Testing: No tests for RLS (Row-Level Security) isolation #8
Description
Description
Row-level security is a core security feature of the framework, but there are no tests verifying that it actually isolates tenants correctly.
What's Missing
-
Tenant isolation tests
- User A cannot see User B's tenant data
- Tenant context is properly set and cleared
- Connection pool correctly resets tenant context
-
set_tenant() function tests
- Verify function sets
app.current_tenantcorrectly - Verify function can be cleared with empty string
- Verify function sets
-
Middleware integration tests
- Verify
RequireAuthenticatedmiddleware sets tenant context - Verify tenant context propagates to database queries
- Verify
Current Test Coverage
app/app_test.go - Config validation only
auth/handler_test.go - resolveSubjectFromClaims only
internal/scaffold/ - Scaffold generation
No RLS tests.
Recommended Tests
// db/rls_test.go
func TestTenantIsolation(t *testing.T) {
// Setup: Create two tenants with data
// Test: Query as tenant A, verify only A's data visible
// Test: Query as tenant B, verify only B's data visible
}
func TestTenantContextReset(t *testing.T) {
// Test: After request completes, tenant context is cleared
// Test: Connection returned to pool has no tenant context
}
// auth/middleware_test.go
func TestMiddlewareSetsTenantContext(t *testing.T) {
// Test: Authenticated request has tenant ID in context
// Test: Context value matches session claims
}Test Infrastructure
Need:
- Test database with RLS enabled
- Helper to create tenants and users
- Helper to run queries as different tenants
Impact
- Effort: Medium
- Benefit: Critical (verify security feature works)
- Risk: High (untested security feature)