test(auth): cover hyphenated whitelist owner matching

[WJQSERVER]

Summary

• add regression tests for whitelist entries with hyphenated owners such as jow-/ucode
• verify both parsing and CheckWhitelist matching preserve the trailing hyphen in the owner name
• document, via executable tests, that issue [BUG]白名单功能不支持特殊字符？如jow-/ucode #184 is not reproducible on current main

Testing

• go test ./auth -run 'Test(SplitUserRepoWhitelist_PreservesHyphenatedOwner|InitWhitelist_AllowsHyphenatedOwnerRepo)$'

Summary by CodeRabbit

发布说明

• 测试
  • 为白名单处理功能添加单元测试，验证支持带连字符的所有者和仓库名称的正确解析，确保白名单检查功能运行正常。

[coderabbitai]

Walkthrough

新增单元测试文件 auth/whitelist_test.go，包含两个测试用例。第一个测试验证 splitUserRepoWhitelist 函数正确解析包含连字符的所有者字符串（如 jow-/ucode）。第二个测试创建临时 whitelist.json 文件，验证 CheckWhitelist 函数在匹配和不匹配场景下的行为。

Changes

Cohort / File(s)	Summary
Whitelist Unit Tests auth/whitelist_test.go	新增两个单元测试：一个测试 splitUserRepoWhitelist 函数对包含连字符的所有者字符串的解析能力；另一个测试通过创建临时 whitelist.json 文件验证 CheckWhitelist 函数的匹配逻辑，包括正面和负面场景，并包含清理逻辑以重置全局状态。

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A whitelist test hops in with cheer,
With hyphens parsed crystal clear,
Two cases check both right and wrong,
The rabbit's code is clean and strong! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	标题清晰简洁地总结了主要变更：添加涵盖带连字符的白名单所有者匹配的测试，与实际添加的单元测试内容完全相关。

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch test/issue-184-whitelist-hyphen

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request introduces a new test file auth/whitelist_test.go to verify that hyphenated repository owners are correctly handled in the whitelist. The tests cover both the splitting logic and the initialization process. A review comment suggests moving the t.Cleanup registration to the beginning of the test to ensure global variables are reset even if an assertion fails, preventing side effects on other tests.

[gemini-code-assist]

The t.Cleanup function should be registered immediately after the global variables are modified. In its current position at the end of the test, it will not be executed if InitWhitelist fails or if any assertion fails before the registration point. Moving it up ensures that the global state is properly reset even on test failure, preventing side effects on other tests in the same package.

	whitelistInstance = nil
	whitelistInitErr = nil
	t.Cleanup(func() {
		whitelistInstance = nil
		whitelistInitErr = nil
	})

	cfg := &config.Config{}
	cfg.Whitelist.WhitelistFile = whitelistPath

	if err := InitWhitelist(cfg); err != nil {
		t.Fatalf("InitWhitelist() error = %v", err)
	}

	if !CheckWhitelist("jow-", "ucode") {
		t.Fatal("CheckWhitelist() = false, want true for jow-/ucode")
	}

	if CheckWhitelist("jow", "ucode") {
		t.Fatal("CheckWhitelist() = true, want false for non-hyphenated owner")
	}

	if CheckWhitelist("jow-", "other") {
		t.Fatal("CheckWhitelist() = true, want false for unmatched repo")
	}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@auth/whitelist_test.go`:
- Around line 31-56: Save the current globals whitelistInstance and
whitelistInitErr into local variables and immediately register a t.Cleanup that
restores those saved values before performing the test actions (i.e. call
t.Cleanup right after declaring cfg and before calling
InitWhitelist/CheckWhitelist); this ensures that if InitWhitelist or any
t.Fatalf runs the cleanup is still registered and the globals are restored.
Refer to symbols: whitelistInstance, whitelistInitErr, InitWhitelist,
CheckWhitelist, and t.Cleanup when making the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: acc1db43-0663-44b7-b689-c96ae66bc75d

📥 Commits

Reviewing files that changed from the base of the PR and between 4c555ed and 9cca8aa.

📒 Files selected for processing (1)

• auth/whitelist_test.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

将 t.Cleanup 前置并恢复旧状态，避免失败路径污染全局变量。

当前在 Line 53 才注册清理；如果 Line 37-50 之间触发 t.Fatalf，清理函数不会注册，whitelistInstance/whitelistInitErr 可能泄漏到后续测试。建议在重置前保存旧值并立即注册 cleanup。

🛠️ 建议修改

-	whitelistInstance = nil
-	whitelistInitErr = nil
+	prevWhitelistInstance := whitelistInstance
+	prevWhitelistInitErr := whitelistInitErr
+	t.Cleanup(func() {
+		whitelistInstance = prevWhitelistInstance
+		whitelistInitErr = prevWhitelistInitErr
+	})
+	whitelistInstance = nil
+	whitelistInitErr = nil
@@
-	t.Cleanup(func() {
-		whitelistInstance = nil
-		whitelistInitErr = nil
-	})

Based on learnings: The blacklist and whitelist functionality in auth/ package uses maps for O(1) lookups, separates user-level and repo-level controls, and ensures thread safety using sync.Once.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@auth/whitelist_test.go` around lines 31 - 56, Save the current globals
whitelistInstance and whitelistInitErr into local variables and immediately
register a t.Cleanup that restores those saved values before performing the test
actions (i.e. call t.Cleanup right after declaring cfg and before calling
InitWhitelist/CheckWhitelist); this ensures that if InitWhitelist or any
t.Fatalf runs the cleanup is still registered and the globals are restored.
Refer to symbols: whitelistInstance, whitelistInitErr, InitWhitelist,
CheckWhitelist, and t.Cleanup when making the change.