Coverage priorities 1-5: test pure functions, extract interfaces, mock-based handler tests

- Priority 1: Test NewSendEmailTask + NewSendPushTask (5 tests) - Priority 2: Test customHTTPErrorHandler — all 15+ branches (21 tests) - Priority 3: Extract Enqueuer interface + payload builders in worker pkg (5 tests) - Priority 4: Extract ClassifyFile/ComputeRelPath in migrate-encrypt (6 tests) - Priority 5: Define Handler interfaces, refactor to accept them, mock-based tests (14 tests) - Fix .gitignore: /worker instead of worker to stop ignoring internal/worker/ Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 20:30:09 -05:00
parent 00fd674b56
commit bec880886b
83 changed files with 19569 additions and 730 deletions
--- a/internal/handlers/document_handler_test.go
+++ b/internal/handlers/document_handler_test.go
@@ -224,3 +224,235 @@ func TestDocumentHandler_DeleteDocument(t *testing.T) {
 		testutil.AssertStatusCode(t, w, http.StatusNotFound)
 	})
 }
+
+func TestDocumentHandler_UpdateDocument(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+	doc := testutil.CreateTestDocument(t, db, residence.ID, user.ID, "Original Title")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.PUT("/:id/", handler.UpdateDocument)
+
+	t.Run("successful update", func(t *testing.T) {
+		newTitle := "Updated Title"
+		req := map[string]interface{}{
+			"title": newTitle,
+		}
+		w := testutil.MakeRequest(e, "PUT", fmt.Sprintf("/api/documents/%d/", doc.ID), req, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusOK)
+
+		var response map[string]interface{}
+		err := json.Unmarshal(w.Body.Bytes(), &response)
+		require.NoError(t, err)
+		assert.Equal(t, "Updated Title", response["title"])
+	})
+
+	t.Run("invalid id returns 400", func(t *testing.T) {
+		req := map[string]interface{}{"title": "Updated"}
+		w := testutil.MakeRequest(e, "PUT", "/api/documents/invalid/", req, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+
+	t.Run("not found returns 404", func(t *testing.T) {
+		req := map[string]interface{}{"title": "Updated"}
+		w := testutil.MakeRequest(e, "PUT", "/api/documents/99999/", req, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusNotFound)
+	})
+
+	t.Run("access denied for other user", func(t *testing.T) {
+		otherUser := testutil.CreateTestUser(t, db, "other", "other@test.com", "Password123")
+
+		e2 := testutil.SetupTestRouter()
+		otherGroup := e2.Group("/api/documents")
+		otherGroup.Use(testutil.MockAuthMiddleware(otherUser))
+		otherGroup.PUT("/:id/", handler.UpdateDocument)
+
+		req := map[string]interface{}{"title": "Hacked"}
+		w := testutil.MakeRequest(e2, "PUT", fmt.Sprintf("/api/documents/%d/", doc.ID), req, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusForbidden)
+	})
+}
+
+func TestDocumentHandler_ListDocuments_Filters(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+	testutil.CreateTestDocument(t, db, residence.ID, user.ID, "Active Doc")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.GET("/", handler.ListDocuments)
+
+	t.Run("filter by residence", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "GET", fmt.Sprintf("/api/documents/?residence=%d", residence.ID), nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusOK)
+
+		var response []map[string]interface{}
+		err := json.Unmarshal(w.Body.Bytes(), &response)
+		require.NoError(t, err)
+		assert.Len(t, response, 1)
+	})
+
+	t.Run("filter by search", func(t *testing.T) {
+		t.Skip("ILIKE is not supported in SQLite; search filter requires PostgreSQL")
+	})
+
+	t.Run("expiring_soon out of range returns 400", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "GET", "/api/documents/?expiring_soon=5000", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+}
+
+func TestDocumentHandler_ListWarranties(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+
+	// Create a warranty document
+	doc := testutil.CreateTestDocument(t, db, residence.ID, user.ID, "Warranty Doc")
+	require.NoError(t, db.Model(doc).Update("document_type", "warranty").Error)
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.GET("/warranties/", handler.ListWarranties)
+
+	t.Run("successful list warranties", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "GET", "/api/documents/warranties/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusOK)
+	})
+}
+
+func TestDocumentHandler_ActivateDeactivateDocument(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+	doc := testutil.CreateTestDocument(t, db, residence.ID, user.ID, "Toggle Doc")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.POST("/:id/deactivate/", handler.DeactivateDocument)
+	authGroup.POST("/:id/activate/", handler.ActivateDocument)
+
+	t.Run("deactivate document", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", fmt.Sprintf("/api/documents/%d/deactivate/", doc.ID), nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusOK)
+
+		var response map[string]interface{}
+		err := json.Unmarshal(w.Body.Bytes(), &response)
+		require.NoError(t, err)
+		assert.Equal(t, false, response["is_active"])
+	})
+
+	t.Run("activate document", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", fmt.Sprintf("/api/documents/%d/activate/", doc.ID), nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusOK)
+
+		var response map[string]interface{}
+		err := json.Unmarshal(w.Body.Bytes(), &response)
+		require.NoError(t, err)
+		assert.Equal(t, true, response["is_active"])
+	})
+
+	t.Run("activate invalid id returns 400", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", "/api/documents/invalid/activate/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+
+	t.Run("deactivate invalid id returns 400", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", "/api/documents/invalid/deactivate/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+
+	t.Run("activate not found returns 404", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", "/api/documents/99999/activate/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusNotFound)
+	})
+
+	t.Run("deactivate not found returns 404", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "POST", "/api/documents/99999/deactivate/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusNotFound)
+	})
+}
+
+func TestDocumentHandler_CreateDocument_ValidationErrors(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.POST("/", handler.CreateDocument)
+
+	t.Run("missing title returns 400", func(t *testing.T) {
+		body := map[string]interface{}{
+			"residence_id": residence.ID,
+		}
+		w := testutil.MakeRequest(e, "POST", "/api/documents/", body, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+
+	t.Run("missing residence_id returns 400", func(t *testing.T) {
+		body := map[string]interface{}{
+			"title": "Test Doc",
+		}
+		w := testutil.MakeRequest(e, "POST", "/api/documents/", body, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+
+	t.Run("invalid document_type returns 400", func(t *testing.T) {
+		body := map[string]interface{}{
+			"title":         "Test Doc",
+			"residence_id":  residence.ID,
+			"document_type": "invalid_type",
+		}
+		w := testutil.MakeRequest(e, "POST", "/api/documents/", body, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+}
+
+func TestDocumentHandler_GetDocument_InvalidID(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.GET("/:id/", handler.GetDocument)
+
+	t.Run("invalid id returns 400", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "GET", "/api/documents/invalid/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+}
+
+func TestDocumentHandler_DeleteDocument_InvalidID(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(user))
+	authGroup.DELETE("/:id/", handler.DeleteDocument)
+
+	t.Run("invalid id returns 400", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "DELETE", "/api/documents/invalid/", nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusBadRequest)
+	})
+}
+
+func TestDocumentHandler_DeleteDocument_AccessDenied(t *testing.T) {
+	handler, e, db := setupDocumentHandler(t)
+	user := testutil.CreateTestUser(t, db, "owner", "owner@test.com", "Password123")
+	otherUser := testutil.CreateTestUser(t, db, "other", "other@test.com", "Password123")
+	residence := testutil.CreateTestResidence(t, db, user.ID, "Test House")
+	doc := testutil.CreateTestDocument(t, db, residence.ID, user.ID, "Test Doc")
+
+	authGroup := e.Group("/api/documents")
+	authGroup.Use(testutil.MockAuthMiddleware(otherUser))
+	authGroup.DELETE("/:id/", handler.DeleteDocument)
+
+	t.Run("access denied for other user", func(t *testing.T) {
+		w := testutil.MakeRequest(e, "DELETE", fmt.Sprintf("/api/documents/%d/", doc.ID), nil, "test-token")
+		testutil.AssertStatusCode(t, w, http.StatusForbidden)
+	})
+}