test(api): add tests for password validation in reset and update flows

- Add httpCodeGetter interface to handle ValidationHTTPError in test helper
- Add test case for password too short in password reset
- Add test case for password too short in password update
- Fix existing test data to use valid 8+ char passwords
This commit is contained in:
kolaente 2026-02-25 13:35:01 +01:00
parent 89c17d3b23
commit d1e1cb3b4f
3 changed files with 28 additions and 2 deletions

View File

@ -217,6 +217,11 @@ func assertHandlerErrorCode(t *testing.T, err error, expectedErrorCode int) {
t.FailNow() t.FailNow()
} }
// httpCodeGetter is an interface for errors that can provide their HTTP status code.
type httpCodeGetter interface {
GetHTTPCode() int
}
// getHTTPErrorCode extracts the HTTP status code from various error types // getHTTPErrorCode extracts the HTTP status code from various error types
func getHTTPErrorCode(err error) int { func getHTTPErrorCode(err error) int {
// First, try domain errors that implement HTTPErrorProcessor // First, try domain errors that implement HTTPErrorProcessor
@ -224,6 +229,11 @@ func getHTTPErrorCode(err error) int {
return httpErr.HTTPError().HTTPCode return httpErr.HTTPError().HTTPCode
} }
// Try errors that implement httpCodeGetter (like ValidationHTTPError)
if codeGetter, ok := err.(httpCodeGetter); ok {
return codeGetter.GetHTTPCode()
}
// Fall back to echo.HTTPError // Fall back to echo.HTTPError
var httperr *echo.HTTPError var httperr *echo.HTTPError
if errors.As(err, &httperr) { if errors.As(err, &httperr) {

View File

@ -38,7 +38,7 @@ func TestUserChangePassword(t *testing.T) {
}) })
t.Run("Wrong old password", func(t *testing.T) { t.Run("Wrong old password", func(t *testing.T) {
_, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{ _, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{
"new_password": "12345", "new_password": "12345678",
"old_password": "invalid" "old_password": "invalid"
}`, nil, nil) }`, nil, nil)
require.Error(t, err) require.Error(t, err)
@ -46,7 +46,7 @@ func TestUserChangePassword(t *testing.T) {
}) })
t.Run("Empty old password", func(t *testing.T) { t.Run("Empty old password", func(t *testing.T) {
_, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{ _, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{
"new_password": "12345", "new_password": "12345678",
"old_password": "" "old_password": ""
}`, nil, nil) }`, nil, nil)
require.Error(t, err) require.Error(t, err)
@ -60,4 +60,12 @@ func TestUserChangePassword(t *testing.T) {
require.Error(t, err) require.Error(t, err)
assertHandlerErrorCode(t, err, user.ErrCodeEmptyNewPassword) assertHandlerErrorCode(t, err, user.ErrCodeEmptyNewPassword)
}) })
t.Run("New password too short", func(t *testing.T) {
_, err := newTestRequestWithUser(t, http.MethodPost, apiv1.UserChangePassword, &testuser1, `{
"new_password": "1234567",
"old_password": "12345678"
}`, nil, nil)
require.Error(t, err)
assert.Equal(t, http.StatusPreconditionFailed, getHTTPErrorCode(err))
})
} }

View File

@ -57,4 +57,12 @@ func TestUserPasswordReset(t *testing.T) {
require.Error(t, err) require.Error(t, err)
assertHandlerErrorCode(t, err, user.ErrCodeInvalidPasswordResetToken) assertHandlerErrorCode(t, err, user.ErrCodeInvalidPasswordResetToken)
}) })
t.Run("Password too short", func(t *testing.T) {
_, err := newTestRequest(t, http.MethodPost, apiv1.UserResetPassword, `{
"new_password": "1234567",
"token": "passwordresettesttoken"
}`, nil, nil)
require.Error(t, err)
assert.Equal(t, http.StatusPreconditionFailed, getHTTPErrorCode(err))
})
} }