AcadeNice/Wiki
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions
Wiki/bridge/tests/middleware/rate-limit.test.ts
Corentin JOGUET 2ed73fa948
Some checks are pending
CI / Lint bridge (Biome) (push) Waiting to run
Details
CI / Type-check bridge (push) Blocked by required conditions
Details
CI / Tests unit bridge (push) Blocked by required conditions
Details
CI / Tests integration bridge (push) Blocked by required conditions
Details
CI / Security scan (push) Waiting to run
Details
CI / Docker build + healthcheck (push) Blocked by required conditions
Details
feat(bridge): R1 refactor proxy generique style Notion 
Pivot strategique : DocAdenice = produit Notion-like generique. Le bridge
est livre vide a un user qui cree ses tables Baserow comme il veut. Code
sans aucune ontologie metier.

Suppressions :
- 9 entites domain metier (Personne, Formation, Bloc, Module, Attribution,
  Client, Projet, Tache, Intervention) + types.ts (Role, statuts)
- baserow-repo.ts (mega-fichier 554 LOC avec 9 repos heritant BaseRepo)
- 6 routes metier (personnes, formations, projets, modules, interventions,
  attributions) + tests associes
- Lookup PersonneRepo.findByEmail dans middleware auth
- Mapping DEFAULT_ROLE_SCOPES dans middleware/scopes.ts
- Cascade rollup metier dans webhooks/baserow-handler.ts

Ajouts :
- Domain generique : Table, Row, Field, View + schemas zod refondus
- 4 repos generiques : tables / rows / fields / views
- Route unique routes/tables.ts avec 9 endpoints REST CRUD generiques
- Claim JWT acadenice_permissions[] lu directement dans le middleware auth
  (alimente par RBAC dynamique cote DocAdenice en R2)
- examples/acadenice-formation-hub/ : README + seed-baserow.md schema
  9 tables + example-roles.md (Formateur, Developpeur, Direction, Support,
  Admin avec permissions generiques)

Refactors :
- BaserowClient etendu : listTables, getTable, listFields, listViews,
  getGridViewRows
- middleware/auth.ts : extractPermissions(payload), AuthenticatedUser
  remplace roles[] par permissions[]
- middleware/scopes.ts : computeOidcScopes(groups, permissions, map)
- webhooks/baserow-handler.ts : invalidation generique
  bridge:tables:<tableId>:* sans cascade cross-table
- lib/cache.ts : invalidateEntity -> invalidateTable(redis, tableId, rowId?)
- container.ts : drop tableIds, RepoSet={tables, rows, fields, views}
- 501 NOT_IMPLEMENTED si DB token sur endpoints /tables qui exigent JWT

Tests : 250/250 verts (depuis 319). Coverage : domain 98.9%, adapters 89%,
auth 97.08%, rate-limit 100%, cache 100%, webhooks 100%.

Quality gates verts : typecheck, lint biome, vitest, coverage thresholds.

Refs: R1 dans le pivot strategique DocAdenice Notion-like generique.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 22:12:32 +02:00

286 lines
7.9 KiB
TypeScript
Raw Blame History

/**
* Tests rate limit middleware — fakes Redis.checkRateLimit pour observabilite.
*
* Pour les fenetres temporelles : pas de fake timers Vitest car
* RedisCache.checkRateLimit est mocke par fonction async ; on simule la reset
* en remplacant le mock entre les requetes (equivalent fonctionnel).
*/
import { Hono } from 'hono';
import { afterEach, describe, expect, it, vi } from 'vitest';
import { errorHandler } from '../../src/middleware/error-handler.js';
import {
type RateLimitDeps,
defaultRateLimitKey,
rateLimit,
} from '../../src/middleware/rate-limit.js';
interface FakeUser {
source: string;
tokenId?: string;
email?: string;
sub?: string;
groups: string[];
permissions: string[];
scopes: string[];
}
function buildApp(
deps: RateLimitDeps,
opts: { max: number; window: number; keyFrom?: Parameters<typeof rateLimit>[1]['keyFrom'] },
presetUser?: FakeUser,
) {
const app = new Hono();
app.onError(errorHandler);
app.use('*', async (c, next) => {
if (presetUser) c.set('user' as never, presetUser as never);
await next();
});
app.use(
'*',
rateLimit(deps, {
maxRequests: opts.max,
windowSeconds: opts.window,
keyFrom: opts.keyFrom,
}),
);
app.get('/', (c) => c.text('ok'));
app.post('/mut', (c) => c.text('mut'));
return app;
}
class FakeLimiter {
public calls: Array<{ key: string; max: number; window: number }> = [];
// Map de (key) -> count vu jusqu'a maintenant. La fenetre n'est pas simulee :
// on remet a 0 manuellement entre les groupes de tests pour mimer l'expiry.
public counts = new Map<string, number>();
checkRateLimit = async (key: string, max: number, window: number): Promise<boolean> => {
this.calls.push({ key, max, window });
const next = (this.counts.get(key) ?? 0) + 1;
this.counts.set(key, next);
return next <= max;
};
reset(key: string) {
this.counts.set(key, 0);
}
}
describe('rateLimit middleware', () => {
afterEach(() => {
vi.restoreAllMocks();
});
it('autorise sous la limite, refuse au-dela avec 429 RATE_LIMITED', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 2, window: 60 },
{
source: 'service-token',
tokenId: 'svc-A',
permissions: [],
groups: [],
scopes: [],
},
);
const r1 = await app.request('/');
const r2 = await app.request('/');
const r3 = await app.request('/');
expect(r1.status).toBe(200);
expect(r2.status).toBe(200);
expect(r3.status).toBe(429);
const body = (await r3.json()) as {
error: { code: string; details?: { retry_after: number } };
};
expect(body.error.code).toBe('RATE_LIMITED');
expect(body.error.details?.retry_after).toBe(60);
expect(r3.headers.get('X-RateLimit-Limit')).toBe('2');
expect(r3.headers.get('X-RateLimit-Remaining')).toBe('0');
expect(r3.headers.get('X-RateLimit-Reset')).toBe('60');
});
it('reset apres windowSeconds (simulee via reset du compteur fake)', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 1, window: 5 },
{
source: 'service-token',
tokenId: 'svc-B',
permissions: [],
groups: [],
scopes: [],
},
);
const r1 = await app.request('/');
const r2 = await app.request('/');
expect(r1.status).toBe(200);
expect(r2.status).toBe(429);
// Simule l'expiry de la fenetre.
limiter.reset('token:svc-B');
const r3 = await app.request('/');
expect(r3.status).toBe(200);
});
it('compteurs global et mutation sont independants (cles distinctes en Redis)', async () => {
const limiter = new FakeLimiter();
const user: FakeUser = {
source: 'service-token',
tokenId: 'svc-C',
permissions: [],
groups: [],
scopes: [],
};
const app = new Hono();
app.onError(errorHandler);
app.use('*', async (c, next) => {
c.set('user' as never, user as never);
await next();
});
app.use('*', rateLimit(limiter, { maxRequests: 5, windowSeconds: 60 }));
app.use(
'*',
rateLimit(limiter, {
maxRequests: 2,
windowSeconds: 60,
keyFrom: (c) => `${defaultRateLimitKey(c)}:mut`,
}),
);
app.post('/mut', (c) => c.text('ok'));
const r1 = await app.request('/mut', { method: 'POST' });
const r2 = await app.request('/mut', { method: 'POST' });
const r3 = await app.request('/mut', { method: 'POST' });
expect(r1.status).toBe(200);
expect(r2.status).toBe(200);
// 3eme : global = 3/5 OK, mutation = 3/2 KO -> 429.
expect(r3.status).toBe(429);
// Assertions sur les cles : deux compteurs distincts en Redis.
const keys = limiter.calls.map((c) => c.key);
expect(keys).toContain('token:svc-C');
expect(keys).toContain('token:svc-C:mut');
});
it('cle prioritaire : tokenId service-token avant tout', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 5, window: 60 },
{
source: 'service-token',
tokenId: 'svc-D',
email: 'should-not-be-used@test',
sub: 'sub-x',
permissions: [],
groups: [],
scopes: [],
},
);
await app.request('/');
expect(limiter.calls[0]?.key).toBe('token:svc-D');
});
it('cle email OIDC quand pas de tokenId', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 5, window: 60 },
{
source: 'oidc-jwt',
email: 'Foo@Bar.IO',
sub: 'sub-y',
permissions: [],
groups: [],
scopes: [],
},
);
await app.request('/');
// Email lower-case pour stabilite cross-casing.
expect(limiter.calls[0]?.key).toBe('email:foo@bar.io');
});
it('cle sub OIDC quand email absent', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 5, window: 60 },
{
source: 'oidc-jwt',
sub: 'sub-z',
permissions: [],
groups: [],
scopes: [],
},
);
await app.request('/');
expect(limiter.calls[0]?.key).toBe('sub:sub-z');
});
it('fallback IP via x-forwarded-for + warning logge', async () => {
const limiter = new FakeLimiter();
const app = new Hono();
app.onError(errorHandler);
app.use('*', rateLimit(limiter, { maxRequests: 5, windowSeconds: 60 }));
app.get('/', (c) => c.text('ok'));
await app.request('/', { headers: { 'x-forwarded-for': '203.0.113.5, 10.0.0.1' } });
// Premier IP (client le plus eloigne) extrait correctement.
expect(limiter.calls[0]?.key).toBe('ip:203.0.113.5');
});
it('fallback anonymous quand ni user ni IP', async () => {
const limiter = new FakeLimiter();
const app = new Hono();
app.onError(errorHandler);
app.use('*', rateLimit(limiter, { maxRequests: 5, windowSeconds: 60 }));
app.get('/', (c) => c.text('ok'));
await app.request('/');
expect(limiter.calls[0]?.key).toBe('anonymous');
});
it('keyFrom custom override la priorite par defaut', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 5, window: 60, keyFrom: () => 'custom-key' },
{ source: 'service-token', tokenId: 'svc-E', permissions: [], groups: [], scopes: [] },
);
await app.request('/');
expect(limiter.calls[0]?.key).toBe('custom-key');
});
it('appelle next() en cascade sans erreur quand sous la limite', async () => {
const limiter = new FakeLimiter();
const app = buildApp(
limiter,
{ max: 10, window: 60 },
{
source: 'service-token',
tokenId: 'svc-F',
permissions: [],
groups: [],
scopes: [],
},
);
const res = await app.request('/');
expect(res.status).toBe(200);
expect(await res.text()).toBe('ok');
});
});
Reference in a new issue View git blame Copy permalink