test: add baseline Rust tests for proxy normalizer, filter, and db queries

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: saagpatel

src-tauri/src/db/queries.rs

@@ -613,4 +613,119 @@ mod tests {
         let page3 = get_requests(&conn, "s1", 2, 4).unwrap();
         assert_eq!(page3.len(), 1);
     }
+
+    #[test]
+    fn test_settings_get_set_and_overwrite() {
+        let conn = setup_test_db();
+        db::schema::migrate_v3(&conn).unwrap();
+        // Missing key returns None
+        assert_eq!(get_setting(&conn, "api_key").unwrap(), None);
+
+        set_setting(&conn, "api_key", "sk-test-123").unwrap();
+        assert_eq!(
+            get_setting(&conn, "api_key").unwrap(),
+            Some("sk-test-123".to_string())
+        );
+
+        // Overwrite via upsert
+        set_setting(&conn, "api_key", "sk-new-456").unwrap();
+        assert_eq!(
+            get_setting(&conn, "api_key").unwrap(),
+            Some("sk-new-456".to_string())
+        );
+    }
+
+    #[test]
+    fn test_rename_and_delete_session() {
+        let conn = setup_test_db();
+        insert_session(&conn, "s1", "Original", "extension").unwrap();
+
+        rename_session(&conn, "s1", "Renamed").unwrap();
+        let session = get_session(&conn, "s1").unwrap();
+        assert_eq!(session.name, "Renamed");
+
+        delete_session(&conn, "s1").unwrap();
+        let sessions = list_sessions(&conn).unwrap();
+        assert_eq!(sessions.len(), 0);
+    }
+
+    #[test]
+    fn test_update_session_status() {
+        let conn = setup_test_db();
+        insert_session(&conn, "s1", "Test", "mitm").unwrap();
+
+        update_session_status(&conn, "s1", "complete").unwrap();
+        let session = get_session(&conn, "s1").unwrap();
+        assert_eq!(session.status, "complete");
+        // ended_at should be set for "complete" status
+        assert!(session.ended_at.is_some());
+    }
+
+    #[test]
+    fn test_get_requests_after() {
+        let conn = setup_test_db();
+        insert_session(&conn, "s1", "Test", "extension").unwrap();
+
+        let id1 = insert_request(
+            &conn,
+            "s1",
+            "extension",
+            "GET",
+            "https://api.example.com/a",
+            "/a",
+            "api.example.com",
+            "/a",
+            None,
+            None,
+            Some(200),
+            None,
+            None,
+        )
+        .unwrap();
+        let _id2 = insert_request(
+            &conn,
+            "s1",
+            "extension",
+            "GET",
+            "https://api.example.com/b",
+            "/b",
+            "api.example.com",
+            "/b",
+            None,
+            None,
+            Some(200),
+            None,
+            None,
+        )
+        .unwrap();
+        let _id3 = insert_request(
+            &conn,
+            "s1",
+            "extension",
+            "GET",
+            "https://api.example.com/c",
+            "/c",
+            "api.example.com",
+            "/c",
+            None,
+            None,
+            Some(200),
+            None,
+            None,
+        )
+        .unwrap();
+
+        // Only the two requests after id1 should be returned
+        let after = get_requests_after(&conn, "s1", id1).unwrap();
+        assert_eq!(after.len(), 2);
+        assert!(after.iter().all(|r| r.id > id1));
+    }
+
+    #[test]
+    fn test_get_requests_by_ids_empty_slice() {
+        let conn = setup_test_db();
+        // Empty slice must return empty vec without error
+        let results = get_requests_by_ids(&conn, &[]).unwrap();
+        assert_eq!(results.len(), 0);
+    }
 }

src-tauri/src/proxy/filter.rs

@@ -253,4 +253,62 @@ mod tests {
             None
         );
     }
+
+    #[test]
+    fn test_domain_matches_exact_and_subdomain() {
+        assert!(domain_matches("example.com", "example.com"));
+        assert!(domain_matches("sub.example.com", "example.com"));
+        assert!(domain_matches("deep.sub.example.com", "example.com"));
+        // Must not match partial suffix — "notexample.com" should NOT match "example.com"
+        assert!(!domain_matches("notexample.com", "example.com"));
+    }
+
+    #[test]
+    fn test_has_noise_extension_all_types() {
+        for ext in &[
+            ".js", ".css", ".woff", ".woff2", ".ttf", ".png", ".jpg", ".jpeg", ".gif", ".svg",
+            ".ico", ".map", ".br",
+        ] {
+            let path = format!("/static/file{ext}");
+            assert!(has_noise_extension(&path), "expected noise for path {path}");
+        }
+        // Non-noise extensions
+        assert!(!has_noise_extension("/api/data.json"));
+        assert!(!has_noise_extension("/v1/users"));
+    }
+
+    #[test]
+    fn test_preset_domains_known_and_unknown() {
+        assert!(!preset_domains("analytics").is_empty());
+        assert!(!preset_domains("cdn").is_empty());
+        assert!(!preset_domains("social").is_empty());
+        assert!(!preset_domains("fonts").is_empty());
+        // Unknown preset returns empty slice
+        assert!(preset_domains("nonexistent").is_empty());
+    }
+
+    #[test]
+    fn test_detect_noise_reason_allowlist() {
+        let config = crate::models::FilterConfig {
+            allowlist: vec!["trusted.com".to_string()],
+            ..Default::default()
+        };
+        assert_eq!(
+            detect_noise_reason("other.com", "/api", &config),
+            Some("not in allowlist")
+        );
+        assert_eq!(detect_noise_reason("trusted.com", "/api", &config), None);
+    }
+
+    #[test]
+    fn test_detect_noise_reason_user_denylist() {
+        let config = crate::models::FilterConfig {
+            denylist: vec!["tracker.internal".to_string()],
+            ..Default::default()
+        };
+        assert_eq!(
+            detect_noise_reason("tracker.internal", "/ping", &config),
+            Some("user denylist")
+        );
+    }
 }

src-tauri/src/proxy/normalizer.rs

@@ -173,4 +173,35 @@ mod tests {
         );
         assert_eq!(normalize_path("/commits/ABCDEF01"), "/commits/{id}");
     }
+
+    #[test]
+    fn test_hex_boundary_exactly_seven_chars_preserved() {
+        // Hex strings shorter than 8 chars must NOT be replaced
+        assert_eq!(normalize_path("/api/abcdef0"), "/api/abcdef0"); // 7 hex chars → preserved
+                                                                    // 7-digit pure integer IS replaced (matched as integer, not hex)
+        assert_eq!(normalize_path("/api/1234567"), "/api/{id}");
+    }
+
+    #[test]
+    fn test_version_variants() {
+        assert_eq!(normalize_path("/v1/resources"), "/v1/resources");
+        assert_eq!(normalize_path("/v100/data"), "/v100/data");
+        // "version" word (not v\d+) is preserved as-is
+        assert_eq!(normalize_path("/version/info"), "/version/info");
+    }
+
+    #[test]
+    fn test_all_digits_segment_always_replaced() {
+        assert_eq!(normalize_path("/orders/0"), "/orders/{id}");
+        assert_eq!(normalize_path("/orders/1234567890"), "/orders/{id}");
+    }
+
+    #[test]
+    fn test_mixed_alphanumeric_non_hex_boundary() {
+        // 9-char segment with non-hex letters (g-z) — can't match RE_HEX, below 10-char threshold
+        // "abcXYZde5" has 'X','Y','Z' which are non-hex uppercase (lowercased: x,y,z — non hex)
+        assert_eq!(normalize_path("/api/abcXYZde5"), "/api/abcXYZde5"); // 9 chars, non-hex → preserved
+                                                                        // 10-char non-hex mixed → replaced by mixed-alphanumeric rule
+        assert_eq!(normalize_path("/api/abcXYZde56"), "/api/{id}"); // 10 chars, mixed → replaced
+    }
 }