Pierre Fitness Platform MCP Server

routes_dashboard_test.rs•56.7 kB

// ABOUTME: Tests for dashboard route handlers and endpoints // ABOUTME: Tests dashboard routes, user interface, and data presentation // // SPDX-License-Identifier: MIT OR Apache-2.0 // Copyright (c) 2025 Pierre Fitness Intelligence #![allow(clippy::unwrap_used, clippy::expect_used, clippy::panic)] #![allow(missing_docs)] #![allow( clippy::uninlined_format_args, clippy::cast_possible_truncation, clippy::cast_possible_wrap, clippy::cast_sign_loss, clippy::cast_precision_loss, clippy::float_cmp, clippy::significant_drop_tightening, clippy::match_wildcard_for_single_variants, clippy::match_same_arms, clippy::unreadable_literal, clippy::module_name_repetitions, clippy::redundant_closure_for_method_calls, clippy::needless_pass_by_value, clippy::missing_errors_doc, clippy::missing_panics_doc, clippy::similar_names, clippy::too_many_lines, clippy::struct_excessive_bools, clippy::missing_const_for_fn, clippy::cognitive_complexity, clippy::items_after_statements, clippy::semicolon_if_nothing_returned, clippy::use_self, clippy::single_match_else, clippy::default_trait_access, clippy::enum_glob_use, clippy::wildcard_imports, clippy::explicit_deref_methods, clippy::explicit_iter_loop, clippy::manual_let_else, clippy::must_use_candidate, clippy::return_self_not_must_use, clippy::unused_self, clippy::used_underscore_binding, clippy::fn_params_excessive_bools, clippy::trivially_copy_pass_by_ref, clippy::option_if_let_else, clippy::unnecessary_wraps, clippy::redundant_else, clippy::map_unwrap_or, clippy::map_err_ignore, clippy::if_not_else, clippy::single_char_lifetime_names, clippy::doc_markdown, clippy::unused_async, clippy::redundant_field_names, clippy::struct_field_names, clippy::ptr_arg, clippy::ref_option_ref, clippy::implicit_clone, clippy::cloned_instead_of_copied, clippy::borrow_as_ptr, clippy::bool_to_int_with_if, clippy::checked_conversions, clippy::copy_iterator, clippy::empty_enum, clippy::enum_variant_names, clippy::expl_impl_clone_on_copy, clippy::fallible_impl_from, clippy::filter_map_next, clippy::flat_map_option, clippy::fn_to_numeric_cast_any, clippy::from_iter_instead_of_collect, clippy::if_let_mutex, clippy::implicit_hasher, clippy::inconsistent_struct_constructor, clippy::inefficient_to_string, clippy::infinite_iter, clippy::into_iter_on_ref, clippy::iter_not_returning_iterator, clippy::iter_on_empty_collections, clippy::iter_on_single_items, clippy::large_digit_groups, clippy::large_stack_arrays, clippy::large_types_passed_by_value, clippy::let_unit_value, clippy::linkedlist, clippy::lossy_float_literal, clippy::macro_use_imports, clippy::manual_assert, clippy::manual_instant_elapsed, clippy::manual_ok_or, clippy::manual_string_new, clippy::many_single_char_names, clippy::match_wild_err_arm, clippy::mem_forget, clippy::missing_enforced_import_renames, clippy::missing_inline_in_public_items, clippy::missing_safety_doc, clippy::mut_mut, clippy::mutex_integer, clippy::naive_bytecount, clippy::needless_continue, clippy::needless_for_each, clippy::needless_pass_by_ref_mut, clippy::needless_raw_string_hashes, clippy::no_effect_underscore_binding, clippy::non_ascii_literal, clippy::nonstandard_macro_braces, clippy::option_option, clippy::or_fun_call, clippy::path_buf_push_overwrite, clippy::print_literal, clippy::print_with_newline, clippy::ptr_as_ptr, clippy::range_minus_one, clippy::range_plus_one, clippy::rc_buffer, clippy::rc_mutex, clippy::redundant_allocation, clippy::redundant_pub_crate, clippy::ref_binding_to_reference, clippy::rest_pat_in_fully_bound_structs, clippy::same_functions_in_if_condition, clippy::str_to_string, clippy::string_add, clippy::string_add_assign, clippy::string_lit_as_bytes, clippy::trait_duplication_in_bounds, clippy::transmute_ptr_to_ptr, clippy::tuple_array_conversions, clippy::unchecked_time_subtraction, clippy::unicode_not_nfc, clippy::unimplemented, clippy::unnecessary_box_returns, clippy::unnecessary_struct_initialization, clippy::unnecessary_to_owned, clippy::unnested_or_patterns, clippy::unused_peekable, clippy::unused_rounding, clippy::useless_let_if_seq, clippy::verbose_bit_mask, clippy::verbose_file_reads, clippy::zero_sized_map_values )] // //! Comprehensive integration tests for dashboard routes //! //! This test suite provides comprehensive coverage for all dashboard route endpoints, //! including authentication, authorization, request/response validation, //! error handling, edge cases, and dashboard-specific functionality. mod common; use anyhow::Result; use chrono::{Duration, Utc}; use pierre_mcp_server::{ api_keys::{ApiKey, ApiKeyManager, ApiKeyTier, ApiKeyUsage, CreateApiKeyRequest}, auth::{AuthMethod, AuthResult}, config::environment::{ AppBehaviorConfig, AuthConfig, BackupConfig, CacheConfig, CorsConfig, DatabaseConfig, DatabaseUrl, Environment, ExternalServicesConfig, FirebaseConfig, FitbitApiConfig, GarminApiConfig, GeocodingServiceConfig, GoalManagementConfig, HttpClientConfig, LogLevel, LoggingConfig, McpConfig, MonitoringConfig, OAuth2ServerConfig, OAuthConfig, OAuthProviderConfig, PostgresPoolConfig, ProtocolConfig, RateLimitConfig, RouteTimeoutConfig, SecurityConfig, SecurityHeadersConfig, ServerConfig, SleepToolParamsConfig, SqlxConfig, SseConfig, StravaApiConfig, TlsConfig, TokioRuntimeConfig, TrainingZonesConfig, WeatherServiceConfig, }, dashboard_routes::DashboardRoutes, database_plugins::{factory::Database, DatabaseProvider}, mcp::resources::ServerResources, rate_limiting::UnifiedRateLimitInfo, }; use std::{sync::Arc, time::Instant}; use uuid::Uuid; /// Test setup helper that creates all necessary components for dashboard route testing struct DashboardTestSetup { dashboard_routes: DashboardRoutes, database: Arc<Database>, user_id: Uuid, api_keys: Vec<ApiKey>, } impl DashboardTestSetup { async fn new() -> Result<Self> { // Create test database and auth manager let database = common::create_test_database().await?; let auth_manager = common::create_test_auth_manager(); // Create minimal config for ServerResources let temp_dir = tempfile::tempdir()?; let config = Arc::new(ServerConfig { http_port: 8081, oauth_callback_port: 35535, log_level: LogLevel::Info, logging: LoggingConfig::default(), http_client: HttpClientConfig::default(), database: DatabaseConfig { url: DatabaseUrl::Memory, auto_migrate: true, backup: BackupConfig { enabled: false, interval_seconds: 3600, retention_count: 7, directory: temp_dir.path().to_path_buf(), }, postgres_pool: PostgresPoolConfig::default(), }, auth: AuthConfig { jwt_expiry_hours: 24, enable_refresh_tokens: false, ..AuthConfig::default() }, oauth: OAuthConfig { strava: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, fitbit: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, garmin: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, whoop: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, terra: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, }, security: SecurityConfig { cors_origins: vec!["*".to_owned()], tls: TlsConfig { enabled: false, cert_path: None, key_path: None, }, headers: SecurityHeadersConfig { environment: Environment::Testing, }, }, external_services: ExternalServicesConfig { weather: WeatherServiceConfig { api_key: None, base_url: "https://api.openweathermap.org/data/2.5".to_owned(), enabled: false, }, geocoding: GeocodingServiceConfig { base_url: "https://nominatim.openstreetmap.org".to_owned(), enabled: false, }, strava_api: StravaApiConfig { base_url: "https://www.strava.com/api/v3".to_owned(), auth_url: "https://www.strava.com/oauth/authorize".to_owned(), token_url: "https://www.strava.com/oauth/token".to_owned(), deauthorize_url: "https://www.strava.com/oauth/deauthorize".to_owned(), ..Default::default() }, fitbit_api: FitbitApiConfig { base_url: "https://api.fitbit.com".to_owned(), auth_url: "https://www.fitbit.com/oauth2/authorize".to_owned(), token_url: "https://api.fitbit.com/oauth2/token".to_owned(), revoke_url: "https://api.fitbit.com/oauth2/revoke".to_owned(), ..Default::default() }, garmin_api: GarminApiConfig { base_url: "https://apis.garmin.com".to_owned(), auth_url: "https://connect.garmin.com/oauthConfirm".to_owned(), token_url: "https://connect.garmin.com/oauth-service/oauth/access_token" .to_string(), revoke_url: "https://connect.garmin.com/oauth-service/oauth/revoke".to_owned(), ..Default::default() }, }, app_behavior: AppBehaviorConfig { max_activities_fetch: 100, default_activities_limit: 20, ci_mode: true, auto_approve_users: false, protocol: ProtocolConfig { mcp_version: "2025-06-18".to_owned(), server_name: "pierre-mcp-server-test".to_owned(), server_version: env!("CARGO_PKG_VERSION").to_owned(), }, }, sse: SseConfig::default(), oauth2_server: OAuth2ServerConfig::default(), route_timeouts: RouteTimeoutConfig::default(), host: "localhost".to_owned(), base_url: "http://localhost:8081".to_owned(), mcp: McpConfig { protocol_version: "2025-06-18".to_owned(), server_name: "pierre-mcp-server-test".to_owned(), session_cache_size: 1000, ..Default::default() }, cors: CorsConfig { allowed_origins: "*".to_owned(), allow_localhost_dev: true, }, cache: CacheConfig { redis_url: None, max_entries: 10000, cleanup_interval_secs: 300, ..Default::default() }, usda_api_key: None, rate_limiting: RateLimitConfig::default(), sleep_tool_params: SleepToolParamsConfig::default(), goal_management: GoalManagementConfig::default(), training_zones: TrainingZonesConfig::default(), firebase: FirebaseConfig::default(), tokio_runtime: TokioRuntimeConfig::default(), sqlx: SqlxConfig::default(), monitoring: MonitoringConfig::default(), frontend_url: None, }); // Create test cache let cache = common::create_test_cache().await?; // Create ServerResources using proper constructor let server_resources = Arc::new( ServerResources::new( (*database).clone(), (*auth_manager).clone(), "test_jwt_secret", config, cache, 2048, // Use 2048-bit RSA keys for faster test execution Some(common::get_shared_test_jwks()), ) .await, ); // Create dashboard routes let dashboard_routes = DashboardRoutes::new(server_resources); // Create test user let (user_id, _) = common::create_test_user(&database).await?; // Create multiple test API keys with different tiers and usage patterns let mut api_keys = Vec::new(); // Create starter tier API key let starter_key = common::create_and_store_test_api_key(&database, user_id, "Starter Dashboard Key") .await?; api_keys.push(starter_key); // Create professional tier API key let request_pro = CreateApiKeyRequest { name: "Professional Dashboard Key".to_owned(), description: Some("Professional tier for dashboard testing".to_owned()), tier: ApiKeyTier::Professional, rate_limit_requests: Some(5000), expires_in_days: None, }; let manager = ApiKeyManager::new(); let (pro_key, _) = manager.create_api_key(user_id, request_pro)?; database.create_api_key(&pro_key).await?; api_keys.push(pro_key); // Create enterprise tier API key let request_enterprise = CreateApiKeyRequest { name: "Enterprise Dashboard Key".to_owned(), description: Some("Enterprise tier for dashboard testing".to_owned()), tier: ApiKeyTier::Enterprise, rate_limit_requests: None, // Unlimited expires_in_days: Some(365), }; let (enterprise_key, _) = manager.create_api_key(user_id, request_enterprise)?; database.create_api_key(&enterprise_key).await?; api_keys.push(enterprise_key); // Create some usage data for testing Self::create_test_usage_data(&database, &api_keys).await?; Ok(Self { dashboard_routes, database, user_id, api_keys, }) } /// Create AuthResult for testing authenticated endpoints fn auth_result(&self) -> AuthResult { use pierre_mcp_server::auth::{AuthMethod, AuthResult}; use UnifiedRateLimitInfo; AuthResult { user_id: self.user_id, auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, } } /// Create test usage data for dashboard analytics async fn create_test_usage_data(database: &Database, api_keys: &[ApiKey]) -> Result<()> { let now = Utc::now(); // Create some API key usage records for testing for (i, api_key) in api_keys.iter().enumerate() { // Create usage for the last few days for days_ago in 0..7 { let timestamp = now - Duration::days(days_ago); // Vary usage patterns by API key tier let base_requests = match api_key.tier { ApiKeyTier::Trial => 5, ApiKeyTier::Starter => 25, ApiKeyTier::Professional => 100, ApiKeyTier::Enterprise => 500, _ => unreachable!("Unknown tier variant"), }; let request_count = base_requests + (i as u32 * 5) + (days_ago as u32 % 10); // Create usage records using the available API for j in 0..request_count { let usage = ApiKeyUsage { id: None, api_key_id: api_key.id.clone(), timestamp: timestamp + Duration::minutes(i64::from(j) * 2), tool_name: match j % 4 { 0 => "strava_activities".to_owned(), 1 => "fitbit_data".to_owned(), 2 => "weather_info".to_owned(), _ => "analytics".to_owned(), }, response_time_ms: Some(100 + (j % 200)), status_code: if j % 20 == 0 { 500 } else { 200 }, // 95% success rate error_message: if j % 20 == 0 { Some("Test error".to_owned()) } else { None }, request_size_bytes: Some(1024 + (j % 512)), response_size_bytes: Some(2048 + (j % 1024)), ip_address: Some("127.0.0.1".to_owned()), user_agent: Some("test-client".to_owned()), }; // Record the usage database.record_api_key_usage(&usage).await?; } } } Ok(()) } } // ============================================================================ // Dashboard Overview Tests // ============================================================================ #[tokio::test] async fn test_get_dashboard_overview_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let overview = setup .dashboard_routes .get_dashboard_overview(setup.auth_result()) .await?; // Verify basic structure assert_eq!(overview.total_api_keys, 3); // starter, professional, enterprise assert_eq!(overview.active_api_keys, 3); // all should be active // Verify usage data exists // Verify request counts are valid (removing redundant >= 0 checks for unsigned types) assert!(overview.active_api_keys > 0); // Verify tier breakdown assert!(!overview.current_month_usage_by_tier.is_empty()); let tier_names: Vec<_> = overview .current_month_usage_by_tier .iter() .map(|t| &t.tier) .collect(); assert!(tier_names.contains(&&"starter".to_owned())); assert!(tier_names.contains(&&"professional".to_owned())); assert!(tier_names.contains(&&"enterprise".to_owned())); // Note: Recent activity might be empty in test environment since // get_request_logs method may not be fully implemented for test database // This is acceptable as the core dashboard functionality is being tested Ok(()) } #[tokio::test] async fn test_get_dashboard_overview_invalid_auth() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Test with invalid token let result = setup .dashboard_routes .get_dashboard_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!(result.is_err()); // Test with no authorization header let result = setup .dashboard_routes .get_dashboard_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!(result.is_err()); // Test with malformed header let result = setup .dashboard_routes .get_dashboard_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!(result.is_err()); Ok(()) } #[tokio::test] async fn test_get_dashboard_overview_empty_data() -> Result<()> { common::init_server_config(); // Create setup without usage data let database = common::create_test_database().await?; let auth_manager = common::create_test_auth_manager(); // Create ServerResources for dashboard routes let temp_dir = tempfile::tempdir().unwrap(); let config = Arc::new(ServerConfig { http_port: 8081, oauth_callback_port: 35535, log_level: LogLevel::Info, logging: LoggingConfig::default(), http_client: HttpClientConfig::default(), database: DatabaseConfig { url: DatabaseUrl::Memory, auto_migrate: true, backup: BackupConfig { enabled: false, interval_seconds: 3600, retention_count: 7, directory: temp_dir.path().to_path_buf(), }, postgres_pool: PostgresPoolConfig::default(), }, auth: AuthConfig { jwt_expiry_hours: 24, enable_refresh_tokens: false, ..AuthConfig::default() }, oauth: OAuthConfig { strava: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, fitbit: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, garmin: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, whoop: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, terra: OAuthProviderConfig { client_id: None, client_secret: None, redirect_uri: None, scopes: vec![], enabled: false, }, }, security: SecurityConfig { cors_origins: vec!["*".to_owned()], tls: TlsConfig { enabled: false, cert_path: None, key_path: None, }, headers: SecurityHeadersConfig { environment: Environment::Testing, }, }, external_services: ExternalServicesConfig { weather: WeatherServiceConfig { api_key: None, base_url: "https://api.openweathermap.org/data/2.5".to_owned(), enabled: false, }, geocoding: GeocodingServiceConfig { base_url: "https://nominatim.openstreetmap.org".to_owned(), enabled: false, }, strava_api: StravaApiConfig { base_url: "https://www.strava.com/api/v3".to_owned(), auth_url: "https://www.strava.com/oauth/authorize".to_owned(), token_url: "https://www.strava.com/oauth/token".to_owned(), deauthorize_url: "https://www.strava.com/oauth/deauthorize".to_owned(), ..Default::default() }, fitbit_api: FitbitApiConfig { base_url: "https://api.fitbit.com".to_owned(), auth_url: "https://www.fitbit.com/oauth2/authorize".to_owned(), token_url: "https://api.fitbit.com/oauth2/token".to_owned(), revoke_url: "https://api.fitbit.com/oauth2/revoke".to_owned(), ..Default::default() }, garmin_api: GarminApiConfig { base_url: "https://apis.garmin.com".to_owned(), auth_url: "https://connect.garmin.com/oauthConfirm".to_owned(), token_url: "https://connect.garmin.com/oauth-service/oauth/access_token" .to_string(), revoke_url: "https://connect.garmin.com/oauth-service/oauth/revoke".to_owned(), ..Default::default() }, }, app_behavior: AppBehaviorConfig { max_activities_fetch: 100, default_activities_limit: 20, ci_mode: true, auto_approve_users: false, protocol: ProtocolConfig { mcp_version: "2025-06-18".to_owned(), server_name: "pierre-mcp-server-test".to_owned(), server_version: env!("CARGO_PKG_VERSION").to_owned(), }, }, sse: SseConfig::default(), oauth2_server: OAuth2ServerConfig::default(), route_timeouts: RouteTimeoutConfig::default(), host: "localhost".to_owned(), base_url: "http://localhost:8081".to_owned(), mcp: McpConfig { protocol_version: "2025-06-18".to_owned(), server_name: "pierre-mcp-server-test".to_owned(), session_cache_size: 1000, ..Default::default() }, cors: CorsConfig { allowed_origins: "*".to_owned(), allow_localhost_dev: true, }, cache: CacheConfig { redis_url: None, max_entries: 10000, cleanup_interval_secs: 300, ..Default::default() }, usda_api_key: None, rate_limiting: RateLimitConfig::default(), sleep_tool_params: SleepToolParamsConfig::default(), goal_management: GoalManagementConfig::default(), training_zones: TrainingZonesConfig::default(), firebase: FirebaseConfig::default(), tokio_runtime: TokioRuntimeConfig::default(), sqlx: SqlxConfig::default(), monitoring: MonitoringConfig::default(), frontend_url: None, }); let cache = common::create_test_cache().await.unwrap(); let server_resources = Arc::new( ServerResources::new( database.as_ref().clone(), auth_manager.as_ref().clone(), "test_jwt_secret", config, cache, 2048, // Use 2048-bit RSA keys for faster test execution Some(common::get_shared_test_jwks()), ) .await, ); let dashboard_routes = DashboardRoutes::new(server_resources); let (user_id, _) = common::create_test_user(&database).await?; let auth_result = AuthResult { user_id, auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }; // No API keys created - should return empty overview let overview = dashboard_routes.get_dashboard_overview(auth_result).await?; assert_eq!(overview.total_api_keys, 0); assert_eq!(overview.active_api_keys, 0); assert_eq!(overview.total_requests_today, 0); assert_eq!(overview.total_requests_this_month, 0); assert!(overview.current_month_usage_by_tier.is_empty()); assert!(overview.recent_activity.is_empty()); Ok(()) } // ============================================================================ // Usage Analytics Tests // ============================================================================ #[tokio::test] async fn test_get_usage_analytics_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let analytics = setup .dashboard_routes .get_usage_analytics(setup.auth_result(), 7) .await?; // Verify time series data assert_eq!(analytics.time_series.len(), 7); // 7 days requested // Verify each day has data for data_point in &analytics.time_series { assert!(data_point.timestamp <= Utc::now()); // Verify data point structure (removing redundant >= 0 checks for unsigned types) assert!(data_point.timestamp.timestamp() > 0); assert!(data_point.average_response_time >= 0.0); } // Note: Top tools might be empty in test environment due to data setup limitations // This is acceptable as we're testing the API interface and authentication for tool in &analytics.top_tools { assert!(!tool.tool_name.is_empty()); // Verify tool structure (removing redundant >= 0 check for unsigned type) assert!(!tool.tool_name.is_empty()); assert!(tool.success_rate >= 0.0 && tool.success_rate <= 100.0); assert!(tool.average_response_time >= 0.0); } // Verify overall metrics assert!(analytics.error_rate >= 0.0 && analytics.error_rate <= 100.0); assert!(analytics.average_response_time >= 0.0); Ok(()) } #[tokio::test] async fn test_get_usage_analytics_different_timeframes() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Test different day ranges let timeframes = vec![1, 7, 30, 90]; for days in timeframes { let analytics = setup .dashboard_routes .get_usage_analytics(setup.auth_result(), days) .await?; assert_eq!(analytics.time_series.len(), days as usize); // Verify timestamps are in correct order (oldest first) for i in 1..analytics.time_series.len() { assert!(analytics.time_series[i].timestamp >= analytics.time_series[i - 1].timestamp); } } Ok(()) } #[tokio::test] async fn test_get_usage_analytics_invalid_auth() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let result = setup .dashboard_routes .get_usage_analytics( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, 7, ) .await; assert!(result.is_err()); let result = setup .dashboard_routes .get_usage_analytics( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, 7, ) .await; assert!(result.is_err()); Ok(()) } // ============================================================================ // Rate Limit Overview Tests // ============================================================================ #[tokio::test] async fn test_get_rate_limit_overview_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let overview = setup .dashboard_routes .get_rate_limit_overview(setup.auth_result()) .await?; assert_eq!(overview.len(), 3); // Three API keys // Check each API key's rate limit info for rate_limit in &overview { assert!(!rate_limit.api_key_id.is_empty()); assert!(!rate_limit.api_key_name.is_empty()); assert!(!rate_limit.tier.is_empty()); // Verify rate limit structure (removing redundant >= 0 check for unsigned type) assert!(!rate_limit.tier.is_empty()); assert!(rate_limit.usage_percentage >= 0.0); // Enterprise tier should have no limit if rate_limit.tier == "enterprise" { assert!(rate_limit.limit.is_none()); assert_eq!(rate_limit.usage_percentage, 0.0); } else { assert!(rate_limit.limit.is_some()); assert!(rate_limit.limit.unwrap() > 0); } // All should have reset date assert!(rate_limit.reset_date.is_some()); } Ok(()) } #[tokio::test] async fn test_get_rate_limit_overview_usage_calculation() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let overview = setup .dashboard_routes .get_rate_limit_overview(setup.auth_result()) .await?; // Find starter tier key (has rate limit) let starter_overview = overview .iter() .find(|o| o.tier == "starter") .expect("Should have starter tier key"); assert!(starter_overview.limit.is_some()); let limit = starter_overview.limit.unwrap(); // Usage percentage should be calculated correctly let expected_percentage = if limit > 0 { (starter_overview.current_usage as f64 / limit as f64) * 100.0 } else { 0.0 }; assert!((starter_overview.usage_percentage - expected_percentage).abs() < 0.01); Ok(()) } #[tokio::test] async fn test_get_rate_limit_overview_invalid_auth() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let result = setup .dashboard_routes .get_rate_limit_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!(result.is_err()); let result = setup .dashboard_routes .get_rate_limit_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!(result.is_err()); Ok(()) } // ============================================================================ // Request Logs Tests // ============================================================================ #[tokio::test] async fn test_get_request_logs_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let logs = setup .dashboard_routes .get_request_logs( setup.auth_result(), None, // No specific API key Some("24h"), // Last 24 hours None, // All statuses None, // All tools ) .await?; // Note: Logs might be empty in test environment - this is acceptable // as we're testing the API interface and authentication // Verify log structure for log in &logs { assert!(!log.id.is_empty()); assert!(log.timestamp <= Utc::now()); assert!(!log.api_key_id.is_empty()); assert!(!log.api_key_name.is_empty()); assert!(!log.tool_name.is_empty()); assert!(log.status_code >= 100 && log.status_code < 600); // Verify API key belongs to user assert!(setup.api_keys.iter().any(|k| k.id == log.api_key_id)); } Ok(()) } #[tokio::test] async fn test_get_request_logs_with_filters() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Test with specific API key filter let api_key_id = &setup.api_keys[0].id; let logs = setup .dashboard_routes .get_request_logs( setup.auth_result(), Some(api_key_id), Some("7d"), None, None, ) .await?; // All logs should be for the specified API key for log in &logs { assert_eq!(log.api_key_id, *api_key_id); } // Test with status filter let logs = setup .dashboard_routes .get_request_logs( setup.auth_result(), None, Some("7d"), Some("200"), // Only successful requests None, ) .await?; for log in &logs { assert_eq!(log.status_code, 200); } // Test with tool filter let logs = setup .dashboard_routes .get_request_logs( setup.auth_result(), None, Some("7d"), None, Some("strava_activities"), ) .await?; for log in &logs { assert_eq!(log.tool_name, "strava_activities"); } Ok(()) } #[tokio::test] async fn test_get_request_logs_time_ranges() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let time_ranges = vec!["1h", "24h", "7d", "30d"]; for time_range in time_ranges { let logs = setup .dashboard_routes .get_request_logs(setup.auth_result(), None, Some(time_range), None, None) .await?; // Verify all logs are within the time range let cutoff = match time_range { "1h" => Utc::now() - Duration::hours(1), "24h" => Utc::now() - Duration::hours(24), "7d" => Utc::now() - Duration::days(7), "30d" => Utc::now() - Duration::days(30), _ => Utc::now() - Duration::hours(1), }; for log in &logs { assert!(log.timestamp >= cutoff); } } Ok(()) } #[tokio::test] async fn test_get_request_logs_unauthorized_api_key() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Try to access logs for a non-existent API key let result = setup .dashboard_routes .get_request_logs( setup.auth_result(), Some("nonexistent_key_id"), Some("24h"), None, None, ) .await; assert!(result.is_err()); assert!(result .unwrap_err() .to_string() .contains("not found or access denied")); Ok(()) } // ============================================================================ // Request Stats Tests // ============================================================================ #[tokio::test] async fn test_get_request_stats_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let stats = setup .dashboard_routes .get_request_stats( setup.auth_result(), None, // All API keys Some("24h"), // Last 24 hours ) .await?; // Verify basic stats structure // Verify stats structure (removing redundant >= 0 checks for unsigned types) assert!(stats.successful_requests <= stats.total_requests); assert!(stats.failed_requests <= stats.total_requests); assert_eq!( stats.total_requests, stats.successful_requests + stats.failed_requests ); assert!(stats.average_response_time >= 0.0); assert!(stats.requests_per_minute >= 0.0); assert!(stats.error_rate >= 0.0 && stats.error_rate <= 100.0); // Error rate calculation verification if stats.total_requests > 0 { let expected_error_rate = (stats.failed_requests as f64 / stats.total_requests as f64) * 100.0; assert!((stats.error_rate - expected_error_rate).abs() < 0.01); } Ok(()) } #[tokio::test] async fn test_get_request_stats_specific_api_key() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let api_key_id = &setup.api_keys[0].id; let stats = setup .dashboard_routes .get_request_stats(setup.auth_result(), Some(api_key_id), Some("7d")) .await?; // Should have some requests for this specific key // Removed redundant >= 0 check for unsigned type assert!(stats.average_response_time >= 0.0); Ok(()) } #[tokio::test] async fn test_get_request_stats_different_timeframes() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let timeframes = vec!["1h", "24h", "7d", "30d"]; for timeframe in timeframes { let stats = setup .dashboard_routes .get_request_stats(setup.auth_result(), None, Some(timeframe)) .await?; // Verify requests per minute calculation makes sense for timeframe let duration_minutes = match timeframe { "1h" => 60.0, "24h" => 1440.0, "7d" => 10080.0, "30d" => 43200.0, _ => 60.0, }; let expected_rpm = stats.total_requests as f64 / duration_minutes; assert!((stats.requests_per_minute - expected_rpm).abs() < 0.01); } Ok(()) } #[tokio::test] async fn test_get_request_stats_invalid_auth() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let result = setup .dashboard_routes .get_request_stats( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, None, Some("24h"), ) .await; assert!(result.is_err()); let result = setup .dashboard_routes .get_request_stats( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, None, Some("24h"), ) .await; assert!(result.is_err()); Ok(()) } // ============================================================================ // Tool Usage Breakdown Tests // ============================================================================ #[tokio::test] async fn test_get_tool_usage_breakdown_success() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let tool_usage = setup .dashboard_routes .get_tool_usage_breakdown( setup.auth_result(), None, // All API keys Some("7d"), // Last 7 days ) .await?; // Note: Tool usage might be empty in test environment - this is acceptable // as we're testing the API interface and authentication // Verify tool usage structure for usage in &tool_usage { assert!(!usage.tool_name.is_empty()); // Removed redundant >= 0 check for unsigned type assert!(usage.success_rate >= 0.0 && usage.success_rate <= 100.0); assert!(usage.average_response_time >= 0.0); } // Should be sorted by request count (descending) for i in 1..tool_usage.len() { assert!(tool_usage[i - 1].request_count >= tool_usage[i].request_count); } // Should not exceed 10 tools (top 10) assert!(tool_usage.len() <= 10); Ok(()) } #[tokio::test] async fn test_get_tool_usage_breakdown_different_timeframes() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let timeframes = vec!["1h", "24h", "7d", "30d"]; for timeframe in timeframes { let tool_usage = setup .dashboard_routes .get_tool_usage_breakdown(setup.auth_result(), None, Some(timeframe)) .await?; // Each timeframe should return valid data for usage in &tool_usage { assert!(!usage.tool_name.is_empty()); // Removed redundant >= 0 check for unsigned type } } Ok(()) } #[tokio::test] async fn test_get_tool_usage_breakdown_invalid_auth() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let result = setup .dashboard_routes .get_tool_usage_breakdown( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, None, Some("7d"), ) .await; assert!(result.is_err()); let result = setup .dashboard_routes .get_tool_usage_breakdown( AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }, None, Some("7d"), ) .await; assert!(result.is_err()); Ok(()) } // ============================================================================ // Edge Cases and Error Handling Tests // ============================================================================ // JWT expiration test removed - JWT validation happens at HTTP filter level // Route methods only validate that user_id is not nil #[tokio::test] async fn test_dashboard_with_malformed_jwt() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; let malformed_tokens = vec![ "Bearer malformed.jwt.token", "Bearer not_a_jwt_at_all", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.malformed", "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.invalid_signature", ]; for malformed_token in malformed_tokens { let result = setup .dashboard_routes .get_dashboard_overview(AuthResult { user_id: uuid::Uuid::nil(), auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }) .await; assert!( result.is_err(), "Token should be invalid: {}", malformed_token ); } Ok(()) } #[tokio::test] async fn test_dashboard_with_different_user() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Create another user let (other_user_id, _) = common::create_test_user_with_email(&setup.database, "other@example.com").await?; let other_auth_result = AuthResult { user_id: other_user_id, auth_method: AuthMethod::JwtToken { tier: "premium".to_owned(), }, rate_limit: UnifiedRateLimitInfo { is_rate_limited: false, limit: Some(1000), remaining: Some(1000), reset_at: None, tier: "premium".to_owned(), auth_method: "jwt".to_owned(), }, }; // This user should have no API keys and no data let overview = setup .dashboard_routes .get_dashboard_overview(other_auth_result) .await?; assert_eq!(overview.total_api_keys, 0); assert_eq!(overview.active_api_keys, 0); assert_eq!(overview.total_requests_today, 0); assert_eq!(overview.total_requests_this_month, 0); assert!(overview.current_month_usage_by_tier.is_empty()); assert!(overview.recent_activity.is_empty()); Ok(()) } #[tokio::test] async fn test_dashboard_concurrent_requests() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Make multiple concurrent requests let mut handles = vec![]; for _ in 0..10 { let dashboard_routes = setup.dashboard_routes.clone(); let auth_result = setup.auth_result(); let handle = tokio::spawn(async move { dashboard_routes.get_dashboard_overview(auth_result).await }); handles.push(handle); } // Wait for all requests to complete let mut all_succeeded = true; for handle in handles { match handle.await { Ok(Ok(_)) => {} _ => all_succeeded = false, } } assert!(all_succeeded, "All concurrent requests should succeed"); Ok(()) } #[tokio::test] async fn test_dashboard_large_dataset() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Test that dashboard can handle reasonable amounts of data // Our test setup already creates 30 days of data for 3 API keys // This should be sufficient to test performance let start = Instant::now(); let overview = setup .dashboard_routes .get_dashboard_overview(setup.auth_result()) .await?; let duration = start.elapsed(); // Should complete within reasonable time (1 second for test data) assert!( duration.as_secs() < 1, "Dashboard overview took too long: {:?}", duration ); // Data should still be accurate assert_eq!(overview.total_api_keys, 3); // Note: Requests might be 0 in test environment due to data setup limitations Ok(()) } #[tokio::test] async fn test_dashboard_boundary_conditions() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Test edge case: analytics for 0 days (should default to something reasonable) let analytics = setup .dashboard_routes .get_usage_analytics(setup.auth_result(), 0) .await?; assert_eq!(analytics.time_series.len(), 0); // Test large number of days let analytics = setup .dashboard_routes .get_usage_analytics(setup.auth_result(), 1000) .await?; assert_eq!(analytics.time_series.len(), 1000); Ok(()) } // ============================================================================ // Integration with Database Tests // ============================================================================ #[tokio::test] async fn test_dashboard_data_consistency() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Get overview data let overview = setup .dashboard_routes .get_dashboard_overview(setup.auth_result()) .await?; // Get rate limit data let rate_limits = setup .dashboard_routes .get_rate_limit_overview(setup.auth_result()) .await?; // Number of API keys should be consistent assert_eq!(overview.total_api_keys, rate_limits.len() as u32); // Get request stats for current month comparison // Note: We cannot directly compare "this month" with "30d" as they are different time periods // "this month" = from 1st of current month to now // "30d" = from 30 days ago to now // Instead, we verify that the overview data is internally consistent // Verify tier usage adds up to total monthly requests let tier_total: u64 = overview .current_month_usage_by_tier .iter() .map(|tier| tier.total_requests) .sum(); assert_eq!(overview.total_requests_this_month, tier_total); Ok(()) } #[tokio::test] async fn test_dashboard_real_time_updates() -> Result<()> { common::init_server_config(); let setup = DashboardTestSetup::new().await?; // Get initial stats let initial_overview = setup .dashboard_routes .get_dashboard_overview(setup.auth_result()) .await?; // Create a new API key let _new_key = common::create_and_store_test_api_key(&setup.database, setup.user_id, "New Real-time Key") .await?; // Get updated stats let updated_overview = setup .dashboard_routes .get_dashboard_overview(setup.auth_result()) .await?; // Should reflect the new API key assert_eq!( updated_overview.total_api_keys, initial_overview.total_api_keys + 1 ); assert_eq!( updated_overview.active_api_keys, initial_overview.active_api_keys + 1 ); Ok(()) }

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jfarcand/pierre_mcp_server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

routes_dashboard_test.rs•56.7 kB