umputun / stash / 20645439659
84%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 29
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 83.868% (-0.3%) from 84.156%
20645439659

push

github

web-flow 
refactor(auth): extract auth package and simplify interfaces (#54)

* refactor(auth): extract auth package and simplify interfaces

split ~900 line auth.go into app/server/auth/ package with 3 files:
- config.go: types and yaml parsing
- auth.go: Service struct and methods
- middleware.go: HTTP middleware and helpers

simplified consumer interfaces:
- api.AuthProvider: reduced from 7 to 3 methods
- server.AuditAuth: reduced from 4 to 2 methods

added request-based auth methods that encapsulate internal logic:
- FilterKeysForRequest(r, keys) replaces manual token/session/public checks
- IsRequestAdmin(r) replaces HasTokenACL + IsTokenAdmin + IsAdmin combo
- GetRequestActor(r) returns actor type and name from request

naming follows go conventions (avoid stuttering):
- auth.Service instead of auth.Auth
- auth.New instead of auth.NewAuth
- auth.Config instead of auth.AuthConfig

related #audit-ui

* fix(auth): address code review findings

- remove dead auth.Noop function and its test
- remove empty "service disabled" test subtests
- add TestService_Activate for Activate() method
- add ConfigValidator callback tests
- add TokenMiddleware list operation tests
- simplify initAuthService to single return value
- update CLAUDE.md with new auth package structure

* refactor(auth): make internal methods private

reduce public API surface by making methods private that are only used
within the auth package:
- getTokenACL, hasTokenACL, checkPermission
- filterTokenKeys, filterPublicKeys
- isTokenAdmin, validateSession, getPublicACL
- merge ValidateUser into IsValidUser (eliminate wrapper)

* fix(auth): address code review findings and add integration tests

- Fix token masking inconsistency: GetRequestActor now uses MaskToken() for consistent 4-char format
- Remove validateSession: duplicated GetSessionUser logic, updated all callers
- Remove dead code: getPublicACL (test-only) and unreachable zero interval check in startCleanup
- Fix no-assertion test: TestServ... (continued)

643 of 718 new or added lines in 8 files covered. (89.55%)

23 existing lines in 2 files now uncovered.

3977 of 4742 relevant lines covered (83.87%)

78.75 hits per line

New Missed Lines in Diff

Lines Coverage File
2
75.95
 -8.93% app/server/server.go
6
93.41
 app/server/auth/middleware.go
7
61.13
 1.13% app/main.go
8
93.44
 app/server/auth/config.go
52
87.0
 app/server/auth/auth.go

Uncovered Existing Lines

Lines Coverage File
3
61.13
 1.13% app/main.go
20
75.95
 -8.93% app/server/server.go
Jobs
ID Job ID Ran Files Coverage
1 20645439659.1 29
83.87
 GitHub Action Run
Source Files on build 20645439659