280 lines
9.1 KiB
Go
280 lines
9.1 KiB
Go
package store
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/jackc/pgx/v5/pgxpool"
|
|
|
|
"github.com/vasyakrg/dns-autoresolver/internal/provider"
|
|
"github.com/vasyakrg/dns-autoresolver/internal/store/db"
|
|
"github.com/vasyakrg/dns-autoresolver/internal/store/dto"
|
|
)
|
|
|
|
// defaultProject is the seed default tenant project (see migrations/0001_init.sql).
|
|
var defaultProject = uuid.MustParse("00000000-0000-0000-0000-000000000002")
|
|
|
|
func newStore(t *testing.T) (*Store, context.Context) {
|
|
dsn := startPostgres(t)
|
|
pool, err := pgxpool.New(context.Background(), dsn)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
t.Cleanup(pool.Close)
|
|
return New(pool), context.Background()
|
|
}
|
|
|
|
func TestAccountCRUD(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
|
|
ID: uuid.New(), ProjectID: defaultProject,
|
|
Provider: "selectel", SecretEnc: "enc-blob", Comment: "prod",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
got, err := s.Queries().GetAccount(ctx, db.GetAccountParams{ID: acc.ID, ProjectID: defaultProject})
|
|
if err != nil || got.Provider != "selectel" || got.SecretEnc != "enc-blob" {
|
|
t.Fatalf("get mismatch: %+v err=%v", got, err)
|
|
}
|
|
|
|
list, err := s.Queries().ListAccounts(ctx, defaultProject)
|
|
if err != nil || len(list) != 1 {
|
|
t.Fatalf("list mismatch: %+v err=%v", list, err)
|
|
}
|
|
|
|
if err := s.Queries().DeleteAccount(ctx, db.DeleteAccountParams{ID: acc.ID, ProjectID: defaultProject}); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if _, err := s.Queries().GetAccount(ctx, db.GetAccountParams{ID: acc.ID, ProjectID: defaultProject}); err == nil {
|
|
t.Fatal("expected error after delete, got nil")
|
|
}
|
|
}
|
|
|
|
func TestTemplateJSONBRoundTrip(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
doc := dto.TemplateDoc{Records: []dto.RecordDTO{
|
|
{Type: "A", Name: "www.example.com.", TTL: 300, Values: []string{"1.2.3.4"}},
|
|
{Type: "SRV", Name: "_autodiscover._tcp.example.com.", TTL: 3600, Values: []string{"0 0 443 mail.example.com."}},
|
|
}}
|
|
tpl, err := s.Queries().CreateTemplate(ctx, db.CreateTemplateParams{
|
|
ID: uuid.New(), ProjectID: defaultProject, Name: "base", Doc: &doc,
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
got, err := s.Queries().GetTemplate(ctx, db.GetTemplateParams{ID: tpl.ID, ProjectID: defaultProject})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if got.Doc == nil || len(got.Doc.Records) != 2 || got.Doc.Records[1].Type != "SRV" {
|
|
t.Fatalf("jsonb round-trip failed: %+v", got.Doc)
|
|
}
|
|
|
|
doc2 := dto.TemplateDoc{Records: []dto.RecordDTO{
|
|
{Type: "A", Name: "www.example.com.", TTL: 60, Values: []string{"5.6.7.8"}},
|
|
}}
|
|
updated, err := s.Queries().UpdateTemplate(ctx, db.UpdateTemplateParams{
|
|
ID: tpl.ID, ProjectID: defaultProject, Name: "base-v2", Doc: &doc2,
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if updated.Version != tpl.Version+1 || updated.Doc == nil || len(updated.Doc.Records) != 1 {
|
|
t.Fatalf("update mismatch: %+v", updated)
|
|
}
|
|
|
|
if err := s.Queries().DeleteTemplate(ctx, db.DeleteTemplateParams{ID: tpl.ID, ProjectID: defaultProject}); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestImportDomains_CommitsAllOnSuccess(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
|
|
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
zones := []provider.Zone{
|
|
{ID: "z1", Name: "a.example.com"},
|
|
{ID: "z2", Name: "b.example.com"},
|
|
}
|
|
doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(doms) != 2 {
|
|
t.Fatalf("expected 2 domains returned, got %d", len(doms))
|
|
}
|
|
|
|
list, err := s.ListDomains(ctx, defaultProject)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(list) != 2 {
|
|
t.Fatalf("expected 2 persisted domains, got %d", len(list))
|
|
}
|
|
}
|
|
|
|
// TestImportDomains_RollsBackAllOnError verifies the transactional contract:
|
|
// if any zone in the batch fails to insert (here, an FK violation because
|
|
// the account doesn't exist), none of the batch is left committed.
|
|
func TestImportDomains_RollsBackAllOnError(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
bogusAccountID := uuid.New() // no matching provider_accounts row
|
|
|
|
zones := []provider.Zone{
|
|
{ID: "z1", Name: "a.example.com"},
|
|
{ID: "z2", Name: "b.example.com"},
|
|
}
|
|
if _, err := s.ImportDomains(ctx, defaultProject, bogusAccountID, zones); err == nil {
|
|
t.Fatal("expected FK violation error, got nil")
|
|
}
|
|
|
|
list, err := s.ListDomains(ctx, defaultProject)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(list) != 0 {
|
|
t.Fatalf("expected 0 domains after rollback, got %d", len(list))
|
|
}
|
|
}
|
|
|
|
// TestImportDomains_IdempotentOnRepeat verifies the fix for the import
|
|
// idempotency gap: re-importing the same zones must not create duplicate
|
|
// domains (enforced by the domains_project_zone_uniq constraint + ON
|
|
// CONFLICT DO NOTHING in the ImportDomain query) and must not error.
|
|
func TestImportDomains_IdempotentOnRepeat(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
|
|
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
zones := []provider.Zone{
|
|
{ID: "z1", Name: "a.example.com"},
|
|
{ID: "z2", Name: "b.example.com"},
|
|
}
|
|
first, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(first) != 2 {
|
|
t.Fatalf("expected 2 domains on first import, got %d", len(first))
|
|
}
|
|
|
|
second, err := s.ImportDomains(ctx, defaultProject, acc.ID, zones)
|
|
if err != nil {
|
|
t.Fatalf("expected repeat import to succeed idempotently, got error: %v", err)
|
|
}
|
|
if len(second) != 0 {
|
|
t.Fatalf("expected 0 newly-created domains on repeat import, got %d", len(second))
|
|
}
|
|
|
|
list, err := s.ListDomains(ctx, defaultProject)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if len(list) != 2 {
|
|
t.Fatalf("expected still exactly 2 domains (no duplicates), got %d", len(list))
|
|
}
|
|
|
|
var count int
|
|
row := s.pool.QueryRow(ctx, `SELECT COUNT(*) FROM domains WHERE project_id = $1 AND zone_id = $2`, defaultProject, "z1")
|
|
if err := row.Scan(&count); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if count != 1 {
|
|
t.Fatalf("expected COUNT=1 for zone z1 (UNIQUE constraint), got %d", count)
|
|
}
|
|
}
|
|
|
|
// TestSetDomainTemplate_ClosesImportCheckLoop verifies the fix for the
|
|
// second review gap: an imported domain (template_id=NULL) can be bound to
|
|
// a template via SetDomainTemplate, after which LoadDomain succeeds and
|
|
// returns that template — closing the import -> bind -> check cycle.
|
|
func TestSetDomainTemplate_ClosesImportCheckLoop(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
|
|
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
dom := doms[0]
|
|
|
|
// Before binding, the domain is not checkable.
|
|
if _, err := s.LoadDomain(ctx, dom.ID); err == nil {
|
|
t.Fatal("expected LoadDomain to fail before a template is bound")
|
|
}
|
|
|
|
doc := dto.TemplateDoc{Records: []dto.RecordDTO{
|
|
{Type: "A", Name: "www.a.example.com.", TTL: 300, Values: []string{"1.2.3.4"}},
|
|
}}
|
|
tpl, err := s.CreateTemplate(ctx, defaultProject, "base", doc)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
updated, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &tpl.ID)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if updated.TemplateID == nil || *updated.TemplateID != tpl.ID {
|
|
t.Fatalf("expected domain.TemplateID=%s, got %+v", tpl.ID, updated.TemplateID)
|
|
}
|
|
|
|
ref, err := s.LoadDomain(ctx, dom.ID)
|
|
if err != nil {
|
|
t.Fatalf("expected LoadDomain to succeed after binding template, got error: %v", err)
|
|
}
|
|
if len(ref.Template.Records) != 1 || ref.Template.Records[0].Type != "A" {
|
|
t.Fatalf("unexpected template loaded: %+v", ref.Template)
|
|
}
|
|
}
|
|
|
|
// TestSetDomainTemplate_RejectsForeignProjectTemplate verifies that binding
|
|
// a template belonging to a different project is rejected rather than
|
|
// silently succeeding (which would let one tenant's domain use another
|
|
// tenant's DNS template).
|
|
func TestSetDomainTemplate_RejectsForeignProjectTemplate(t *testing.T) {
|
|
s, ctx := newStore(t)
|
|
acc, err := s.Queries().CreateAccount(ctx, db.CreateAccountParams{
|
|
ID: uuid.New(), ProjectID: defaultProject, Provider: "selectel", SecretEnc: "enc-blob",
|
|
})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
doms, err := s.ImportDomains(ctx, defaultProject, acc.ID, []provider.Zone{{ID: "z1", Name: "a.example.com"}})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
dom := doms[0]
|
|
|
|
// A template that belongs to a different (foreign) project. The default
|
|
// user is the seed tenant from migrations/0001_init.sql.
|
|
defaultUser := uuid.MustParse("00000000-0000-0000-0000-000000000001")
|
|
foreignProject := uuid.New()
|
|
if _, err := s.pool.Exec(ctx, `INSERT INTO projects (id, user_id, name) VALUES ($1, $2, 'foreign')`, foreignProject, defaultUser); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
foreignTpl, err := s.CreateTemplate(ctx, foreignProject, "foreign", dto.TemplateDoc{})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if _, err := s.SetDomainTemplate(ctx, dom.ID, defaultProject, &foreignTpl.ID); err == nil {
|
|
t.Fatal("expected error binding a template from a different project, got nil")
|
|
}
|
|
}
|