Tests

Makefile

@@ -1,8 +1,22 @@
 build:
 	@go build -C cmd/xkcd -o "../../xkcd-server"
 
-test:
+bench:
 	@go test -bench=. -v ./cmd/xkcd/
 
 clean:
 	@rm xkcd
+
+test:
+	@go test ./... -v -race -cover -coverprofile coverage/coverage.out ## TODO: -race
+	@go tool cover -html coverage/coverage.out -o coverage/coverage.html
+
+lint:
+	@golangci-lint run ./...
+
+sec:
+	@trivy fs xkcd-server
+	@govulncheck ./...
+
+e2e:
+	./e2e.sh

cmd/xkcd/main.go

@@ -20,6 +20,8 @@ import (
 	"time"
 )
 
+// TODO: добавить комменты с поэтапным объяснением, что тут происходит
+
 func main() {
 	configPath, port, loggerLevel := getFlags()
 
@@ -40,7 +42,7 @@ func main() {
 	}
 
 	// read existed DB to simplify downloading
-	myDB, err := database.NewDB(conf.DBFile)
+	myDB, err := database.NewDB(conf.DBFile, "storage/migration")
 	if err != nil {
 		log.Fatal(err)
 	}
@@ -65,8 +67,8 @@ func main() {
 		logger.Error(err.Error())
 	}
 
-	var ctlg core.Catalog = catalog.NewCatalog(comics, comicsFiller)
-	mux := handler.NewMux(ctlg, *logger, conf.RateLimit, conf.ConcurrencyLimit, conf.TokenMaxTime)
+	var ctlg core.Catalog = catalog.NewCatalog(comics, &comicsFiller)
+	mux := handler.NewServerHandler(ctlg, *logger, "users.json", conf.RateLimit, conf.ConcurrencyLimit, conf.TokenMaxTime)
 	portStr := fmt.Sprintf(":%d", port)
 
 	// based on https://stackoverflow.com/questions/39320025/how-to-stop-http-listenandserve

core/core.go

@@ -1,6 +1,9 @@
 package core
 
-import "time"
+import (
+	"context"
+	"time"
+)
 
 type Config struct {
 	SourceUrl        string `yaml:"source_url"`
@@ -31,6 +34,10 @@ type Catalog interface {
 	UpdateComics() (int, int, error)
 }
 
+type Filler interface {
+	FillMissedComics(ctx context.Context) (map[int]ComicsDescript, error)
+}
+
 const MaxWaitTime = time.Second * 5
 
 const MaxComicsToShow = 10

e2e.sh

@@ -0,0 +1,11 @@
+make
+
+./xkcd-server & sleep 7
+
+response=$(curl --no-progress-meter -d '{"username":"admin", "password":"admin"}' "http://localhost:8080/login")
+
+curl -X POST --header "Authorization:""$response" "http://localhost:8080/update"
+
+echo ""
+
+curl -X GET --header "Authorization:""$response" "http://localhost:8080/pics?search='apple,doctor'"

pkg/words/stemmer_test.go

@@ -0,0 +1,45 @@
+package words
+
+import (
+	"reflect"
+	"strings"
+	"testing"
+)
+
+var cases1 = []struct {
+	name     string
+	input    string
+	expected []string
+}{
+	{
+		name:     "hello world",
+		input:    "hello, world !",
+		expected: []string{},
+	},
+	{
+		name:     "simple marks",
+		input:    "am i, the? greatest! tester?!?!?!",
+		expected: strings.Split("tester", " "),
+	},
+	{
+		name:     "different marks with whitespaces",
+		input:    "impossible         !!test?!@@ 		case with-my O'connor--- thing and $$$",
+		expected: strings.Split("imposs connor", " "),
+	},
+	{
+		name:     "Apple doctor",
+		input:    "apple,doctor",
+		expected: strings.Split("appl doctor", " "),
+	},
+}
+
+func TestStemmer(t *testing.T) {
+	for _, tc := range cases1 {
+		t.Run(tc.name, func(t *testing.T) {
+			res := StemStringWithClearing(strings.Split(tc.input, " "))
+			if !reflect.DeepEqual(res, tc.expected) {
+				t.Errorf("got %v, want %v", res, tc.expected)
+			}
+		})
+	}
+}

server/handler/handler.go

@@ -17,8 +17,9 @@ type server struct {
 	requests     chan struct{}
 }
 
-func NewMux(ctlg core.Catalog, logger slog.Logger, rateLimit, concurrencyLimit, tokenMaxTime int) http.Handler {
-	users, err := getUsers("users.json")
+func NewServerHandler(ctlg core.Catalog, logger slog.Logger, pathToUsers string,
+	rateLimit, concurrencyLimit, tokenMaxTime int) http.Handler {
+	users, err := getUsers(pathToUsers)
 	if err != nil {
 		logger.Error("Failed to load users", "error", err.Error())
 	}

server/handler/handlers.go

@@ -86,7 +86,15 @@ func (s *server) protectHandler(next func(http.ResponseWriter, *http.Request), c
 
 func (s *server) searchRequest(wr http.ResponseWriter, r *http.Request) {
 	comicsKeywords := r.URL.Query().Get("search")
-	// TODO: validate
+	if comicsKeywords == "" {
+		wr.WriteHeader(http.StatusNotFound)
+		_, err := wr.Write([]byte("404 empty search string"))
+		if err != nil {
+			s.logger.Error("writing response for GET /pics", "err", err)
+		}
+		return
+	}
+
 	clearedKeywords := words.StemStringWithClearing(strings.Split(comicsKeywords, " "))
 	res := s.ctlg.FindByIndex(clearedKeywords)
 

server/handler/handlers_test.go

@@ -0,0 +1,181 @@
+package handler
+
+import (
+	"bytes"
+	"io"
+	"log/slog"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+type catalog struct{}
+
+func (c *catalog) GetIndex() map[string][]int {
+	return map[string][]int{}
+}
+
+func (c *catalog) UpdateComics() (int, int, error) {
+	return 100, 2000, nil
+}
+
+func (c *catalog) FindByIndex(input []string) []string {
+	if len(input) > 0 && input[0] == "abc" {
+		return []string{"abc.com"}
+	}
+	return nil
+}
+
+var logger = slog.New(slog.NewJSONHandler(io.Discard, nil))
+
+func TestLogin(t *testing.T) {
+	// set handler and launch server which will be shut down by context
+	hndlr := NewServerHandler(&catalog{}, *logger, "../../users.json", 10, 10, 10)
+	s := httptest.NewServer(hndlr)
+	defer s.Close()
+
+	// send request with admins pass and name
+	var jsonStr = []byte(`{"username":"admin", "password":"admin"}`)
+	req, err := http.NewRequest(http.MethodPost, s.URL+"/login", bytes.NewBuffer(jsonStr))
+	if err != nil {
+		t.Fatalf("creating request: %v", err)
+	}
+	res, err := http.DefaultClient.Do(req)
+	if err != nil {
+		t.Fatalf("sending request: %v", err)
+	}
+
+	if res.StatusCode != http.StatusOK {
+		t.Errorf("unexpected status: got %v", res.Status)
+	}
+	_, err = io.ReadAll(res.Body)
+	if err != nil {
+		t.Fatalf("cannot read from response body: %v", err)
+	}
+}
+
+func TestSearchNotFoundRequest(t *testing.T) {
+	// set handler and launch server which will be shut down by context
+	srv := server{ctlg: &catalog{}, logger: *logger, mux: http.NewServeMux(), users: nil,
+		tokenMaxTime: 0, requests: make(chan struct{})}
+	srv.mux.HandleFunc("GET /pics", func(w http.ResponseWriter, r *http.Request) {
+		srv.searchRequest(w, r)
+	})
+	s := httptest.NewServer(srv.mux)
+	defer s.Close()
+
+	cases := []struct {
+		name           string
+		searchString   string
+		expectedStatus int
+	}{
+		{
+			name:           "comics won't found",
+			searchString:   "/pics?search='banana'",
+			expectedStatus: http.StatusNotFound,
+		},
+		{
+			name:           "comics will be found",
+			searchString:   "/pics?search='abc'",
+			expectedStatus: http.StatusOK,
+		},
+		{
+			name:           "empty search string",
+			searchString:   "/pics",
+			expectedStatus: http.StatusNotFound,
+		},
+	}
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			// send search request
+			res, err := http.Get(s.URL + tc.searchString)
+			if err != nil {
+				t.Fatalf("sending request: %v", err)
+			}
+
+			// handle response
+			if res.StatusCode != tc.expectedStatus {
+				t.Errorf("unexpected status: got %v", res.Status)
+			}
+		})
+	}
+}
+
+func TestUpdateRequest(t *testing.T) {
+	// set handler and launch server which will be shut down by context
+	srv := server{ctlg: &catalog{}, logger: *logger, mux: http.NewServeMux(), users: nil, tokenMaxTime: 1, requests: make(chan struct{})}
+	srv.mux.HandleFunc("POST /update", func(w http.ResponseWriter, r *http.Request) {
+		srv.updateRequest(w, r)
+	})
+	s := httptest.NewServer(srv.mux)
+	defer s.Close()
+
+	// send search request to update db
+	res, err := http.Post(s.URL+"/update", "", nil)
+	if err != nil {
+		t.Fatalf("sending request: %v", err)
+	}
+
+	// handle response
+	_, err = io.ReadAll(res.Body)
+	if err != nil {
+		t.Fatalf("cannot read from response body: %v", err)
+	}
+}
+
+func TestAuth(t *testing.T) {
+	srv := server{ctlg: &catalog{}, logger: *logger, mux: http.NewServeMux(), users: nil, tokenMaxTime: 10, requests: make(chan struct{}, 1)}
+	srv.mux.HandleFunc("GET /pics", srv.protectedUpdate())
+	s := httptest.NewServer(srv.mux)
+	defer s.Close()
+
+	cases := []struct {
+		name           string
+		user           userInfo
+		needToken      bool
+		token          string
+		expectedStatus int
+	}{
+		{name: "valid data",
+			user: userInfo{Username: "user",
+				Password: "$2a$10$w6/HvzjDEJa7vgmEGWtXCuz9YkUkcyLMHN547wRhNyUTR0zPIILmK"},
+			needToken:      true,
+			expectedStatus: http.StatusOK,
+		}, {
+			name: "no token",
+			user: userInfo{Username: "user",
+				Password: "$2a$10$w6/HvzjDEJa7vgmEGWtXCuz9YkUkcyLMHN547wRhNyUTR0zPIILmK"},
+			needToken:      false,
+			expectedStatus: http.StatusUnauthorized,
+		}, {
+			name: "incorrect token",
+			user: userInfo{Username: "user",
+				Password: "$2a$10$w6/HvzjDEJa7vgmEGWtXCuz9YkUkcyLMHN547wRhNyUTR0zPIILmK"},
+			needToken:      true,
+			token:          "abc.abc.abc",
+			expectedStatus: http.StatusUnauthorized,
+		},
+	}
+	for _, tc := range cases {
+		t.Run(tc.name, func(t *testing.T) {
+			if tc.needToken && tc.token == "" {
+				tc.token, _ = createToken(userInfo{Username: "user",
+					Password: "$2a$10$w6/HvzjDEJa7vgmEGWtXCuz9YkUkcyLMHN547wRhNyUTR0zPIILmK"}, 10)
+			}
+			req, err := http.NewRequest(http.MethodGet, s.URL+"/pics?search='abc'", nil)
+			if err != nil {
+				t.Errorf("creating request: %v", err)
+			}
+			if tc.needToken {
+				req.Header.Set("Authorization", tc.token)
+			}
+			res, err := http.DefaultClient.Do(req)
+			if err != nil {
+				t.Errorf("sending request: %v", err)
+			}
+			if res.StatusCode != tc.expectedStatus {
+				t.Errorf("unexpected response status: %v", res.StatusCode)
+			}
+		})
+	}
+}

server/handler/token.go

@@ -6,7 +6,7 @@ import (
 	"time"
 )
 
-var secretKey = []byte("bananchiki") // TODO: config.yaml
+var secretKey = []byte("bananchiki")
 
 func createToken(user userInfo, expTime int) (string, error) {
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256,