ZDDC/zddc/internal/config/config_test.go

package config

import (
	"os"
	"path/filepath"
	"strings"
	"testing"
)

func TestIsLoopbackAddr(t *testing.T) {
	cases := []struct {
		addr string
		want bool
	}{
		{"127.0.0.1:8080", true},
		{"localhost:8080", true},
		{"[::1]:8080", true},
		{"127.0.0.5:80", true}, // any 127/8 is loopback
		{"0.0.0.0:8080", false},
		{":8443", false}, // bare port = all interfaces
		{"10.0.0.1:80", false},
		{"example.com:443", false},
		{"[2001:db8::1]:80", false},
		{"", false},
		{"not-an-addr", false}, // SplitHostPort fails
	}
	for _, tc := range cases {
		t.Run(tc.addr, func(t *testing.T) {
			if got := isLoopbackAddr(tc.addr); got != tc.want {
				t.Errorf("isLoopbackAddr(%q) = %v, want %v", tc.addr, got, tc.want)
			}
		})
	}
}

func TestLoad(t *testing.T) {
	root := t.TempDir()

	// Pre-set the env so each subtest can override what it needs.
	type envSet map[string]string
	clearAll := func() {
		for _, k := range []string{"ZDDC_ROOT", "ZDDC_ADDR", "ZDDC_TLS_CERT", "ZDDC_TLS_KEY", "ZDDC_INSECURE_DIRECT", "ZDDC_LOG_LEVEL", "ZDDC_INDEX_PATH", "ZDDC_EMAIL_HEADER", "ZDDC_CORS_ORIGIN"} {
			os.Unsetenv(k)
		}
	}
	apply := func(env envSet) {
		clearAll()
		for k, v := range env {
			os.Setenv(k, v)
		}
	}

	cases := []struct {
		name        string
		env         envSet
		wantErr     bool
		errContains string
		check       func(*testing.T, Config)
	}{
		{
			name: "missing root",
			env:  envSet{},
			// ZDDC_ROOT not set
			wantErr:     true,
			errContains: "ZDDC_ROOT",
		},
		{
			name:        "root not a directory",
			env:         envSet{"ZDDC_ROOT": filepath.Join(root, "does-not-exist")},
			wantErr:     true,
			errContains: "not accessible",
		},
		{
			name: "defaults applied with TLS self-signed",
			env:  envSet{"ZDDC_ROOT": root},
			check: func(t *testing.T, cfg Config) {
				if cfg.Addr != ":8443" {
					t.Errorf("Addr = %q, want :8443", cfg.Addr)
				}
				if cfg.TLSMode != "selfsigned" {
					t.Errorf("TLSMode = %q, want selfsigned", cfg.TLSMode)
				}
				if cfg.IndexPath != ".archive" {
					t.Errorf("IndexPath = %q, want .archive", cfg.IndexPath)
				}
				if cfg.EmailHeader != "X-Auth-Request-Email" {
					t.Errorf("EmailHeader = %q, want X-Auth-Request-Email", cfg.EmailHeader)
				}
				if len(cfg.CORSOrigins) != 1 || cfg.CORSOrigins[0] != "https://zddc.varasys.io" {
					t.Errorf("CORSOrigins = %v, want [https://zddc.varasys.io]", cfg.CORSOrigins)
				}
			},
		},
		{
			name: "CORS single origin override",
			env: envSet{
				"ZDDC_ROOT":        root,
				"ZDDC_CORS_ORIGIN": "https://tools.acme.com",
			},
			check: func(t *testing.T, cfg Config) {
				if len(cfg.CORSOrigins) != 1 || cfg.CORSOrigins[0] != "https://tools.acme.com" {
					t.Errorf("CORSOrigins = %v, want [https://tools.acme.com]", cfg.CORSOrigins)
				}
			},
		},
		{
			name: "CORS multi-origin allowlist",
			env: envSet{
				"ZDDC_ROOT":        root,
				"ZDDC_CORS_ORIGIN": "https://a.example, https://b.example ,https://c.example",
			},
			check: func(t *testing.T, cfg Config) {
				want := []string{"https://a.example", "https://b.example", "https://c.example"}
				if len(cfg.CORSOrigins) != len(want) {
					t.Fatalf("CORSOrigins = %v, want %v", cfg.CORSOrigins, want)
				}
				for i, w := range want {
					if cfg.CORSOrigins[i] != w {
						t.Errorf("CORSOrigins[%d] = %q, want %q", i, cfg.CORSOrigins[i], w)
					}
				}
			},
		},
		{
			name: "CORS disabled with empty value",
			env: envSet{
				"ZDDC_ROOT":        root,
				"ZDDC_CORS_ORIGIN": "",
			},
			check: func(t *testing.T, cfg Config) {
				if len(cfg.CORSOrigins) != 0 {
					t.Errorf("CORSOrigins = %v, want empty (CORS disabled)", cfg.CORSOrigins)
				}
			},
		},
		{
			name: "TLS provided requires both cert and key",
			env: envSet{
				"ZDDC_ROOT":     root,
				"ZDDC_TLS_CERT": "/some/cert.pem",
				// missing key
			},
			wantErr:     true,
			errContains: "both be set or both be empty",
		},
		{
			name: "plain HTTP on all interfaces without insecure flag is rejected",
			env: envSet{
				"ZDDC_ROOT":     root,
				"ZDDC_TLS_CERT": "none",
				"ZDDC_ADDR":     ":8080",
			},
			wantErr:     true,
			errContains: "ZDDC_INSECURE_DIRECT",
		},
		{
			name: "plain HTTP on 0.0.0.0 without insecure flag is rejected",
			env: envSet{
				"ZDDC_ROOT":     root,
				"ZDDC_TLS_CERT": "none",
				"ZDDC_ADDR":     "0.0.0.0:8080",
			},
			wantErr:     true,
			errContains: "ZDDC_INSECURE_DIRECT",
		},
		{
			name: "plain HTTP on loopback is allowed",
			env: envSet{
				"ZDDC_ROOT":     root,
				"ZDDC_TLS_CERT": "none",
				"ZDDC_ADDR":     "127.0.0.1:8080",
			},
			check: func(t *testing.T, cfg Config) {
				if cfg.TLSMode != "none" {
					t.Errorf("TLSMode = %q, want none", cfg.TLSMode)
				}
			},
		},
		{
			name: "plain HTTP on non-loopback with explicit opt-in is allowed",
			env: envSet{
				"ZDDC_ROOT":            root,
				"ZDDC_TLS_CERT":        "none",
				"ZDDC_ADDR":            ":8080",
				"ZDDC_INSECURE_DIRECT": "1",
			},
			check: func(t *testing.T, cfg Config) {
				if cfg.TLSMode != "none" {
					t.Errorf("TLSMode = %q, want none", cfg.TLSMode)
				}
			},
		},
		{
			name: "ZDDC_INSECURE_DIRECT set to non-1 is not opt-in",
			env: envSet{
				"ZDDC_ROOT":            root,
				"ZDDC_TLS_CERT":        "none",
				"ZDDC_ADDR":            ":8080",
				"ZDDC_INSECURE_DIRECT": "true", // must be exactly "1"
			},
			wantErr:     true,
			errContains: "ZDDC_INSECURE_DIRECT",
		},
	}

	for _, tc := range cases {
		t.Run(tc.name, func(t *testing.T) {
			apply(tc.env)
			defer clearAll()

			cfg, err := Load()
			if tc.wantErr {
				if err == nil {
					t.Fatalf("Load() = nil error, want error containing %q", tc.errContains)
				}
				if tc.errContains != "" && !strings.Contains(err.Error(), tc.errContains) {
					t.Errorf("Load() error = %v, want substring %q", err, tc.errContains)
				}
				return
			}
			if err != nil {
				t.Fatalf("Load() unexpected error: %v", err)
			}
			if tc.check != nil {
				tc.check(t, cfg)
			}
		})
	}
}