package store import ( "context" "testing" "github.com/google/uuid" "github.com/jackc/pgx/v5/pgxpool" "github.com/vasyakrg/dns-autoresolver/internal/provider" "github.com/vasyakrg/dns-autoresolver/internal/store/db" "github.com/vasyakrg/dns-autoresolver/internal/store/dto" ) // defaultProject is the seed default tenant project (see migrations/0001_init.sql). var defaultProject = uuid.MustParse("00000000-0000-0000-0000-000000000002") func newStore(t *testing.T) (*Store, context.Context) { dsn := startPostgres(t) pool, err := pgxpool.New(context.Background(), dsn) if err != nil { t.Fatal(err) } t.Cleanup(pool.Close) return New(pool), context.Background() } func TestAccountCRUD(t *testing.T) { s, ctx := newStore(t) acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{ ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob", Comment: "prod", }) if err != nil { t.Fatal(err) } got, err := s.Queries().GetAccount(ctx, db.GetAccountParams{ID: acc.ID, ProjectID: defaultProject}) if err != nil || got.Provider != "selectel" || got.SecretEnc != "enc-blob" { t.Fatalf("get mismatch: %+v err=%v", got, err) } list, err := s.Queries().ListAccounts(ctx, defaultProject) if err != nil || len(list) != 1 { t.Fatalf("list mismatch: %+v err=%v", list, err) } if err := s.Queries().DeleteAccount(ctx, db.DeleteAccountParams{ID: acc.ID, ProjectID: defaultProject}); err != nil { t.Fatal(err) } if _, err := s.Queries().GetAccount(ctx, db.GetAccountParams{ID: acc.ID, ProjectID: defaultProject}); err == nil { t.Fatal("expected error after delete, got nil") } } func TestTemplateJSONBRoundTrip(t *testing.T) { s, ctx := newStore(t) doc := dto.TemplateDoc{Records: []dto.RecordDTO{ {Type: "A", Name: "www.example.com.", TTL: 300, Values: []string{"1.2.3.4"}}, {Type: "SRV", Name: "_autodiscover._tcp.example.com.", TTL: 3600, Values: []string{"0 0 443 mail.example.com."}}, }} tpl, err := s.Queries().CreateTemplate(ctx, db.CreateTemplateParams{ ID: uuid.New(), ProjectID: defaultProject, Name: "base", Doc: &doc, }) if err != nil { t.Fatal(err) } got, err := s.Queries().GetTemplate(ctx, db.GetTemplateParams{ID: tpl.ID, ProjectID: defaultProject}) if err != nil { t.Fatal(err) } if got.Doc == nil || len(got.Doc.Records) != 2 || got.Doc.Records[1].Type != "SRV" { t.Fatalf("jsonb round-trip failed: %+v", got.Doc) } doc2 := dto.TemplateDoc{Records: []dto.RecordDTO{ {Type: "A", Name: "www.example.com.", TTL: 60, Values: []string{"5.6.7.8"}}, }} updated, err := s.Queries().UpdateTemplate(ctx, db.UpdateTemplateParams{ ID: tpl.ID, ProjectID: defaultProject, Name: "base-v2", Doc: &doc2, }) if err != nil { t.Fatal(err) } if updated.Version != tpl.Version+1 || updated.Doc == nil || len(updated.Doc.Records) != 1 { t.Fatalf("update mismatch: %+v", updated) } if err := s.Queries().DeleteTemplate(ctx, db.DeleteTemplateParams{ID: tpl.ID, ProjectID: defaultProject}); err != nil { t.Fatal(err) } } func TestImportDomains_CommitsAllOnSuccess(t *testing.T) { s, ctx := newStore(t) acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{ ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob", }) if err != nil { t.Fatal(err) } zones := []provider.Zone{ {ID: "z1", Name: "a.example.com"}, {ID: "z2", Name: "b.example.com"}, } doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones) if err != nil { t.Fatal(err) } if len(doms) != 2 { t.Fatalf("expected 2 domains returned, got %d", len(doms)) } list, err := s.ListDomains(ctx, defaultProject) if err != nil { t.Fatal(err) } if len(list) != 2 { t.Fatalf("expected 2 persisted domains, got %d", len(list)) } } // TestImportDomains_RollsBackAllOnError verifies the transactional contract: // if any zone in the batch fails to insert (here, an FK violation because // the account doesn't exist), none of the batch is left committed. func TestImportDomains_RollsBackAllOnError(t *testing.T) { s, ctx := newStore(t) bogusAccountID := uuid.New() // no matching provider_accounts row zones := []provider.Zone{ {ID: "z1", Name: "a.example.com"}, {ID: "z2", Name: "b.example.com"}, } if _, err := s.ImportDomains(ctx, defaultProject, bogusAccountID, zones); err == nil { t.Fatal("expected FK violation error, got nil") } list, err := s.ListDomains(ctx, defaultProject) if err != nil { t.Fatal(err) } if len(list) != 0 { t.Fatalf("expected 0 domains after rollback, got %d", len(list)) } } // TestImportDomains_IdempotentOnRepeat verifies the fix for the import // idempotency gap: re-importing the same zones must not create duplicate // domains (enforced by the domains_project_zone_uniq constraint + ON // CONFLICT DO NOTHING in the ImportDomain query) and must not error. func TestImportDomains_IdempotentOnRepeat(t *testing.T) { s, ctx := newStore(t) acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{ ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob", }) if err != nil { t.Fatal(err) } zones := []provider.Zone{ {ID: "z1", Name: "a.example.com"}, {ID: "z2", Name: "b.example.com"}, } first, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones) if err != nil { t.Fatal(err) } if len(first) != 2 { t.Fatalf("expected 2 domains on first import, got %d", len(first)) } second, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones) if err != nil { t.Fatalf("expected repeat import to succeed idempotently, got error: %v", err) } if len(second) != 0 { t.Fatalf("expected 0 newly-created domains on repeat import, got %d", len(second)) } list, err := s.ListDomains(ctx, defaultProject) if err != nil { t.Fatal(err) } if len(list) != 2 { t.Fatalf("expected still exactly 2 domains (no duplicates), got %d", len(list)) } var count int row := s.pool.QueryRow(ctx, `SELECT COUNT(*) FROM domains WHERE project_id = $1 AND zone_id = $2`, defaultProject, "z1") if err := row.Scan(&count); err != nil { t.Fatal(err) } if count != 1 { t.Fatalf("expected COUNT=1 for zone z1 (UNIQUE constraint), got %d", count) } } // TestSetDomainTemplate_ClosesImportCheckLoop verifies the fix for the // second review gap: an imported domain (template_id=NULL) can be bound to // a template via SetDomainTemplate, after which LoadDomain succeeds and // returns that template — closing the import -> bind -> check cycle. func TestSetDomainTemplate_ClosesImportCheckLoop(t *testing.T) { s, ctx := newStore(t) acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{ ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob", }) if err != nil { t.Fatal(err) } doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}}) if err != nil { t.Fatal(err) } dom := doms[0] // Before binding, the domain is not checkable. if _, err := s.LoadDomain(ctx, dom.ID); err == nil { t.Fatal("expected LoadDomain to fail before a template is bound") } doc := dto.TemplateDoc{Records: []dto.RecordDTO{ {Type: "A", Name: "www.a.example.com.", TTL: 300, Values: []string{"1.2.3.4"}}, }} tpl, err := s.CreateTemplate(ctx, defaultProject, "base", doc) if err != nil { t.Fatal(err) } updated, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &tpl.ID) if err != nil { t.Fatal(err) } if updated.TemplateID == nil || *updated.TemplateID != tpl.ID { t.Fatalf("expected domain.TemplateID=%s, got %+v", tpl.ID, updated.TemplateID) } ref, err := s.LoadDomain(ctx, dom.ID) if err != nil { t.Fatalf("expected LoadDomain to succeed after binding template, got error: %v", err) } if len(ref.Template.Records) != 1 || ref.Template.Records[0].Type != "A" { t.Fatalf("unexpected template loaded: %+v", ref.Template) } } // TestSetDomainTemplate_RejectsForeignProjectTemplate verifies that binding // a template belonging to a different project is rejected rather than // silently succeeding (which would let one tenant's domain use another // tenant's DNS template). func TestSetDomainTemplate_RejectsForeignProjectTemplate(t *testing.T) { s, ctx := newStore(t) acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{ ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob", }) if err != nil { t.Fatal(err) } doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}}) if err != nil { t.Fatal(err) } dom := doms[0] // A template that belongs to a different (foreign) project. The default // user is the seed tenant from migrations/0001_init.sql. defaultUser := uuid.MustParse("00000000-0000-0000-0000-000000000001") foreignProject := uuid.New() if _, err := s.pool.Exec(ctx, `INSERT INTO projects (id, user_id, name) VALUES ($1, $2, 'foreign')`, foreignProject, defaultUser); err != nil { t.Fatal(err) } foreignTpl, err := s.CreateTemplate(ctx, foreignProject, "foreign", dto.TemplateDoc{}) if err != nil { t.Fatal(err) } if _, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &foreignTpl.ID); err == nil { t.Fatal("expected error binding a template from a different project, got nil") } }