molecule-ai/molecule-core
35
0
Fork 2
Code Issues 16 Pull Requests 2 Actions 49 Packages Projects Releases Wiki Activity

chore(test): remove dead constants from wsauth_middleware_test.go (#358)

Browse Source 
PR #357 deleted the grace-period tests that used hasLiveTokenQuery and
workspaceExistsQuery, but the constants themselves (and the stale comment
describing the old HasAnyLiveToken-based dispatch) were not removed.

Remove both dead const declarations and update the header comment to
reflect the strict-enforcement contract introduced by #357.

Closes #358.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
PM Bot 2026-04-16 05:02:11 +00:00
parent d09e72c5fd
commit 409a249ca6
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
platform/internal/middleware/wsauth_middleware_test.go
View File

@ -14,14 +14,11 @@ import (
// WorkspaceAuth middleware tests (covers findings C4, C8 and the full
// per-workspace bearer-token contract).
//
// WorkspaceAuth calls wsauth.HasAnyLiveToken to decide whether to enforce:
// - 0 live tokens → fail-open (bootstrap / rolling upgrade)
// - ≥1 live token → Authorization: Bearer <token> required and validated
// Since PR #357 (#351 fix) the middleware enforces strictly: every request
// under /workspaces/:id/* must carry a valid bearer token — no fail-open,
// no grace period, no existence check.
// ────────────────────────────────────────────────────────────────────────────
// hasLiveTokenQuery is the SQL fragment matched by sqlmock for HasAnyLiveToken.
const hasLiveTokenQuery = "SELECT COUNT.*FROM workspace_auth_tokens.*workspace_id"
// hasAnyLiveTokenGlobalQuery is matched for HasAnyLiveTokenGlobal.
const hasAnyLiveTokenGlobalQuery = "SELECT COUNT.*FROM workspace_auth_tokens"
@ -44,10 +41,6 @@ func newWorkspaceAuthRouter(db sqlmock.Sqlmock, realDB interface{ Close() error
return r
}
// workspaceExistsQuery is matched by sqlmock for wsauth.WorkspaceExists.
// Matches the SELECT EXISTS(SELECT 1 FROM workspaces WHERE id = $1) query.
const workspaceExistsQuery = "SELECT EXISTS.*FROM workspaces WHERE id"
// TestWorkspaceAuth_351_NoBearer_Returns401 — strict contract: every request
// under /workspaces/:id/* must carry a valid bearer, period. No fail-open,
// no grace period, no existence check. The middleware goes straight to