120 lines
4.1 KiB
Bash
Executable File
120 lines
4.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# delete_test.sh - Test script for DELETE /<sha256> endpoint
|
|
# This script tests the blob deletion functionality
|
|
|
|
BASE_URL="http://localhost:9001"
|
|
NOSTR_PRIVKEY="0000000000000000000000000000000000000000000000000000000000000001"
|
|
NOSTR_PUBKEY="79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798"
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m' # No Color
|
|
|
|
echo "=== Ginxsom Delete Blob Tests ==="
|
|
echo
|
|
|
|
# Function to generate a Nostr event for delete authorization
|
|
generate_delete_auth() {
|
|
local sha256="$1"
|
|
local content="$2"
|
|
local created_at=$(date +%s)
|
|
local expiration=$((created_at + 3600)) # 1 hour from now
|
|
|
|
# Note: This is a placeholder - in real implementation, you'd use nostr tools
|
|
# to generate properly signed events. For now, we'll create the structure.
|
|
cat << EOF
|
|
{
|
|
"id": "placeholder_id",
|
|
"pubkey": "$NOSTR_PUBKEY",
|
|
"kind": 24242,
|
|
"content": "$content",
|
|
"created_at": $created_at,
|
|
"tags": [
|
|
["t", "delete"],
|
|
["x", "$sha256"],
|
|
["expiration", "$expiration"]
|
|
],
|
|
"sig": "placeholder_signature"
|
|
}
|
|
EOF
|
|
}
|
|
|
|
# Test 1: Delete without authorization (should fail)
|
|
echo -e "${YELLOW}Test 1: DELETE without authorization${NC}"
|
|
RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X DELETE "$BASE_URL/708d0e8226ec17b0585417c0ec9352ce5f52c3820c904b7066fe20b00f2d9cfe")
|
|
HTTP_STATUS=$(echo "$RESPONSE" | grep "HTTP_STATUS" | cut -d: -f2)
|
|
BODY=$(echo "$RESPONSE" | sed '/HTTP_STATUS/d')
|
|
|
|
if [ "$HTTP_STATUS" = "401" ]; then
|
|
echo -e "${GREEN}✓ Correctly rejected unauthorized delete (401)${NC}"
|
|
else
|
|
echo -e "${RED}✗ Expected 401, got $HTTP_STATUS${NC}"
|
|
fi
|
|
echo "Response: $BODY"
|
|
echo
|
|
|
|
# Test 2: Delete with invalid authorization
|
|
echo -e "${YELLOW}Test 2: DELETE with invalid authorization${NC}"
|
|
INVALID_AUTH=$(echo '{"invalid": "event"}' | base64 -w 0)
|
|
RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X DELETE \
|
|
-H "Authorization: Nostr $INVALID_AUTH" \
|
|
"$BASE_URL/708d0e8226ec17b0585417c0ec9352ce5f52c3820c904b7066fe20b00f2d9cfe")
|
|
HTTP_STATUS=$(echo "$RESPONSE" | grep "HTTP_STATUS" | cut -d: -f2)
|
|
BODY=$(echo "$RESPONSE" | sed '/HTTP_STATUS/d')
|
|
|
|
if [ "$HTTP_STATUS" = "401" ]; then
|
|
echo -e "${GREEN}✓ Correctly rejected invalid authorization (401)${NC}"
|
|
else
|
|
echo -e "${RED}✗ Expected 401, got $HTTP_STATUS${NC}"
|
|
fi
|
|
echo "Response: $BODY"
|
|
echo
|
|
|
|
# Test 3: Delete non-existent blob
|
|
echo -e "${YELLOW}Test 3: DELETE non-existent blob${NC}"
|
|
NONEXISTENT_HASH="1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
|
|
DELETE_AUTH=$(generate_delete_auth "$NONEXISTENT_HASH" "Delete non-existent")
|
|
AUTH_B64=$(echo "$DELETE_AUTH" | base64 -w 0)
|
|
RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X DELETE \
|
|
-H "Authorization: Nostr $AUTH_B64" \
|
|
"$BASE_URL/$NONEXISTENT_HASH")
|
|
HTTP_STATUS=$(echo "$RESPONSE" | grep "HTTP_STATUS" | cut -d: -f2)
|
|
BODY=$(echo "$RESPONSE" | sed '/HTTP_STATUS/d')
|
|
|
|
if [ "$HTTP_STATUS" = "404" ]; then
|
|
echo -e "${GREEN}✓ Correctly returned 404 for non-existent blob${NC}"
|
|
else
|
|
echo -e "${RED}✗ Expected 404, got $HTTP_STATUS${NC}"
|
|
fi
|
|
echo "Response: $BODY"
|
|
echo
|
|
|
|
# Test 4: Delete with wrong pubkey (ownership check)
|
|
echo -e "${YELLOW}Test 4: DELETE with wrong pubkey (ownership test)${NC}"
|
|
TEST_HASH="708d0e8226ec17b0585417c0ec9352ce5f52c3820c904b7066fe20b00f2d9cfe"
|
|
DELETE_AUTH=$(generate_delete_auth "$TEST_HASH" "Delete with wrong pubkey")
|
|
AUTH_B64=$(echo "$DELETE_AUTH" | base64 -w 0)
|
|
RESPONSE=$(curl -s -w "\nHTTP_STATUS:%{http_code}" -X DELETE \
|
|
-H "Authorization: Nostr $AUTH_B64" \
|
|
"$BASE_URL/$TEST_HASH")
|
|
HTTP_STATUS=$(echo "$RESPONSE" | grep "HTTP_STATUS" | cut -d: -f2)
|
|
BODY=$(echo "$RESPONSE" | sed '/HTTP_STATUS/d')
|
|
|
|
echo "HTTP Status: $HTTP_STATUS"
|
|
echo "Response: $BODY"
|
|
echo
|
|
|
|
# Test 5: Valid delete (if implemented and authorized)
|
|
echo -e "${YELLOW}Test 5: Valid DELETE request${NC}"
|
|
echo "Note: This test requires a blob uploaded by the test pubkey"
|
|
echo "and proper Nostr event signing (not implemented in this test script)"
|
|
echo
|
|
|
|
echo "=== Delete Tests Complete ==="
|
|
echo
|
|
echo "Note: These tests use placeholder Nostr events."
|
|
echo "For real testing, use proper Nostr signing tools to generate valid events."
|