diff options
Diffstat (limited to 'internal/api/api_test.go')
| -rw-r--r-- | internal/api/api_test.go | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/internal/api/api_test.go b/internal/api/api_test.go index a0ded1d2..0bc409c5 100644 --- a/internal/api/api_test.go +++ b/internal/api/api_test.go @@ -16,8 +16,10 @@ import ( "github.com/google/go-cmp/cmp" "golang.org/x/pkgsite/internal" + "golang.org/x/pkgsite/internal/osv" "golang.org/x/pkgsite/internal/testing/fakedatasource" "golang.org/x/pkgsite/internal/testing/sample" + "golang.org/x/pkgsite/internal/vuln" ) func TestServePackage(t *testing.T) { @@ -768,6 +770,69 @@ func TestServePackageImportedBy(t *testing.T) { } } +func TestServeVulnerabilities(t *testing.T) { + ds := fakedatasource.New() + vc, err := vuln.NewInMemoryClient([]*osv.Entry{ + { + ID: "VULN-1", + Summary: "Vulnerability 1", + Affected: []osv.Affected{ + { + Module: osv.Module{Path: "example.com"}, + Ranges: []osv.Range{{Type: osv.RangeTypeSemver, Events: []osv.RangeEvent{{Introduced: "0"}, {Fixed: "1.1.0"}}}}, + }, + }, + }, + }) + if err != nil { + t.Fatal(err) + } + + for _, test := range []struct { + name string + url string + wantStatus int + wantCount int + }{ + { + name: "all vulns", + url: "/v1/vulns/example.com?version=v1.0.0", + wantStatus: http.StatusOK, + wantCount: 1, + }, + { + name: "no vulns", + url: "/v1/vulns/example.com?version=v1.2.0", + wantStatus: http.StatusOK, + wantCount: 0, + }, + } { + t.Run(test.name, func(t *testing.T) { + r := httptest.NewRequest("GET", test.url, nil) + w := httptest.NewRecorder() + + err := ServeVulnerabilities(vc)(w, r, ds) + if err != nil && w.Code != test.wantStatus { + t.Fatalf("ServeVulnerabilities returned error: %v", err) + } + + if w.Code != test.wantStatus { + t.Errorf("status = %d, want %d", w.Code, test.wantStatus) + } + + if test.wantStatus == http.StatusOK { + var got PaginatedResponse[Vulnerability] + if err := json.Unmarshal(w.Body.Bytes(), &got); err != nil { + t.Fatalf("json.Unmarshal: %v", err) + } + if len(got.Items) != test.wantCount { + t.Errorf("count = %d, want %d", len(got.Items), test.wantCount) + } + } + }) + } +} + // unmarshalResponse unmarshals an API response into either // a *T or an *Error. func unmarshalResponse[T any](data []byte) (any, error) { |