furumi-server/src/tests.rs

use crate::metrics;
use crate::security::AuthInterceptor;
use tonic::service::Interceptor;
use tonic::Request;
// Since counters are lazy statics, we can get their values directly for testing
use std::thread::sleep;
use std::time::Duration;

#[test]
fn test_metrics_request_timer_ok() {
    let method = "test_method_ok";
    let timer = metrics::RequestTimer::new(method);

    // Simulate some work
    sleep(Duration::from_millis(10));
    timer.finish_ok();

    // Check counters
    let started = metrics::GRPC_REQUESTS_TOTAL
        .with_label_values(&[method, "started"])
        .get();
    let ok = metrics::GRPC_REQUESTS_TOTAL
        .with_label_values(&[method, "ok"])
        .get();

    assert_eq!(started, 1.0);
    assert_eq!(ok, 1.0);
}

#[test]
fn test_metrics_request_timer_err() {
    let method = "test_method_err";
    let timer = metrics::RequestTimer::new(method);

    // Simulate some work
    sleep(Duration::from_millis(5));
    timer.finish_err();

    // Check counters
    let started = metrics::GRPC_REQUESTS_TOTAL
        .with_label_values(&[method, "started"])
        .get();
    let err = metrics::GRPC_REQUESTS_TOTAL
        .with_label_values(&[method, "error"])
        .get();

    assert_eq!(started, 1.0);
    assert_eq!(err, 1.0);
}

#[test]
fn test_metrics_render() {
    // Just trigger a metric to ensure the registry isn't empty
    metrics::BYTES_READ_TOTAL.inc_by(4096.0);

    let rendered = metrics::render_metrics();
    assert!(rendered.contains("furumi_bytes_read_total"));
    assert!(rendered.contains("4096"));
}

#[test]
fn test_server_auth_interceptor_valid() {
    let mut interceptor = AuthInterceptor::new("supersecret".to_string());
    let mut req = Request::new(());
    req.metadata_mut()
        .insert("authorization", "Bearer supersecret".parse().unwrap());

    let res = interceptor.call(req);
    assert!(res.is_ok(), "Valid token should be accepted");
}

#[test]
fn test_server_auth_interceptor_invalid() {
    let mut interceptor = AuthInterceptor::new("supersecret".to_string());
    let mut req = Request::new(());
    req.metadata_mut()
        .insert("authorization", "Bearer wrongtoken".parse().unwrap());

    let res = interceptor.call(req);
    assert!(res.is_err(), "Invalid token should be rejected");
    assert_eq!(res.unwrap_err().code(), tonic::Code::Unauthenticated);
}

#[test]
fn test_server_auth_interceptor_missing() {
    let mut interceptor = AuthInterceptor::new("supersecret".to_string());
    let req = Request::new(());
    // Missing metadata entirely

    let res = interceptor.call(req);
    assert!(
        res.is_err(),
        "Missing token should be rejected when auth is enabled"
    );
    assert_eq!(res.unwrap_err().code(), tonic::Code::Unauthenticated);
}

#[test]
fn test_server_auth_interceptor_disabled() {
    // Empty string means auth is disabled
    let mut interceptor = AuthInterceptor::new("".to_string());
    let req = Request::new(());

    let res = interceptor.call(req);
    assert!(
        res.is_ok(),
        "Request should pass if auth is disabled on server"
    );
}
FIX: TLS options 2026-03-10 16:52:13 +00:00			`use crate::metrics;`
			`use crate::security::AuthInterceptor;`
			`use tonic::service::Interceptor;`
			`use tonic::Request;`
			`// Since counters are lazy statics, we can get their values directly for testing`
			`use std::thread::sleep;`
			`use std::time::Duration;`

			`#[test]`
			`fn test_metrics_request_timer_ok() {`
			`let method = "test_method_ok";`
			`let timer = metrics::RequestTimer::new(method);`

			`// Simulate some work`
			`sleep(Duration::from_millis(10));`
			`timer.finish_ok();`

			`// Check counters`
			`let started = metrics::GRPC_REQUESTS_TOTAL`
			`.with_label_values(&[method, "started"])`
			`.get();`
			`let ok = metrics::GRPC_REQUESTS_TOTAL`
			`.with_label_values(&[method, "ok"])`
			`.get();`

			`assert_eq!(started, 1.0);`
			`assert_eq!(ok, 1.0);`
			`}`

			`#[test]`
			`fn test_metrics_request_timer_err() {`
			`let method = "test_method_err";`
			`let timer = metrics::RequestTimer::new(method);`

			`// Simulate some work`
			`sleep(Duration::from_millis(5));`
			`timer.finish_err();`

			`// Check counters`
			`let started = metrics::GRPC_REQUESTS_TOTAL`
			`.with_label_values(&[method, "started"])`
			`.get();`
			`let err = metrics::GRPC_REQUESTS_TOTAL`
			`.with_label_values(&[method, "error"])`
			`.get();`

			`assert_eq!(started, 1.0);`
			`assert_eq!(err, 1.0);`
			`}`

			`#[test]`
			`fn test_metrics_render() {`
			`// Just trigger a metric to ensure the registry isn't empty`
			`metrics::BYTES_READ_TOTAL.inc_by(4096.0);`

			`let rendered = metrics::render_metrics();`
			`assert!(rendered.contains("furumi_bytes_read_total"));`
			`assert!(rendered.contains("4096"));`
			`}`

			`#[test]`
			`fn test_server_auth_interceptor_valid() {`
			`let mut interceptor = AuthInterceptor::new("supersecret".to_string());`
			`let mut req = Request::new(());`
			`req.metadata_mut()`
			`.insert("authorization", "Bearer supersecret".parse().unwrap());`

			`let res = interceptor.call(req);`
			`assert!(res.is_ok(), "Valid token should be accepted");`
			`}`

			`#[test]`
			`fn test_server_auth_interceptor_invalid() {`
			`let mut interceptor = AuthInterceptor::new("supersecret".to_string());`
			`let mut req = Request::new(());`
			`req.metadata_mut()`
			`.insert("authorization", "Bearer wrongtoken".parse().unwrap());`

			`let res = interceptor.call(req);`
			`assert!(res.is_err(), "Invalid token should be rejected");`
			`assert_eq!(res.unwrap_err().code(), tonic::Code::Unauthenticated);`
			`}`

			`#[test]`
			`fn test_server_auth_interceptor_missing() {`
			`let mut interceptor = AuthInterceptor::new("supersecret".to_string());`
			`let req = Request::new(());`
			`// Missing metadata entirely`

			`let res = interceptor.call(req);`
			`assert!(`
			`res.is_err(),`
			`"Missing token should be rejected when auth is enabled"`
			`);`
			`assert_eq!(res.unwrap_err().code(), tonic::Code::Unauthenticated);`
			`}`

			`#[test]`
			`fn test_server_auth_interceptor_disabled() {`
			`// Empty string means auth is disabled`
			`let mut interceptor = AuthInterceptor::new("".to_string());`
			`let req = Request::new(());`

			`let res = interceptor.call(req);`
			`assert!(`
			`res.is_ok(),`
			`"Request should pass if auth is disabled on server"`
			`);`
			`}`