fix(gateway): 修复 ACL 测试中 allow map 键未归一化导致大小写不匹配

wynxing · wynxing · commit a9b401abd425 · 2026-06-07T10:28:10.000-04:00
TestNetworkServerSessionAssetACLIndependent 直接用 sessionAssetReadMethod/
sessionAssetDeleteMethod（混合大小写）作为 allow map 键，但 IsAllowed 查找时
用 strings.ToLower 归一化，导致键不匹配返回 403。改用 normalizedMethodSet()
构造内层 map，与生产代码 NewStrictControlPlaneACL 保持一致。
diff --git a/internal/gateway/network_server_test.go b/internal/gateway/network_server_test.go
@@ -753,7 +753,7 @@ func TestNetworkServerSessionAssetACLIndependent(t *testing.T) {
 	t.Run("read allowed delete denied", func(t *testing.T) {
 		readOnlyACL := &ControlPlaneACL{
 			mode:    ACLModeStrict,
-			allow:   map[RequestSource]map[string]struct{}{RequestSourceHTTP: {sessionAssetReadMethod: {}}},
+			allow:   map[RequestSource]map[string]struct{}{RequestSourceHTTP: normalizedMethodSet(sessionAssetReadMethod)},
 			enabled: true,
 		}
 		runtimePort := &runtimePortEventStub{
@@ -797,7 +797,7 @@ func TestNetworkServerSessionAssetACLIndependent(t *testing.T) {
 	t.Run("delete allowed read denied", func(t *testing.T) {
 		deleteOnlyACL := &ControlPlaneACL{
 			mode:    ACLModeStrict,
-			allow:   map[RequestSource]map[string]struct{}{RequestSourceHTTP: {sessionAssetDeleteMethod: {}}},
+			allow:   map[RequestSource]map[string]struct{}{RequestSourceHTTP: normalizedMethodSet(sessionAssetDeleteMethod)},
 			enabled: true,
 		}
 		runtimePort := &runtimePortEventStub{
