内容简介:Go v1.14 ships with improvements across different aspects of the language. Two of them are brand newThe introduction of these methods will make it easier for our tests to clean up after themselves. This was always achievable through the careful composition
Go v1.14 ships with improvements across different aspects of the language. Two
of them are brand new t.Cleanup
, and b.Cleanup
methods, added to the testing
package.
The introduction of these methods will make it easier for our tests to clean up
after themselves. This was always achievable through the careful composition of
(sub)tests and helper functions, but since Go 1.14, the testing
package will
ship with one right way to do that.
Let's explore through a scenario, one very common in web development, how these methods work, and how to put them in use.
In this article, we will focus on the
t.Cleanup
function
, but the points made
here apply to the
b.Cleanup
function
too.
Vulnerable Authentication
A web service that we own has an authentication middleware that uses HTTP
Basic Authentication. The middleware takes the Authorization
header values of
an HTTP request using the
BasicAuth
helper
method
and authenticates
the request. Depending on the authentication result, it will return an error
response or let the request go through.
The AuthMiddleware
authorization middleware:
type AuthMiddleware struct { db *gorm.DB } func (am *AuthMiddleware) Validate(username, password string) bool { var u User if err := am.db.Where("username = ? AND password = ?", username, password).First(&u).Error; err != nil { return false } return true } func (am *AuthMiddleware) Middleware(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if u, p, ok := r.BasicAuth(); ok && am.Validate(u, p) { next.ServeHTTP(w, r) } else { http.Error(w, "Forbidden", http.StatusForbidden) } }) }
The AuthMiddleware
is a struct
that has a db
attribute of the type *gorm.DB
, which, in fact, is a Gorm
database connection
pool. The Validate
method of the middleware will check the validity of the
authorization credentials sent by the client. (Yes, this is a very dumb and
vulnerable service - stores plain text passwords in the database. No, you
should never
keep your customers’ passwords in plain text.)
To do that, it uses the
Request.BasicAuth
method
that returns the
username and password provided in the request's Authorization
header. Then,
we invoke the Validate
method with u
(the username) and p
(the password)
as arguments, that returns a bool
.
When the request successfully authorized, the response of the endpoint will be
returned. If the request does not supply proper HTTP Basic Authentication
credentials, or the supplied credentials are invalid, it will return an HTTP 403
Forbidden error.
The simplistic server that builds the router and mounts the handler and the middleware:
func main() { db, err := gorm.Open("sqlite3", "./cleanups.db") if err != nil { log.Fatal(err) } defer db.Close() aum := &AuthMiddleware{db} r := mux.NewRouter() r.Use(aum.Middleware) r.HandleFunc("/foo", func(w http.ResponseWriter, r *http.Request) { io.WriteString(w, "6 x 9 = 42\n") }) log.Fatal(http.ListenAndServe(":8888", r)) }
The main
function opens a Gorm connection to an SQLite3
database, builds a mux
router, and mounts a handler at the /foo
URI. Then, it mounts the
router on a server and starts listening on 127.0.0.1:8888
.
So, a sensible question would be, how can we test such a middleware? Since
there is a database connection in play here, we have to make sure the database
contains the actual username
and password
we want to send in the test.
Testing the Vulnerable Authentication
Given that the authorization middleware expects a database connection, testing it can be a messy exercise. To test it, we will have to open a database connection (to a test database) and then use it to initialize a test server that mounts the router. Then, we have to send requests to that same server and run our assertions on its response body and status.
Let's take a stab at it:
package main import ( "fmt" "io/ioutil" "log" "net/http" "net/http/httptest" "os" "strings" "testing" "github.com/jinzhu/gorm" ) func TestServer(t *testing.T) { db, err := gorm.Open("sqlite3", "./cleanups_test.db") if err != nil { t.Fatal(err) } defer db.Close() r := Router(db) tcs := []struct { name string username string password string responseBody string responseStatus int }{ { name: "with invalid username-password combo", username: "jane", password: "doe", responseBody: "Forbidden", responseStatus: http.StatusForbidden, }, { name: "with valid username-password combo", username: "jane", password: "doe123", responseBody: "6 x 9 = 42", responseStatus: http.StatusOK, }, } ts := httptest.NewServer(r) defer ts.Close() client := ts.Client() req, err := http.NewRequest("GET", fmt.Sprintf("%s/foo", ts.URL), nil) if err != nil { t.Fatal(err) } for _, tc := range tcs { t.Run(tc.name, func(t *testing.T) { req.SetBasicAuth(tc.username, tc.password) res, err := client.Do(req) if err != nil { t.Fatal(err) } defer res.Body.Close() response, err := ioutil.ReadAll(res.Body) if err != nil { t.Errorf(err) } if res.StatusCode != tc.responseStatus { t.Errorf("Want '%d', got '%d'", tc.responseStatus, res.StatusCode) } if strings.TrimSpace(string(response)) != tc.responseBody { t.Errorf("Want '%s', got '%s'", tc.responseBody, string(response)) } }) } }
We first open a database connection to a test database and pass the
connection as an argument to the Router
function. In the second highlighted
block, we mount the returned router from the Router
function on the test HTTP
server. Also, we create a client for the server that we will use to send
requests to the server.
We then build a new request for the server, and in the next highlighted block,
we attach the username
and the password
of the test case to the request
using the
Request.SetBasicAuth
method
.
We send the request to the HTTP server using the
client.Do
method
, and get a response back.
We then parse the response and do our assertions on the status code of the
response and the contents of the body.
If we ran this test, it would fail. Why? Although the test setup is correct, the test database is empty. When we send a request to the HTTP server, it will try to validate the credentials our test sends, and it will find an empty database:
$ go test ./... -v -count=1 === RUN TestServer TestServer: server_test.go:17: no such table: users (/app/server_test.go:16) [2020-02-16 17:29:26] no such table: users --- FAIL: TestServer (0.01s) FAIL FAIL github.com/fteem/go-playground/testing-in-go-cleanup 0.015s FAIL
This means our test is missing an initial seed of test data, where we create
the users
table and put some records in it so we can use them in the test.
Adding data and cleaning it up, the old way
The widely-approved approach to seeding the test database is to insert some records before running the test and then remove them once the test is done. The benefit being that the database will always be empty after the tests are done running, without the need to recreate the database and its tables every time we run the tests. Precisely what our failing tests need.
Achieving this in the most idiomatic way is by using a cleanup closure that is returned by the function that inserts the data. Usually, the returning cleanup function “pattern” looks like this:
func createUser(t *testing.T, db *gorm.DB) func() { user := User{Username: "jane", Password: "doe123"} if err := db.Create(&user).Error; err != nil { t.Fatal(err) } return func() { db.Delete(&user) } } func TestServer(t *testing.T) { db, err := gorm.Open("sqlite3", "./cleanups_test.db") if err != nil { t.Fatal(err) } defer db.Close() cleanup := createUser(t, db) defer cleanup() r := Router(db) tcs := []struct { name string username string password string responseBody string responseStatus int }{ { name: "with invalid username-password combo", username: "jane", password: "doe", responseBody: "Forbidden", responseStatus: http.StatusForbidden, }, { name: "with valid username-password combo", username: "jane", password: "doe123", responseBody: "6 x 9 = 42", responseStatus: http.StatusOK, }, } ts := httptest.NewServer(r) defer ts.Close() client := ts.Client() req, err := http.NewRequest("GET", fmt.Sprintf("%s/foo", ts.URL), nil) if err != nil { t.Fatal(err) } for _, tc := range tcs { t.Run(tc.name, func(t *testing.T) { req.SetBasicAuth(tc.username, tc.password) res, err := client.Do(req) if err != nil { t.Fatal(err) } defer res.Body.Close() response, err := ioutil.ReadAll(res.Body) if err != nil { t.Error(err) } if res.StatusCode != tc.responseStatus { t.Errorf("Want '%d', got '%d'", tc.responseStatus, res.StatusCode) } if strings.TrimSpace(string(response)) != tc.responseBody { t.Errorf("Want '%s', got '%s'", tc.responseBody, string(response)) } }) } }
The createUser
function takes a database connection as an argument and uses
it to insert a new User
in the users
table. After that, it will return a
closure that, when invoked, will remove the added user.
The reason we pass the testing.T
pointer to the createUser
function is to
be able to fail the test if the database cannot be opened for writing. We check
the db.Error
field on the Gorm database connection pool for any errors and
invoke the t.Fatal
function, if we hit any errors.
(You can read more about the behavior of t.Fatal
in my article on the
topic
.)
In the test itself, we invoke createUser
with the test database connection
and the testing.T
pointer. The return value of createUser
is a function
which we store in the cleanup
variable. Then, we defer
the invocation of cleanup
to happen at the exit of the test function. Using cleanup
, we can
remove the data from the test database before exiting the tests.
While the approach above works and it's idiomatic Go, it has a few downsides worth mentioning:
- It works fine for one test case, but if the test file has many tests that modify the state of the test database, they will get contaminated with cleanup-like functions.
- Adding to the above point, imagine tests where we have to clean up other things, such as processes, files, or open sockets. That will lead to a substantial increase in cleanup-closures pollution.
- It adds cognitive overhead when reading the code, which otherwise is a straightforward testing code
-
The definition of the
cleanup
function is buried in thecreateUser
function, visually separated from the test function that uses/invokes it. A reader of the test file can experience difficulty navigating the functions and putting the pieces together
Because of these reasons, the Go authors decided to add a t.Cleanup
function
to the testing
package. The
change
was merged on
November 4, 2019 – right on time to get into the v1.14 release.
Let's explore how t.Cleanup
can make our life easier.
Adding data and cleaning it up, using t.Cleanup
With the t.Cleanup
, and b.Cleanup
methods, we get better control to
cleaning up after our tests. t.Cleanup
registers a function to be called when
the test and all its subtests complete. This means that even if our tests run
as subtests, which is the case in our example, the cleanup will only happen
after all the subtests are done.
Here's the reworked version of our tests:
func createUser(t *testing.T, db *gorm.DB) { user := User{Username: "jane", Password: "doe123"} if err := db.Create(&user).Error; err != nil { t.Fatal(err) } t.Cleanup(func() { db.Delete(&user) }) } func TestServer(t *testing.T) { db, err := gorm.Open("sqlite3", "./cleanups_test.db") if err != nil { t.Fatal(err) } defer db.Close() createUser(t, db) r := Router(db) // Snipped for brewity... }
While the code change is small, there is a substantial difference between the new and the old versions.
The most significant difference lies in the fact that the createUser
function
takes care of its clean up now. The invoker function ( TestServer
) does not
need to worry about the cleanup of the data added in the database – we know
that the createUser
will remove the data. Most importantly, it will remove
the data just in time
– once all of the subtests are done.
Having t.Cleanup
, and b.Cleanup
in the standard library does not stop us
from using the old way using composition and returning cleanup callbacks – it
is still a valid way to clean up any state or files that our tests might
create. But, using the new t.Cleanup
& b.Cleanup
functions things get a bit
easier: there's now a way to do just that, and the standard library supports
it.
And having the Go v1 compatibility promise in mind – it is here to stay.
以上所述就是小编给大家介绍的《Testing in Go: Clean Tests Using t.Cleanup》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!
猜你喜欢:本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
Wireshark网络分析就这么简单
林沛满 / 人民邮电出版社 / 2014-11-6 / 39.00
Wireshark可能是世界上最好的开源网络包分析器,能在多种平台上(比如Windows、Linux和Mac)抓取和分析网络包,在IT业界有着广泛的应用。 《Wireshark网络分析就这么简单》采用诙谐风趣的手法,由浅入深地用Wireshark分析了常见的网络协议,读者在学习Wireshark的同时,也会在不知不觉中理解这些协议。作者还通过身边发生的一些真实案例,分享了Wireshark的......一起来看看 《Wireshark网络分析就这么简单》 这本书的介绍吧!