f6728dc71a
Addresses the security-audit findings on top of the admin feature stack: M1: /admin/mangas/:id/chapters now paginates (default limit 200, max 500). A long-runner with thousands of chapters would otherwise produce a multi-MB response with that many scalar subqueries per row — admin-only but a real stall risk on one expand-click. Adds explicit pagination tests for the cap and offset; frontend renders a "Showing first N of M" hint when the cap clips the result. L1: repo::user::set_is_admin renamed to set_is_admin_unchecked with a doc-comment pointing at admin_safe_set_is_admin for production use. The short name was a footgun — a future contributor reaching for it would silently bypass self-protection, the last-admin invariant, and the audit log. Used only by integration-test setup; production code goes through the admin_safe_* paths. CSRF posture: build_session_cookie carries a comment that the SameSite=Lax default is the project's CSRF defense for state-changing mutations and breaks the instant anyone adds a side-effecting GET under /admin/*. Spells out what to do then (Strict + explicit token check). Test counts: 43 backend admin tests + 12 vitest admin tests all green; svelte-check 0/0 across 446 files.
97 lines
3.1 KiB
Rust
97 lines
3.1 KiB
Rust
//! PR 4 (feat/admin-system-api) integration tests.
|
|
//!
|
|
//! Shape-only assertions — we don't mock the system, just call the
|
|
//! endpoint and check the response envelope. Threshold-triggering of
|
|
//! alerts would require faking statvfs / sysinfo, which is more
|
|
//! plumbing than the test gives back.
|
|
|
|
mod common;
|
|
|
|
use axum::http::StatusCode;
|
|
use axum::Router;
|
|
use sqlx::PgPool;
|
|
use tower::ServiceExt;
|
|
|
|
use mangalord::repo;
|
|
|
|
async fn seed_admin(pool: &PgPool, app: &Router) -> String {
|
|
let (username, cookie) = common::register_user(app).await;
|
|
let u = repo::user::find_by_username(pool, &username)
|
|
.await
|
|
.unwrap()
|
|
.unwrap();
|
|
repo::user::set_is_admin_unchecked(pool, u.id, true).await.unwrap();
|
|
cookie
|
|
}
|
|
|
|
#[sqlx::test(migrations = "./migrations")]
|
|
async fn requires_admin(pool: PgPool) {
|
|
let h = common::harness(pool);
|
|
let (_u, cookie) = common::register_user(&h.app).await;
|
|
let resp = h
|
|
.app
|
|
.oneshot(common::get_with_cookie("/api/v1/admin/system", &cookie))
|
|
.await
|
|
.unwrap();
|
|
assert_eq!(resp.status(), StatusCode::FORBIDDEN);
|
|
}
|
|
|
|
#[sqlx::test(migrations = "./migrations")]
|
|
async fn unauthenticated_request_is_rejected(pool: PgPool) {
|
|
let h = common::harness(pool);
|
|
let resp = h
|
|
.app
|
|
.oneshot(common::get("/api/v1/admin/system"))
|
|
.await
|
|
.unwrap();
|
|
assert_eq!(resp.status(), StatusCode::UNAUTHORIZED);
|
|
}
|
|
|
|
#[sqlx::test(migrations = "./migrations")]
|
|
async fn returns_disk_memory_cpu_alerts_shape(pool: PgPool) {
|
|
let h = common::harness(pool.clone());
|
|
let cookie = seed_admin(&pool, &h.app).await;
|
|
|
|
let resp = h
|
|
.app
|
|
.oneshot(common::get_with_cookie("/api/v1/admin/system", &cookie))
|
|
.await
|
|
.unwrap();
|
|
assert_eq!(resp.status(), StatusCode::OK);
|
|
let body = common::body_json(resp).await;
|
|
|
|
// Disk: harness uses LocalStorage on a tempdir, so disk SHOULD be
|
|
// populated. Validate the field shape and percent range.
|
|
let disk = body
|
|
.get("disk")
|
|
.expect("disk key present")
|
|
.as_object()
|
|
.expect("disk is an object (LocalStorage exposes a path)");
|
|
assert!(disk["total_bytes"].as_u64().unwrap() > 0);
|
|
let pct = disk["percent_used"].as_f64().unwrap();
|
|
assert!(
|
|
(0.0..=100.0).contains(&pct),
|
|
"percent_used outside [0,100]: {pct}"
|
|
);
|
|
|
|
let mem = body.get("memory").expect("memory key").as_object().unwrap();
|
|
assert!(mem["total_bytes"].as_u64().unwrap() > 0);
|
|
let mpct = mem["percent_used"].as_f64().unwrap();
|
|
assert!((0.0..=100.0).contains(&mpct));
|
|
|
|
let cpu = body.get("cpu").expect("cpu key").as_object().unwrap();
|
|
let cpu_pct = cpu["percent_used"].as_f64().unwrap();
|
|
assert!(
|
|
(0.0..=100.0).contains(&cpu_pct),
|
|
"cpu out of range: {cpu_pct}"
|
|
);
|
|
|
|
let alerts = body.get("alerts").expect("alerts key").as_array().unwrap();
|
|
// Don't assert on length — the box may genuinely be >90% on memory
|
|
// when the test runs. Just confirm shape of any present entry.
|
|
for alert in alerts {
|
|
assert!(alert["level"].is_string());
|
|
assert!(alert["message"].is_string());
|
|
}
|
|
}
|