Drift audit 2026-06-02 — 26 findings shipped #75

Merged
bvandeusen merged 11 commits from dev into main 2026-06-02 19:21:53 -04:00
2 changed files with 67 additions and 8 deletions
Showing only changes of commit b970b87343 - Show all commits
+17 -7
View File
@@ -1,7 +1,6 @@
package api package api
import ( import (
"encoding/json"
"errors" "errors"
"net/http" "net/http"
@@ -9,6 +8,22 @@ import (
"git.fabledsword.com/bvandeusen/minstrel/internal/auth" "git.fabledsword.com/bvandeusen/minstrel/internal/auth"
) )
// handleGetMe returns the authenticated user's profile shape — id,
// username, display_name, email, is_admin. Mirrors the response shape
// of PUT /api/me/profile so the Android Settings → Profile screen
// (and Flutter's equivalent) can read its starting state from a GET
// before the user has done a first save.
//
// Drift #578 fix: this previously emitted the narrower UserView
// (id, username, is_admin only). Android's MeApi.getProfile() deser-
// ialised into MyProfileWire and saw display_name=null, email=null
// on every read — wiping the form fields on every Settings open.
// Saving from that blank state then submitted empty strings, which
// handleUpdateMyProfile treats as "clear to NULL" — DESTROYING the
// user's stored display_name + email. Returning the full profile
// shape here closes the loop. Web (User type narrower than this
// response) keeps working via TypeScript structural typing — the
// extra fields are ignored.
func (h *handlers) handleGetMe(w http.ResponseWriter, r *http.Request) { func (h *handlers) handleGetMe(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context()) user, ok := auth.UserFromContext(r.Context())
if !ok { if !ok {
@@ -18,10 +33,5 @@ func (h *handlers) handleGetMe(w http.ResponseWriter, r *http.Request) {
writeErr(w, apierror.InternalMsg("missing auth context", errors.New("missing auth context"))) writeErr(w, apierror.InternalMsg("missing auth context", errors.New("missing auth context")))
return return
} }
w.Header().Set("Content-Type", "application/json") writeJSON(w, http.StatusOK, profileViewFromUser(user))
_ = json.NewEncoder(w).Encode(UserView{
ID: user.ID,
Username: user.Username,
IsAdmin: user.IsAdmin,
})
} }
+50 -1
View File
@@ -1,6 +1,7 @@
package api package api
import ( import (
"context"
"encoding/json" "encoding/json"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
@@ -21,13 +22,61 @@ func TestHandleGetMe_ReturnsAuthenticatedUser(t *testing.T) {
if w.Code != http.StatusOK { if w.Code != http.StatusOK {
t.Fatalf("status = %d body = %s", w.Code, w.Body.String()) t.Fatalf("status = %d body = %s", w.Code, w.Body.String())
} }
var got UserView var got meProfileResp
if err := json.Unmarshal(w.Body.Bytes(), &got); err != nil { if err := json.Unmarshal(w.Body.Bytes(), &got); err != nil {
t.Fatalf("decode: %v", err) t.Fatalf("decode: %v", err)
} }
if got.Username != "test-alice" || !got.IsAdmin { if got.Username != "test-alice" || !got.IsAdmin {
t.Errorf("user = %+v, want test-alice/admin", got) t.Errorf("user = %+v, want test-alice/admin", got)
} }
if got.DisplayName != nil {
t.Errorf("DisplayName = %v, want nil for a user with no profile set", *got.DisplayName)
}
if got.Email != nil {
t.Errorf("Email = %v, want nil for a user with no profile set", *got.Email)
}
}
// Drift #578 regression guard: a user whose profile fields ARE set
// must see them in the /api/me response. Previously this handler
// emitted the narrower UserView so Android Settings → Profile saw
// display_name=null and email=null on every read, wiped the form
// fields, and submitting from that blank state destroyed the user's
// stored values via the "empty string clears to NULL" semantics of
// PUT /api/me/profile.
func TestHandleGetMe_IncludesDisplayNameAndEmail(t *testing.T) {
h, pool := testHandlers(t)
user := seedUser(t, pool, "alice", "hunter2", false)
displayName := "Alice Liddell"
email := "alice@example.com"
updated, err := dbq.New(pool).UpdateUserProfile(context.Background(), dbq.UpdateUserProfileParams{
ID: user.ID,
DisplayName: &displayName,
Email: &email,
})
if err != nil {
t.Fatalf("UpdateUserProfile: %v", err)
}
req := httptest.NewRequest(http.MethodGet, "/api/me", nil)
req = withUser(req, updated)
w := httptest.NewRecorder()
h.handleGetMe(w, req)
if w.Code != http.StatusOK {
t.Fatalf("status = %d body = %s", w.Code, w.Body.String())
}
var got meProfileResp
if err := json.Unmarshal(w.Body.Bytes(), &got); err != nil {
t.Fatalf("decode: %v", err)
}
if got.DisplayName == nil || *got.DisplayName != displayName {
t.Errorf("DisplayName = %v, want %q", got.DisplayName, displayName)
}
if got.Email == nil || *got.Email != email {
t.Errorf("Email = %v, want %q", got.Email, email)
}
} }
func TestHandleGetMe_MissingContextReturns500(t *testing.T) { func TestHandleGetMe_MissingContextReturns500(t *testing.T) {