test: add SearchCurrentUserPATs handler and PAT List service tests

[AmanGIT07]

Summary

• Add tests for SearchCurrentUserPATs handler (5 cases)
• Add tests for userpat.Service.List method (4 cases)

Handler tests (TestHandler_SearchCurrentUserPATs)

• Unauthenticated error when GetLoggedInPrincipal fails
• PAT principal resolves to user via ResolveSubject() and lists PATs correctly
• Returns empty list when no PATs exist
• Returns FailedPrecondition when PAT feature is disabled
• Returns Internal error for unknown service failures

Service tests (TestService_List)

• Returns ErrDisabled when PAT feature is disabled
• Propagates repository error
• Returns wrapped error when enrichWithScope fails (policy service error)
• Happy path — returns enriched PAT list with scopes derived from policies

Test plan

• go build ./... passes
• All existing tests pass
• All 9 new tests pass

🤖 Generated with Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
frontier	Error		Apr 20, 2026 7:27am

[coderabbitai]

Warning

Rate limit exceeded

@AmanGIT07 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 51 minutes and 38 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 51 minutes and 38 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: af5db61c-2d32-4403-bbf0-64ed9dc2432f

📥 Commits

Reviewing files that changed from the base of the PR and between 1486b19 and 0a0c954.

📒 Files selected for processing (1)

• internal/api/v1beta1connect/user_pat_test.go

📝 Walkthrough

Walkthrough

This PR adds comprehensive test coverage for user PAT (Personal Access Token) functionality at the service and handler layers. New tests cover configuration validation, error handling for repository and policy failures, and successful PAT listing with scope enrichment.

Changes

Cohort / File(s)	Summary
User PAT Test Coverage core/userpat/service_test.go, internal/api/v1beta1connect/user_pat_test.go	Added TestService_List to verify service-layer behavior (disabled config, repo failures, policy enrichment errors, successful enrichment) and TestHandler_SearchCurrentUserPATs to validate handler-layer control flows (authentication, successful listing, empty results, disabled PAT precondition, internal errors) with proper mocking and assertions.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Possibly related PRs

• feat: block PAT from cross-org endpoints and fix principal.ID resolution #1516: Introduces handler refactoring using ResolveSubject for principal resolution and PAT endpoint restrictions, which these new tests exercise.
• refactor: Rename ListCurrentUserPATs to SearchCurrentUserPATs #1476: Renames handler method from ListCurrentUserPATs to SearchCurrentUserPATs, which these new tests directly cover.

Suggested reviewers

• rohilsurana
• whoAbhishekSah

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

internal/api/v1beta1connect/user_pat_test.go (1)

1336-1372: Strengthen response assertions beyond id/title/total.

The test case builds a fully populated want response (scopes, offset, limit, timestamps) but the loop at lines 1454-1459 only asserts Id, Title, and Pagination.TotalCount. Fields like Offset, Limit, ExpiresAt, CreatedAt, UpdatedAt, and Scopes are never verified, so regressions in transformPATToPB or pagination mapping in SearchCurrentUserPATs would slip past this test. Consider a single assert.Equal(t, tt.want, resp.Msg) (as done in TestHandler_CreateCurrentUserPAT) to make the expected fixture meaningful.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 07cb3667-d61c-4db4-8652-febab43dcda0

📥 Commits

Reviewing files that changed from the base of the PR and between f09c377 and 1486b19.

📒 Files selected for processing (2)

• core/userpat/service_test.go
• internal/api/v1beta1connect/user_pat_test.go

[coveralls]

Coverage Report for CI Build 24653871743

Coverage increased (+0.2%) to 42.258%

Details

• Coverage increased (+0.2%) from the base build.
• Patch coverage: No coverable lines changed in this PR.
• No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.

---

Coverage Stats

Relevant Lines:	36961
Covered Lines:	15619
Line Coverage:	42.26%
Coverage Strength:	11.86 hits per line

---

💛 - Coveralls