developer/galaxy-game
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: backend service

Browse Source
This commit is contained in:
Ilia Denisov
2026-05-06 10:14:55 +03:00
committed by GitHub
parent 3e2622757e
commit f446c6a2ac
1486 changed files with 49720 additions and 266401 deletions
Download Patch File Download Diff File Expand all files Collapse all files
integration/admin_flow_test.go
+55
View File
@@ -0,0 +1,55 @@
package integration_test
import (
"context"
"encoding/json"
"net/http"
"testing"
"time"
"galaxy/integration/testenv"
)
// TestAdminFlow_BootstrapAndCRUD verifies that the bootstrap admin
// account can authenticate against backend's admin surface, create a
// second admin, and that the second admin can disable the first.
func TestAdminFlow_BootstrapAndCRUD(t *testing.T) {
plat := testenv.Bootstrap(t, testenv.BootstrapOptions{})
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
defer cancel()
bootstrap := testenv.NewBackendAdminClient(plat.Backend.HTTPURL, plat.Backend.AdminUser, plat.Backend.AdminPassword)
// Create a second admin account.
body := map[string]any{
"username": "secondary",
"password": "secondary-secret-pw",
}
raw, resp, err := bootstrap.Do(ctx, http.MethodPost, "/api/v1/admin/admin-accounts", body)
if err != nil {
t.Fatalf("create admin: %v", err)
}
if resp.StatusCode != http.StatusCreated && resp.StatusCode != http.StatusOK {
t.Fatalf("create admin: status %d body=%s", resp.StatusCode, string(raw))
}
// Switch to the secondary admin and disable the bootstrap admin.
secondary := testenv.NewBackendAdminClient(plat.Backend.HTTPURL, "secondary", "secondary-secret-pw")
raw, resp, err = secondary.Do(ctx, http.MethodPost, "/api/v1/admin/admin-accounts/"+plat.Backend.AdminUser+"/disable", nil)
if err != nil {
t.Fatalf("disable bootstrap: %v", err)
}
if resp.StatusCode/100 != 2 {
t.Fatalf("disable bootstrap: status %d body=%s", resp.StatusCode, string(raw))
}
// Bootstrap admin should now be unauthorised on every endpoint.
raw, resp, err = bootstrap.Do(ctx, http.MethodGet, "/api/v1/admin/admin-accounts", nil)
if err != nil {
t.Fatalf("bootstrap after disable: %v", err)
}
if resp.StatusCode != http.StatusUnauthorized {
t.Fatalf("bootstrap should be unauthorized after disable: status %d body=%s", resp.StatusCode, string(raw))
}
_ = json.RawMessage(raw)
}