test: HTTP bounds for POST /p2p-draft-backup (closes #2198)#5140
test: HTTP bounds for POST /p2p-draft-backup (closes #2198)#5140RealDiligent wants to merge 1 commit into
Conversation
Add production-path HTTP tests proving POST /p2p-draft-backup rejects oversized host_peer_id and snapshot_json before SQLite persistence. Closes phase-rs#2198. Co-authored-by: Cursor <cursoragent@cursor.com>
There was a problem hiding this comment.
Code Review
This pull request introduces a new test module p2p_backup_http_tests in crates/phase-server/src/main.rs to validate the P2P backup HTTP endpoints under various scenarios, such as oversized payloads and valid requests. The review feedback recommends replacing the single read call on the TCP stream with read_to_end to avoid partial reads and ensure robust, non-flaky test execution in CI environments.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
| let mut buf = vec![0u8; 64 * 1024]; | ||
| let n = stream.read(&mut buf).await.expect("read"); | ||
| let response = std::str::from_utf8(&buf[..n]).expect("utf8"); |
There was a problem hiding this comment.
[MEDIUM] Use read_to_end instead of a single read call to avoid partial reads of the HTTP response.
Why it matters: A single read call on a TCP stream is not guaranteed to read the entire response, which can lead to flaky test failures in CI environments under load. Since the request specifies Connection: close, we can safely read until EOF using read_to_end.
| let mut buf = vec![0u8; 64 * 1024]; | |
| let n = stream.read(&mut buf).await.expect("read"); | |
| let response = std::str::from_utf8(&buf[..n]).expect("utf8"); | |
| let mut buf = Vec::new(); | |
| stream.read_to_end(&mut buf).await.expect("read"); | |
| let response = std::str::from_utf8(&buf).expect("utf8"); |
|
Thanks for putting together the HTTP boundary coverage. I am going to close this from the maintainer side rather than keep it in the queue. For this endpoint, we are not taking a contributor test-only PR right now; the production validation path and any follow-up regression coverage will be handled in a maintainer-owned change. This head also is not queue-ready as-is: |
Summary
guard_p2p_backupalready boundshost_peer_idtoMAX_TOKEN_LENandsnapshot_jsontoMAX_P2P_SNAPSHOT_LENbefore SQLite persistence; this PR adds production-path HTTP integration tests so the endpoint contract cannot regress.host_peer_id, oversizedsnapshot_json, and a valid store returning200 OK.Test plan
p2p_backup_post_rejects_oversized_host_peer_idp2p_backup_post_rejects_oversized_snapshotp2p_backup_post_accepts_valid_payloadTier
Standard
Track
Non-developer
LLM
Model: claude-sonnet-4-6
Thinking: high
Gate A
No parser/oracle-text files changed.
./scripts/check-parser-combinators.shhas no parser surface to audit (CI will confirm exit 0).Anchored on
crates/server-core/src/p2p_backup_guard.rs:43—guard_p2p_backupappliesvalidate_token+ snapshot byte cap at the HTTP boundary.crates/phase-server/src/admin.rs:111—p2p_backup_storerejects invalid bodies with400beforesave_p2p_backup.crates/lobby-broker/src/validation.rs—MAX_TOKEN_LENis the shared bound the WebSocket lobby path already enforces.Verification
Local verification skipped — see CI status checks.
Scope Expansion
None.
Validation Failures
None.
CI Failures
None.