fortress-api-server 1.0.0

REST API server for Fortress secure database system
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313

//! GraphQL API tests
//!
//! Tests for the Fortress GraphQL API implementation.

#[cfg(test)]
mod tests {
    use super::*;
    use async_graphql::{Request, Response};
    use serde_json::json;

    #[tokio::test]
    async fn test_graphql_schema_creation() {
        let schema = crate::graphql::create_schema();
        
        // Test that schema can be created without panicking
        assert!(true, "Schema creation should not panic");
    }

    #[tokio::test]
    async fn test_databases_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                databases {
                    id
                    name
                    status
                    encryptionAlgorithm
                    createdAt
                    tableCount
                    storageSizeBytes
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Query should not have errors");
        
        let data = response.data.into_json().unwrap();
        let databases = data.get("databases").unwrap().as_array().unwrap();
        assert!(!databases.is_empty(), "Should return at least one database");
    }

    #[tokio::test]
    async fn test_health_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                health {
                    healthy
                    services {
                        name
                        healthy
                        responseTimeMs
                    }
                    lastCheck
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Health query should not have errors");
        
        let data = response.data.into_json().unwrap();
        let health = data.get("health").unwrap().as_object().unwrap();
        
        assert!(health.get("healthy").unwrap().as_bool().unwrap());
        assert!(health.get("services").unwrap().as_array().unwrap().len() > 0);
    }

    #[tokio::test]
    async fn test_version_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                version
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Version query should not have errors");
        
        let data = response.data.into_json().unwrap();
        let version = data.get("version").unwrap().as_str().unwrap();
        assert!(!version.is_empty(), "Version should not be empty");
    }

    #[tokio::test]
    async fn test_database_by_name_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                database(name: "example_db") {
                    id
                    name
                    description
                    status
                    encryptionAlgorithm
                    createdAt
                    tableCount
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Database query should not have errors");
        
        let data = response.data.into_json().unwrap();
        let database = data.get("database").unwrap();
        
        if !database.is_null() {
            let db_obj = database.as_object().unwrap();
            assert_eq!(db_obj.get("name").unwrap().as_str().unwrap(), "example_db");
        }
    }

    #[tokio::test]
    async fn test_tables_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                tables(database: "example_db") {
                    id
                    name
                    database
                    description
                    encryptionEnabled
                    recordCount
                    fields {
                        name
                        fieldType
                        required
                        encrypted
                    }
                    primaryKey
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Tables query should not have errors");
        
        let data = response.data.into_json().unwrap();
        let tables = data.get("tables").unwrap().as_array().unwrap();
        
        if !tables.is_empty() {
            let table = &tables[0];
            let table_obj = table.as_object().unwrap();
            assert_eq!(table_obj.get("name").unwrap().as_str().unwrap(), "users");
            assert_eq!(table_obj.get("database").unwrap().as_str().unwrap(), "example_db");
        }
    }

    #[tokio::test]
    async fn test_query_data() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                queryData(input: {
                    database: "example_db"
                    table: "users"
                    pagination: {
                        page: 0
                        pageSize: 10
                    }
                }) {
                    records {
                        id
                        data
                        createdAt
                        updatedAt
                    }
                    totalCount
                    hasMore
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Query data should not have errors");
        
        let data = response.data.into_json().unwrap();
        let query_result = data.get("queryData").unwrap().as_object().unwrap();
        
        assert!(query_result.get("records").unwrap().as_array().unwrap().len() > 0);
        assert!(query_result.get("totalCount").unwrap().as_i64().unwrap() > 0);
    }

    #[tokio::test]
    async fn test_create_database_mutation() {
        let schema = crate::graphql::create_schema();
        
        let mutation = Request::new(r#"
            mutation {
                createDatabase(input: {
                    name: "test_db"
                    description: "Test database"
                    encryptionAlgorithm: AEGIS256
                    tags: ["test", "example"]
                }) {
                    success
                    data {
                        id
                        name
                        description
                        status
                        encryptionAlgorithm
                        tags
                    }
                    errorMessage
                    errorCode
                }
            }
        "#);
        
        let response = schema.execute(mutation).await;
        
        // This should fail due to missing authentication in tests
        // But the schema should be valid
        assert!(!response.errors.is_empty(), "Should have authentication error");
        
        // Check if it's an authentication error
        let error = &response.errors[0];
        assert!(error.message.contains("Authentication required") || 
                error.message.contains("admin"));
    }

    #[tokio::test]
    async fn test_introspection_query() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                __schema {
                    queryType {
                        name
                        description
                    }
                    mutationType {
                        name
                        description
                    }
                    subscriptionType {
                        name
                        description
                    }
                    types {
                        name
                        kind
                        description
                    }
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Introspection should not have errors");
        
        let data = response.data.into_json().unwrap();
        let schema_data = data.get("__schema").unwrap().as_object().unwrap();
        
        assert!(schema_data.get("queryType").is_some());
        assert!(schema_data.get("mutationType").is_some());
        assert!(schema_data.get("subscriptionType").is_some());
        assert!(schema_data.get("types").is_some());
    }

    #[tokio::test]
    async fn test_subscription_schema() {
        let schema = crate::graphql::create_schema();
        
        let query = Request::new(r#"
            {
                __schema {
                    subscriptionType {
                        fields {
                            name
                            description
                        }
                    }
                }
            }
        "#);
        
        let response = schema.execute(query).await;
        assert!(response.errors.is_empty(), "Subscription introspection should not have errors");
        
        let data = response.data.into_json().unwrap();
        let schema_data = data.get("__schema").unwrap().as_object().unwrap();
        let subscription_type = schema_data.get("subscriptionType").unwrap().as_object().unwrap();
        let fields = subscription_type.get("fields").unwrap().as_array().unwrap();
        
        // Should have subscription fields
        assert!(!fields.is_empty());
        
        let field_names: Vec<String> = fields.iter()
            .filter_map(|f| f.as_object())
            .filter_map(|obj| obj.get("name"))
            .filter_map(|name| name.as_str())
            .map(|s| s.to_string())
            .collect();
        
        assert!(field_names.contains(&"dataChanges".to_string()));
        assert!(field_names.contains(&"healthEvents".to_string()));
        assert!(field_names.contains(&"performanceMetrics".to_string()));
    }
}