developer/galaxy-game
1
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Wiki Activity
Files
bde9d535dc2b27a697ba79651fe960e25f48fba9
galaxy-game/integration/testenv/session.go
T
Ilia Denisov 009ea560f9
Tests · Go / test (push) Successful in 2m17s
Details
Tests · UI / test (push) Waiting to run
Details
feat(lobby): F8-04b hierarchical sidebar + paid-tier gate for create-game 
Reshape the lobby UI from a single Overview into a two-level sidebar
(games · profile · DEV synthetic-reports) with four games sub-panels
(active-past · recruitment · invitations · private-games). Move the
`create new game` button into the private-games panel, merge the
applications section into recruitment cards as status chips, and add
DEV-only synthetic-report loader as a top-level screen.

Add a paid-tier gate at backend `lobby.game.create`: free callers get
`403 forbidden` before the lobby service is invoked. The UI hides the
private-games sub-panel + create button on free tier (DEV affordances
flag overrides). Update every integration test that creates a game to
use a new `testenv.PromoteToPaid` helper; add a new
`TestLobbyFlow_FreeUserCreateGameForbidden`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-26 23:53:53 +02:00

146 lines
4.6 KiB
Go
Raw Blame History

package testenv
import (
"context"
"crypto/ed25519"
"encoding/json"
"fmt"
"net/http"
"regexp"
"testing"
"time"
)
// Session is a registered device session ready to drive the
// authenticated edge surface.
type Session struct {
Email string
DeviceSessionID string
Public ed25519.PublicKey
Private ed25519.PrivateKey
}
var sessionLoginCodeRE = regexp.MustCompile(`(?m)\b(\d{6})\b`)
// RegisterSession runs send-email-code → confirm-email-code through
// the gateway public REST surface and returns a fresh Session. It
// uses mailpit to capture the verification code and includes the
// platform's mailpit reset to avoid stale messages between calls.
func RegisterSession(t *testing.T, plat *Platform, email string) *Session {
t.Helper()
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
defer cancel()
if err := plat.Mailpit.DeleteAll(ctx); err != nil {
t.Fatalf("clear mailpit: %v", err)
}
pub, priv, err := GenerateSessionKeyPair()
if err != nil {
t.Fatalf("generate session keypair: %v", err)
}
public := NewPublicRESTClient(plat.Gateway.HTTPURL)
send, _, err := public.SendEmailCode(ctx, email, "en-US")
if err != nil {
t.Fatalf("send-email-code: %v", err)
}
if send.ChallengeID == "" {
t.Fatalf("send-email-code returned empty challenge_id")
}
msg, err := plat.Mailpit.WaitForMessage(ctx, "to:"+email, 30*time.Second)
if err != nil {
t.Fatalf("wait for mail: %v", err)
}
body, err := plat.Mailpit.MessageBody(ctx, msg.ID)
if err != nil {
t.Fatalf("fetch mail body: %v", err)
}
m := sessionLoginCodeRE.FindStringSubmatch(body)
if m == nil {
t.Fatalf("no 6-digit code in mail body:\n%s", body)
}
code := m[1]
// Pass a non-UTC IANA zone so every integration scenario that
// enrols a pilot exercises the time.LoadLocation path. UTC works
// even when the backend image lacks tzdata (Go's no-data fallback
// covers it), so a regression that drops the embedded tzdata
// import would otherwise slip past unnoticed.
confirm, _, err := public.ConfirmEmailCode(ctx, send.ChallengeID, code, EncodePublicKey(pub), "Europe/Berlin")
if err != nil {
t.Fatalf("confirm-email-code: %v", err)
}
if confirm.DeviceSessionID == "" {
t.Fatalf("confirm-email-code returned empty device_session_id")
}
return &Session{
Email: email,
DeviceSessionID: confirm.DeviceSessionID,
Public: pub,
Private: priv,
}
}
// DialAuthenticated returns a SignedGatewayClient bound to s.
func (s *Session) DialAuthenticated(ctx context.Context, plat *Platform) (*SignedGatewayClient, error) {
if s == nil {
return nil, fmt.Errorf("nil session")
}
return DialGateway(ctx, plat.Gateway.GRPCAddr, s.DeviceSessionID, s.Private, plat.Gateway.ResponseSignerPublic)
}
// PromoteToPaid applies a permanent paid entitlement to the user
// behind sess via the backend admin surface, so subsequent lobby
// commands gated by `EntitlementProvider.IsPaid` (notably
// `POST /api/v1/user/lobby/games`) succeed. Helper for integration
// scenarios that create games end-to-end; the default
// `RegisterSession` leaves the user on the free tier.
func PromoteToPaid(t *testing.T, ctx context.Context, admin *BackendAdminClient, plat *Platform, sess *Session) {
t.Helper()
if sess == nil {
t.Fatalf("PromoteToPaid: nil session")
}
userID, err := sess.LookupUserID(ctx, plat)
if err != nil {
t.Fatalf("PromoteToPaid: lookup user_id: %v", err)
}
body := map[string]any{
"tier": "permanent",
"source": "integration_test",
"actor": map[string]any{"type": "admin", "id": "integration"},
}
raw, resp, err := admin.Do(ctx, http.MethodPost, "/api/v1/admin/users/"+userID+"/entitlements", body)
if err != nil {
t.Fatalf("PromoteToPaid: %v", err)
}
if resp.StatusCode/100 != 2 {
t.Fatalf("PromoteToPaid: status=%d body=%s", resp.StatusCode, string(raw))
}
}
// LookupUserID resolves the user_id for s via backend's internal
// session lookup. Returns an empty string if the session is unknown.
func (s *Session) LookupUserID(ctx context.Context, plat *Platform) (string, error) {
if s == nil || s.DeviceSessionID == "" {
return "", fmt.Errorf("nil or empty session")
}
internal := NewBackendInternalClient(plat.Backend.HTTPURL)
raw, resp, err := internal.Do(ctx, http.MethodGet, "/api/v1/internal/sessions/"+s.DeviceSessionID, nil)
if err != nil {
return "", err
}
if resp.StatusCode != http.StatusOK {
return "", fmt.Errorf("session lookup: status %d body=%s", resp.StatusCode, string(raw))
}
var body struct {
UserID string `json:"user_id"`
}
if err := json.Unmarshal(raw, &body); err != nil {
return "", fmt.Errorf("decode session: %w", err)
}
return body.UserID, nil
}
Reference in New Issue View Git Blame Copy Permalink