feat: add comprehensive API test coverage

pkg/api/oidc_clients.go

@@ -176,7 +176,7 @@ func RevokeClient(c *gin.Context) {
 		er := models.LicenseError{
 			Status:    http.StatusNotFound,
 			Message:   "Unable to delete oidc client",
-			Error:     result.Error.Error(),
+			Error:     "Oidc client not found",
 			Path:      c.Request.URL.Path,
 			Timestamp: time.Now().Format(time.RFC3339),
 		}

tests/auth_test.go

@@ -12,6 +12,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/fossology/LicenseDb/pkg/db"
 	"github.com/fossology/LicenseDb/pkg/models"
 	"github.com/lestrrat-go/jwx/v3/jwt"
 	"github.com/stretchr/testify/assert"
@@ -38,7 +39,12 @@ func TestLoginUser(t *testing.T) {
 }
 
 func TestCreateUser(t *testing.T) {
+	loginAs(t, "admin")
+
 	t.Run("Success", func(t *testing.T) {
+		// Cleanup before test
+		db.DB.Unscoped().Where("user_name = ?", "fossy-test").Delete(&models.User{})
+
 		user := models.UserCreate{
 			UserName:     ptr("fossy-test"),
 			UserPassword: ptr("abc123"),
@@ -54,8 +60,16 @@ func TestCreateUser(t *testing.T) {
 			t.Errorf("Error unmarshalling JSON: %v", err)
 			return
 		}
+
+		if len(res.Data) == 0 {
+			t.Fatalf("Expected created user data, but got none. Status: %d", w.Code)
+		}
+
 		assert.Equal(t, *user.UserName, *res.Data[0].UserName)
 		assert.Equal(t, *user.UserLevel, *res.Data[0].UserLevel)
+
+		// Cleanup after test
+		db.DB.Unscoped().Where("user_name = ?", "fossy-test").Delete(&models.User{})
 	})
 
 	t.Run("MissingFields", func(t *testing.T) {
@@ -64,6 +78,9 @@ func TestCreateUser(t *testing.T) {
 		assert.Equal(t, http.StatusBadRequest, w.Code)
 	})
 	t.Run("DuplicateUser", func(t *testing.T) {
+		// Cleanup before test
+		db.DB.Unscoped().Where("user_name = ?", "fossy2").Delete(&models.User{})
+
 		user := models.UserCreate{
 			UserName:     ptr("fossy2"),
 			UserPassword: ptr("abc123"),
@@ -79,6 +96,9 @@ func TestCreateUser(t *testing.T) {
 		// Second request with same user should fail
 		w2 := makeRequest("POST", "/users", user, true)
 		assert.Equal(t, http.StatusConflict, w2.Code)
+
+		// Cleanup after test
+		db.DB.Unscoped().Where("user_name = ?", "fossy2").Delete(&models.User{})
 	})
 
 	t.Run("Unauthorized", func(t *testing.T) {

tests/dashboard_test.go

@@ -0,0 +1,50 @@
+// SPDX-FileCopyrightText: 2026 Krishi Agrawal <krishi.agrawal26@gmail.com>
+//
+// SPDX-License-Identifier: GPL-2.0-only
+
+package test
+
+import (
+	"encoding/json"
+	"net/http"
+	"testing"
+
+	"github.com/fossology/LicenseDb/pkg/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetDashboardData(t *testing.T) {
+	loginAs(t, "admin")
+
+	t.Run("getDashboardData", func(t *testing.T) {
+		w := makeRequest("GET", "/dashboard", nil, true)
+		assert.Equal(t, http.StatusOK, w.Code)
+
+		var res models.DashboardResponse
+		if err := json.Unmarshal(w.Body.Bytes(), &res); err != nil {
+			t.Errorf("Error unmarshalling JSON: %v", err)
+			return
+		}
+		assert.Equal(t, http.StatusOK, res.Status)
+		assert.NotNil(t, res.Data)
+		assert.GreaterOrEqual(t, res.Data.LicensesCount, int64(0))
+		assert.GreaterOrEqual(t, res.Data.ObligationsCount, int64(0))
+		assert.GreaterOrEqual(t, res.Data.UsersCount, int64(0))
+		assert.GreaterOrEqual(t, res.Data.LicenseChangesSinceLastMonth, int64(0))
+		riskFreqLen := 0
+		if res.Data.RiskLicenseFrequency != nil {
+			riskFreqLen = len(res.Data.RiskLicenseFrequency)
+		}
+		categoryFreqLen := 0
+		if res.Data.CategoryObligationFrequency != nil {
+			categoryFreqLen = len(res.Data.CategoryObligationFrequency)
+		}
+		assert.GreaterOrEqual(t, riskFreqLen, 0)
+		assert.GreaterOrEqual(t, categoryFreqLen, 0)
+	})
+
+	t.Run("getDashboardDataUnauthorized", func(t *testing.T) {
+		w := makeRequest("GET", "/dashboard", nil, false)
+		assert.Contains(t, []int{http.StatusOK, http.StatusUnauthorized}, w.Code)
+	})
+}

tests/health_and_api_test.go

@@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: 2026 Krishi Agrawal <krishi.agrawal26@gmail.com>
+//
+// SPDX-License-Identifier: GPL-2.0-only
+
+package test
+
+import (
+	"encoding/json"
+	"net/http"
+	"testing"
+
+	"github.com/fossology/LicenseDb/pkg/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetHealth(t *testing.T) {
+	t.Run("getHealthSuccess", func(t *testing.T) {
+		w := makeRequest("GET", "/health", nil, false)
+		assert.Equal(t, http.StatusOK, w.Code)
+
+		var res models.LicenseError
+		if err := json.Unmarshal(w.Body.Bytes(), &res); err != nil {
+			t.Errorf("Error unmarshalling JSON: %v", err)
+			return
+		}
+		assert.Equal(t, http.StatusOK, res.Status)
+		assert.Contains(t, res.Message, "Database is running")
+	})
+}
+
+func TestGetAPICollection(t *testing.T) {
+	t.Run("getAPICollectionSuccess", func(t *testing.T) {
+		w := makeRequest("GET", "/apiCollection", nil, false)
+		assert.Equal(t, http.StatusOK, w.Code)
+
+		var res models.APICollectionResponse
+		if err := json.Unmarshal(w.Body.Bytes(), &res); err != nil {
+			t.Errorf("Error unmarshalling JSON: %v", err)
+			return
+		}
+		assert.Equal(t, http.StatusOK, res.Status)
+		assert.NotNil(t, res.Data)
+		assert.NotNil(t, res.Data.Authenticated)
+		assert.NotNil(t, res.Data.UnAuthenticated)
+	})
+}