fix: A2 (relax art-source CHECK) + D + E integration residual
A2 — migration 0030: the albums/artists art `*_source` CHECK was a fixed provider-ID allowlist fighting the extensible coverart.Register registry (per-provider migration churn at 0016/0018/0020; rejected test stub providers → ~11 enricher tests failed). Relax to "NULL or non-empty"; the registry is the source of truth. Same brittleness class as the #433 discovery-mix CHECK. D — lidarr Approve resolves metadata/quality profiles (JSON arrays) before the add; the test stubs returned {"id":1} for every path, so ListMetadataProfiles failed to unmarshal → 500/Approve errors. Make the lidarrrequests + admin_requests stubs path-aware (arrays for /metadataprofile, /qualityprofile). E: - auth: requireUser (prelude.go) emitted code "auth_required"; the canonical code is "unauthenticated" (operator decision). Change the code; drop the now-dead "auth_required" web error-copy key ("unauthenticated" already has copy). - playlists_system_test wrapped the real auth.RequireUser middleware but only injected withUser() context → 401. Like every other api handler test, drop the middleware and rely on requireUser(). - admin_users dup-username test seeded "test-existing" (seedUser prefixes) but POSTed "existing" → no collision; POST the prefixed name. - me_timezone test decoded a top-level {"code"} but the envelope is {"error":{"code"}}; decode the nested shape. - audit test asserted compact JSON; Postgres jsonb::text is spaced. - put-lidarr-config tests predated the missing_defaults gate (correct handler behavior); supply the required defaults in the bodies. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -8,8 +8,6 @@ import (
|
||||
"testing"
|
||||
|
||||
"github.com/go-chi/chi/v5"
|
||||
|
||||
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
|
||||
)
|
||||
|
||||
// Generic registry-driven system-playlist endpoints (#411 R2).
|
||||
@@ -17,7 +15,11 @@ import (
|
||||
func newSystemPlaylistRouter(h *handlers) chi.Router {
|
||||
r := chi.NewRouter()
|
||||
r.Route("/api", func(api chi.Router) {
|
||||
api.Use(auth.RequireUser(h.pool))
|
||||
// No real auth.RequireUser middleware: like every other api
|
||||
// handler test, auth is supplied via withUser() context and the
|
||||
// handlers self-guard with requireUser() (prelude.go). The real
|
||||
// middleware needs a live session and would 401 the injected
|
||||
// test user.
|
||||
api.Post("/playlists/system/{kind}/refresh", h.handleSystemPlaylistRefresh)
|
||||
api.Get("/playlists/system/{kind}/shuffle", h.handleSystemPlaylistShuffle)
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user