feat: backend service

integration/admin_user_sanction_test.go

@@ -0,0 +1,83 @@
+package integration_test
+
+import (
+	"context"
+	"net/http"
+	"testing"
+	"time"
+
+	"galaxy/integration/testenv"
+	usermodel "galaxy/model/user"
+	"galaxy/transcoder"
+)
+
+// TestAdminUserSanctionPermanentBlock verifies that applying the
+// `permanent_block` sanction through the admin endpoint cascades:
+//   - the user's active session is revoked (subsequent gateway calls
+//     fail Unauthenticated);
+//   - send-email-code on the same email is rejected with the
+//     standard error envelope.
+func TestAdminUserSanctionPermanentBlock(t *testing.T) {
+	plat := testenv.Bootstrap(t, testenv.BootstrapOptions{})
+	ctx, cancel := context.WithTimeout(context.Background(), 90*time.Second)
+	defer cancel()
+
+	const email = "pilot+sanction@example.com"
+	sess := testenv.RegisterSession(t, plat, email)
+	gw, err := sess.DialAuthenticated(ctx, plat)
+	if err != nil {
+		t.Fatalf("dial: %v", err)
+	}
+	defer gw.Close()
+
+	// Sanity: signed call works pre-sanction.
+	payload, err := transcoder.GetMyAccountRequestToPayload(&usermodel.GetMyAccountRequest{})
+	if err != nil {
+		t.Fatalf("encode payload: %v", err)
+	}
+	if _, err := gw.Execute(ctx, usermodel.MessageTypeGetMyAccount, payload, testenv.ExecuteOptions{}); err != nil {
+		t.Fatalf("pre-sanction: %v", err)
+	}
+
+	userID, err := sess.LookupUserID(ctx, plat)
+	if err != nil {
+		t.Fatalf("resolve user_id: %v", err)
+	}
+
+	// Admin applies permanent_block.
+	admin := testenv.NewBackendAdminClient(plat.Backend.HTTPURL, plat.Backend.AdminUser, plat.Backend.AdminPassword)
+	body := map[string]any{
+		"sanction_code": "permanent_block",
+		"scope":         "global",
+		"reason_code":   "tos_violation",
+		"actor":         map[string]any{"type": "admin", "id": plat.Backend.AdminUser},
+	}
+	raw, resp, err := admin.Do(ctx, http.MethodPost, "/api/v1/admin/users/"+userID+"/sanctions", body)
+	if err != nil || resp.StatusCode/100 != 2 {
+		t.Fatalf("apply sanction: err=%v status=%d body=%s", err, resp.StatusCode, string(raw))
+	}
+
+	// Subsequent authenticated calls must fail.
+	deadline := time.Now().Add(2 * time.Second)
+	var lastErr error
+	for time.Now().Before(deadline) {
+		_, lastErr = gw.Execute(ctx, usermodel.MessageTypeGetMyAccount, payload, testenv.ExecuteOptions{})
+		if lastErr != nil {
+			break
+		}
+		time.Sleep(100 * time.Millisecond)
+	}
+	if lastErr == nil {
+		t.Fatalf("authenticated call succeeded after permanent_block")
+	}
+	if !testenv.IsUnauthenticated(lastErr) {
+		t.Fatalf("post-sanction status: %v", lastErr)
+	}
+
+	// New send-email-code on the same email must be rejected.
+	public := testenv.NewPublicRESTClient(plat.Gateway.HTTPURL)
+	_, _, err = public.SendEmailCode(ctx, email, "")
+	if err == nil {
+		t.Fatalf("send-email-code accepted for permanently blocked email")
+	}
+}