shared/grpc/proxy_group_access_test.go
@@ -8,12 +8,12 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

-	"github.com/netbirdio/netbird/management/internals/modules/reverseproxy"
+	"github.com/netbirdio/netbird/management/internals/modules/reverseproxy/service"
 	"github.com/netbirdio/netbird/management/server/types"
 )

 type mockReverseProxyManager struct {
-	proxiesByAccount map[string][]*reverseproxy.Service
+	proxiesByAccount map[string][]*service.Service
 	err              error
 }

@@ -21,31 +21,31 @@ func (m *mockReverseProxyManager) DeleteAllServices(ctx context.Context, account
 	return nil
 }

-func (m *mockReverseProxyManager) GetAccountServices(ctx context.Context, accountID string) ([]*reverseproxy.Service, error) {
+func (m *mockReverseProxyManager) GetAccountServices(ctx context.Context, accountID string) ([]*service.Service, error) {
 	if m.err != nil {
 		return nil, m.err
 	}
 	return m.proxiesByAccount[accountID], nil
 }

-func (m *mockReverseProxyManager) GetGlobalServices(ctx context.Context) ([]*reverseproxy.Service, error) {
+func (m *mockReverseProxyManager) GetGlobalServices(ctx context.Context) ([]*service.Service, error) {
 	return nil, nil
 }

-func (m *mockReverseProxyManager) GetAllServices(ctx context.Context, accountID, userID string) ([]*reverseproxy.Service, error) {
-	return []*reverseproxy.Service{}, nil
+func (m *mockReverseProxyManager) GetAllServices(ctx context.Context, accountID, userID string) ([]*service.Service, error) {
+	return []*service.Service{}, nil
 }

-func (m *mockReverseProxyManager) GetService(ctx context.Context, accountID, userID, reverseProxyID string) (*reverseproxy.Service, error) {
-	return &reverseproxy.Service{}, nil
+func (m *mockReverseProxyManager) GetService(ctx context.Context, accountID, userID, reverseProxyID string) (*service.Service, error) {
+	return &service.Service{}, nil
 }

-func (m *mockReverseProxyManager) CreateService(ctx context.Context, accountID, userID string, rp *reverseproxy.Service) (*reverseproxy.Service, error) {
-	return &reverseproxy.Service{}, nil
+func (m *mockReverseProxyManager) CreateService(ctx context.Context, accountID, userID string, rp *service.Service) (*service.Service, error) {
+	return &service.Service{}, nil
 }

-func (m *mockReverseProxyManager) UpdateService(ctx context.Context, accountID, userID string, rp *reverseproxy.Service) (*reverseproxy.Service, error) {
-	return &reverseproxy.Service{}, nil
+func (m *mockReverseProxyManager) UpdateService(ctx context.Context, accountID, userID string, rp *service.Service) (*service.Service, error) {
+	return &service.Service{}, nil
 }

 func (m *mockReverseProxyManager) DeleteService(ctx context.Context, accountID, userID, reverseProxyID string) error {
@@ -56,7 +56,7 @@ func (m *mockReverseProxyManager) SetCertificateIssuedAt(ctx context.Context, ac
 	return nil
 }

-func (m *mockReverseProxyManager) SetStatus(ctx context.Context, accountID, reverseProxyID string, status reverseproxy.ProxyStatus) error {
+func (m *mockReverseProxyManager) SetStatus(ctx context.Context, accountID, reverseProxyID string, status service.Status) error {
 	return nil
 }

@@ -68,8 +68,8 @@ func (m *mockReverseProxyManager) ReloadService(ctx context.Context, accountID,
 	return nil
 }

-func (m *mockReverseProxyManager) GetServiceByID(ctx context.Context, accountID, reverseProxyID string) (*reverseproxy.Service, error) {
-	return &reverseproxy.Service{}, nil
+func (m *mockReverseProxyManager) GetServiceByID(ctx context.Context, accountID, reverseProxyID string) (*service.Service, error) {
+	return &service.Service{}, nil
 }

 func (m *mockReverseProxyManager) GetServiceIDByTargetID(_ context.Context, _, _ string) (string, error) {
@@ -97,7 +97,7 @@ func TestValidateUserGroupAccess(t *testing.T) {
 		name             string
 		domain           string
 		userID           string
-		proxiesByAccount map[string][]*reverseproxy.Service
+		proxiesByAccount map[string][]*service.Service
 		users            map[string]*types.User
 		proxyErr         error
 		userErr          error
@@ -108,7 +108,7 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "user not found",
 			domain: "app.example.com",
 			userID: "unknown-user",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{Domain: "app.example.com", AccountID: "account1"}},
 			},
 			users:        map[string]*types.User{},
@@ -119,7 +119,7 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:             "proxy not found in user's account",
 			domain:           "app.example.com",
 			userID:           "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{},
+			proxiesByAccount: map[string][]*service.Service{},
 			users: map[string]*types.User{
 				"user1": {Id: "user1", AccountID: "account1"},
 			},
@@ -130,7 +130,7 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "proxy exists in different account - not accessible",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account2": {{Domain: "app.example.com", AccountID: "account2"}},
 			},
 			users: map[string]*types.User{
@@ -143,8 +143,8 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "no bearer auth configured - same account allows access",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
-				"account1": {{Domain: "app.example.com", AccountID: "account1", Auth: reverseproxy.AuthConfig{}}},
+			proxiesByAccount: map[string][]*service.Service{
+				"account1": {{Domain: "app.example.com", AccountID: "account1", Auth: service.AuthConfig{}}},
 			},
 			users: map[string]*types.User{
 				"user1": {Id: "user1", AccountID: "account1"},
@@ -155,12 +155,12 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "bearer auth disabled - same account allows access",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{
 					Domain:    "app.example.com",
 					AccountID: "account1",
-					Auth: reverseproxy.AuthConfig{
-						BearerAuth: &reverseproxy.BearerAuthConfig{Enabled: false},
+					Auth: service.AuthConfig{
+						BearerAuth: &service.BearerAuthConfig{Enabled: false},
 					},
 				}},
 			},
@@ -173,12 +173,12 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "bearer auth enabled but no groups configured - same account allows access",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{
 					Domain:    "app.example.com",
 					AccountID: "account1",
-					Auth: reverseproxy.AuthConfig{
-						BearerAuth: &reverseproxy.BearerAuthConfig{
+					Auth: service.AuthConfig{
+						BearerAuth: &service.BearerAuthConfig{
 							Enabled:            true,
 							DistributionGroups: []string{},
 						},
@@ -194,12 +194,12 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "user not in allowed groups",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{
 					Domain:    "app.example.com",
 					AccountID: "account1",
-					Auth: reverseproxy.AuthConfig{
-						BearerAuth: &reverseproxy.BearerAuthConfig{
+					Auth: service.AuthConfig{
+						BearerAuth: &service.BearerAuthConfig{
 							Enabled:            true,
 							DistributionGroups: []string{"group1", "group2"},
 						},
@@ -216,12 +216,12 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "user in one of the allowed groups - allow access",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{
 					Domain:    "app.example.com",
 					AccountID: "account1",
-					Auth: reverseproxy.AuthConfig{
-						BearerAuth: &reverseproxy.BearerAuthConfig{
+					Auth: service.AuthConfig{
+						BearerAuth: &service.BearerAuthConfig{
 							Enabled:            true,
 							DistributionGroups: []string{"group1", "group2"},
 						},
@@ -237,12 +237,12 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "user in all allowed groups - allow access",
 			domain: "app.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{
 					Domain:    "app.example.com",
 					AccountID: "account1",
-					Auth: reverseproxy.AuthConfig{
-						BearerAuth: &reverseproxy.BearerAuthConfig{
+					Auth: service.AuthConfig{
+						BearerAuth: &service.BearerAuthConfig{
 							Enabled:            true,
 							DistributionGroups: []string{"group1", "group2"},
 						},
@@ -270,10 +270,10 @@ func TestValidateUserGroupAccess(t *testing.T) {
 			name:   "multiple proxies in account - finds correct one",
 			domain: "app2.example.com",
 			userID: "user1",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {
 					{Domain: "app1.example.com", AccountID: "account1"},
-					{Domain: "app2.example.com", AccountID: "account1", Auth: reverseproxy.AuthConfig{}},
+					{Domain: "app2.example.com", AccountID: "account1", Auth: service.AuthConfig{}},
 					{Domain: "app3.example.com", AccountID: "account1"},
 				},
 			},
@@ -314,7 +314,7 @@ func TestGetAccountProxyByDomain(t *testing.T) {
 		name             string
 		accountID        string
 		domain           string
-		proxiesByAccount map[string][]*reverseproxy.Service
+		proxiesByAccount map[string][]*service.Service
 		err              error
 		expectProxy      bool
 		expectErr        bool
@@ -323,7 +323,7 @@ func TestGetAccountProxyByDomain(t *testing.T) {
 			name:      "proxy found",
 			accountID: "account1",
 			domain:    "app.example.com",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {
 					{Domain: "other.example.com", AccountID: "account1"},
 					{Domain: "app.example.com", AccountID: "account1"},
@@ -336,7 +336,7 @@ func TestGetAccountProxyByDomain(t *testing.T) {
 			name:      "proxy not found in account",
 			accountID: "account1",
 			domain:    "unknown.example.com",
-			proxiesByAccount: map[string][]*reverseproxy.Service{
+			proxiesByAccount: map[string][]*service.Service{
 				"account1": {{Domain: "app.example.com", AccountID: "account1"}},
 			},
 			expectProxy: false,
@@ -346,7 +346,7 @@ func TestGetAccountProxyByDomain(t *testing.T) {
 			name:             "empty proxy list for account",
 			accountID:        "account1",
 			domain:           "app.example.com",
-			proxiesByAccount: map[string][]*reverseproxy.Service{},
+			proxiesByAccount: map[string][]*service.Service{},
 			expectProxy:      false,
 			expectErr:        true,
 		},