Skip to content

fix(console): restore admin_auth_cors_ratelimit test after ureq 3 API drift (task #37)#321

Merged
pilotspacex-byte merged 1 commit into
mainfrom
fix/console-ureq3-test
Jul 13, 2026
Merged

fix(console): restore admin_auth_cors_ratelimit test after ureq 3 API drift (task #37)#321
pilotspacex-byte merged 1 commit into
mainfrom
fix/console-ureq3-test

Conversation

@pilotspacex-byte

@pilotspacex-byte pilotspacex-byte commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

What

Task #37: the console-feature test admin_auth_cors_ratelimit was written against ureq 2.x but Cargo.toml pins ureq = "3" (Lock: 3.3.0). ureq 3 renamed/removed .set(), .timeout(), ureq::request(), resp.header(), and — the breaking part — ureq::Error::StatusCode(u16) no longer carries the Response, so header assertions on 4xx/5xx (www-authenticate on 401, retry-after on 429) were structurally unreachable.

Fix

Two helpers build each request with .config().http_status_as_error(false).timeout_global(...).build(), so 4xx/5xx come back as Ok(Response) and the test asserts on resp.status()/resp.headers() directly. Every original assertion preserved (bearer enforcement, tampered-signature rejection, CORS origin echo/elision, 429 + retry-after, preflight bypass, healthz/readyz auth exemption). Test-only change; no non-test console code used ureq.

Verification

  • cargo test --release --features console --test admin_auth_cors_ratelimit → 7/7
  • cargo fmt --check clean; cargo clippy --no-default-features --features runtime-monoio,jemalloc,graph,text-index,console --tests -D warnings clean (matches CI check-console exactly)

Summary by CodeRabbit

  • Tests
    • Improved coverage and reliability for authentication, CORS, rate-limiting, health-check, and metrics response handling.
    • Tests now directly verify HTTP status codes and headers for both successful and error responses.
    • Updated startup health-check polling with more efficient response handling and timeouts.

… drift

Cargo.lock pins ureq 3.3.0 (Cargo.toml `ureq = "3"`), but
tests/admin_auth_cors_ratelimit.rs (task #37) was still written against the
ureq 2.x API: `.set()`, `.timeout()`, `ureq::request(method, url)`,
`resp.header()`, and matching `ureq::Error::Status(code, resp)` to read
headers off 4xx/5xx responses. ureq 3 renamed/removed all of these:
`.header()` replaces `.set()`, per-request timeouts move to
`.config().timeout_global(...).build()`, `ureq::request()` is gone in favor
of method-named free functions (`ureq::options()`), and — the breaking part
for these tests — `Error::StatusCode(u16)` no longer carries the response,
so header assertions on error responses (www-authenticate on 401,
retry-after on 429) were no longer reachable at all.

Fix: build every request with `http_status_as_error(false)` so 4xx/5xx
responses come back as `Ok(Response<Body>)` instead of `Err`, and assert on
`resp.status()` / `resp.headers()` directly. This preserves every original
assertion (bearer-token enforcement, tampered-signature rejection, CORS
origin echo/elision, rate-limit 429 + retry-after, preflight bypass,
healthz/readyz auth exemption) — nothing was weakened, only the mechanism
for reaching the response headers changed.

Verified: cargo test --release --features console --test
admin_auth_cors_ratelimit (7/7 pass), cargo fmt --check, cargo clippy
--no-default-features --features runtime-monoio,jemalloc,graph,text-index,console
--tests -- -D warnings (clean).

Refs: task #37 (console-feature test rot from PR #284 review)
author: Tin Dang
@pilotspacex-byte pilotspacex-byte added the skip-changelog Skip the CHANGELOG.md update gate for this PR label Jul 13, 2026
@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 13c4451c-a6fc-4958-964c-23095f744b65

📥 Commits

Reviewing files that changed from the base of the PR and between f6518c5 and 5f1f423.

📒 Files selected for processing (1)
  • tests/admin_auth_cors_ratelimit.rs

📝 Walkthrough

Walkthrough

Changes

HTTP response handling tests

Layer / File(s) Summary
Response helpers and startup polling
tests/admin_auth_cors_ratelimit.rs
Adds response-returning GET, OPTIONS, and header helpers and updates /healthz polling to use them.
Status and header assertion migration
tests/admin_auth_cors_ratelimit.rs
Updates authentication, signature, CORS, rate-limit, preflight, and health endpoint tests to assert directly on responses.

Estimated code review effort: 2 (Simple) | ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and accurately describes the test update for ureq 3 API drift.
Description check ✅ Passed It covers the summary, fix details, and verification, and is mostly complete despite not following the template headings exactly.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/console-ureq3-test

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@pilotspacex-byte pilotspacex-byte merged commit 0039795 into main Jul 13, 2026
19 of 20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

skip-changelog Skip the CHANGELOG.md update gate for this PR

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants