package handlers import ( "context" "net/http" "net/http/httptest" "testing" "time" "veza-backend-api/internal/services" "github.com/gin-gonic/gin" "github.com/google/uuid" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" "go.uber.org/zap" ) // MockAuditServiceForAuditHandler mocks AuditService for audit handler type MockAuditServiceForAuditHandler struct { mock.Mock } func (m *MockAuditServiceForAuditHandler) SearchLogs(ctx context.Context, req *services.AuditLogSearchRequest) ([]*services.AuditLog, error) { args := m.Called(ctx, req) if args.Get(0) == nil { return nil, args.Error(1) } return args.Get(0).([]*services.AuditLog), args.Error(1) } func (m *MockAuditServiceForAuditHandler) CountLogs(ctx context.Context, req *services.AuditLogSearchRequest) (int64, error) { args := m.Called(ctx, req) return args.Get(0).(int64), args.Error(1) } func (m *MockAuditServiceForAuditHandler) GetUserActivity(ctx context.Context, userID uuid.UUID, limit int) ([]*services.AuditLog, error) { args := m.Called(ctx, userID, limit) if args.Get(0) == nil { return nil, args.Error(1) } return args.Get(0).([]*services.AuditLog), args.Error(1) } func (m *MockAuditServiceForAuditHandler) GetIPActivity(ctx context.Context, ipAddress string, limit int) ([]*services.AuditLog, error) { args := m.Called(ctx, ipAddress, limit) if args.Get(0) == nil { return nil, args.Error(1) } return args.Get(0).([]*services.AuditLog), args.Error(1) } func (m *MockAuditServiceForAuditHandler) GetStats(ctx context.Context, startDate, endDate time.Time) ([]*services.AuditStats, error) { args := m.Called(ctx, startDate, endDate) if args.Get(0) == nil { return nil, args.Error(1) } return args.Get(0).([]*services.AuditStats), args.Error(1) } func (m *MockAuditServiceForAuditHandler) DetectSuspiciousActivity(ctx context.Context, hours int) ([]*services.SuspiciousActivity, error) { args := m.Called(ctx, hours) if args.Get(0) == nil { return nil, args.Error(1) } return args.Get(0).([]*services.SuspiciousActivity), args.Error(1) } func (m *MockAuditServiceForAuditHandler) CleanupOldLogs(ctx context.Context, retentionDays int) (int64, error) { args := m.Called(ctx, retentionDays) return args.Get(0).(int64), args.Error(1) } func setupTestAuditRouter(mockService *MockAuditServiceForAuditHandler) *gin.Engine { gin.SetMode(gin.TestMode) router := gin.New() logger := zap.NewNop() handler := NewAuditHandlerWithInterface(mockService, logger) api := router.Group("/api/v1/audit") api.Use(func(c *gin.Context) { userIDStr := c.GetHeader("X-User-ID") if userIDStr != "" { uid, err := uuid.Parse(userIDStr) if err == nil { c.Set("user_id", uid) } } c.Next() }) { api.GET("/logs", handler.SearchLogs()) api.GET("/users/:id/activity", handler.GetUserActivity()) api.GET("/ips/:ip/activity", handler.GetIPActivity()) } return router } func TestAuditHandler_SearchLogs_Success(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() logID := uuid.New() expectedLogs := []*services.AuditLog{ { ID: logID, UserID: &userID, Action: "login", Resource: "auth", IPAddress: "127.0.0.1", }, } mockService.On("SearchLogs", mock.Anything, mock.MatchedBy(func(r *services.AuditLogSearchRequest) bool { return r.UserID != nil && *r.UserID == userID })).Return(expectedLogs, nil) mockService.On("CountLogs", mock.Anything, mock.Anything).Return(int64(1), nil) // Execute reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_SearchLogs_WithFilters(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() logID := uuid.New() expectedLogs := []*services.AuditLog{ { ID: logID, UserID: &userID, Action: "login", Resource: "auth", IPAddress: "127.0.0.1", }, } mockService.On("SearchLogs", mock.Anything, mock.MatchedBy(func(r *services.AuditLogSearchRequest) bool { return r.Action == "login" && r.Resource == "auth" })).Return(expectedLogs, nil) mockService.On("CountLogs", mock.Anything, mock.Anything).Return(int64(1), nil) // Execute - With filters reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs?action=login&resource=auth", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_SearchLogs_WithDateRange(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() startDate := time.Now().AddDate(0, 0, -7).Format("2006-01-02") endDate := time.Now().Format("2006-01-02") expectedLogs := []*services.AuditLog{} mockService.On("SearchLogs", mock.Anything, mock.MatchedBy(func(r *services.AuditLogSearchRequest) bool { return r.StartDate != nil && r.EndDate != nil })).Return(expectedLogs, nil) mockService.On("CountLogs", mock.Anything, mock.Anything).Return(int64(0), nil) // Execute - With date range reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs?start_date="+startDate+"&end_date="+endDate, nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_SearchLogs_InvalidDate(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() // Execute - Invalid date format reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs?start_date=invalid", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusBadRequest, w.Code) mockService.AssertNotCalled(t, "SearchLogs") } func TestAuditHandler_SearchLogs_Unauthorized(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) // Execute - No X-User-ID header reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs", nil) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.True(t, w.Code == http.StatusUnauthorized || w.Code == http.StatusForbidden) mockService.AssertNotCalled(t, "SearchLogs") } func TestAuditHandler_SearchLogs_WithPagination(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() expectedLogs := []*services.AuditLog{} mockService.On("SearchLogs", mock.Anything, mock.MatchedBy(func(r *services.AuditLogSearchRequest) bool { return r.Page == 2 && r.Limit == 10 })).Return(expectedLogs, nil) mockService.On("CountLogs", mock.Anything, mock.Anything).Return(int64(0), nil) // Execute - With pagination reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/logs?page=2&limit=10", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_GetUserActivity_Success(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() logID := uuid.New() expectedLogs := []*services.AuditLog{ { ID: logID, UserID: &userID, Action: "login", Resource: "auth", }, } // GetUserActivity uses userID from context (X-User-ID header), not from URL param mockService.On("GetUserActivity", mock.Anything, userID, 50).Return(expectedLogs, nil) // Execute - Note: URL param is ignored, uses X-User-ID header reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/users/"+uuid.New().String()+"/activity", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_GetUserActivity_InvalidUserID(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() // Execute - Invalid UUID in URL (but handler uses X-User-ID header, so this should still work) // Actually, looking at the handler code, it doesn't parse the URL param, it uses context user_id // So invalid UUID in URL won't cause an error - the handler will use the user_id from context // This test should verify that the handler works even with invalid UUID in URL mockService.On("GetUserActivity", mock.Anything, userID, 50).Return([]*services.AuditLog{}, nil) reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/users/invalid-id/activity", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert - Handler uses userID from context, not URL param, so it should succeed assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_GetIPActivity_Success(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() ipAddress := "127.0.0.1" logID := uuid.New() expectedLogs := []*services.AuditLog{ { ID: logID, UserID: &userID, Action: "login", IPAddress: ipAddress, }, } mockService.On("GetIPActivity", mock.Anything, ipAddress, 50).Return(expectedLogs, nil) // Execute reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/ips/"+ipAddress+"/activity", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) } func TestAuditHandler_GetIPActivity_WithLimit(t *testing.T) { // Setup mockService := new(MockAuditServiceForAuditHandler) router := setupTestAuditRouter(mockService) userID := uuid.New() ipAddress := "127.0.0.1" expectedLogs := []*services.AuditLog{} mockService.On("GetIPActivity", mock.Anything, ipAddress, 50).Return(expectedLogs, nil) // Execute - With limit parameter reqHTTP, _ := http.NewRequest("GET", "/api/v1/audit/ips/"+ipAddress+"/activity?limit=50", nil) reqHTTP.Header.Set("X-User-ID", userID.String()) w := httptest.NewRecorder() router.ServeHTTP(w, reqHTTP) // Assert assert.Equal(t, http.StatusOK, w.Code) mockService.AssertExpectations(t) }