(t *testing.T)
| 17 | ) |
| 18 | |
| 19 | func TestNotFound(t *testing.T) { |
| 20 | ctx := context.Background() |
| 21 | h := testutil.NewHarness(t) |
| 22 | |
| 23 | route := &handler.Handler{ |
| 24 | DB: h.DB, |
| 25 | Keys: h.Keys, |
| 26 | Auditlogs: h.Auditlogs, |
| 27 | KeyCache: h.Caches.VerificationKeyByHash, |
| 28 | } |
| 29 | |
| 30 | h.Register(route) |
| 31 | |
| 32 | // Create a workspace and root key |
| 33 | workspace := h.Resources().UserWorkspace |
| 34 | rootKey := h.CreateRootKey(workspace.ID, "api.*.update_key", "rbac.*.remove_permission_from_key", "rbac.*.add_permission_to_key") |
| 35 | |
| 36 | // Set up request headers |
| 37 | headers := http.Header{ |
| 38 | "Content-Type": {"application/json"}, |
| 39 | "Authorization": {fmt.Sprintf("Bearer %s", rootKey)}, |
| 40 | } |
| 41 | |
| 42 | t.Run("non-existent key ID", func(t *testing.T) { |
| 43 | // Create a permission to reference |
| 44 | permissionID := uid.New(uid.TestPrefix) |
| 45 | err := db.Query.InsertPermission(ctx, h.DB.RW(), db.InsertPermissionParams{ |
| 46 | PermissionID: permissionID, |
| 47 | WorkspaceID: workspace.ID, |
| 48 | Name: "documents.read.notfound", |
| 49 | Slug: "documents.read.notfound", |
| 50 | Description: dbtype.NullString{Valid: true, String: "Read documents permission"}, |
| 51 | }) |
| 52 | require.NoError(t, err) |
| 53 | |
| 54 | // Use non-existent key ID |
| 55 | nonExistentKeyID := uid.New(uid.KeyPrefix) |
| 56 | |
| 57 | req := handler.Request{ |
| 58 | KeyId: nonExistentKeyID, |
| 59 | Permissions: []string{permissionID}, |
| 60 | } |
| 61 | |
| 62 | res := testutil.CallRoute[handler.Request, openapi.NotFoundErrorResponse]( |
| 63 | h, |
| 64 | route, |
| 65 | headers, |
| 66 | req, |
| 67 | ) |
| 68 | |
| 69 | require.Equal(t, 404, res.Status) |
| 70 | require.NotNil(t, res.Body) |
| 71 | require.NotNil(t, res.Body.Error) |
| 72 | require.Contains(t, res.Body.Error.Detail, "The specified key was not found") |
| 73 | }) |
| 74 | |
| 75 | t.Run("key from different workspace (isolation)", func(t *testing.T) { |
| 76 | // Create another workspace |
nothing calls this directly
no test coverage detected