Commit graph

265 commits

Author SHA1 Message Date
rcourtman
5fcd4e9cb9 Add unit tests for extractHostAndPort utility function
27 test cases covering URL/host:port parsing for node configuration:
- Scheme stripping (http://, https://)
- Path removal from URLs
- IPv4 addresses with and without ports
- IPv6 addresses (bracketed with port, unbracketed)
- Edge cases (empty string, localhost, port-only)
- Error cases (malformed brackets)

Documents current behavior: bracketed IPv6 without port returns error
(net.SplitHostPort limitation).
2025-12-01 01:19:10 +00:00
rcourtman
a21dd8c3d2 Add unit tests for system_settings.go map utility functions
52 test cases covering:
- firstValueForKeys: 18 cases for multi-key lookup with priority ordering
- hasAnyKey: 15 cases for key existence checking
- discoveryConfigMap: 19 cases for nested config extraction with camelCase/snake_case support

Tests verify edge cases including nil maps, empty key slices, type assertion failures,
and priority ordering for field name variants used in configuration parsing.
2025-12-01 01:05:07 +00:00
rcourtman
51671d2a56 Add unit tests for RecoveryTokenStore
20 test cases covering:
- Token generation (uniqueness, expiry durations, format)
- Token validation (valid, invalid, expired, used, empty store)
- Concurrent use protection (replay attack prevention)
- Cleanup routine (expired tokens, used tokens, stop signal)
- Persistence (save, load, filter expired on load)
- Edge cases (missing file, invalid JSON)
2025-12-01 00:06:32 +00:00
rcourtman
990a00c5be Add unit tests for normalizePVEUser and shouldSkipClusterAutoDetection 2025-11-30 23:53:41 +00:00
rcourtman
6ff3f57ac7 Add unit tests for security lockout and session management functions
Tests for internal/api/security.go:
- RecordFailedLogin: increments counts, triggers lockout at max attempts
- ClearFailedLogins: clears count and lockout state
- GetLockoutInfo: returns correct attempts/lockout status
- ResetLockout: admin lockout reset functionality
- TrackUserSession: user/session tracking
- GetSessionUsername: session lookup
- clearCSRFCookie: nil safety, cookie attributes
- issueNewCSRFCookie: nil safety, empty session handling
- FailedLogin/AuditEvent struct field validation

30 test cases covering lockout, session tracking, and CSRF functions.
2025-11-30 23:33:51 +00:00
rcourtman
314669d584 Add unit tests for SessionStore (internal/api)
Coverage for sessionHash, CreateSession, ValidateSession,
ValidateAndExtendSession, DeleteSession, persistence, and cleanup.
21 test cases covering session lifecycle, expiration handling,
and disk persistence. Coverage 25.0% → 25.3%.
2025-11-30 23:18:34 +00:00
rcourtman
554d44aba0 Add unit tests for auth helper functions (internal/api)
Tests for detectProxy, isConnectionSecure, getCookieSettings, and
generateSessionToken functions. Covers proxy detection for various
headers including X-Forwarded-For, CF-Ray, Forwarded (RFC 7239),
and secure connection detection via TLS and proxy headers.
2025-11-30 23:04:44 +00:00
rcourtman
3378814a05 Add unit tests for bootstrap token functions (internal/api)
20 test cases covering:
- generateBootstrapToken: uniqueness, format, hex encoding
- loadOrCreateBootstrapToken: new token creation, existing token loading,
  empty/whitespace paths, empty token files, directory creation, file permissions
- bootstrapTokenValid: nil router safety, empty hash/token handling
- clearBootstrapToken: nil safety, file deletion, state clearing

First test file for bootstrap_token.go security utilities.
2025-11-30 22:54:28 +00:00
rcourtman
f8c7a30d28 Fix cluster proxy token collision - store per-node control tokens
When multiple cluster nodes register sensor-proxy, each registration
was overwriting the previous node's control token on the shared
PVEInstance. This caused "Proxy token not recognized" errors on all
but the last-registered node.

Changes:
- Add TemperatureProxyControlToken field to ClusterEndpoint struct
- Store control tokens per-endpoint for cluster registrations
- Check both instance-level and endpoint-level tokens when validating

Related to #738
2025-11-30 20:37:58 +00:00
rcourtman
2620aa5db5 Add unit tests for security.go IP parsing utilities
- extractRemoteIP: 17 test cases for remote address parsing
  (IPv4/IPv6 with/without ports, bracketed notation, edge cases)
- firstValidForwardedIP: 21 test cases for X-Forwarded-For parsing
  (single/multiple IPs, invalid entries, IPv4/IPv6 mixed)
- isPrivateIPExtended: 33 test cases extending existing coverage
  (RFC 1918 boundaries, loopback range, IPv6 private/local, ports)

Total: 71 new test cases for IP address handling utilities.
2025-11-30 15:48:45 +00:00
rcourtman
2c26054d57 Add unit tests for router.go proxy header utility functions (api)
Add 77 test cases for 4 previously untested utility functions:
- firstForwardedValue: 14 cases for X-Forwarded-For header parsing
- sanitizeForwardedHost: 27 cases for host sanitization with scheme/port handling
- isLoopbackHost: 20 cases for loopback detection (localhost, 127.x, ::1)
- shouldAppendForwardedPort: 16 cases for port appending decisions

Key edge cases covered:
- IPv6 address bracket handling in sanitizeForwardedHost
- Case-insensitive localhost detection
- Full 127.0.0.0/8 loopback range validation
- strconv.Atoi accepts negative port strings (documented as current behavior)
2025-11-30 15:34:32 +00:00
rcourtman
930e003519 Add unit tests for normalizeUnifiedAgentArch and getClientIP (api)
Tests for unified_agent.go:
- normalizeUnifiedAgentArch: 51 test cases covering all supported
  architectures (linux/darwin/windows), case insensitivity,
  whitespace handling, and invalid inputs

Tests for updates.go:
- getClientIP: 18 test cases covering X-Forwarded-For priority,
  X-Real-IP fallback, RemoteAddr extraction, IPv4/IPv6 support,
  nil header safety, and case insensitivity
2025-11-30 15:05:37 +00:00
rcourtman
04d4b6606a Add unit tests for CSRF token store (api) 2025-11-30 14:55:47 +00:00
rcourtman
fe3f32ebcc Add unit tests for responseWriter middleware wrapper (api)
Tests for the responseWriter struct in middleware.go:
- APIError.Error() interface implementation (3 cases)
- WriteHeader once-only semantics (4 cases)
- Write with implicit WriteHeader (3 cases)
- StatusCode nil safety (4 cases)
- Hijack support detection (2 cases)
- Flush support detection (3 cases)
- Full flow integration and edge cases (4 cases)

First test file for middleware.go. 22 test cases total covering
HTTP response wrapper behavior used by ErrorHandler middleware.
2025-11-30 14:33:38 +00:00
rcourtman
39d02d62a3 Add unit tests for temperature proxy utility functions (api)
- extractHostPart: 22 test cases covering URL parsing, hostname extraction
- buildAuthorizedNodeList: 8 test cases for PVE instance node list building
- generateSecureToken: 5 test cases for cryptographic token generation
- proxySyncState: 6 test cases for sync status tracking and snapshots

First test file for temperature_proxy.go utility functions.
2025-11-30 14:07:04 +00:00
rcourtman
07587ec818 Add unit tests for GetRateLimiterForEndpoint (api)
37 test cases covering endpoint routing to rate limiters:
- Authentication endpoints (login, logout, change-password, auth/*)
- Recovery endpoints (security/recovery)
- Export/Import endpoints (config/export, config/import)
- Configuration write operations (POST/PUT/DELETE to config/*)
- Configuration read operations (GET to config/*, discover, security/status)
- Update endpoints (updates/*)
- WebSocket endpoints (/ws/*)
- Public endpoints (health, version, metrics, etc.)
- General API fallback
- Case insensitivity (uppercase paths)
- Lazy initialization when globalRateLimitConfig is nil
- Priority ordering tests for overlapping patterns
2025-11-30 13:48:23 +00:00
rcourtman
aee687bb03 Add unit tests for DemoModeMiddleware (api)
26 test cases covering:
- Demo mode disabled (all requests pass through)
- Demo mode enabled with read-only methods (GET/HEAD/OPTIONS allowed)
- WebSocket upgrade handling (case-insensitive)
- Auth endpoint allowlist (login, OIDC, logout)
- Modification request blocking (POST/PUT/DELETE/PATCH)
- Partial path match rejection (security)
- Response format verification (JSON error response)

First test file for demo_middleware.go. Tests verify correct header
setting (X-Demo-Mode) and error response structure.
2025-11-30 13:34:08 +00:00
rcourtman
702e56c97a Add unit tests for hasLegacyThresholds function (diagnostics)
Covers all legacy threshold field detection paths including
CPU, Memory, Disk, DiskRead, DiskWrite, NetworkIn, NetworkOut,
and mixed modern/legacy configurations.
2025-11-30 10:05:33 +00:00
rcourtman
722ea83b5d Add unit tests for RateLimiter (internal/api/ratelimit.go)
16 test cases covering:
- Basic rate limiting with Allow() (limit enforcement, different IPs)
- Sliding window behavior (time-based expiry, partial expiry)
- Edge cases (zero limit, large limit, empty IP)
- Cleanup routine (full cleanup, partial cleanup)
- Concurrent access (thread safety with 100 parallel attempts)
- Middleware integration (allowed/denied paths, X-Forwarded-For)

First test file for internal/api package.
2025-11-30 04:33:59 +00:00
rcourtman
b763ccc412 Add unit tests for HTTP metrics utility functions
83 test cases covering classifyStatus, isNumeric, looksLikeUUID,
normalizeSegment, and normalizeRoute functions used for Prometheus
metrics aggregation. Tests cover status code classification, numeric
string validation, UUID format detection, URL segment normalization,
and route path normalization with query param stripping.
2025-11-30 02:48:05 +00:00
rcourtman
04c12414d2 Add unit tests for diagnostics utility functions
Test coverage for 9 pure functions in internal/api/diagnostics.go:
- isFallbackMemorySource: 13 cases covering fallback and non-fallback sources
- copyStringSlice: 4 cases including nil handling and copy verification
- normalizeHostForComparison: 16 cases for URL normalization
- normalizeVersionLabel: 11 cases for version prefix handling
- contains: 8 cases for string slice membership
- containsFold: 11 cases for case-insensitive matching
- interfaceToStringSlice: 9 cases for type conversion
- preferredDockerHostName: 5 cases for name preference hierarchy
- formatTimeMaybe: 3 cases for time formatting
2025-11-30 00:18:41 +00:00
rcourtman
1b3effcb10 Fix redactSecretsFromURL matching params with prefixed names
The function was using substring matching for sensitive param names,
causing parameters like "extra_token" or "myapikey" to be incorrectly
redacted when they matched "token=" or "apikey=" as substrings.

Now checks for proper boundary characters (? or &) before matching,
so only actual parameter names are redacted.

Related to ADA knowledge entry: "Query param redaction uses substring matching"
2025-11-29 22:03:15 +00:00
rcourtman
46f90e1585 Show CPU core count on EnhancedCPUBar progress bar 2025-11-29 21:47:22 +00:00
rcourtman
a5fea152e8 Add unit tests for HandleLookup hostname matching
Tests cover the hostname lookup paths in HandleLookup:
- Exact hostname match (case-insensitive)
- DisplayName match (case-insensitive)
- Short hostname match (before first dot)
- Priority of exact over short match
- Sorted iteration order behavior
- Not-found cases

12 test cases covering all hostname matching code paths.
2025-11-29 20:20:15 +00:00
rcourtman
7704a18e52 ADA: Add unit tests for isDirectLoopbackRequest 2025-11-29 20:07:59 +00:00
rcourtman
277ec7e9da ADA: Add unit tests for validateSystemSettings 2025-11-29 19:08:58 +00:00
rcourtman
ce47e8ca9d ADA: Add unit tests for sanitizeInstallerURL and sanitizeSetupAuthToken
Add comprehensive test coverage for security-critical URL and token
sanitization functions in config_handlers.go. These functions protect
the setup script endpoint from injection attacks.

TestSanitizeInstallerURL (23 cases): empty/whitespace handling, valid
http/https URLs, fragment stripping, query preservation, control character
rejection, invalid scheme rejection (ftp/file/javascript/data), and
missing host validation.

TestSanitizeSetupAuthToken (19 cases): empty/whitespace handling, valid
hex tokens of various lengths (32-128 chars), mixed case hex, control
character rejection, non-hex character rejection, and length validation.
2025-11-29 18:35:27 +00:00
rcourtman
fce4168f82 ADA: Add unit tests for validateBcryptHash helper function
Tests cover valid bcrypt hash formats ($2a$, $2b$, $2y$), truncated/too-long
hashes, empty input, and invalid prefixes (md5-style, $2x$, no prefix).
2025-11-29 18:06:19 +00:00
rcourtman
9647313570 ADA: Fix redactSecretsFromURL bug and add unit tests
The Telegram bot token redaction had an off-by-one bug: it searched for
the next "/" starting from the "/bot" position, which found the "/" in
"/bot" itself (offset 0) instead of the next "/" after the token.

Result: tokens were not properly redacted and the URL got corrupted with
duplicated path segments, potentially leaking secrets to logs/API responses.

Fix: search from idx+4 (after "/bot") and handle edge cases where there's
no trailing slash (token at end of URL or before query string).

Added 20 comprehensive test cases covering:
- No secrets (passthrough)
- Telegram bot tokens (various patterns)
- Query parameter secrets (token, apikey, api_key, key, secret, password)
- Multiple parameters and edge cases
2025-11-29 17:36:32 +00:00
rcourtman
f4cfe96943 ADA: Add normalizeCommandStatus helper with unit tests
Extract command status normalization logic from HandleCommandAck into
a dedicated helper function. This improves testability and makes the
status alias handling explicit and documented.

The function accepts client-provided status strings and maps them to
internal status constants:
- acknowledged: "", "ack", "acknowledged"
- completed: "success", "completed", "complete"
- failed: "fail", "failed", "error"

Adds 25 table-driven test cases covering all aliases, case insensitivity,
whitespace handling, and invalid inputs.
2025-11-29 17:06:18 +00:00
rcourtman
8afc4d0c6c Fix hideLocalLogin toggle persistence and login page UI
- Add hideLocalLogin handler in HandleUpdateSystemSettings() so the
  toggle setting is saved to system.json
- Conditionally hide "or" divider and admin credentials message when
  local login is hidden

Related to #750
2025-11-28 09:05:41 +00:00
rcourtman
67b60adb65 style: fix revive linter warnings
- Mark unused stub parameters with underscore
- Rename 'copy' variable to avoid shadowing builtin
- Remove unnecessary else blocks after return statements
2025-11-27 10:26:26 +00:00
rcourtman
1fb4a2c2c6 chore: remove deprecated build tags and use strings.ReplaceAll
- Remove redundant // +build directives (go:build is sufficient in Go 1.17+)
- Replace strings.Replace(..., -1) with strings.ReplaceAll
2025-11-27 10:16:08 +00:00
rcourtman
31927f71e9 fix: mark unused parameters to satisfy unparam linter
Mark intentionally unused parameters with underscore to:
- Silence unparam warnings for legitimate unused parameters
- Keep function signatures intact for API compatibility
- Remove unused req from serveChecksum helper
2025-11-27 10:12:48 +00:00
rcourtman
16603e8b4a fix: remove ineffectual assignments
- Fix loop variable reassignment in config_handlers.go
- Remove redundant boolean assignments in swarm.go
2025-11-27 09:48:29 +00:00
rcourtman
7dad9c7a17 style: fix additional staticcheck warnings
- Lowercase error messages (ST1005)
- Use context.Background() instead of nil (SA1012)
- Fix rand.Intn(1) which always returns 0 (SA4030)
- Remove unnecessary nil check before len() (S1009)
2025-11-27 09:21:11 +00:00
rcourtman
8a1ee3b05e style: fix staticcheck style warnings
- Merge variable declaration with assignment (S1021)
- Use unconditional strings.TrimPrefix (S1017)
- Remove unnecessary nil checks around range (S1031)
- Remove unnecessary fmt.Sprintf (S1039)
- Use copy() instead of manual loop (S1001)
- Use time.Until instead of t.Sub(time.Now()) (S1024)
- Use buf.String() instead of string(buf.Bytes()) (S1030)
2025-11-27 09:19:33 +00:00
rcourtman
4fd3bdbc04 chore: fix staticcheck U1000 unused code warnings
- Remove unused ipv6Regex from validation.go
- Suppress unused recordAlertFired/recordAlertResolved hooks (kept for future use)
- Remove unused apiLimiter rate limiter
- Remove unused stopOnce fields from csrf_store.go and session_store.go
- Remove unused lastBroadcast field from hub.go
- Remove unused lastUsedIndex field from cluster_client.go
2025-11-27 09:12:17 +00:00
rcourtman
4f25aa9ca1 chore: cleanup proxmox IsAuthError and remove stray comment
- Make IsAuthError unexported (isAuthError) since it's only used internally
- Remove stray '// test comment' from docker_metadata.go
2025-11-27 08:59:01 +00:00
rcourtman
93723d95c6 chore: remove unused API response types
Remove ChartData, Dataset, ConfigImportResponse, ConfigExportResponse,
InstallScriptResponse, ErrorResponse, and SuccessResponse types that
were defined but never used in the codebase.
2025-11-27 08:37:22 +00:00
rcourtman
4f6c24802c style: fix whitespace in middleware.go 2025-11-27 08:34:31 +00:00
rcourtman
c8e76a52b7 chore: remove unused store methods
Remove 121 lines of unused store methods:
- CSRFTokenStore: Stop, ExtendCSRFToken
- SessionStore: Stop, ExtendSession, GetSession
- RecoveryTokenStore: Stop, save, GetActiveTokenCount, ValidateRecoveryToken

These methods were part of a standard store pattern but never wired up
to the application lifecycle. The constant-time validation variant is
used instead of the timing-vulnerable ValidateRecoveryToken.
2025-11-27 08:31:50 +00:00
rcourtman
72b2444a6c chore: remove unused DockerMetadataHandler.Reload method 2025-11-27 05:14:56 +00:00
rcourtman
28aaecd74d chore: remove dead code and unused files
Remove 604 lines of unreachable code identified by deadcode analysis:
- internal/config/credentials.go: unused credential resolver
- internal/config/registration.go: unused registration config
- internal/monitoring/poller.go: unused channel-based polling (keep types)
- internal/api/middleware.go: unused TimeoutHandler, JSONHandler, NewAPIError, ValidationError
- internal/api/security.go: unused IsLockedOut, SecurityHeaders
- internal/api/auth.go: unused min helper
- internal/config/config.go: unused SaveConfig
- internal/config/client_helpers.go: unused CreatePBSConfigFromFields
- internal/logging/logging.go: unused NewRequestID
2025-11-27 00:05:04 +00:00
rcourtman
506484b072 chore: remove unused API types
Remove 261 lines of unused type definitions from types.go:
- NodeRequest, SettingsRequest (unused, actual impl in config_handlers.go)
- ConfigResponse, NodeConfig, SettingsConfig (unused)
- BackupResponse, BackupInfo, MetricsResponse, MetricData (unused)
- StorageResponse, StorageInfo, StorageTotals (unused)
- DiagnosticsResponse and related types (unused)
- SecurityStatusResponse, ExportRequest, ImportRequest (unused)
- NotificationTestRequest, UpdateCheckResponse (unused)
- WebSocketMessage, LoginRequest, LoginResponse (unused)
- TestConnectionResponse, NodeConnectionResponse (unused)
- DiscoveryResponse, DiscoveredServer (pkg/discovery has own types)
- AutoRegisterResponse (unused)
2025-11-26 23:51:41 +00:00
rcourtman
2fe7bb6141 style: fix gofmt formatting inconsistencies
Run gofmt -w to fix tab/space inconsistencies across 33 files.
2025-11-26 23:44:36 +00:00
courtmanr@gmail.com
c021dc6ca5 Enhance table responsiveness across multiple components 2025-11-26 17:57:09 +00:00
rcourtman
d07ad8fd3e fix: use correct script paths in unified agent handlers
The unified agent handlers were using r.config.AppRoot which pointed
to /app, but scripts are in /opt/pulse/scripts. Updated to match the
pattern used by other script handlers - check /opt/pulse/scripts first,
then fall back to project root for dev environment.

Also added no-cache headers to prevent stale scripts being served.
2025-11-26 10:05:43 +00:00
rcourtman
21c033c144 fix: remove references to deleted install-host-agent.sh script
The unified agent system replaced install-host-agent.sh with install.sh.
This commit updates all references:
- Dockerfile: removed COPY for deleted script
- router.go: serve install.sh at /install-host-agent.sh endpoint (backwards compatible)
- build-release.sh: removed copy of deleted script
- validate-release.sh: removed validation of deleted script
- install.sh: updated script list for bare-metal installs
2025-11-26 09:57:06 +00:00
rcourtman
e467523a61 feat: serve install scripts from GitHub releases instead of main branch
Scripts like install.sh and install-sensor-proxy.sh are now attached
as release assets and downloaded from releases/latest/download/ URLs.
This ensures users always get scripts compatible with their installed
version, even while development continues on main.

Changes:
- build-release.sh: copy install scripts to release directory
- create-release.yml: upload scripts as release assets
- Updated all documentation and code references to use release URLs
- Scripts reference each other via release URLs for consistency
2025-11-26 08:59:59 +00:00