feat: backend service

2026-05-06 10:14:55 +03:00
parent 3e2622757e
commit f446c6a2ac
1486 changed files with 49720 additions and 266401 deletions
@@ -0,0 +1,129 @@
+package integration_test
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"testing"
+	"time"
+
+	"galaxy/integration/testenv"
+)
+
+// TestAdminGlobalGamesView verifies the visibility split: admin sees
+// every game (public + private, regardless of owner); a regular user
+// querying their own listing sees only the games they own or
+// participate in.
+func TestAdminGlobalGamesView(t *testing.T) {
+	plat := testenv.Bootstrap(t, testenv.BootstrapOptions{})
+	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
+	defer cancel()
+
+	admin := testenv.NewBackendAdminClient(plat.Backend.HTTPURL, plat.Backend.AdminUser, plat.Backend.AdminPassword)
+	if _, resp, err := admin.Do(ctx, http.MethodPost, "/api/v1/admin/engine-versions", map[string]any{
+		"version": "v1.0.0", "image_ref": "galaxy/game:integration", "enabled": true,
+	}); err != nil || resp.StatusCode/100 != 2 {
+		t.Fatalf("seed engine_version: err=%v resp=%v", err, resp)
+	}
+
+	// Admin creates a public game.
+	publicBody := map[string]any{
+		"game_name":             "Public Cup",
+		"min_players":           2,
+		"max_players":           4,
+		"start_gap_hours":       1,
+		"start_gap_players":     2,
+		"enrollment_ends_at":    time.Now().Add(24 * time.Hour).UTC().Format(time.RFC3339),
+		"turn_schedule":         "0 * * * *",
+		"target_engine_version": "v1.0.0",
+	}
+	raw, resp, err := admin.Do(ctx, http.MethodPost, "/api/v1/admin/games", publicBody)
+	if err != nil || resp.StatusCode != http.StatusCreated {
+		t.Fatalf("admin create public: err=%v status=%d body=%s", err, resp.StatusCode, string(raw))
+	}
+	var publicGame struct{ GameID string `json:"game_id"` }
+	if err := json.Unmarshal(raw, &publicGame); err != nil {
+		t.Fatalf("decode public: %v", err)
+	}
+
+	// Two users; user A creates a private game.
+	a := testenv.RegisterSession(t, plat, "ownerA@example.com")
+	b := testenv.RegisterSession(t, plat, "ownerB@example.com")
+	aID, err := a.LookupUserID(ctx, plat)
+	if err != nil {
+		t.Fatalf("resolve A: %v", err)
+	}
+	bID, err := b.LookupUserID(ctx, plat)
+	if err != nil {
+		t.Fatalf("resolve B: %v", err)
+	}
+	aHTTP := testenv.NewBackendUserClient(plat.Backend.HTTPURL, aID)
+	bHTTP := testenv.NewBackendUserClient(plat.Backend.HTTPURL, bID)
+
+	privateBody := map[string]any{
+		"game_name":             "Private Run",
+		"visibility":            "private",
+		"min_players":           2,
+		"max_players":           4,
+		"start_gap_hours":       1,
+		"start_gap_players":     2,
+		"enrollment_ends_at":    time.Now().Add(24 * time.Hour).UTC().Format(time.RFC3339),
+		"turn_schedule":         "0 * * * *",
+		"target_engine_version": "v1.0.0",
+	}
+	raw, resp, err = aHTTP.Do(ctx, http.MethodPost, "/api/v1/user/lobby/games", privateBody)
+	if err != nil || resp.StatusCode != http.StatusCreated {
+		t.Fatalf("user create private: err=%v status=%d body=%s", err, resp.StatusCode, string(raw))
+	}
+	var privateGame struct{ GameID string `json:"game_id"` }
+	if err := json.Unmarshal(raw, &privateGame); err != nil {
+		t.Fatalf("decode private: %v", err)
+	}
+
+	// User B can see the public game but NOT user A's private one.
+	raw, resp, err = bHTTP.Do(ctx, http.MethodGet, "/api/v1/user/lobby/games?page=1&page_size=20", nil)
+	if err != nil || resp.StatusCode != http.StatusOK {
+		t.Fatalf("user B list: err=%v status=%d body=%s", err, resp.StatusCode, string(raw))
+	}
+	var bList struct{ Items []struct{ GameID string `json:"game_id"` } `json:"items"` }
+	if err := json.Unmarshal(raw, &bList); err != nil {
+		t.Fatalf("decode user B list: %v", err)
+	}
+	bSeesPublic, bSeesPrivate := false, false
+	for _, g := range bList.Items {
+		if g.GameID == publicGame.GameID {
+			bSeesPublic = true
+		}
+		if g.GameID == privateGame.GameID {
+			bSeesPrivate = true
+		}
+	}
+	if !bSeesPublic {
+		t.Fatalf("user B did not see the public game")
+	}
+	if bSeesPrivate {
+		t.Fatalf("user B saw user A's private game in the public listing")
+	}
+
+	// Admin sees every game.
+	raw, resp, err = admin.Do(ctx, http.MethodGet, "/api/v1/admin/games?page=1&page_size=20", nil)
+	if err != nil || resp.StatusCode != http.StatusOK {
+		t.Fatalf("admin list games: err=%v status=%d body=%s", err, resp.StatusCode, string(raw))
+	}
+	var adminList struct{ Items []struct{ GameID string `json:"game_id"` } `json:"items"` }
+	if err := json.Unmarshal(raw, &adminList); err != nil {
+		t.Fatalf("decode admin list: %v", err)
+	}
+	sawPublic, sawPrivate := false, false
+	for _, g := range adminList.Items {
+		if g.GameID == publicGame.GameID {
+			sawPublic = true
+		}
+		if g.GameID == privateGame.GameID {
+			sawPrivate = true
+		}
+	}
+	if !sawPublic || !sawPrivate {
+		t.Fatalf("admin list missing entries: public=%v private=%v items=%+v", sawPublic, sawPrivate, adminList.Items)
+	}
+}