mirror of
https://github.com/SecurityBrewery/catalyst.git
synced 2025-12-24 07:53:30 +01:00
135 lines
3.1 KiB
Go
135 lines
3.1 KiB
Go
package testing
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"sync"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/tidwall/gjson"
|
|
)
|
|
|
|
type request struct {
|
|
Method string
|
|
URL string
|
|
Body []byte
|
|
}
|
|
|
|
func TestAPI(t *testing.T) { //nolint:cyclop
|
|
t.Parallel()
|
|
|
|
requests := [][]request{
|
|
{
|
|
{"GET", "/ui/login", nil},
|
|
{"GET", "/api/config", nil},
|
|
},
|
|
{
|
|
{"POST", "/auth/local/login", []byte(`{"email":"admin@catalyst-soar.com","password":"password123"}`)},
|
|
},
|
|
{
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/api/sidebar", nil},
|
|
{"GET", "/ui/groups", nil},
|
|
{"GET", "/api/tickets", nil},
|
|
{"GET", "/api/tickets", nil},
|
|
{"GET", "/api/tasks", nil},
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/api/sidebar", nil},
|
|
{"GET", "/api/groups", nil},
|
|
{"GET", "/api/config", nil},
|
|
},
|
|
{
|
|
{"POST", "/api/groups", []byte(`{"name":"playwright-59537c9d-772f-45f0-a8f0-bb99656fa7ed","permissions":["ticket:read"]}`)},
|
|
},
|
|
{
|
|
{"GET", "/api/groups/ID", nil},
|
|
{"GET", "/api/groups", nil},
|
|
{"GET", "/api/config", nil},
|
|
},
|
|
{
|
|
{"GET", "/api/groups/ID/parents", nil},
|
|
{"GET", "/api/groups/ID/permissions", nil},
|
|
{"GET", "/api/groups/ID/children", nil},
|
|
{"GET", "/api/groups/ID/users", nil},
|
|
{"GET", "/api/users", nil},
|
|
},
|
|
{
|
|
{"GET", "/ui/login", nil},
|
|
{"GET", "/api/config", nil},
|
|
},
|
|
{
|
|
{"POST", "/auth/local/login", []byte(`{"email":"admin@catalyst-soar.com","password":"password123"}`)},
|
|
},
|
|
{
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/api/sidebar", nil},
|
|
{"GET", "/ui/groups", nil},
|
|
{"GET", "/api/tickets", nil},
|
|
{"GET", "/api/tickets", nil},
|
|
{"GET", "/api/tasks", nil},
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/auth/user", nil},
|
|
{"GET", "/api/sidebar", nil},
|
|
{"GET", "/api/groups", nil},
|
|
{"GET", "/api/config", nil},
|
|
},
|
|
{
|
|
{"POST", "/api/groups", []byte(`{"name":"playwright-c9bdcbf8-6aba-4974-9c12-f77fa7f15b34","permissions":["ticket:read"]}`)},
|
|
},
|
|
}
|
|
|
|
app, cleanup, _ := App(t)
|
|
t.Cleanup(cleanup)
|
|
|
|
id, token := "", ""
|
|
|
|
for _, batch := range requests {
|
|
var wg sync.WaitGroup
|
|
|
|
wg.Add(len(batch))
|
|
|
|
for _, req := range batch {
|
|
go func() {
|
|
defer wg.Done()
|
|
|
|
url := req.URL
|
|
if strings.Contains(url, "ID") {
|
|
url = strings.ReplaceAll(url, "ID", id)
|
|
}
|
|
|
|
ctx, cancel := context.WithTimeout(t.Context(), time.Second*10)
|
|
defer cancel()
|
|
|
|
r, err := http.NewRequestWithContext(ctx, req.Method, url, bytes.NewReader(req.Body))
|
|
assert.NoError(t, err)
|
|
|
|
if token != "" {
|
|
r.Header.Set("Authorization", "Bearer "+token)
|
|
}
|
|
|
|
w := httptest.NewRecorder()
|
|
|
|
app.ServeHTTP(w, r)
|
|
|
|
assert.Equal(t, 200, w.Code, "expected status code 200: %s for %s %s", w.Body.String(), req.Method, url)
|
|
|
|
if w.Code == 200 && req.Method == http.MethodPost && gjson.Get(w.Body.String(), "id").Exists() {
|
|
id = gjson.Get(w.Body.String(), "id").String()
|
|
}
|
|
|
|
if w.Code == 200 && req.Method == http.MethodPost && gjson.Get(w.Body.String(), "token").Exists() {
|
|
token = gjson.Get(w.Body.String(), "token").String()
|
|
}
|
|
}()
|
|
}
|
|
|
|
wg.Wait()
|
|
}
|
|
}
|