Eric Bower
·
2026-03-02
access_test.go
1package pgs
2
3import (
4 "log/slog"
5 "net/http"
6 "net/http/httptest"
7 "strings"
8 "testing"
9
10 "github.com/picosh/pico/pkg/shared"
11 "github.com/picosh/pico/pkg/shared/storage"
12)
13
14func TestPrivateProjectDeniesWebAccess(t *testing.T) {
15 logger := slog.Default()
16 dbpool := NewPgsDb(logger)
17 bucketName := shared.GetAssetBucketName(dbpool.Users[0].ID)
18
19 // Mark the test project as private
20 project, err := dbpool.FindProjectByName(dbpool.Users[0].ID, "test")
21 if err != nil {
22 t.Fatalf("failed to get project: %v", err)
23 }
24 project.Acl.Type = "private"
25 project.Acl.Data = []string{}
26
27 request := httptest.NewRequest("GET", "https://"+dbpool.Users[0].Name+"-test.pgs.test/", strings.NewReader(""))
28 responseRecorder := httptest.NewRecorder()
29
30 st, _ := storage.NewStorageMemory(map[string]map[string]string{
31 bucketName: {
32 "/test/index.html": "hello world!",
33 },
34 })
35 pubsub := NewPubsubChan()
36 defer func() {
37 _ = pubsub.Close()
38 }()
39 cfg := NewPgsConfig(logger, dbpool, st, pubsub)
40 cfg.Domain = "pgs.test"
41 router := NewWebRouter(cfg)
42 router.ServeHTTP(responseRecorder, request)
43
44 if responseRecorder.Code != http.StatusUnauthorized {
45 t.Errorf("want status %d, got %d", http.StatusUnauthorized, responseRecorder.Code)
46 }
47}